修复请求错误消息上报问题

完善提取处理流程，解决提取并发问题
修复购买数量低于限制的问题
2026-05-13 18:07:44 +08:00 · 2026-05-13 16:17:57 +08:00 · 2026-05-11 17:39:22 +08:00 · 2026-05-11 11:04:21 +08:00 · 2026-05-08 13:53:47 +08:00 · 2026-05-08 09:33:41 +08:00
39 changed files with 1533 additions and 434 deletions
--- a/.env.example
+++ b/.env.example
@@ -16,6 +16,7 @@ REDIS_PORT=6379
 # otel 配置
 OTEL_HOST=127.0.0.1
 OTEL_PORT=4317
+OTEL_NAME_SUFFIX=dev

 # 白银节点
 BAIYIN_CLOUD_URL=
--- a/README.md
+++ b/README.md
@@ -1,8 +1,25 @@
 ## TODO

-proxy 的删除和更新，锁粒度应该有问题
+提取代理：
+- 网关修改问题
+  - 在提取流程中如果网关被修改，有可能导致数据不一致
+  - 提供读写锁，在提取流程中获取读锁，在修改网关时获取写锁
+- 端口悬空问题
+  - 在提取流程中如果发生异常，可能导致端口被占用但通道信息没有被写入数据库，配置以及端口将无法解除
+  - 提交删除任务时，带上配置信息，无需再查数据库且接口总是会被正确清理
+  - 异常情况下，将只清理网关端口，而无法解除节点连接，这个问题需要额外处理

-最低价格 0.01
+---
+
+- otel 没有正确记录接口失败信息
+
+筛选和关联展示功能扩展
+
+错误提示增强，展示整链路信息
+
+ip 提取频率限制，在 ensure 函数加逻辑，通过 redis 或者 pg 计算分钟内提取次数，只允许每分钟提取 30 次
+
+proxy 的删除和更新，锁粒度应该有问题

 交易信息持久化

--- a/go.mod
+++ b/go.mod
@@ -23,11 +23,11 @@ require (
 	github.com/smartwalle/alipay/v3 v3.2.28
 	github.com/valyala/fasthttp v1.68.0
 	github.com/wechatpay-apiv3/wechatpay-go v0.2.21
-	go.opentelemetry.io/otel v1.38.0
+	go.opentelemetry.io/otel v1.43.0
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0
-	go.opentelemetry.io/otel/sdk v1.38.0
-	golang.org/x/crypto v0.45.0
-	golang.org/x/sync v0.18.0
+	go.opentelemetry.io/otel/sdk v1.43.0
+	golang.org/x/crypto v0.49.0
+	golang.org/x/sync v0.20.0
 	gorm.io/datatypes v1.2.7
 	gorm.io/driver/postgres v1.6.0
 	gorm.io/gen v0.3.27
@@ -59,7 +59,7 @@ require (
 	github.com/gofiber/utils v1.1.0 // indirect
 	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/gomodule/redigo v2.0.0+incompatible // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
@@ -86,20 +86,20 @@ require (
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
 	go.opentelemetry.io/contrib v1.38.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect
-	go.opentelemetry.io/otel/metric v1.38.0 // indirect
-	go.opentelemetry.io/otel/trace v1.38.0 // indirect
-	go.opentelemetry.io/proto/otlp v1.9.0 // indirect
-	golang.org/x/mod v0.30.0 // indirect
-	golang.org/x/net v0.47.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
-	golang.org/x/text v0.31.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0 // indirect
+	go.opentelemetry.io/otel/metric v1.43.0 // indirect
+	go.opentelemetry.io/otel/trace v1.43.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.10.0 // indirect
+	golang.org/x/mod v0.33.0 // indirect
+	golang.org/x/net v0.52.0 // indirect
+	golang.org/x/sys v0.42.0 // indirect
+	golang.org/x/text v0.35.0 // indirect
 	golang.org/x/time v0.14.0 // indirect
-	golang.org/x/tools v0.39.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20251124214823-79d6a2a48846 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20251124214823-79d6a2a48846 // indirect
-	google.golang.org/grpc v1.77.0 // indirect
-	google.golang.org/protobuf v1.36.10 // indirect
+	golang.org/x/tools v0.42.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 // indirect
+	google.golang.org/grpc v1.80.0 // indirect
+	google.golang.org/protobuf v1.36.11 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gorm.io/driver/mysql v1.6.0 // indirect
 	gorm.io/hints v1.1.2 // indirect
--- a/go.sum
+++ b/go.sum
@@ -154,8 +154,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 h1:NmZ1PKzSTQbuGHw9DGPFomqkkLWMC+vZCkfs+FHv1Vg=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3/go.mod h1:zQrxl1YP88HQlA6i9c63DSVPFklWpGX4OWAc9bFuaH4=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 h1:HWRh5R2+9EifMyIHV7ZV+MIZqgz+PMpZ14Jynv3O2Zs=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0/go.mod h1:JfhWUomR1baixubs02l85lZYYOm7LV6om4ceouMv45c=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
@@ -277,22 +277,22 @@ go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ
 go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
 go.opentelemetry.io/contrib v1.38.0 h1:msaHYZ13HfLIbqXsGwZZQBg5zgxwumlZ1mCkXn3E7LM=
 go.opentelemetry.io/contrib v1.38.0/go.mod h1:4Vp7Az5Dez02V1lCi9OqLvSmSz0lbZu/O2r4XZsqwB0=
-go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8=
-go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 h1:GqRJVj7UmLjCVyVJ3ZFLdPRmhDUp2zFmQe3RHIOsw24=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0/go.mod h1:ri3aaHSmCTVYu2AWv44YMauwAQc0aqI9gHKIcSbI1pU=
+go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I=
+go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0 h1:88Y4s2C8oTui1LGM6bTWkw0ICGcOLCAI5l6zsD1j20k=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0/go.mod h1:Vl1/iaggsuRlrHf/hfPJPvVag77kKyvrLeD10kpMl+A=
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 h1:lwI4Dc5leUqENgGuQImwLo4WnuXFPetmPpkLi2IrX54=
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0/go.mod h1:Kz/oCE7z5wuyhPxsXDuaPteSWqjSBD5YaSdbxZYGbGk=
-go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA=
-go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI=
-go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E=
-go.opentelemetry.io/otel/sdk v1.38.0/go.mod h1:ghmNdGlVemJI3+ZB5iDEuk4bWA3GkTpW+DOoZMYBVVg=
-go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6qT5wthqPoM=
-go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA=
-go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE=
-go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
-go.opentelemetry.io/proto/otlp v1.9.0 h1:l706jCMITVouPOqEnii2fIAuO3IVGBRPV5ICjceRb/A=
-go.opentelemetry.io/proto/otlp v1.9.0/go.mod h1:xE+Cx5E/eEHw+ISFkwPLwCZefwVjY+pqKg1qcK03+/4=
+go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM=
+go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY=
+go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg=
+go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg=
+go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw=
+go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A=
+go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A=
+go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0=
+go.opentelemetry.io/proto/otlp v1.10.0 h1:IQRWgT5srOCYfiWnpqUYz9CVmbO8bFmKcwYxpuCSL2g=
+go.opentelemetry.io/proto/otlp v1.10.0/go.mod h1:/CV4QoCR/S9yaPj8utp3lvQPoqMtxXdzn7ozvvozVqk=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -309,8 +309,8 @@ golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDf
 golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
-golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
-golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
+golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
@@ -321,8 +321,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
-golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
+golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
+golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -344,8 +344,8 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0=
+golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -357,8 +357,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
+golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -379,8 +379,8 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
+golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -403,8 +403,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
-golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8=
+golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA=
 golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI=
 golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -419,35 +419,35 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
-golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
+golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
+golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
-gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
+gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
+gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto/googleapis/api v0.0.0-20251124214823-79d6a2a48846 h1:ZdyUkS9po3H7G0tuh955QVyyotWvOD4W0aEapeGeUYk=
-google.golang.org/genproto/googleapis/api v0.0.0-20251124214823-79d6a2a48846/go.mod h1:Fk4kyraUvqD7i5H6S43sj2W98fbZa75lpZz/eUyhfO0=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251124214823-79d6a2a48846 h1:Wgl1rcDNThT+Zn47YyCXOXyX/COgMTIdhJ717F0l4xk=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251124214823-79d6a2a48846/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
+google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 h1:VPWxll4HlMw1Vs/qXtN7BvhZqsS9cdAittCNvVENElA=
+google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9/go.mod h1:7QBABkRtR8z+TEnmXTqIqwJLlzrZKVfAUm7tY3yGv0M=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 h1:m8qni9SQFH0tJc1X0vmnpw/0t+AImlSvp30sEupozUg=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
 google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.77.0 h1:wVVY6/8cGA6vvffn+wWK5ToddbgdU3d8MNENr4evgXM=
-google.golang.org/grpc v1.77.0/go.mod h1:z0BY1iVj0q8E1uSQCjL9cppRj+gnZjzDnzV0dHhrNig=
+google.golang.org/grpc v1.80.0 h1:Xr6m2WmWZLETvUNvIUmeD5OAagMw3FiKmMlTdViWsHM=
+google.golang.org/grpc v1.80.0/go.mod h1:ho/dLnxwi3EDJA4Zghp7k2Ec1+c2jqup0bFkw07bwF4=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
-google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
+google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
+google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/ini.v1 v1.56.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
--- a/pkg/env/env.go
+++ b/pkg/env/env.go
@@ -37,6 +37,7 @@ var (

 	OtelHost       string
 	OtelPort       string
+	OtelNameSuffix string

 	BaiyinCloudUrl string
 	BaiyinTokenUrl string
@@ -118,6 +119,7 @@ func Init() {

 	errs = append(errs, parse(&OtelHost, "OTEL_HOST", true, nil))
 	errs = append(errs, parse(&OtelPort, "OTEL_PORT", true, nil))
+	errs = append(errs, parse(&OtelNameSuffix, "OTEL_NAME_SUFFIX", true, nil))

 	errs = append(errs, parse(&BaiyinCloudUrl, "BAIYIN_CLOUD_URL", false, nil))
 	errs = append(errs, parse(&BaiyinTokenUrl, "BAIYIN_TOKEN_URL", false, nil))
--- a/publish.ps1
+++ b/publish.ps1
@@ -9,8 +9,8 @@ if ($confrim -ne "y") {
    exit 0
 }

-docker build -t repo.lanhuip.com:8554/lanhu/platform:latest .
-docker build -t repo.lanhuip.com:8554/lanhu/platform:$($args[0]) .
+docker build -t repo.lanhuip.com/lanhu/platform:latest .
+docker build -t repo.lanhuip.com/lanhu/platform:$($args[0]) .

-docker push repo.lanhuip.com:8554/lanhu/platform:latest
-docker push repo.lanhuip.com:8554/lanhu/platform:$($args[0])
+docker push repo.lanhuip.com/lanhu/platform:latest
+docker push repo.lanhuip.com/lanhu/platform:$($args[0])
--- a/scripts/sql/fill.sql
+++ b/scripts/sql/fill.sql
@@ -127,7 +127,8 @@ insert into permission (name, description, sort) values
    ('trade',            '交易',      12),
    ('bill',             '账单',      13),
    ('balance_activity', '余额变动',  14),
-    ('proxy',            '代理',      15);
+    ('proxy',            '代理',      15),
+    ('coupon_user',      '已发放优惠券', 16);

 -- --------------------------
 -- level 2
@@ -136,79 +137,84 @@ insert into permission (name, description, sort) values
 -- permission 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'permission'        and deleted_at is null), 'permission:read',        '读取权限列表',       1),
-    ((select id from permission where name = 'permission'        and deleted_at is null), 'permission:write',       '写入权限',           2);
+    ((select id from permission where name = 'permission'        and deleted_at is null), 'permission:write',       '编辑权限',           2);

 -- admin_role 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'admin_role'        and deleted_at is null), 'admin_role:read',        '读取管理员角色列表', 1),
-    ((select id from permission where name = 'admin_role'        and deleted_at is null), 'admin_role:write',       '写入管理员角色',     2);
+    ((select id from permission where name = 'admin_role'        and deleted_at is null), 'admin_role:write',       '编辑管理员角色',     2);

 -- admin 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'admin'             and deleted_at is null), 'admin:read',             '读取管理员列表',     1),
-    ((select id from permission where name = 'admin'             and deleted_at is null), 'admin:write',            '写入管理员',         2);
+    ((select id from permission where name = 'admin'             and deleted_at is null), 'admin:write',            '编辑管理员',         2);

 -- product 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'product'           and deleted_at is null), 'product:read',           '读取产品列表',       1),
-    ((select id from permission where name = 'product'           and deleted_at is null), 'product:write',          '写入产品',           2);
+    ((select id from permission where name = 'product'           and deleted_at is null), 'product:write',          '编辑产品',           2);

 -- product_sku 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'product_sku'       and deleted_at is null), 'product_sku:read',       '读取产品套餐列表',   1),
-    ((select id from permission where name = 'product_sku'       and deleted_at is null), 'product_sku:write',      '写入产品套餐',       2);
+    ((select id from permission where name = 'product_sku'       and deleted_at is null), 'product_sku:write',      '编辑产品套餐',       2);

 -- discount 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'discount'          and deleted_at is null), 'discount:read',          '读取折扣列表',       1),
-    ((select id from permission where name = 'discount'          and deleted_at is null), 'discount:write',         '写入折扣',           2);
+    ((select id from permission where name = 'discount'          and deleted_at is null), 'discount:write',         '编辑折扣',           2);

 -- resource 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'resource'          and deleted_at is null), 'resource:read',          '读取用户套餐列表',   1),
-    ((select id from permission where name = 'resource'          and deleted_at is null), 'resource:write',         '写入用户套餐',       2),
+    ((select id from permission where name = 'resource'          and deleted_at is null), 'resource:write',         '编辑用户套餐',       2),
    ((select id from permission where name = 'resource'          and deleted_at is null), 'resource:short',         '短效动态套餐',       3),
    ((select id from permission where name = 'resource'          and deleted_at is null), 'resource:long',          '长效动态套餐',       4);

 -- user 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'user'              and deleted_at is null), 'user:read',              '读取用户列表',       1),
-    ((select id from permission where name = 'user'              and deleted_at is null), 'user:write',             '写入用户',           2);
+    ((select id from permission where name = 'user'              and deleted_at is null), 'user:write',             '编辑用户',           2);

 -- coupon 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'coupon'            and deleted_at is null), 'coupon:read',            '读取优惠券列表',     1),
-    ((select id from permission where name = 'coupon'            and deleted_at is null), 'coupon:write',           '写入优惠券',         2);
+    ((select id from permission where name = 'coupon'            and deleted_at is null), 'coupon:write',           '编辑优惠券',         2);

 -- batch 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'batch'             and deleted_at is null), 'batch:read',             '读取批次列表',       1),
-    ((select id from permission where name = 'batch'             and deleted_at is null), 'batch:write',            '写入批次',           2);
+    ((select id from permission where name = 'batch'             and deleted_at is null), 'batch:write',            '编辑批次',           2);

 -- channel 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'channel'           and deleted_at is null), 'channel:read',           '读取 IP 列表',       1),
-    ((select id from permission where name = 'channel'           and deleted_at is null), 'channel:write',          '写入 IP',            2);
+    ((select id from permission where name = 'channel'           and deleted_at is null), 'channel:write',          '编辑 IP',            2);

 -- proxy 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'proxy'             and deleted_at is null), 'proxy:read',             '读取代理列表',       1),
-    ((select id from permission where name = 'proxy'             and deleted_at is null), 'proxy:write',            '写入代理',           2);
+    ((select id from permission where name = 'proxy'             and deleted_at is null), 'proxy:write',            '编辑代理',           2);

 -- trade 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'trade'             and deleted_at is null), 'trade:read',             '读取交易列表',       1),
-    ((select id from permission where name = 'trade'             and deleted_at is null), 'trade:write',            '写入交易',           2);
+    ((select id from permission where name = 'trade'             and deleted_at is null), 'trade:write',            '编辑交易',           2);

 -- bill 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'bill'              and deleted_at is null), 'bill:read',              '读取账单列表',       1),
-    ((select id from permission where name = 'bill'              and deleted_at is null), 'bill:write',             '写入账单',           2);
+    ((select id from permission where name = 'bill'              and deleted_at is null), 'bill:write',             '编辑账单',           2);

 -- balance_activity 子权限
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'balance_activity'  and deleted_at is null), 'balance_activity:read',  '读取余额变动列表',   1);

+-- coupon_user 子权限
+insert into permission (parent_id, name, description, sort) values
+    ((select id from permission where name = 'coupon_user'       and deleted_at is null), 'coupon_user:read',       '读取已发放优惠券列表',   1),
+    ((select id from permission where name = 'coupon_user'       and deleted_at is null), 'coupon_user:write',      '编辑已发放优惠券',       2);
+
 -- --------------------------
 -- level 3
 -- --------------------------
@@ -236,7 +242,7 @@ insert into permission (parent_id, name, description, sort) values

 -- user:write 子权限
 insert into permission (parent_id, name, description, sort) values
-    ((select id from permission where name = 'user:write'         and deleted_at is null), 'user:write:balance',       '写入用户余额',   1),
+    ((select id from permission where name = 'user:write'         and deleted_at is null), 'user:write:balance',       '编辑用户余额',   1),
    ((select id from permission where name = 'user:write'         and deleted_at is null), 'user:write:bind',          '用户认领',       2);

 -- batch:read 子权限
@@ -259,6 +265,14 @@ insert into permission (parent_id, name, description, sort) values
 insert into permission (parent_id, name, description, sort) values
    ((select id from permission where name = 'balance_activity:read' and deleted_at is null), 'balance_activity:read:of_user', '读取指定用户的余额变动列表', 1);

+-- coupon:write 子权限
+insert into permission (parent_id, name, description, sort) values
+    ((select id from permission where name = 'coupon:write'        and deleted_at is null), 'coupon:write:assign',       '发放优惠券', 1);
+
+-- coupon_user:read 子权限
+insert into permission (parent_id, name, description, sort) values
+    ((select id from permission where name = 'coupon_user:read'     and deleted_at is null), 'coupon_user:read:of_user',   '读取指定用户的已发放优惠券列表', 1);
+
 -- --------------------------
 -- level 4
 -- --------------------------
--- a/scripts/sql/init.sql
+++ b/scripts/sql/init.sql
@@ -762,6 +762,7 @@ create table product_sku (
    price_min   decimal not null,
    status      int     not null default 1,
    sort        int not null default 0,
+    count_min   int not null default 1,
    created_at  timestamptz default current_timestamp,
    updated_at  timestamptz default current_timestamp,
    deleted_at  timestamptz
@@ -780,6 +781,7 @@ comment on column product_sku.name is 'SKU 可读名称';
 comment on column product_sku.price_min is '最低价格';
 comment on column product_sku.status is 'SKU状态：0-禁用，1-正常';
 comment on column product_sku.sort is '排序';
+comment on column product_sku.count_min is '最小购买数量';
 comment on column product_sku.created_at is '创建时间';
 comment on column product_sku.updated_at is '更新时间';
 comment on column product_sku.deleted_at is '删除时间';
@@ -816,6 +818,7 @@ create table resource (
    code        text,
    type        int  not null,
    active      bool not null default true,
+    checkip     bool not null default true,
    created_at  timestamptz default current_timestamp,
    updated_at  timestamptz default current_timestamp,
    deleted_at  timestamptz
@@ -830,9 +833,10 @@ comment on table resource is '套餐表';
 comment on column resource.id is '套餐ID';
 comment on column resource.user_id is '用户ID';
 comment on column resource.resource_no is '套餐编号';
-comment on column resource.active is '套餐状态';
-comment on column resource.type is '套餐类型：1-短效动态，2-长效动态';
 comment on column resource.code is '产品编码';
+comment on column resource.type is '套餐类型：1-短效动态，2-长效动态';
+comment on column resource.active is '套餐状态';
+comment on column resource.checkip is '提取时是否检查 ip 地址';
 comment on column resource.created_at is '创建时间';
 comment on column resource.updated_at is '更新时间';
 comment on column resource.deleted_at is '删除时间';
@@ -1107,7 +1111,7 @@ comment on table coupon_user is '优惠券发放表';
 comment on column coupon_user.id is '记录ID';
 comment on column coupon_user.coupon_id is '优惠券ID';
 comment on column coupon_user.user_id is '用户ID';
-comment on column coupon_user.status is '使用状态：0-未使用，1-已使用';
+comment on column coupon_user.status is '使用状态：0-未使用，1-已使用，2-已禁用';
 comment on column coupon_user.expire_at is '过期时间';
 comment on column coupon_user.used_at is '使用时间';
 comment on column coupon_user.created_at is '创建时间';
--- a/web/core/http.go
+++ b/web/core/http.go
@@ -118,7 +118,7 @@ func Query(in any) url.Values {
 		case int:
 			out.Add(name, strconv.Itoa(value))
 		case bool:
-			if tags[1] == "b2i" {
+			if len(tags) > 1 && tags[1] == "b2i" {
 				out.Add(name, u.Ternary(value, "1", "0"))
 			} else {
 				out.Add(name, strconv.FormatBool(value))
--- a/web/core/scopes.go
+++ b/web/core/scopes.go
@@ -51,6 +51,12 @@ const (
 	ScopeCoupon            = string("coupon")              // 优惠券
 	ScopeCouponRead        = string("coupon:read")         // 读取优惠券列表
 	ScopeCouponWrite       = string("coupon:write")        // 写入优惠券
+	ScopeCouponWriteAssign = string("coupon:write:assign") // 发放优惠券
+
+	ScopeCouponUser           = string("coupon_user")              // 用户优惠券
+	ScopeCouponUserRead       = string("coupon_user:read")         // 读取用户优惠券列表
+	ScopeCouponUserReadOfUser = string("coupon_user:read:of_user") // 读取指定用户的用户优惠券列表
+	ScopeCouponUserWrite      = string("coupon_user:write")        // 写入用户优惠券

 	ScopeBatch           = string("batch")              // 批次
 	ScopeBatchRead       = string("batch:read")         // 读取批次列表
@@ -61,6 +67,7 @@ const (
 	ScopeChannelRead              = string("channel:read")                // 读取 IP 列表
 	ScopeChannelReadOfUser        = string("channel:read:of_user")        // 读取指定用户的 IP 列表
 	ScopeChannelWrite             = string("channel:write")               // 写入 IP
+	ScopeChannelWriteClearExpired = string("channel:write:clear_expired") // 清理过期 IP

 	ScopeProxy            = string("proxy")              // 代理
 	ScopeProxyRead        = string("proxy:read")         // 读取代理列表
--- a/web/error.go
+++ b/web/error.go
@@ -79,7 +79,6 @@ func ErrorHandler(c *fiber.Ctx, err error) error {
 		slog.Warn("未处理的异常", slog.String("type", t.String()), slog.String("error", err.Error()))
 	}

-	slog.Warn(message)
 	c.Set(fiber.HeaderContentType, fiber.MIMETextPlainCharsetUTF8)
 	return c.Status(code).SendString(message)
 }
--- a/web/globals/otel.go
+++ b/web/globals/otel.go
@@ -3,6 +3,7 @@ package globals
 import (
 	"context"
 	"fmt"
+	"log/slog"
 	"platform/pkg/env"

 	"go.opentelemetry.io/otel"
@@ -17,11 +18,17 @@ import (
 var tp *trace.TracerProvider

 func initOtel(ctx context.Context) error {
+	addr := env.OtelHost + ":" + env.OtelPort
+	name := "lanhu-platform"
+	if env.OtelNameSuffix != "" {
+		name += "-" + env.OtelNameSuffix
+	}
+	slog.Info("初始化 otel", "endpoint", addr, "service_suffix", name)
+
 	if env.OtelHost == "" || env.OtelPort == "" {
 		return nil
 	}

-	addr := env.OtelHost + ":" + env.OtelPort
 	exporter, err := otlptracegrpc.New(ctx,
 		otlptracegrpc.WithEndpoint(addr),
 		otlptracegrpc.WithInsecure(),
@@ -36,7 +43,7 @@ func initOtel(ctx context.Context) error {
 		trace.WithResource(
 			resource.NewWithAttributes(
 				semconv.SchemaURL,
-				semconv.ServiceNameKey.String("lanhu-platform"),
+				semconv.ServiceNameKey.String(name),
 			),
 		),
 	)
--- a/web/handlers/balance_activity.go
+++ b/web/handlers/balance_activity.go
@@ -11,6 +11,65 @@ import (
 	"github.com/gofiber/fiber/v2"
 )

+// PageBalanceActivity 分页查询当前用户的余额变动记录
+func PageBalanceActivity(c *fiber.Ctx) error {
+	// 获取当前用户ID
+	authCtx, err := auth.GetAuthCtx(c).PermitUser()
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(PageBalanceActivityByUserReq)
+	if err := g.Validator.ParseBody(c, req); err != nil {
+		return err
+	}
+
+	// 构造查询条件
+	do := q.BalanceActivity.Where(q.BalanceActivity.UserID.Eq(authCtx.User.ID))
+	if req.BillNo != nil {
+		do = do.Where(q.Bill.As("Bill").BillNo.Eq(*req.BillNo))
+	}
+	if req.CreatedAtStart != nil {
+		t := u.DateHead(*req.CreatedAtStart)
+		do = do.Where(q.BalanceActivity.CreatedAt.Gte(t))
+	}
+	if req.CreatedAtEnd != nil {
+		t := u.DateTail(*req.CreatedAtEnd)
+		do = do.Where(q.BalanceActivity.CreatedAt.Lte(t))
+	}
+
+	// 查询余额变动列表
+	list, total, err := q.BalanceActivity.
+		Joins(q.BalanceActivity.Bill).
+		Select(
+			q.BalanceActivity.ALL,
+			q.Bill.As("Bill").ID.As("Bill__id"),
+			q.Bill.As("Bill").BillNo.As("Bill__bill_no"),
+		).
+		Where(do).
+		Order(q.BalanceActivity.CreatedAt.Desc()).
+		FindByPage(req.GetOffset(), req.GetLimit())
+	if err != nil {
+		return core.NewBizErr("获取数据失败", err)
+	}
+
+	// 返回结果
+	return c.JSON(core.PageResp{
+		List:  list,
+		Total: int(total),
+		Page:  req.GetPage(),
+		Size:  req.GetSize(),
+	})
+}
+
+type PageBalanceActivityByUserReq struct {
+	core.PageReq
+	BillNo         *string    `json:"bill_no,omitempty"`
+	CreatedAtStart *time.Time `json:"created_at_start,omitempty"`
+	CreatedAtEnd   *time.Time `json:"created_at_end,omitempty"`
+}
+
 // PageBalanceActivityByAdmin 分页查询所有余额变动记录
 func PageBalanceActivityByAdmin(c *fiber.Ctx) error {
 	// 检查权限
--- a/web/handlers/channel.go
+++ b/web/handlers/channel.go
@@ -172,12 +172,7 @@ type ListChannelsReq struct {

 // CreateChannel 创建新通道
 func CreateChannel(c *fiber.Ctx) error {
-
-	// 检查权限
-	_, err := auth.GetAuthCtx(c).PermitUser()
-	if err != nil {
-		return err
-	}
+	// 不检查权限，允许 api 调用

 	// 解析参数
 	req := new(CreateChannelReq)
@@ -217,6 +212,7 @@ func CreateChannel(c *fiber.Ctx) error {
 		resp[i] = &CreateChannelRespItem{
 			Proto: req.Protocol,
 			Host:  channel.Host,
+			IP:    channel.Proxy.IP.String(),
 			Port:  channel.Port,
 		}
 		if req.AuthType == s.ChannelAuthTypePass {
@@ -240,6 +236,7 @@ type CreateChannelReq struct {
 type CreateChannelRespItem struct {
 	Proto    int     `json:"-"`
 	Host     string  `json:"host"`
+	IP       string  `json:"ip"`
 	Port     uint16  `json:"port"`
 	Username *string `json:"username,omitempty"`
 	Password *string `json:"password,omitempty"`
@@ -344,3 +341,32 @@ type PageChannelOfUserByAdminReq struct {
 	ExpiredAtStart *time.Time `json:"expired_at_start"`
 	ExpiredAtEnd   *time.Time `json:"expired_at_end"`
 }
+
+// SyncChannelClearExpiredByAdmin 清理过期通道
+func SyncChannelClearExpiredByAdmin(c *fiber.Ctx) error {
+	if _, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeChannelWriteClearExpired); err != nil {
+		return err
+	}
+
+	var req SyncChannelClearExpiredByAdminReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	count, err := s.Channel.ClearExpiredChannels(req.ProxyID)
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(SyncChannelClearExpiredByAdminResp{
+		Count: count,
+	})
+}
+
+type SyncChannelClearExpiredByAdminReq struct {
+	ProxyID int32 `json:"proxy_id" validate:"required"`
+}
+
+type SyncChannelClearExpiredByAdminResp struct {
+	Count int `json:"count"`
+}
--- a/web/handlers/coupon.go
+++ b/web/handlers/coupon.go
@@ -103,3 +103,27 @@ func DeleteCoupon(c *fiber.Ctx) error {

 	return nil
 }
+
+func AssignCoupon(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponWriteAssign)
+	if err != nil {
+		return err
+	}
+
+	var req AssignCouponReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	err = s.Coupon.Assign(req.CouponID, req.UserID)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+type AssignCouponReq struct {
+	CouponID int32 `json:"coupon_id" validate:"required"`
+	UserID   int32 `json:"user_id" validate:"required"`
+}
--- a/web/handlers/coupon_user.go
+++ b/web/handlers/coupon_user.go
@@ -0,0 +1,330 @@
+package handlers
+
+import (
+	"errors"
+	"platform/pkg/u"
+	"platform/web/auth"
+	"platform/web/core"
+	g "platform/web/globals"
+	m "platform/web/models"
+	q "platform/web/queries"
+	s "platform/web/services"
+	"time"
+
+	"github.com/gofiber/fiber/v2"
+	"gorm.io/gen"
+	"gorm.io/gen/field"
+	"gorm.io/gorm"
+)
+
+// PageCouponUser 分页查询当前用户已发放优惠券
+func PageCouponUser(c *fiber.Ctx) error {
+	authCtx, err := auth.GetAuthCtx(c).PermitUser()
+	if err != nil {
+		return err
+	}
+
+	var req PageCouponUserReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	conds := couponUserPageConditions(req.CouponUserPageFilter)
+	conds = append(conds, q.CouponUser.UserID.Eq(authCtx.User.ID))
+
+	list, total, err := q.CouponUser.
+		Joins(q.CouponUser.Coupon).
+		Select(couponUserSelect(false)...).
+		Where(conds...).
+		Order(q.CouponUser.CreatedAt.Desc()).
+		FindByPage(req.GetOffset(), req.GetLimit())
+	if err != nil {
+		return core.NewBizErr("获取数据失败", err)
+	}
+
+	return c.JSON(core.PageResp{
+		List:  list,
+		Total: int(total),
+		Page:  req.GetPage(),
+		Size:  req.GetSize(),
+	})
+}
+
+type PageCouponUserReq struct {
+	core.PageReq
+	CouponUserPageFilter
+}
+
+// GetCouponUser 获取当前用户已发放优惠券详情
+func GetCouponUser(c *fiber.Ctx) error {
+	authCtx, err := auth.GetAuthCtx(c).PermitUser()
+	if err != nil {
+		return err
+	}
+
+	var req core.IdReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	item, err := q.CouponUser.
+		Joins(q.CouponUser.Coupon).
+		Select(couponUserSelect(false)...).
+		Where(
+			q.CouponUser.ID.Eq(req.Id),
+			q.CouponUser.UserID.Eq(authCtx.User.ID),
+		).
+		Take()
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return core.NewBizErr("已发放优惠券不存在")
+	}
+	if err != nil {
+		return core.NewBizErr("获取数据失败", err)
+	}
+
+	return c.JSON(item)
+}
+
+// PageCouponUserByAdmin 分页查询全部已发放优惠券
+func PageCouponUserByAdmin(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponUserRead)
+	if err != nil {
+		return err
+	}
+
+	var req PageCouponUserByAdminReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	conds := couponUserPageConditions(req.CouponUserPageFilter)
+	if req.UserID != nil {
+		conds = append(conds, q.CouponUser.UserID.Eq(*req.UserID))
+	}
+	if req.UserPhone != nil {
+		conds = append(conds, q.User.As("User").Phone.Eq(*req.UserPhone))
+	}
+
+	list, total, err := q.CouponUser.
+		Joins(q.CouponUser.Coupon, q.CouponUser.User).
+		Select(couponUserSelect(true)...).
+		Where(conds...).
+		Order(q.CouponUser.CreatedAt.Desc()).
+		FindByPage(req.GetOffset(), req.GetLimit())
+	if err != nil {
+		return core.NewBizErr("获取数据失败", err)
+	}
+
+	return c.JSON(core.PageResp{
+		List:  list,
+		Total: int(total),
+		Page:  req.GetPage(),
+		Size:  req.GetSize(),
+	})
+}
+
+type PageCouponUserByAdminReq struct {
+	core.PageReq
+	CouponUserPageFilter
+	UserID    *int32  `json:"user_id,omitempty"`
+	UserPhone *string `json:"user_phone,omitempty"`
+}
+
+// PageCouponUserOfUserByAdmin 分页查询指定用户已发放优惠券
+func PageCouponUserOfUserByAdmin(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponUserReadOfUser)
+	if err != nil {
+		return err
+	}
+
+	var req PageCouponUserOfUserByAdminReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	conds := couponUserPageConditions(req.CouponUserPageFilter)
+	conds = append(conds, q.CouponUser.UserID.Eq(req.UserID))
+
+	list, total, err := q.CouponUser.
+		Joins(q.CouponUser.Coupon, q.CouponUser.User).
+		Select(couponUserSelect(true)...).
+		Where(conds...).
+		Order(q.CouponUser.CreatedAt.Desc()).
+		FindByPage(req.GetOffset(), req.GetLimit())
+	if err != nil {
+		return core.NewBizErr("获取数据失败", err)
+	}
+
+	return c.JSON(core.PageResp{
+		List:  list,
+		Total: int(total),
+		Page:  req.GetPage(),
+		Size:  req.GetSize(),
+	})
+}
+
+type PageCouponUserOfUserByAdminReq struct {
+	core.PageReq
+	CouponUserPageFilter
+	UserID int32 `json:"user_id" validate:"required"`
+}
+
+// GetCouponUserByAdmin 获取已发放优惠券详情
+func GetCouponUserByAdmin(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponUserRead)
+	if err != nil {
+		return err
+	}
+
+	var req core.IdReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	item, err := q.CouponUser.
+		Joins(q.CouponUser.Coupon, q.CouponUser.User).
+		Select(couponUserSelect(true)...).
+		Where(q.CouponUser.ID.Eq(req.Id)).
+		Take()
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return core.NewBizErr("已发放优惠券不存在")
+	}
+	if err != nil {
+		return core.NewBizErr("获取数据失败", err)
+	}
+
+	return c.JSON(item)
+}
+
+func CreateCouponUserByAdmin(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponUserWrite)
+	if err != nil {
+		return err
+	}
+
+	var req s.CreateCouponUserData
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	if err := s.CouponUser.Create(req); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func UpdateCouponUserByAdmin(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponUserWrite)
+	if err != nil {
+		return err
+	}
+
+	var req s.UpdateCouponUserData
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	if err := s.CouponUser.Update(req); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func DeleteCouponUserByAdmin(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeCouponUserWrite)
+	if err != nil {
+		return err
+	}
+
+	var req core.IdReq
+	if err := g.Validator.ParseBody(c, &req); err != nil {
+		return err
+	}
+
+	if err := s.CouponUser.Delete(req.Id); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+type CouponUserPageFilter struct {
+	CouponID       *int32              `json:"coupon_id,omitempty"`
+	CouponName     *string             `json:"coupon_name,omitempty"`
+	Status         *m.CouponUserStatus `json:"status,omitempty"`
+	Expired        *bool               `json:"expired,omitempty"`
+	CreatedAtStart *time.Time          `json:"created_at_start,omitempty"`
+	CreatedAtEnd   *time.Time          `json:"created_at_end,omitempty"`
+	ExpireAtStart  *time.Time          `json:"expire_at_start,omitempty"`
+	ExpireAtEnd    *time.Time          `json:"expire_at_end,omitempty"`
+	UsedAtStart    *time.Time          `json:"used_at_start,omitempty"`
+	UsedAtEnd      *time.Time          `json:"used_at_end,omitempty"`
+}
+
+func couponUserPageConditions(req CouponUserPageFilter) []gen.Condition {
+	conds := make([]gen.Condition, 0)
+	if req.CouponID != nil {
+		conds = append(conds, q.CouponUser.CouponID.Eq(*req.CouponID))
+	}
+	if req.CouponName != nil {
+		conds = append(conds, q.Coupon.As("Coupon").Name.Like("%"+*req.CouponName+"%"))
+	}
+	if req.Status != nil {
+		conds = append(conds, q.CouponUser.Status.Eq(int(*req.Status)))
+	}
+	if req.Expired != nil {
+		if *req.Expired {
+			conds = append(conds, q.CouponUser.ExpireAt.IsNotNull(), q.CouponUser.ExpireAt.Lte(time.Now()))
+		} else {
+			conds = append(conds, q.CouponUser.Where(q.CouponUser.ExpireAt.IsNull()).Or(q.CouponUser.ExpireAt.Gt(time.Now())))
+		}
+	}
+	if req.CreatedAtStart != nil {
+		conds = append(conds, q.CouponUser.CreatedAt.Gte(u.DateHead(*req.CreatedAtStart)))
+	}
+	if req.CreatedAtEnd != nil {
+		conds = append(conds, q.CouponUser.CreatedAt.Lte(u.DateTail(*req.CreatedAtEnd)))
+	}
+	if req.ExpireAtStart != nil {
+		conds = append(conds, q.CouponUser.ExpireAt.Gte(u.DateHead(*req.ExpireAtStart)))
+	}
+	if req.ExpireAtEnd != nil {
+		conds = append(conds, q.CouponUser.ExpireAt.Lte(u.DateTail(*req.ExpireAtEnd)))
+	}
+	if req.UsedAtStart != nil {
+		conds = append(conds, q.CouponUser.UsedAt.Gte(u.DateHead(*req.UsedAtStart)))
+	}
+	if req.UsedAtEnd != nil {
+		conds = append(conds, q.CouponUser.UsedAt.Lte(u.DateTail(*req.UsedAtEnd)))
+	}
+	return conds
+}
+
+func couponUserSelect(includeUser bool) []field.Expr {
+	cols := []field.Expr{
+		q.CouponUser.ALL,
+		q.Coupon.As("Coupon").ID.As("Coupon__id"),
+		q.Coupon.As("Coupon").Name.As("Coupon__name"),
+		q.Coupon.As("Coupon").Amount.As("Coupon__amount"),
+		q.Coupon.As("Coupon").MinAmount.As("Coupon__min_amount"),
+		q.Coupon.As("Coupon").Count_.As("Coupon__count"),
+		q.Coupon.As("Coupon").Status.As("Coupon__status"),
+		q.Coupon.As("Coupon").ExpireType.As("Coupon__expire_type"),
+		q.Coupon.As("Coupon").ExpireAt.As("Coupon__expire_at"),
+		q.Coupon.As("Coupon").ExpireIn.As("Coupon__expire_in"),
+		q.Coupon.As("Coupon").CreatedAt.As("Coupon__created_at"),
+		q.Coupon.As("Coupon").UpdatedAt.As("Coupon__updated_at"),
+	}
+
+	if includeUser {
+		cols = append(cols,
+			q.User.As("User").ID.As("User__id"),
+			q.User.As("User").Phone.As("User__phone"),
+			q.User.As("User").Name.As("User__name"),
+		)
+	}
+
+	return cols
+}
--- a/web/handlers/proxy.go
+++ b/web/handlers/proxy.go
@@ -120,6 +120,8 @@ func RemoveProxy(c *fiber.Ctx) error {
 	return c.JSON(nil)
 }

+// ====================
+
 // region 报告上线
 func ProxyReportOnline(c *fiber.Ctx) (err error) {
 	return c.JSON(map[string]any{
--- a/web/handlers/resource.go
+++ b/web/handlers/resource.go
@@ -84,6 +84,7 @@ func PageResourceShort(c *fiber.Ctx) error {
 		total = int64(len(resource) + req.GetOffset())
 	} else {
 		total, err = q.Resource.
+			Joins(q.Resource.Short).
 			Where(do).
 			Count()
 		if err != nil {
@@ -180,6 +181,7 @@ func PageResourceLong(c *fiber.Ctx) error {
 		total = int64(len(resource) + req.GetOffset())
 	} else {
 		total, err = q.Resource.
+			Joins(q.Resource.Long).
 			Where(do).
 			Count()
 		if err != nil {
@@ -609,6 +611,30 @@ func UpdateResourceByAdmin(c *fiber.Ctx) error {
 	return c.JSON(nil)
 }

+func UpdateResourceCheckIP(c *fiber.Ctx) error {
+	_, err := auth.GetAuthCtx(c).PermitUser()
+	if err != nil {
+		return err
+	}
+
+	var req struct {
+		core.IdReq
+		CheckIP bool `json:"checkip"`
+	}
+	if err := c.BodyParser(&req); err != nil {
+		return err
+	}
+
+	if err := s.Resource.Update(&s.UpdateResourceData{
+		IdReq:   req.IdReq,
+		CheckIP: &req.CheckIP,
+	}); err != nil {
+		return err
+	}
+
+	return c.JSON(nil)
+}
+
 // StatisticResourceFree 统计每日可用
 func StatisticResourceFree(c *fiber.Ctx) error {
 	// 检查权限
--- a/web/handlers/trade.go
+++ b/web/handlers/trade.go
@@ -182,6 +182,9 @@ func TradeCreate(c *fiber.Ctx) error {
 	if err != nil {
 		return err
 	}
+	if authCtx.User.IDType == m.UserIDTypeUnverified {
+		return core.NewBizErr("请先实名认证后再购买")
+	}

 	// 解析请求参数
 	req := new(TradeCreateReq)
--- a/web/handlers/user.go
+++ b/web/handlers/user.go
@@ -260,7 +260,7 @@ type UpdateUserBalanceByAdminData struct {
 // 绑定管理员
 func BindAdmin(c *fiber.Ctx) error {
 	// 检查权限
-	authCtx, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeUserWrite)
+	authCtx, err := auth.GetAuthCtx(c).PermitAdmin(core.ScopeUserWriteBind)
 	if err != nil {
 		return err
 	}
--- a/web/handlers/whitelist.go
+++ b/web/handlers/whitelist.go
@@ -2,6 +2,7 @@ package handlers

 import (
 	"errors"
+	"fmt"
 	"platform/pkg/env"
 	"platform/pkg/u"
 	"platform/web/auth"
@@ -97,6 +98,18 @@ func CreateWhitelist(c *fiber.Ctx) error {
 	}

 	// 创建白名单
+	uid := authCtx.User.ID
+	err = g.Redsync.WithLock(whitelistKey(uid), func() error {
+		count, err := q.Whitelist.Where(
+			q.Whitelist.UserID.Eq(uid),
+		).Count()
+		if err != nil {
+			return core.NewServErr("获取白名单数量失败", err)
+		}
+		if count >= 5 {
+			return core.NewBizErr("白名单数量已达上限")
+		}
+
 		err = q.Whitelist.Create(&m.Whitelist{
 			UserID: authCtx.User.ID,
 			IP:     u.Z(ip),
@@ -106,6 +119,12 @@ func CreateWhitelist(c *fiber.Ctx) error {
 			return core.NewServErr("添加白名单失败", err)
 		}

+		return nil
+	})
+	if err != nil {
+		return err
+	}
+
 	return nil
 }

@@ -206,3 +225,7 @@ func secureAddr(str string) (*orm.Inet, error) {
 	}
 	return ip, nil
 }
+
+func whitelistKey(userID int32) string {
+	return fmt.Sprintf("platform:whitelist:add:%d", userID)
+}
--- a/web/middlewares.go
+++ b/web/middlewares.go
@@ -11,6 +11,8 @@ import (
 	"github.com/gofiber/fiber/v2/middleware/requestid"
 	"github.com/google/uuid"
 	"github.com/jxskiss/base62"
+	"go.opentelemetry.io/otel/attribute"
+	"go.opentelemetry.io/otel/trace"
 )

 func ApplyMiddlewares(app *fiber.App) {
@@ -20,13 +22,8 @@ func ApplyMiddlewares(app *fiber.App) {
 		EnableStackTrace: true,
 	}))

-	// cors
-	app.Use(cors.New(cors.Config{
-		AllowCredentials: true,
-		AllowOriginsFunc: func(origin string) bool {
-			return true
-		},
-	}))
+	// metric
+	app.Use(otelfiber.Middleware())

 	// logger
 	app.Use(logger.New(logger.Config{
@@ -35,8 +32,31 @@ func ApplyMiddlewares(app *fiber.App) {
 		},
 	}))

-	// metric
-	app.Use(otelfiber.Middleware())
+	// 补充 otel span attr
+	app.Use(func(c *fiber.Ctx) error {
+		err := c.Next()
+
+		span := trace.SpanFromContext(c.UserContext())
+		if !span.IsRecording() {
+			return err
+		}
+
+		str := ""
+		if err != nil {
+			str = err.Error()
+		}
+
+		span.SetAttributes(attribute.String("http.response.error", str))
+		return err
+	})
+
+	// cors
+	app.Use(cors.New(cors.Config{
+		AllowCredentials: true,
+		AllowOriginsFunc: func(origin string) bool {
+			return true
+		},
+	}))

 	// request id
 	app.Use(requestid.New(requestid.Config{
--- a/web/models/coupon_user.go
+++ b/web/models/coupon_user.go
@@ -7,7 +7,7 @@ type CouponUser struct {
 	ID        int32            `json:"id" gorm:"column:id;primaryKey"`              // 记录ID
 	CouponID  int32            `json:"coupon_id" gorm:"column:coupon_id"`           // 优惠券ID
 	UserID    int32            `json:"user_id" gorm:"column:user_id"`               // 用户ID
-	Status    CouponStatus `json:"status" gorm:"column:status"`                 // 使用状态：0-未使用，1-已使用
+	Status    CouponUserStatus `json:"status" gorm:"column:status"`                 // 使用状态：0-未使用，1-已使用，2-已禁用
 	ExpireAt  *time.Time       `json:"expire_at,omitempty" gorm:"column:expire_at"` // 过期时间
 	UsedAt    *time.Time       `json:"used_at,omitempty" gorm:"column:used_at"`     // 使用时间
 	CreatedAt time.Time        `json:"created_at" gorm:"column:created_at"`         // 创建时间
@@ -22,4 +22,5 @@ type CouponUserStatus int
 const (
 	CouponUserStatusUnused   CouponUserStatus = 0 // 未使用
 	CouponUserStatusUsed     CouponUserStatus = 1 // 已使用
+	CouponUserStatusDisabled CouponUserStatus = 2 // 已禁用
 )
--- a/web/models/product_sku.go
+++ b/web/models/product_sku.go
@@ -17,6 +17,7 @@ type ProductSku struct {
 	PriceMin   decimal.Decimal `json:"price_min" gorm:"column:price_min"`     // 最低价格
 	Status     SkuStatus       `json:"status" gorm:"column:status"`           // SKU 状态：0-禁用，1-正常
 	Sort       int32           `json:"sort" gorm:"column:sort"`               // 排序
+	CountMin   int32           `json:"count_min" gorm:"column:count_min"`     // 最小购买数量

 	Product  *Product         `json:"product,omitempty" gorm:"foreignKey:ProductID"`
 	Discount *ProductDiscount `json:"discount,omitempty" gorm:"foreignKey:DiscountId"`
--- a/web/models/resource.go
+++ b/web/models/resource.go
@@ -12,6 +12,7 @@ type Resource struct {
 	Active     bool         `json:"active" gorm:"column:active"`                     // 套餐状态
 	Type       ResourceType `json:"type" gorm:"column:type"`                         // 套餐类型：1-短效动态，2-长效动态
 	Code       string       `json:"code" gorm:"column:code"`                         // 产品编码
+	CheckIP    bool         `json:"checkip" gorm:"column:checkip"`                   // 是否检查IP

 	User    *User          `json:"user,omitempty" gorm:"foreignKey:UserID"`
 	Short   *ResourceShort `json:"short,omitempty" gorm:"foreignKey:ResourceID"`
--- a/web/queries/product_sku.gen.go
+++ b/web/queries/product_sku.gen.go
@@ -39,6 +39,7 @@ func newProductSku(db *gorm.DB, opts ...gen.DOOption) productSku {
 	_productSku.PriceMin = field.NewField(tableName, "price_min")
 	_productSku.Status = field.NewInt32(tableName, "status")
 	_productSku.Sort = field.NewInt32(tableName, "sort")
+	_productSku.CountMin = field.NewInt32(tableName, "count_min")
 	_productSku.Product = productSkuBelongsToProduct{
 		db: db.Session(&gorm.Session{}),

@@ -93,6 +94,7 @@ type productSku struct {
 	PriceMin   field.Field
 	Status     field.Int32
 	Sort       field.Int32
+	CountMin   field.Int32
 	Product    productSkuBelongsToProduct

 	Discount productSkuBelongsToDiscount
@@ -124,6 +126,7 @@ func (p *productSku) updateTableName(table string) *productSku {
 	p.PriceMin = field.NewField(table, "price_min")
 	p.Status = field.NewInt32(table, "status")
 	p.Sort = field.NewInt32(table, "sort")
+	p.CountMin = field.NewInt32(table, "count_min")

 	p.fillFieldMap()

@@ -140,7 +143,7 @@ func (p *productSku) GetFieldByName(fieldName string) (field.OrderExpr, bool) {
 }

 func (p *productSku) fillFieldMap() {
-	p.fieldMap = make(map[string]field.Expr, 14)
+	p.fieldMap = make(map[string]field.Expr, 15)
 	p.fieldMap["id"] = p.ID
 	p.fieldMap["created_at"] = p.CreatedAt
 	p.fieldMap["updated_at"] = p.UpdatedAt
@@ -153,6 +156,7 @@ func (p *productSku) fillFieldMap() {
 	p.fieldMap["price_min"] = p.PriceMin
 	p.fieldMap["status"] = p.Status
 	p.fieldMap["sort"] = p.Sort
+	p.fieldMap["count_min"] = p.CountMin

 }

--- a/web/queries/resource.gen.go
+++ b/web/queries/resource.gen.go
@@ -36,6 +36,7 @@ func newResource(db *gorm.DB, opts ...gen.DOOption) resource {
 	_resource.Active = field.NewBool(tableName, "active")
 	_resource.Type = field.NewInt(tableName, "type")
 	_resource.Code = field.NewString(tableName, "code")
+	_resource.CheckIP = field.NewBool(tableName, "checkip")
 	_resource.Short = resourceHasOneShort{
 		db: db.Session(&gorm.Session{}),

@@ -185,6 +186,7 @@ type resource struct {
 	Active     field.Bool
 	Type       field.Int
 	Code       field.String
+	CheckIP    field.Bool
 	Short      resourceHasOneShort

 	Long resourceHasOneLong
@@ -217,6 +219,7 @@ func (r *resource) updateTableName(table string) *resource {
 	r.Active = field.NewBool(table, "active")
 	r.Type = field.NewInt(table, "type")
 	r.Code = field.NewString(table, "code")
+	r.CheckIP = field.NewBool(table, "checkip")

 	r.fillFieldMap()

@@ -233,7 +236,7 @@ func (r *resource) GetFieldByName(fieldName string) (field.OrderExpr, bool) {
 }

 func (r *resource) fillFieldMap() {
-	r.fieldMap = make(map[string]field.Expr, 13)
+	r.fieldMap = make(map[string]field.Expr, 14)
 	r.fieldMap["id"] = r.ID
 	r.fieldMap["created_at"] = r.CreatedAt
 	r.fieldMap["updated_at"] = r.UpdatedAt
@@ -243,6 +246,7 @@ func (r *resource) fillFieldMap() {
 	r.fieldMap["active"] = r.Active
 	r.fieldMap["type"] = r.Type
 	r.fieldMap["code"] = r.Code
+	r.fieldMap["checkip"] = r.CheckIP

 }

--- a/web/routes.go
+++ b/web/routes.go
@@ -3,6 +3,7 @@ package web
 import (
 	"platform/pkg/env"
 	auth2 "platform/web/auth"
+	"platform/web/core"
 	"platform/web/handlers"
 	"time"

@@ -33,6 +34,9 @@ func ApplyRouters(app *fiber.App) {
 			}
 			return ctx.JSON(rs)
 		})
+		debug.Get("/test/err", func(ctx *fiber.Ctx) error {
+			return core.NewBizErr("测试错误")
+		})
 	}
 }

@@ -66,6 +70,7 @@ func userRouter(api fiber.Router) {
 	resource.Post("/list/short", handlers.PageResourceShort)
 	resource.Post("/list/long", handlers.PageResourceLong)
 	resource.Post("/create", handlers.CreateResource)
+	resource.Post("/update/checkip", handlers.UpdateResourceCheckIP)

 	resource.Post("/statistics/free", handlers.StatisticResourceFree)
 	resource.Post("/statistics/usage", handlers.StatisticResourceUsage)
@@ -90,6 +95,15 @@ func userRouter(api fiber.Router) {
 	bill := api.Group("/bill")
 	bill.Post("/list", handlers.ListBill)

+	// 余额变动
+	balance := api.Group("/balance")
+	balance.Post("/page", handlers.PageBalanceActivity)
+
+	// 已发放优惠券
+	couponUser := api.Group("/coupon-user")
+	couponUser.Post("/page", handlers.PageCouponUser)
+	couponUser.Post("/get", handlers.GetCouponUser)
+
 	// 公告
 	announcement := api.Group("/announcement")
 	announcement.Post("/list", handlers.ListAnnouncements)
@@ -191,6 +205,7 @@ func adminRouter(api fiber.Router) {
 	var channel = api.Group("/channel")
 	channel.Post("/page", handlers.PageChannelByAdmin)
 	channel.Post("/page/of-user", handlers.PageChannelOfUserByAdmin)
+	channel.Post("/sync/clear-expired", handlers.SyncChannelClearExpiredByAdmin)

 	// proxy 代理
 	var proxy = api.Group("/proxy")
@@ -248,4 +263,14 @@ func adminRouter(api fiber.Router) {
 	coupon.Post("/create", handlers.CreateCoupon)
 	coupon.Post("/update", handlers.UpdateCoupon)
 	coupon.Post("/remove", handlers.DeleteCoupon)
+	coupon.Post("/update/assign", handlers.AssignCoupon)
+
+	// coupon-user 已发放优惠券
+	var couponUser = api.Group("/coupon-user")
+	couponUser.Post("/page", handlers.PageCouponUserByAdmin)
+	couponUser.Post("/page/of-user", handlers.PageCouponUserOfUserByAdmin)
+	couponUser.Post("/get", handlers.GetCouponUserByAdmin)
+	couponUser.Post("/create", handlers.CreateCouponUserByAdmin)
+	couponUser.Post("/update", handlers.UpdateCouponUserByAdmin)
+	couponUser.Post("/remove", handlers.DeleteCouponUserByAdmin)
 }
--- a/web/services/channel.go
+++ b/web/services/channel.go
@@ -26,6 +26,7 @@ var Channel = &channelServer{
 type ChannelServiceProvider interface {
 	CreateChannels(source netip.Addr, resourceId int32, authWhitelist bool, authPassword bool, count int, edgeFilter *EdgeFilter) ([]*m.Channel, error)
 	RemoveChannels(batch string) error
+	ClearExpiredChannels(proxyId int32) (int, error)
 }

 type channelServer struct {
@@ -40,6 +41,10 @@ func (s *channelServer) RemoveChannels(batch string) error {
 	return s.provider.RemoveChannels(batch)
 }

+func (s *channelServer) ClearExpiredChannels(proxyId int32) (int, error) {
+	return s.provider.ClearExpiredChannels(proxyId)
+}
+
 // 授权方式
 type ChannelAuthType int

@@ -87,6 +92,7 @@ func findResource(resourceId int32, now time.Time) (*ResourceView, error) {
 		User:    *resource.User,
 		Active:  resource.Active,
 		Type:    resource.Type,
+		CheckIP: resource.CheckIP,
 	}

 	switch resource.Type {
@@ -142,10 +148,11 @@ type ResourceView struct {
 	Daily    int32
 	LastAt   *time.Time
 	Today    int // 今日用量
+	CheckIP  bool
 }

 // 检查用户是否可提取
-func ensure(now time.Time, source netip.Addr, resourceId int32, count int) (*ResourceView, []string, error) {
+func ensure(now time.Time, source netip.Addr, resourceId int32, authWhitelist bool, count int) (*ResourceView, []string, error) {
 	if count > 400 {
 		return nil, nil, core.NewBizErr("单次最多提取 400 个")
 	}
@@ -170,6 +177,10 @@ func ensure(now time.Time, source netip.Addr, resourceId int32, count int) (*Res
 		return nil, nil, err
 	}

+	if authWhitelist && len(whitelists) == 0 {
+		return nil, nil, core.NewBizErr("当前白名单为空，请先添加白名单")
+	}
+
 	ips := make([]string, len(whitelists))
 	pass := false
 	for i, item := range whitelists {
@@ -178,7 +189,7 @@ func ensure(now time.Time, source netip.Addr, resourceId int32, count int) (*Res
 			pass = true
 		}
 	}
-	if !pass {
+	if resource.CheckIP && !pass {
 		return nil, nil, core.NewBizErr(fmt.Sprintf("IP 地址 %s 不在白名单内", source.String()))
 	}

@@ -209,10 +220,13 @@ func ensure(now time.Time, source netip.Addr, resourceId int32, count int) (*Res
 	return resource, ips, nil
 }

-var (
-	freeChansKey = "channel:free"
-	usedChansKey = "channel:used"
-)
+func freeChansKey(proxy int32) string {
+	return "channel:free:" + strconv.Itoa(int(proxy))
+}
+
+func usedChansKey(proxy int32, batch string) string {
+	return "channel:used:" + strconv.Itoa(int(proxy)) + ":" + batch
+}

 // 扩容通道
 func regChans(proxy int32, chans []netip.AddrPort) error {
@@ -221,7 +235,7 @@ func regChans(proxy int32, chans []netip.AddrPort) error {
 		strs[i] = ch.String()
 	}

-	key := freeChansKey + ":" + strconv.Itoa(int(proxy))
+	key := freeChansKey(proxy)
 	err := g.Redis.SAdd(context.Background(), key, strs...).Err()
 	if err != nil {
 		return fmt.Errorf("扩容通道失败: %w", err)
@@ -231,7 +245,7 @@ func regChans(proxy int32, chans []netip.AddrPort) error {

 // 缩容通道
 func remChans(proxy int32) error {
-	key := freeChansKey + ":" + strconv.Itoa(int(proxy))
+	key := freeChansKey(proxy)
 	err := g.Redis.Del(context.Background(), key).Err()
 	if err != nil {
 		return fmt.Errorf("缩容通道失败: %w", err)
@@ -241,13 +255,12 @@ func remChans(proxy int32) error {

 // 取用通道
 func lockChans(proxy int32, batch string, count int) ([]netip.AddrPort, error) {
-	pid := strconv.Itoa(int(proxy))
 	chans, err := RedisScriptLockChans.Run(
 		context.Background(),
 		g.Redis,
 		[]string{
-			freeChansKey + ":" + pid,
-			usedChansKey + ":" + pid + ":" + batch,
+			freeChansKey(proxy),
+			usedChansKey(proxy, batch),
 		},
 		count,
 	).StringSlice()
@@ -285,13 +298,12 @@ return ports

 // 归还通道
 func freeChans(proxy int32, batch string) error {
-	pid := strconv.Itoa(int(proxy))
 	err := RedisScriptFreeChans.Run(
 		context.Background(),
 		g.Redis,
 		[]string{
-			freeChansKey + ":" + pid,
-			usedChansKey + ":" + pid + ":" + batch,
+			freeChansKey(proxy),
+			usedChansKey(proxy, batch),
 		},
 	).Err()
 	if err != nil {
--- a/web/services/channel_baiyin.go
+++ b/web/services/channel_baiyin.go
@@ -1,6 +1,7 @@
 package services

 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"log/slog"
@@ -29,10 +30,10 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 	}

 	now := time.Now()
-	batch := ID.GenReadable("bat")
+	batchNo := ID.GenReadable("bat")

 	// 检查并获取套餐与白名单
-	resource, whitelists, err := ensure(now, source, resourceId, count)
+	resource, whitelists, err := ensure(now, source, resourceId, authWhitelist, count)
 	if err != nil {
 		return nil, err
 	}
@@ -41,75 +42,29 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 	expire := now.Add(resource.Live)

 	// 选择代理
-	proxyResult := struct {
-		m.Proxy
-		Count int
-	}{}
-	err = q.Proxy.
-		LeftJoin(q.Channel, q.Channel.ProxyID.EqCol(q.Proxy.ID), q.Channel.ExpiredAt.Gt(now)).
-		Select(q.Proxy.ALL, field.NewUnsafeFieldRaw("10000 - count(*)").As("count")).
-		Where(
-			q.Proxy.Type.Eq(int(m.ProxyTypeBaiYin)),
-			q.Proxy.Status.Eq(int(m.ProxyStatusOnline)),
-		).
-		Group(q.Proxy.ID).
-		Order(field.NewField("", "count")).
-		Limit(1).Scan(&proxyResult)
-	if err != nil {
-		return nil, core.NewBizErr("获取可用代理失败", err)
-	}
-	if proxyResult.Count < count {
-		return nil, core.NewBizErr("无可用主机，请稍后再试")
-	}
-	proxy := proxyResult.Proxy
-
-	// 锁内确认状态并锁定端口，避免与状态切换并发穿透
-	var chans []netip.AddrPort
-	err = g.Redsync.WithLock(proxyStatusLockKey(proxy.ID), func() error {
-		lockedProxy, err := q.Proxy.Where(q.Proxy.ID.Eq(proxy.ID)).Take()
-		if err != nil {
-			return err
-		}
-		if lockedProxy.Status != m.ProxyStatusOnline {
-			return core.NewBizErr("无可用主机，请稍后再试")
-		}
-
-		chans, err = lockChans(proxy.ID, batch, count)
-		if err != nil {
-			return core.NewBizErr("无可用通道，请稍后再试", err)
-		}
-
-		proxy = *lockedProxy
-		return nil
-	})
+	proxy, gateway, err := selectProxy(count)
 	if err != nil {
 		return nil, err
 	}

-	// 获取可用节点
-	edgesResp, err := g.Cloud.CloudEdges(&g.CloudEdgesReq{
-		Province:        filter.Prov,
-		City:            filter.City,
-		Isp:             u.X(filter.Isp.String()),
-		Limit:           &count,
-		NoRepeat:        u.P(true),
-		NoDayRepeat:     u.P(true),
-		ActiveTime:      u.P(3600),
-		IpUnchangedTime: u.P(3600),
-		Sort:            u.P("ip_unchanged_time_asc"),
-	})
+	// 取用端口
+	chans, err := selectPorts(proxy.ID, batchNo, count, expire)
 	if err != nil {
-		return nil, core.NewBizErr("获取可用节点失败", err)
+		return nil, err
 	}
-	if edgesResp.Total != count && len(edgesResp.Edges) != count {
-		return nil, core.NewBizErr("地区可用节点数量不足")
-	}
-	edges := edgesResp.Edges

-	// 准备通道数据
+	// 节点查询到提交，需要锁定防止并发取用
 	channels := make([]*m.Channel, count)
+	err = g.Redsync.WithLock(lockChannelCreateKey(), func() error {
+		// 取用节点
+		edges, err := selectEdges(gateway, filter, count)
+		if err != nil {
+			return err
+		}
+
+		// 绑定节点端口
 		chanConfigs := make([]*g.PortConfigsReq, count)
-	edgeConfigs := make([]string, count)
+		edgeConfigs := make([]string, 0, count)
 		for i := range count {
 			ch := chans[i]
 			edge := edges[i]
@@ -118,7 +73,7 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 			channels[i] = &m.Channel{
 				UserID:     user.ID,
 				ResourceID: resourceId,
-			BatchNo:    batch,
+				BatchNo:    batchNo,
 				ProxyID:    proxy.ID,
 				Host:       u.Else(proxy.Host, proxy.IP.String()),
 				Port:       ch.Port(),
@@ -127,6 +82,7 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 				FilterProv: filter.Prov,
 				FilterCity: filter.City,
 				ExpiredAt:  expire,
+				Proxy:      proxy,
 			}

 			// 通道配置数据
@@ -151,29 +107,40 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 			}

 			// 连接配置数据
-		edgeConfigs[i] = edge.EdgeID
+			if edge.Type == EdgeInfoCloud {
+				edgeConfigs = append(edgeConfigs, edge.EdgeID)
+			}
 		}

-	// 提交异步任务关闭通道
-	_, err = g.Asynq.Enqueue(
-		e.NewRemoveChannel(batch),
-		asynq.ProcessAt(expire),
-	)
-	if err != nil {
-		return nil, core.NewServErr("提交关闭通道任务失败", err)
+		// 提交配置
+		slog.Debug("提交代理端口配置", "proxy", proxy.IP.String(), "total_count", len(chanConfigs), "remote_count", len(edgeConfigs))
+		if env.RunMode == env.RunModeProd {
+
+			// 连接节点到网关
+			if err := g.Cloud.CloudConnect(&g.CloudConnectReq{Uuid: proxy.Mac, Edge: &edgeConfigs}); err != nil {
+				return core.NewServErr("连接云平台失败", err)
+			}
+
+			// 启用网关代理通道
+			if err := gateway.GatewayPortConfigs(chanConfigs); err != nil {
+				slog.Warn("提交代理端口配置失败", "error", err.Error())
+				return core.NewServErr(fmt.Sprintf("配置代理 %s 端口失败", proxy.IP.String()), err)
+			}
+		} else {
+			for _, item := range chanConfigs {
+				str, _ := json.Marshal(item)
+				fmt.Println(string(str))
+			}
 		}

 		// 保存数据
 		err = q.Q.Transaction(func(q *q.Query) error {
-		var rs gen.ResultInfo
-
-		// 根据套餐类型和模式更新使用记录
-		isShortType := resource.Type == m.ResourceTypeShort
-		isLongType := resource.Type == m.ResourceTypeLong
-
-		switch {
-		case isShortType:
-			rs, err = q.ResourceShort.
+			// 更新使用记录
+			var result gen.ResultInfo
+			var err error
+			switch resource.Type {
+			case m.ResourceTypeShort:
+				result, err = q.ResourceShort.
 					Where(
 						q.ResourceShort.ID.Eq(*resource.ShortId),
 						q.ResourceShort.Used.Eq(resource.Used),
@@ -185,8 +152,8 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 						q.ResourceShort.LastAt.Value(now),
 					)

-		case isLongType:
-			rs, err = q.ResourceLong.
+			case m.ResourceTypeLong:
+				result, err = q.ResourceLong.
 					Where(
 						q.ResourceLong.ID.Eq(*resource.LongId),
 						q.ResourceLong.Used.Eq(resource.Used),
@@ -199,13 +166,13 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 					)

 			default:
-			return core.NewServErr("套餐类型不正确，无法更新", nil)
+				return core.NewBizErr("套餐类型不正确，无法更新", nil)
 			}
 			if err != nil {
 				return core.NewServErr("更新套餐使用记录失败", err)
 			}
-		if rs.RowsAffected == 0 {
-			return core.NewServErr("套餐使用记录不存在")
+			if result.RowsAffected == 0 {
+				return core.NewBizErr("提取太频繁，请稍后再试", nil)
 			}

 			// 保存通道
@@ -220,9 +187,9 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 			err = q.LogsUserUsage.Create(&m.LogsUserUsage{
 				UserID:     user.ID,
 				ResourceID: resourceId,
-			BatchNo:    batch,
+				BatchNo:    batchNo,
 				Count:      int32(count),
-			ISP:        u.P(filter.Isp.String()),
+				ISP:        u.X(filter.Isp.String()),
 				Prov:       filter.Prov,
 				City:       filter.City,
 				IP:         orm.Inet{Addr: source},
@@ -235,40 +202,20 @@ func (s *channelBaiyinProvider) CreateChannels(source netip.Addr, resourceId int
 			return nil
 		})
 		if err != nil {
-		return nil, err
+			return err
 		}

-	// 提交配置
-	secret := strings.Split(u.Z(proxy.Secret), ":")
-	gateway := g.NewGateway(proxy.IP.String(), secret[0], secret[1])
-	if env.RunMode == env.RunModeProd {
-
-		// 连接节点到网关
-		err = g.Cloud.CloudConnect(&g.CloudConnectReq{
-			Uuid: proxy.Mac,
-			Edge: &edgeConfigs,
+		return nil
 	})
 	if err != nil {
-			return nil, core.NewServErr("连接云平台失败", err)
-		}
-
-		// 启用网关代理通道
-		err = gateway.GatewayPortConfigs(chanConfigs)
-		if err != nil {
-			return nil, core.NewServErr(fmt.Sprintf("配置代理 %s 端口失败", proxy.IP.String()), err)
-		}
-	} else {
-		slog.Debug("提交代理端口配置", "proxy", proxy.IP.String())
-		for _, item := range chanConfigs {
-			str, _ := json.Marshal(item)
-			fmt.Println(string(str))
-		}
+		return nil, err
 	}

 	return channels, nil
 }

 func (s *channelBaiyinProvider) RemoveChannels(batch string) error {
+	return g.Redsync.WithLock(lockChannelRemoveKey(batch), func() error {
 		start := time.Now()

 		// 获取连接数据
@@ -286,6 +233,15 @@ func (s *channelBaiyinProvider) RemoveChannels(batch string) error {
 			return core.NewServErr(fmt.Sprintf("获取代理数据失败，batch：%s", batch), err)
 		}

+		// 检查通道是否存在
+		exist, err := g.Redis.Exists(context.Background(), usedChansKey(proxy.ID, batch)).Result()
+		if err != nil {
+			return core.NewServErr("查询使用中通道失败", err)
+		}
+		if exist == 0 {
+			return nil // 没有使用中通道，已经被清理过了
+		}
+
 		// 准备配置数据
 		edgeConfigs := make([]string, len(channels))
 		configs := make([]*g.PortConfigsReq, len(channels))
@@ -306,21 +262,28 @@ func (s *channelBaiyinProvider) RemoveChannels(batch string) error {
 		// 提交配置
 		if env.RunMode == env.RunModeProd {

-		// 断开节点连接
-		g.Cloud.CloudDisconnect(&g.CloudDisconnectReq{
-			Uuid: proxy.Mac,
-			Edge: &edgeConfigs,
-		})
-
 			// 清空通道配置
 			secret := strings.Split(u.Z(proxy.Secret), ":")
+			if len(secret) != 2 {
+				return core.NewServErr(fmt.Sprintf("代理 %s 密钥格式错误", proxy.IP.String()), nil)
+			}
 			gateway := g.NewGateway(proxy.IP.String(), secret[0], secret[1])
 			err := gateway.GatewayPortConfigs(configs)
 			if err != nil {
 				return core.NewServErr(fmt.Sprintf("清空代理 %s 端口配置失败", proxy.IP.String()), err)
 			}
+
+			// 断开节点连接
+			_, err = g.Cloud.CloudDisconnect(&g.CloudDisconnectReq{
+				Uuid: proxy.Mac,
+				Edge: &edgeConfigs,
+			})
+			if err != nil {
+				slog.Warn("断开云平台连接失败", "error", err.Error())
+				return core.NewServErr("断开云平台连接失败", err)
+			}
+
 		} else {
-		slog.Debug("清除代理端口配置", "proxy", proxy.IP)
 			for _, item := range configs {
 				str, _ := json.Marshal(item)
 				fmt.Println(string(str))
@@ -333,6 +296,201 @@ func (s *channelBaiyinProvider) RemoveChannels(batch string) error {
 			return err
 		}

-	slog.Debug("清除代理端口配置", "duration", time.Since(start).String())
+		slog.Debug("清除代理端口配置", "proxy", proxy.ID, "batch", batch, "duration", time.Since(start).String())
 		return nil
+	})
 }
+
+// ClearExpiredChannels 清理指定代理的过期通道，并返回清理数量（现在理论上不会有需要手动批量清理的通道，未来可以废弃）
+func (s *channelBaiyinProvider) ClearExpiredChannels(proxyId int32) (int, error) {
+	now := time.Now()
+
+	// 获取未清理通道
+	keys, err := g.Redis.Keys(context.Background(), usedChansKey(proxyId, "*")).Result()
+	if err != nil {
+		return 0, core.NewServErr("查询使用中通道失败", err)
+	}
+	if len(keys) == 0 {
+		return 0, nil
+	}
+
+	batchList := make([]string, len(keys))
+	batchSet := make(map[string]struct{}, len(keys))
+	for i, key := range keys {
+		parts := strings.Split(key, ":")
+		if len(parts) != 4 {
+			return 0, core.NewServErr(fmt.Sprintf("使用中通道键格式错误: %s", key), nil)
+		}
+		batchList[i] = parts[3]
+		batchSet[parts[3]] = struct{}{}
+	}
+
+	// 排除未过期通道
+	var batchQueried []struct{ BatchNo string }
+	err = q.Channel.
+		Select(q.Channel.BatchNo).
+		Where(
+			q.Channel.BatchNo.In(batchList...),
+			q.Channel.ExpiredAt.Gte(now),
+		).
+		Group(q.Channel.BatchNo).
+		Scan(&batchQueried)
+	if err != nil {
+		return 0, core.NewServErr("查询过期通道失败", err)
+	}
+	for _, batch := range batchQueried {
+		delete(batchSet, batch.BatchNo)
+	}
+
+	// 清理过期通道
+	slog.Info("批量清理过期通道", "count", len(batchSet))
+	for batchNo, _ := range batchSet {
+		err := s.RemoveChannels(batchNo)
+		if err != nil {
+			slog.Error("清理过期通道失败", "batch", batchNo, "error", err)
+		}
+	}
+
+	return len(batchSet), nil
+}
+
+func lockChannelCreateKey() string {
+	return "platform:channel:create"
+}
+
+func lockChannelRemoveKey(bid string) string {
+	return fmt.Sprintf("platform:batch:remove_expired:%s", bid)
+}
+
+func selectProxy(count int) (*m.Proxy, g.GatewayClient, error) {
+	// 获取在线节点
+	proxies, err := q.Proxy.Where(
+		q.Proxy.Type.Eq(int(m.ProxyTypeBaiYin)),
+		q.Proxy.Status.Eq(int(m.ProxyStatusOnline)),
+	).Find()
+	if err != nil {
+		return nil, nil, core.NewBizErr("获取可用代理失败", err)
+	}
+	if len(proxies) == 0 {
+		return nil, nil, core.NewBizErr("无可用代理")
+	}
+
+	proxyIDs := make([]int32, 0, len(proxies))
+	proxyMap := make(map[int32]*m.Proxy, len(proxies))
+	for _, item := range proxies {
+		proxyIDs = append(proxyIDs, item.ID)
+		proxyMap[item.ID] = item
+	}
+
+	// 获取最空闲节点
+	maxId := int32(0)
+	maxCount := -1
+	for _, id := range proxyIDs {
+		idCount, err := g.Redis.SCard(context.Background(), freeChansKey(id)).Result()
+		if err != nil {
+			return nil, nil, fmt.Errorf("查询可用通道数量失败: %w", err)
+		}
+
+		if idCount > int64(maxCount) {
+			maxCount = int(idCount)
+			maxId = id
+		}
+	}
+	if maxCount < count {
+		return nil, nil, core.NewBizErr("无可用代理")
+	}
+	proxy := proxyMap[maxId]
+
+	secret := strings.Split(u.Z(proxy.Secret), ":")
+	if len(secret) != 2 {
+		return nil, nil, core.NewServErr(fmt.Sprintf("代理 %s 密钥格式错误", proxy.IP.String()), nil)
+	}
+	gateway := g.NewGateway(proxy.IP.String(), secret[0], secret[1])
+
+	return proxy, gateway, nil
+}
+
+func selectPorts(proxyId int32, batchNo string, count int, expire time.Time) ([]netip.AddrPort, error) {
+	chans, err := lockChans(proxyId, batchNo, count)
+	if err != nil {
+		return nil, core.NewBizErr("无可用通道，请稍后再试", err)
+	}
+
+	_, err = g.Asynq.Enqueue(
+		e.NewRemoveChannel(batchNo),
+		asynq.ProcessAt(expire),
+	)
+	if err != nil {
+		return nil, core.NewServErr("注册异步关闭通道任务失败", err)
+	}
+
+	return chans, nil
+}
+
+// selectEdges 选择节点，优先本地节点，失败重试，直到达到重试次数限制
+// 本地节点通过 Assigned = false 排除已分配节点
+// 云端节点通过 NoRepeat = true 排除已分配节点
+func selectEdges(gateway g.GatewayClient, filter *EdgeFilter, count int) ([]EdgeInfo, error) {
+	edges := make([]EdgeInfo, 0, count)
+
+	// 先查本地
+	localEdgesResp, err := gateway.GatewayEdge(&g.GatewayEdgeReq{
+		Province: filter.Prov,
+		City:     filter.City,
+		Isp:      u.X(filter.Isp.String()),
+		Limit:    &count,
+		Assigned: u.P(false),
+	})
+	if err != nil {
+		return nil, core.NewBizErr("获取可用节点失败[1]", err)
+	}
+
+	for id, _ := range localEdgesResp {
+		edges = append(edges, EdgeInfo{
+			Type:   EdgeInfoLocal,
+			EdgeID: id,
+		})
+	}
+	if len(edges) >= count {
+		return edges, nil
+	}
+
+	// 再查云端
+	remaining := count - len(edges)
+	cloudEdgesResp, err := g.Cloud.CloudEdges(&g.CloudEdgesReq{
+		Province:        filter.Prov,
+		City:            filter.City,
+		Isp:             u.X(filter.Isp.String()),
+		Limit:           &remaining,
+		NoRepeat:        u.P(true),
+		ActiveTime:      u.P(3600),
+		IpUnchangedTime: u.P(3600),
+	})
+	if err != nil {
+		return nil, core.NewBizErr("获取可用节点失败[2]", err)
+	}
+
+	for _, edge := range cloudEdgesResp.Edges {
+		edges = append(edges, EdgeInfo{
+			Type:   EdgeInfoCloud,
+			EdgeID: edge.EdgeID,
+		})
+	}
+	if len(edges) < count {
+		return nil, core.NewBizErr("地区可用节点数量不足")
+	}
+
+	return edges, nil
+}
+
+type EdgeInfo struct {
+	Type   EdgeInfoType
+	EdgeID string
+}
+
+type EdgeInfoType string
+
+const (
+	EdgeInfoLocal EdgeInfoType = "local"
+	EdgeInfoCloud EdgeInfoType = "cloud"
+)
--- a/web/services/coupon.go
+++ b/web/services/coupon.go
@@ -68,14 +68,24 @@ func (s *couponService) Update(data UpdateCouponData) error {
 		do = append(do, q.Coupon.Status.Value(int(*data.Status)))
 	}
 	if data.ExpireType != nil {
+		switch *data.ExpireType {
+		case m.CouponExpireTypeNever:
+			do = append(do, q.Coupon.ExpireAt.Null(), q.Coupon.ExpireIn.Null())
+
+		case m.CouponExpireTypeFixed:
+			if data.ExpireAt == nil {
+				return core.NewBizErr("expire_at 不能为空")
+			}
+			do = append(do, q.Coupon.ExpireAt.Value(*data.ExpireAt), q.Coupon.ExpireIn.Null())
+
+		case m.CouponExpireTypeRelative:
+			if data.ExpireIn == nil {
+				return core.NewBizErr("expire_in 不能为空")
+			}
+			do = append(do, q.Coupon.ExpireAt.Null(), q.Coupon.ExpireIn.Value(*data.ExpireIn))
+		}
 		do = append(do, q.Coupon.ExpireType.Value(int(*data.ExpireType)))
 	}
-	if data.ExpireAt != nil {
-		do = append(do, q.Coupon.ExpireAt.Value(*data.ExpireAt))
-	}
-	if data.ExpireIn != nil {
-		do = append(do, q.Coupon.ExpireIn.Value(*data.ExpireIn))
-	}

 	_, err := q.Coupon.Where(q.Coupon.ID.Eq(data.ID)).UpdateSimple(do...)
 	return err
@@ -98,6 +108,13 @@ func (s *couponService) Delete(id int32) error {
 	return err
 }

+func (s *couponService) Assign(couponID int32, userID int32) error {
+	return CouponUser.Create(CreateCouponUserData{
+		CouponID: couponID,
+		UserID:   userID,
+	})
+}
+
 // GetUserCoupon 获取用户的指定优惠券
 func (s *couponService) GetUserCoupon(uid int32, cuid int32, amount decimal.Decimal) (*m.CouponUser, error) {
 	// 获取优惠券
@@ -105,7 +122,7 @@ func (s *couponService) GetUserCoupon(uid int32, cuid int32, amount decimal.Deci
 		q.CouponUser.ID.Eq(cuid),
 		q.CouponUser.UserID.Eq(uid),
 		q.CouponUser.Status.Eq(int(m.CouponUserStatusUnused)),
-		q.CouponUser.ExpireAt.Gt(time.Now()),
+		q.CouponUser.Where(q.CouponUser.ExpireAt.IsNull()).Or(q.CouponUser.ExpireAt.Gt(time.Now())),
 	).Take()
 	if errors.Is(err, gorm.ErrRecordNotFound) {
 		return nil, core.NewBizErr("优惠券不存在或已失效")
--- a/web/services/coupon_user.go
+++ b/web/services/coupon_user.go
@@ -0,0 +1,255 @@
+package services
+
+import (
+	"errors"
+	"platform/pkg/u"
+	"platform/web/core"
+	m "platform/web/models"
+	q "platform/web/queries"
+	"time"
+
+	"gorm.io/gen/field"
+	"gorm.io/gorm"
+)
+
+var CouponUser = &couponUserService{}
+
+type couponUserService struct{}
+
+func (s *couponUserService) Create(data CreateCouponUserData) error {
+	now := time.Now()
+	status := u.Else(data.Status, m.CouponUserStatusUnused)
+	if err := validateCouponUserStatus(status); err != nil {
+		return err
+	}
+
+	return q.Q.Transaction(func(tx *q.Query) error {
+		coupon, err := tx.Coupon.Where(tx.Coupon.ID.Eq(data.CouponID)).Take()
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return core.NewBizErr("优惠券不存在")
+		}
+		if err != nil {
+			return core.NewServErr("获取优惠券数据失败", err)
+		}
+		if coupon.Status != m.CouponStatusEnabled {
+			return core.NewBizErr("优惠券不可用")
+		}
+		if coupon.Count <= 0 {
+			return core.NewBizErr("优惠券已发放完")
+		}
+
+		_, err = tx.User.Where(tx.User.ID.Eq(data.UserID)).Take()
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return core.NewBizErr("用户不存在")
+		}
+		if err != nil {
+			return core.NewServErr("获取用户数据失败", err)
+		}
+
+		expireAt := data.ExpireAt
+		if expireAt == nil {
+			expireAt = couponUserExpireAt(coupon, now)
+		}
+
+		usedAt := data.UsedAt
+		if status == m.CouponUserStatusUsed && usedAt == nil {
+			usedAt = &now
+		}
+		if status == m.CouponUserStatusUnused {
+			usedAt = nil
+		}
+
+		err = tx.CouponUser.Create(&m.CouponUser{
+			UserID:   data.UserID,
+			CouponID: data.CouponID,
+			Status:   status,
+			ExpireAt: expireAt,
+			UsedAt:   usedAt,
+		})
+		if err != nil {
+			return core.NewServErr("发放优惠券失败", err)
+		}
+
+		return adjustCouponCount(tx, coupon.ID, -1)
+	})
+}
+
+type CreateCouponUserData struct {
+	CouponID int32               `json:"coupon_id" validate:"required"`
+	UserID   int32               `json:"user_id" validate:"required"`
+	Status   *m.CouponUserStatus `json:"status"`
+	ExpireAt *time.Time          `json:"expire_at"`
+	UsedAt   *time.Time          `json:"used_at"`
+}
+
+func (s *couponUserService) Update(data UpdateCouponUserData) error {
+	return q.Q.Transaction(func(tx *q.Query) error {
+		current, err := tx.CouponUser.Where(tx.CouponUser.ID.Eq(data.ID)).Take()
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return core.NewBizErr("已发放优惠券不存在")
+		}
+		if err != nil {
+			return core.NewServErr("获取已发放优惠券失败", err)
+		}
+
+		do := make([]field.AssignExpr, 0)
+		if data.ExpireAtClear != nil && *data.ExpireAtClear {
+			do = append(do, tx.CouponUser.ExpireAt.Null())
+		} else if data.ExpireAt != nil {
+			do = append(do, tx.CouponUser.ExpireAt.Value(*data.ExpireAt))
+		}
+
+		if data.UsedAtClear != nil && *data.UsedAtClear {
+			do = append(do, tx.CouponUser.UsedAt.Null())
+		} else if data.UsedAt != nil {
+			do = append(do, tx.CouponUser.UsedAt.Value(*data.UsedAt))
+		}
+
+		if data.Status != nil {
+			if err := validateCouponUserStatus(*data.Status); err != nil {
+				return err
+			}
+			if current.Status != *data.Status {
+				if current.Status == m.CouponUserStatusUsed {
+					return core.NewBizErr("已使用的优惠券不能修改状态")
+				}
+				if current.Status == m.CouponUserStatusDisabled && *data.Status == m.CouponUserStatusUsed {
+					return core.NewBizErr("已禁用的优惠券不能标记为已使用")
+				}
+
+				switch *data.Status {
+				case m.CouponUserStatusUnused:
+					if current.Status == m.CouponUserStatusDisabled {
+						if err := adjustCouponCount(tx, current.CouponID, -1); err != nil {
+							return err
+						}
+					}
+					if data.UsedAt == nil && (data.UsedAtClear == nil || !*data.UsedAtClear) {
+						do = append(do, tx.CouponUser.UsedAt.Null())
+					}
+
+				case m.CouponUserStatusUsed:
+					if data.UsedAt == nil && (data.UsedAtClear == nil || !*data.UsedAtClear) {
+						do = append(do, tx.CouponUser.UsedAt.Value(time.Now()))
+					}
+
+				case m.CouponUserStatusDisabled:
+					if current.Status == m.CouponUserStatusUnused {
+						if err := adjustCouponCount(tx, current.CouponID, 1); err != nil {
+							return err
+						}
+					}
+				}
+				do = append(do, tx.CouponUser.Status.Value(int(*data.Status)))
+			}
+		}
+
+		if len(do) == 0 {
+			return nil
+		}
+
+		result, err := tx.CouponUser.
+			Where(
+				tx.CouponUser.ID.Eq(data.ID),
+				tx.CouponUser.Status.Eq(int(current.Status)),
+			).
+			UpdateSimple(do...)
+		if err != nil {
+			return core.NewServErr("更新已发放优惠券失败", err)
+		}
+		if result.RowsAffected == 0 {
+			return core.NewBizErr("已发放优惠券状态已变化，请重试")
+		}
+		return nil
+	})
+}
+
+type UpdateCouponUserData struct {
+	ID            int32               `json:"id" validate:"required"`
+	Status        *m.CouponUserStatus `json:"status"`
+	ExpireAt      *time.Time          `json:"expire_at"`
+	ExpireAtClear *bool               `json:"expire_at_clear"`
+	UsedAt        *time.Time          `json:"used_at"`
+	UsedAtClear   *bool               `json:"used_at_clear"`
+}
+
+func (s *couponUserService) Delete(id int32) error {
+	status := m.CouponUserStatusDisabled
+	return s.Update(UpdateCouponUserData{
+		ID:     id,
+		Status: &status,
+	})
+}
+
+func (s *couponUserService) DeleteOfUser(id int32, userID int32) error {
+	assigned, err := q.CouponUser.Where(
+		q.CouponUser.ID.Eq(id),
+		q.CouponUser.UserID.Eq(userID),
+	).Take()
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return core.NewBizErr("已发放优惠券不存在")
+	}
+	if err != nil {
+		return core.NewServErr("获取已发放优惠券失败", err)
+	}
+	if assigned.Status != m.CouponUserStatusUnused {
+		return core.NewBizErr("只能撤销未使用的优惠券")
+	}
+
+	return s.Delete(id)
+}
+
+func couponUserExpireAt(coupon *m.Coupon, now time.Time) *time.Time {
+	if coupon == nil {
+		return nil
+	}
+
+	switch coupon.ExpireType {
+	case m.CouponExpireTypeFixed:
+		return coupon.ExpireAt
+	case m.CouponExpireTypeRelative:
+		if coupon.ExpireIn == nil {
+			return nil
+		}
+		expireAt := now.Add(time.Duration(*coupon.ExpireIn) * 24 * time.Hour)
+		return &expireAt
+	default:
+		return nil
+	}
+}
+
+func validateCouponUserStatus(status m.CouponUserStatus) error {
+	switch status {
+	case m.CouponUserStatusUnused, m.CouponUserStatusUsed, m.CouponUserStatusDisabled:
+		return nil
+	default:
+		return core.NewBizErr("优惠券发放状态无效")
+	}
+}
+
+func adjustCouponCount(tx *q.Query, couponID int32, delta int32) error {
+	coupon, err := tx.Coupon.Where(tx.Coupon.ID.Eq(couponID)).Take()
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return core.NewBizErr("优惠券不存在")
+	}
+	if err != nil {
+		return core.NewServErr("获取优惠券数据失败", err)
+	}
+
+	next := coupon.Count + delta
+	if next < 0 {
+		return core.NewBizErr("优惠券已发放完")
+	}
+
+	result, err := tx.Coupon.
+		Where(tx.Coupon.ID.Eq(couponID), tx.Coupon.Count_.Eq(coupon.Count)).
+		UpdateSimple(tx.Coupon.Count_.Value(next))
+	if err != nil {
+		return core.NewServErr("更新优惠券数量失败", err)
+	}
+	if result.RowsAffected == 0 {
+		return core.NewBizErr("优惠券库存已变化，请重试")
+	}
+
+	return nil
+}
--- a/web/services/product.go
+++ b/web/services/product.go
@@ -50,6 +50,7 @@ func (s *productService) AllProductSaleInfos() ([]*m.Product, error) {
 			q.ProductSku.Name,
 			q.ProductSku.Code,
 			q.ProductSku.Price,
+			q.ProductSku.CountMin,
 		).
 		Where(
 			q.ProductSku.ProductID.In(pids...),
--- a/web/services/product_sku.go
+++ b/web/services/product_sku.go
@@ -47,6 +47,11 @@ func (s *productSkuService) Create(create CreateProductSkuData) (err error) {
 		return core.NewBizErr("产品最低价格的格式不正确", err)
 	}

+	countMin := int32(1)
+	if create.CountMin != nil {
+		countMin = *create.CountMin
+	}
+
 	return q.ProductSku.Create(&m.ProductSku{
 		ProductID:  create.ProductID,
 		DiscountId: create.DiscountID,
@@ -54,6 +59,8 @@ func (s *productSkuService) Create(create CreateProductSkuData) (err error) {
 		Name:       create.Name,
 		Price:      price,
 		PriceMin:   priceMin,
+		Sort:       create.Sort,
+		CountMin:   countMin,
 	})
 }

@@ -64,6 +71,8 @@ type CreateProductSkuData struct {
 	Name       string `json:"name"`
 	Price      string `json:"price"`
 	PriceMin   string `json:"price_min"`
+	Sort       int32  `json:"sort"`
+	CountMin   *int32 `json:"count_min"`
 }

 func (s *productSkuService) Update(update UpdateProductSkuData) (err error) {
@@ -95,6 +104,12 @@ func (s *productSkuService) Update(update UpdateProductSkuData) (err error) {
 	if update.Status != nil {
 		do = append(do, q.ProductSku.Status.Value(*update.Status))
 	}
+	if update.Sort != nil {
+		do = append(do, q.ProductSku.Sort.Value(*update.Sort))
+	}
+	if update.CountMin != nil {
+		do = append(do, q.ProductSku.CountMin.Value(*update.CountMin))
+	}

 	_, err = q.ProductSku.Where(q.ProductSku.ID.Eq(update.ID)).UpdateSimple(do...)
 	return err
@@ -108,6 +123,8 @@ type UpdateProductSkuData struct {
 	Price      *string `json:"price"`
 	PriceMin   string  `json:"price_min"`
 	Status     *int32  `json:"status"`
+	Sort       *int32  `json:"sort"`
+	CountMin   *int32  `json:"count_min"`
 }

 func (s *productSkuService) Delete(id int32) (err error) {
--- a/web/services/proxy.go
+++ b/web/services/proxy.go
@@ -2,7 +2,6 @@ package services

 import (
 	"context"
-	"fmt"
 	"net/netip"
 	"platform/pkg/u"
 	"platform/web/core"
@@ -10,7 +9,6 @@ import (
 	"platform/web/globals/orm"
 	m "platform/web/models"
 	q "platform/web/queries"
-	"strconv"
 	"time"

 	"gorm.io/gen/field"
@@ -20,13 +18,9 @@ var Proxy = &proxyService{}

 type proxyService struct{}

-func proxyStatusLockKey(id int32) string {
-	return fmt.Sprintf("platform:proxy:status:%d", id)
-}
-
 func hasUsedChans(proxyID int32) (bool, error) {
 	ctx := context.Background()
-	pattern := usedChansKey + ":" + strconv.Itoa(int(proxyID)) + ":*"
+	pattern := usedChansKey(proxyID, "*")
 	keys, _, err := g.Redis.Scan(ctx, 0, pattern, 1).Result()
 	if err != nil {
 		return false, err
@@ -188,11 +182,11 @@ func (s *proxyService) Remove(id int32) error {

 type UpdateProxyStatus struct {
 	ID     int32         `json:"id" validate:"required"`
-	Status m.ProxyStatus `json:"status" validate:"required"`
+	Status m.ProxyStatus `json:"status"`
 }

 func (s *proxyService) UpdateStatus(update *UpdateProxyStatus) error {
-	return g.Redsync.WithLock(proxyStatusLockKey(update.ID), func() error {
+	return q.Q.Transaction(func(tx *q.Query) error {
 		proxy, err := q.Proxy.Where(q.Proxy.ID.Eq(update.ID)).Take()
 		if err != nil {
 			return err
--- a/web/services/resource.go
+++ b/web/services/resource.go
@@ -63,9 +63,10 @@ func (s *resourceService) Create(q *q.Query, uid int32, now time.Time, data *Cre
 	var resource = m.Resource{
 		UserID:     uid,
 		ResourceNo: u.P(ID.GenReadable("res")),
-		Active:     true,
 		Type:       data.Type,
 		Code:       data.Type.Code(),
+		Active:     true,
+		CheckIP:    true,
 	}
 	switch data.Type {

@@ -121,14 +122,13 @@ func (s *resourceService) Create(q *q.Query, uid int32, now time.Time, data *Cre
 }

 func (s *resourceService) Update(data *UpdateResourceData) error {
-	if data.Active == nil {
-		return core.NewBizErr("更新套餐失败，active 不能为空")
-	}
-
 	do := make([]field.AssignExpr, 0)
 	if data.Active != nil {
 		do = append(do, q.Resource.Active.Value(*data.Active))
 	}
+	if data.CheckIP != nil {
+		do = append(do, q.Resource.CheckIP.Value(*data.CheckIP))
+	}

 	_, err := q.Resource.
 		Where(q.Resource.ID.Eq(data.Id)).
@@ -143,9 +143,13 @@ func (s *resourceService) Update(data *UpdateResourceData) error {
 type UpdateResourceData struct {
 	core.IdReq
 	Active  *bool `json:"active"`
+	CheckIP *bool `json:"checkip"`
 }

 func (s *resourceService) CalcPrice(skuCode string, count int32, user *m.User, cuid *int32) (*m.ProductSku, *m.ProductDiscount, *m.CouponUser, decimal.Decimal, decimal.Decimal, decimal.Decimal, error) {
+	if count <= 0 {
+		return nil, nil, nil, decimal.Zero, decimal.Zero, decimal.Zero, core.NewBizErr("购买数量必须大于 0")
+	}

 	sku, err := q.ProductSku.
 		Joins(q.ProductSku.Discount).
@@ -153,7 +157,11 @@ func (s *resourceService) CalcPrice(skuCode string, count int32, user *m.User, c
 		Take()
 	if err != nil {
 		slog.Debug("查询产品失败", "skuCode", skuCode)
-		return nil, nil, nil, decimal.Zero, decimal.Zero, decimal.Zero, core.NewBizErr(fmt.Sprintf("产品不可用", skuCode), err)
+		return nil, nil, nil, decimal.Zero, decimal.Zero, decimal.Zero, core.NewBizErr("产品不可用", err)
+	}
+
+	if count < sku.CountMin {
+		return nil, nil, nil, decimal.Zero, decimal.Zero, decimal.Zero, core.NewBizErr(fmt.Sprintf("购买数量不能少于 %d", sku.CountMin))
 	}

 	// 原价
@@ -163,7 +171,7 @@ func (s *resourceService) CalcPrice(skuCode string, count int32, user *m.User, c
 	// 折扣价
 	discount := sku.Discount
 	if discount == nil {
-		return nil, nil, nil, decimal.Zero, decimal.Zero, decimal.Zero, core.NewServErr("价格查询失败", err)
+		return nil, nil, nil, decimal.Zero, decimal.Zero, decimal.Zero, core.NewServErr("产品未配置折扣", err)
 	}

 	discountRate := discount.Rate()
@@ -201,7 +209,7 @@ func (s *resourceService) CalcPrice(skuCode string, count int32, user *m.User, c
 		couponApplied = amountMin.Copy()
 	}

-	return sku, discount, coupon, amount, discounted, couponApplied, nil
+	return sku, discount, coupon, amount.RoundCeil(2), discounted.RoundCeil(2), couponApplied.RoundCeil(2), nil
 }

 type CreateResourceData struct {
--- a/web/services/user.go
+++ b/web/services/user.go
@@ -88,6 +88,9 @@ type UpdateBalanceData struct {
 }

 func (data *UpdateBalanceData) TradeDetail(user *m.User) (*TradeDetail, error) {
+	if data.Amount <= 0 {
+		return nil, core.NewBizErr("充值金额必须大于0")
+	}
 	amount := decimal.NewFromInt(int64(data.Amount)).Div(decimal.NewFromInt(100))
 	return &TradeDetail{
 		data,
--- a/web/tasks/task.go
+++ b/web/tasks/task.go
@@ -13,6 +13,7 @@ import (
 )

 func HandleCompleteTrade(_ context.Context, task *asynq.Task) error {
+	slog.Info("[event]尝试结束交易")
 	var event events.CloseTradeData
 	if err := json.Unmarshal(task.Payload(), &event); err != nil {
 		return fmt.Errorf("解析任务参数失败: %w", err)
@@ -30,11 +31,11 @@ func HandleCompleteTrade(_ context.Context, task *asynq.Task) error {
 	}

 	if err := s.Trade.CompleteTrade(user, &data); err != nil {
-		slog.Debug("完成交易失败[异步结束订单]", "err", err)
+		slog.Debug("结束交易失败:完成交易失败", "err", err)

 		// 交易无法完成，关闭交易
 		if err := s.Trade.CancelTrade(&data); err != nil {
-			return fmt.Errorf("取消交易失败[异步结束订单]: %w", err)
+			return fmt.Errorf("结束交易失败:取消交易失败: %w", err)
 		}
 	}

@@ -43,6 +44,8 @@ func HandleCompleteTrade(_ context.Context, task *asynq.Task) error {

 func HandleRemoveChannel(_ context.Context, task *asynq.Task) (err error) {
 	batch := string(task.Payload())
+	slog.Info("[event]删除通道", "batch", batch)
+
 	err = s.Channel.RemoveChannels(batch)
 	if err != nil {
 		return fmt.Errorf("删除通道失败: %w", err)
--- a/web/web.go
+++ b/web/web.go
@@ -85,6 +85,7 @@ func RunTask(ctx context.Context) error {
 		ErrorHandler: asynq.ErrorHandlerFunc(func(ctx context.Context, task *asynq.Task, err error) {
 			slog.Error("任务执行失败", "task", task.Type(), "error", err)
 		}),
+		Logger: &AppAsynqLogger{},
 	})

 	var mux = asynq.NewServeMux()
@@ -105,3 +106,33 @@ func RunTask(ctx context.Context) error {

 	return nil
 }
+
+type AppAsynqLogger struct{}
+
+func (l *AppAsynqLogger) Debug(args ...any) {
+	slog.Debug("Asynq", anyToAttrs(args)...)
+}
+
+func (l *AppAsynqLogger) Info(args ...any) {
+	slog.Info("Asynq", anyToAttrs(args)...)
+}
+
+func (l *AppAsynqLogger) Warn(args ...any) {
+	slog.Warn("Asynq", anyToAttrs(args)...)
+}
+
+func (l *AppAsynqLogger) Error(args ...any) {
+	slog.Error("Asynq", anyToAttrs(args)...)
+}
+
+func (l *AppAsynqLogger) Fatal(args ...any) {
+	slog.Error("Asynq[Fatal]", anyToAttrs(args)...)
+}
+
+func anyToAttrs(args ...any) []any {
+	attrs := make([]any, len(args))
+	for i, arg := range args {
+		attrs[i] = slog.Any(fmt.Sprintf("arg%d", i), arg)
+	}
+	return attrs
+}
Author	SHA1	Message	Date
luorijun	80f04c92ec	修复请求错误消息上报问题	2026-05-13 18:07:44 +08:00
luorijun	ccbc6f0b67	完善提取处理流程，解决提取并发问题	2026-05-13 16:17:57 +08:00
luorijun	d273731e31	修复购买数量低于限制的问题	2026-05-11 17:39:22 +08:00
luorijun	65f8ee360b	完善通道管理机制 & 增强 otel 记录字段	2026-05-11 11:04:21 +08:00
luorijun	042c8d1a51	完善 otel 配置	2026-05-08 13:53:47 +08:00
luorijun	a0b0be2b8e	实现定时通道过期清理	2026-05-08 09:33:41 +08:00
luorijun	8fc1d30578	优化白名单与通道提取功能	2026-05-07 12:43:15 +08:00
luorijun	a4d9c28702	实现已发放优惠券的管理接口	2026-04-29 16:59:14 +08:00
luorijun	ccb8db555e	放开提取接口权限	2026-04-28 18:00:24 +08:00
luorijun	e70f2337cb	发放优惠券	2026-04-27 17:13:06 +08:00
luorijun	d59f4ca37f	用户余额查询	2026-04-25 14:15:37 +08:00
luorijun	0edc883084	用户修改套餐 ip 检查功能接口	2026-04-23 13:47:22 +08:00
luorijun	d26106eb00	修复运行边界条件问题	2026-04-22 17:11:55 +08:00
luorijun	6e14ea65d0	套餐白名单检查逻辑 & 检查订单金额	2026-04-21 18:09:53 +08:00
luorijun	982cbb4cab	新增最小购买数量控制 & 购买前检查实名	2026-04-20 16:24:22 +08:00