openclawd/docfast
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: BUG-046 usage endpoint data leak, BUG-047 copy button, BUG-048 email change links
All checks were successful
Deploy to Production / Deploy to Server (push) Successful in 1m18s
Details

Browse source 
BUG-046 (CRITICAL): getUsageStats() now accepts apiKey param and returns
only that key usage instead of all users. Route passes req.apiKeyInfo.key.

BUG-047: Added visible Copy button to Pro key success page in billing.ts.

BUG-048: Added class="open-email-change" to Change Email links in all
HTML pages so the JS modal opener can find them.
This commit is contained in:
OpenClaw 2026-02-16 18:06:45 +00:00
parent a1d26b85ec
commit b98e8bc253
10 changed files with 24 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
dist/index.js vendored
View file

@ -90,8 +90,8 @@ app.use("/v1/email-change", emailChangeRouter);
app.use("/v1/convert", authMiddleware, usageMiddleware, pdfRateLimitMiddleware, convertRouter);
app.use("/v1/templates", authMiddleware, usageMiddleware, templatesRouter);
// Admin: usage stats
app.get("/v1/usage", authMiddleware, (_req, res) => {
res.json(getUsageStats());
app.get("/v1/usage", authMiddleware, (req, res) => {
res.json(getUsageStats(req.apiKeyInfo?.key));
});
// Admin: concurrency stats
app.get("/v1/concurrency", authMiddleware, (_req, res) => {

11
dist/middleware/usage.js vendored
View file

@ -65,11 +65,14 @@ function trackUsage(key, monthKey) {
saveUsageEntry(key, record).catch((err) => logger.error({ err }, "Failed to save usage entry"));
}
}
export function getUsageStats() {
export function getUsageStats(apiKey) {
const stats = {};
for (const [key, record] of usage) {
const masked = key.slice(0, 8) + "...";
stats[masked] = { count: record.count, month: record.monthKey };
if (apiKey) {
const record = usage.get(apiKey);
if (record) {
const masked = apiKey.slice(0, 8) + "...";
stats[masked] = { count: record.count, month: record.monthKey };
}
}
return stats;
}

2
dist/routes/billing.js vendored
View file

@ -65,7 +65,7 @@ a { color: #4f9; }
<div class="card">
<h1>🎉 Welcome to Pro!</h1>
<p>Your API key:</p>
<div class="key" onclick="navigator.clipboard.writeText('${escapeHtml(keyInfo.key)}')" title="Click to copy">${escapeHtml(keyInfo.key)}</div>
<div class="key" style="position:relative">${escapeHtml(keyInfo.key)}<button onclick="navigator.clipboard.writeText('${escapeHtml(keyInfo.key)}');this.textContent='Copied!';setTimeout(()=>this.textContent='Copy',1500)" style="position:absolute;top:8px;right:8px;background:#4f9;color:#0a0a0a;border:none;border-radius:4px;padding:4px 12px;cursor:pointer;font-size:0.8rem;font-family:system-ui">Copy</button></div>
<p><strong>Save this key!</strong> It won't be shown again.</p>
<p>10,000 PDFs/month All endpoints Priority support</p>
<p><a href="/docs">View API docs </a></p>