Fix VPS API key persistence in CyberPanel database

Problem: VPS API keys were generated dynamically but never saved to the database, causing file fix operations to fail with "Invalid token" error. Root Cause: - When CyberPanel runs on VPS, it calls platform's /api/vps/generate-api-key/ - The returned API key was used for scan submission but not persisted - Later file fix operations couldn't validate this API key Solution: - Save VPS API key to ai_scanner_settings table whenever obtained - Modified 4 locations where VPS API key is retrieved: 1. startScan() - Save when initiating a scan 2. getPlatformMonitorUrl() - Save when checking scan status 3. addPaymentMethod() - Save when configuring payment (2 locations) Implementation: - Use get_or_create() to ensure scanner settings exist - Update existing settings if API key is empty or different - Set is_payment_configured=True for VPS accounts (implicit payment) - Continue operation even if saving fails (non-blocking) Result: - VPS API keys are automatically persisted on first use - File fixes work without manual database intervention - All AI Scanner features work seamlessly on VPS instances
2025-10-27 14:25:47 +05:00 · 2025-10-27 14:25:47 +05:00 · 569554e7f0
parent 2cd361a837
commit 569554e7f0
2 changed files with 60 additions and 2 deletions
--- a/aiScanner/aiScannerManager.py
+++ b/aiScanner/aiScannerManager.py
@ -309,6 +309,29 @@ class AIScannerManager:
                    vps_api_key = vps_key_data.get('api_key')
                    free_scans_remaining = vps_key_data.get('free_scans_remaining', 0)
                    self.logger.writeToFile(f'[AIScannerManager.startScan] VPS API key obtained, {free_scans_remaining} free scans remaining')
+
+                    # Save VPS API key to database for future operations (file fixes, etc.)
+                    try:
+                        scanner_settings, created = AIScannerSettings.objects.get_or_create(
+                            admin=admin,
+                            defaults={
+                                'api_key': vps_api_key,
+                                'balance': 0.0000,
+                                'is_payment_configured': True  # VPS accounts have implicit payment
+                            }
+                        )
+
+                        # Update existing settings if API key is different or empty
+                        if not created and (not scanner_settings.api_key or scanner_settings.api_key != vps_api_key):
+                            scanner_settings.api_key = vps_api_key
+                            scanner_settings.is_payment_configured = True
+                            scanner_settings.save()
+                            self.logger.writeToFile(f'[AIScannerManager.startScan] Updated VPS API key in database')
+                        elif created:
+                            self.logger.writeToFile(f'[AIScannerManager.startScan] Saved new VPS API key to database')
+                    except Exception as e:
+                        self.logger.writeToFile(f'[AIScannerManager.startScan] Error saving VPS API key: {str(e)}')
+                        # Continue even if saving fails - scan can still proceed
                else:
                    self.logger.writeToFile(f'[AIScannerManager.startScan] Failed to get VPS API key')
                    return JsonResponse({'success': False, 'error': 'Failed to authenticate VPS for free scans'})
@ -492,6 +515,12 @@ class AIScannerManager:
                        if vps_key_data and vps_key_data.get('api_key'):
                            # Use VPS API key for adding payment method
                            api_key_to_use = vps_key_data.get('api_key')
+
+                            # Save VPS API key to database
+                            scanner_settings.api_key = api_key_to_use
+                            scanner_settings.is_payment_configured = True
+                            scanner_settings.save()
+                            self.logger.writeToFile(f'[AIScannerManager.addPaymentMethod] Saved VPS API key to database')
                        else:
                            return JsonResponse({'success': False, 'error': 'Failed to authenticate VPS'})
                    else:
@ -510,6 +539,15 @@ class AIScannerManager:
                    if vps_key_data and vps_key_data.get('api_key'):
                        # Use VPS API key for adding payment method
                        api_key_to_use = vps_key_data.get('api_key')
+
+                        # Create scanner settings with VPS API key
+                        AIScannerSettings.objects.create(
+                            admin=admin,
+                            api_key=api_key_to_use,
+                            balance=0.0000,
+                            is_payment_configured=True
+                        )
+                        self.logger.writeToFile(f'[AIScannerManager.addPaymentMethod] Created new scanner settings with VPS API key')
                    else:
                        return JsonResponse({'success': False, 'error': 'Failed to authenticate VPS'})
                else:
--- a/aiScanner/views.py
+++ b/aiScanner/views.py
@ -268,6 +268,26 @@ def getPlatformMonitorUrl(request, scan_id):

                    if vps_key_data and vps_key_data.get('api_key'):
                        api_key = vps_key_data.get('api_key')
+
+                        # Save VPS API key to database for future operations
+                        try:
+                            admin = Administrator.objects.get(pk=userID)
+                            scanner_settings, created = AIScannerSettings.objects.get_or_create(
+                                admin=admin,
+                                defaults={
+                                    'api_key': api_key,
+                                    'balance': 0.0000,
+                                    'is_payment_configured': True
+                                }
+                            )
+
+                            if not created and (not scanner_settings.api_key or scanner_settings.api_key != api_key):
+                                scanner_settings.api_key = api_key
+                                scanner_settings.is_payment_configured = True
+                                scanner_settings.save()
+                                logging.writeToFile(f"[AI Scanner] Updated VPS API key in database")
+                        except Exception as save_error:
+                            logging.writeToFile(f"[AI Scanner] Error saving VPS API key: {str(save_error)}")
            except Exception as e:
                pass