401 is universal

No more error user messages
more stupid mistakes (auto reenqueue)
2025-08-08 13:14:54 +02:00 · 2025-08-08 12:58:41 +02:00 · 2025-08-08 12:45:32 +02:00 · 2025-08-08 11:47:48 +02:00 · 2025-08-08 11:42:59 +02:00 · 2025-08-08 02:18:20 +02:00
271 changed files with 33918 additions and 5591 deletions
@@ -1,52 +1,215 @@
-# Copy this file to .env and fill in the values you wish to change. Most already
+# To customize your server, make a copy of this file to `.env` and edit any
-# have sensible defaults.  See config.ts for more details.
+# values you want to change. Be sure to remove the `#` at the beginning of each
 # line you want to modify.
-# PORT=7860
+# All values have reasonable defaults, so you only need to change the ones you
-# SERVER_TITLE=Coom Tunnel
+# want to override.
-# MODEL_RATE_LIMIT=4
+
-# MAX_OUTPUT_TOKENS_OPENAI=300
+# Use production mode unless you are developing locally.
-# MAX_OUTPUT_TOKENS_ANTHROPIC=900
+NODE_ENV=production
 # Detail level of diagnostic logging. (trace | debug | info | warn | error)
 # LOG_LEVEL=info
 # REJECT_DISALLOWED=false
 # REJECT_MESSAGE="This content violates /aicg/'s acceptable use policy."
 # CHECK_KEYS=true
 # TURBO_ONLY=false
 # BLOCKED_ORIGINS=reddit.com,9gag.com
 # BLOCK_MESSAGE="You must be over the age of majority in your country to use this service."
 # BLOCK_REDIRECT="https://roblox.com/"
 # Note: CHECK_KEYS is disabled by default in local development mode, but enabled
 # by default in production mode.
 # Optional settings for user management and access control. See
 # `docs/user-management.md` to learn how to use these.
 # GATEKEEPER=none
 # GATEKEEPER_STORE=memory
 # MAX_IPS_PER_USER=20
 # Optional settings for prompt logging. See docs/logging-sheets.md.
 # PROMPT_LOGGING=false
 # ------------------------------------------------------------------------------
-# The values below are secret -- make sure they are set securely. Do NOT set
+# General settings:
-# them in the .env file of a public repository.
+
-# For Huggingface, set them via the Secrets section in your Space's config UI.
+# The title displayed on the info page.
 # SERVER_TITLE=Coom Tunnel
 # URL for the image displayed on the login page.
 # If not set, no image will be displayed.
 # LOGIN_IMAGE_URL=https://example.com/your-logo.png
 # Whether to enable the token-based or password-based login for the main info page.
 # Defaults to true. Set to false to disable login and make the info page public.
 # ENABLE_INFO_PAGE_LOGIN=true
 # Authentication mode for the service info page. (token | password)
 # If 'token', any valid user token is used (requires GATEKEEPER='user_token' mode).
 # If 'password', SERVICE_INFO_PASSWORD is used.
 # Defaults to 'token' if ENABLE_INFO_PAGE_LOGIN is true.
 # SERVICE_INFO_AUTH_MODE=token
 # Password for the service info page if SERVICE_INFO_AUTH_MODE is 'password'.
 # SERVICE_INFO_PASSWORD=your-service-info-password
 # The route name used to proxy requests to APIs, relative to the Web site root.
 # PROXY_ENDPOINT_ROUTE=/proxy
 # Text model requests allowed per minute per user.
 # TEXT_MODEL_RATE_LIMIT=4
 # Image model requests allowed per minute per user.
 # IMAGE_MODEL_RATE_LIMIT=2
 # Max number of context tokens a user can request at once.
 # Increase this if your proxy allow GPT 32k or 128k context
 # MAX_CONTEXT_TOKENS_OPENAI=32768
 # MAX_CONTEXT_TOKENS_ANTHROPIC=32768
 # Max number of output tokens a user can request at once.
 # MAX_OUTPUT_TOKENS_OPENAI=1024
 # MAX_OUTPUT_TOKENS_ANTHROPIC=1024
 # Whether to show the estimated cost of consumed tokens on the info page.
 # SHOW_TOKEN_COSTS=false
 # Whether to automatically check API keys for validity.
 # Disabled by default in local development mode, but enabled in production.
 # CHECK_KEYS=true
 # Which model types users are allowed to access.
 # The following model families are recognized:
 # turbo | gpt4 | gpt4-32k | gpt4-turbo | gpt4o | o1 | dall-e | claude
 # | claude-opus | gemini-flash | gemini-pro | gemini-ultra | mistral-tiny |
 # | mistral-small | mistral-medium | mistral-large | aws-claude |
 # | aws-claude-opus | gcp-claude | gcp-claude-opus | azure-turbo | azure-gpt4
 # | azure-gpt4-32k | azure-gpt4-turbo | azure-gpt4o | azure-o1 | azure-dall-e
 # | azure-gpt45 | azure-o1-mini | azure-o3-mini | deepseek | xai | o3 | o4-mini | gpt41 | gpt41-mini | gpt41-nano
 # By default, all models are allowed
 # To dissalow any, uncomment line below and edit
 # ALLOWED_MODEL_FAMILIES=turbo,gpt4,gpt4-32k,gpt45,gpt4-turbo,gpt4o,claude,claude-opus,gemini-flash,gemini-pro,gemini-ultra,mistral-tiny,mistral-small,mistral-medium,mistral-large,aws-claude,aws-claude-opus,gcp-claude,gcp-claude-opus,azure-turbo,azure-gpt4,azure-gpt4-32k,azure-gpt4-turbo,azure-gpt4o,azure-gpt45,azure-o1-mini,azure-o3-mini,deepseek
 # Which services can be used to process prompts containing images via multimodal
 # models. The following services are recognized:
 # openai | anthropic | aws | gcp | azure | google-ai | mistral-ai | xai
 # Do not enable this feature unless all users are trusted, as you will be liable
 # for any user-submitted images containing illegal content.
 # By default, no image services are allowed and image prompts are rejected.
 # ALLOWED_VISION_SERVICES=
 # Whether prompts should be logged to Google Sheets.
 # Requires additional setup. See `docs/google-sheets.md` for more information.
 # PROMPT_LOGGING=false
 # Specifies the number of proxies or load balancers in front of the server.
 # For Cloudflare or Hugging Face deployments, the default of 1 is correct.
 # For any other deployments, please see config.ts as the correct configuration
 # depends on your setup. Misconfiguring this value can result in problems
 # accurately tracking IP addresses and enforcing rate limits.
 # TRUSTED_PROXIES=1
 # Whether cookies should be set without the Secure flag, for hosts that don't
 # support SSL. True by default in development, false in production.
 # USE_INSECURE_COOKIES=false
 # Reorganizes requests in the queue according to their token count, placing
 # larger prompts further back. The penalty is determined by (promptTokens *
 # TOKENS_PUNISHMENT_FACTOR). A value of 1.0 adds one second per 1000 tokens.
 # When there is no queue or it is very short, the effect is negligible (this
 # setting only reorders the queue, it does not artificially delay requests).
 # TOKENS_PUNISHMENT_FACTOR=0.0
 # Captcha verification settings. Refer to docs/pow-captcha.md for guidance.
 # CAPTCHA_MODE=none
 # POW_TOKEN_HOURS=24
 # POW_TOKEN_MAX_IPS=2
 # POW_DIFFICULTY_LEVEL=low
 # POW_CHALLENGE_TIMEOUT=30
 # -------------------------------------------------------------------------------
 # Blocking settings:
 # Allows blocking requests depending on content, referers, or IP addresses.
 # This is a convenience feature; if you need more robust functionality it is
 # highly recommended to put this application behind nginx or Cloudflare, as they
 # will have better performance.
 # IP addresses or CIDR blocks from which requests will be blocked.
 # IP_BLACKLIST=10.0.0.1/24
 # URLs from which requests will be blocked.
 # BLOCKED_ORIGINS=reddit.com,9gag.com
 # Message to show when requests are blocked.
 # BLOCK_MESSAGE="You must be over the age of majority in your country to use this service."
 # Destination to redirect blocked requests to.
 # BLOCK_REDIRECT="https://roblox.com/"
 # Comma-separated list of phrases that will be rejected. Surround phrases with
 # quotes if they contain commas. You can use regular expression tokens.
 # Avoid overly broad phrases as will trigger on any match in the entire prompt.
 # REJECT_PHRASES="phrase one,phrase two,"phrase three, which has a comma",phrase four"
 # Message to show when requests are rejected.
 # REJECT_MESSAGE="You can't say that here."
 # ------------------------------------------------------------------------------
 # Optional settings for user management, access control, and quota enforcement:
 # See `docs/user-management.md` for more information and setup instructions.
 # See `docs/user-quotas.md` to learn how to set up quotas.
 # Which access control method to use. (none | proxy_key | user_token)
 # GATEKEEPER=none
 # Which persistence method to use. (memory | firebase_rtdb | sqlite)
 # GATEKEEPER_STORE=memory
 # If using sqlite store, path to the SQLite database file for user data.
 # Defaults to data/user-store.sqlite in the project directory.
 # SQLITE_USER_STORE_PATH=data/user-store.sqlite3
 # Maximum number of unique IPs a user can connect from. (0 for unlimited)
 # MAX_IPS_PER_USER=0
 # Whether user_tokens should be automatically disabled when reaching the IP limit.
 # MAX_IPS_AUTO_BAN=true
 # With user_token gatekeeper, whether to allow users to change their nickname.
 # ALLOW_NICKNAME_CHANGES=true
 # Default token quotas for each model family. (0 for unlimited)
 # Specify as TOKEN_QUOTA_MODEL_FAMILY=value (replacing dashes with underscores).
 # eg. TOKEN_QUOTA_TURBO=0, TOKEN_QUOTA_GPT4=1000000, TOKEN_QUOTA_GPT4_32K=100000
 # "Tokens" for image-generation models are counted at a rate of 100000 tokens
 # per US$1.00 generated, which is similar to the cost of GPT-4 Turbo.
 # DALL-E 3 costs around US$0.10 per image (10000 tokens).
 # See `docs/dall-e-configuration.md` for more information.
 # TOKEN_QUOTA_DALL_E=0
 # How often to refresh token quotas. (hourly | daily)
 # Leave unset to never automatically refresh quotas.
 # QUOTA_REFRESH_PERIOD=daily
 # -------------------------------------------------------------------------------
 # HTTP agent settings:
 # If you need to change how the proxy makes requests to other servers, such
 # as when checking keys or forwarding users' requests to external services,
 # you can configure an alternative HTTP agent. Otherwise the default OS settings
 # will be used.
 # The name of the network interface to use. The first external IPv4 address
 # belonging to this interface will be used for outgoing requests.
 # HTTP_AGENT_INTERFACE=enp0s3
 # The URL of a proxy server to use. Supports SOCKS4, SOCKS5, HTTP, and HTTPS.
 # Note that if your proxy server issues a self-signed certificate, you may need
 # NODE_EXTRA_CA_CERTS set to the path to your certificate. You will need to set
 # that variable in your environment, not in this file.
 # HTTP_AGENT_PROXY_URL=http://test:test@127.0.0.1:8000
 # ------------------------------------------------------------------------------
 # Secrets and keys:
 # For Huggingface, set them via the Secrets section in your Space's config UI. Dp not set them in .env.
 # For Render, create a "secret file" called .env using the Environment tab.
-# You can add multiple keys by separating them with a comma.
+# You can add multiple API keys by separating them with a comma.
 # For AWS credentials, separate the access key ID, secret key, and region with a colon.
 # For GCP credentials, separate the project ID, client email, region, and private key with a colon.
 OPENAI_KEY=sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 ANTHROPIC_KEY=sk-ant-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 GOOGLE_AI_KEY=AIzaxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 # See `docs/aws-configuration.md` for more information, there may be additional steps required to set up AWS.
 AWS_CREDENTIALS=myaccesskeyid:mysecretkey:us-east-1,anotheraccesskeyid:anothersecretkey:us-west-2
 # See `docs/azure-configuration.md` for more information, there may be additional steps required to set up Azure.
 AZURE_CREDENTIALS=azure-resource-name:deployment-id:api-key,another-azure-resource-name:another-deployment-id:another-api-key
 GCP_CREDENTIALS=project-id:client-email:region:private-key
-# You can require a Bearer token for requests when using proxy_token gatekeeper.
+# With proxy_key gatekeeper, the password users must provide to access the API.
 # PROXY_KEY=your-secret-key
-# You can set an admin key for user management when using user_token gatekeeper.
+# With user_token gatekeeper, the admin password used to manage users.
 # ADMIN_KEY=your-very-secret-key
 # Restrict access to the admin interface to specific IP addresses, specified
 # as a comma-separated list of CIDR ranges.
 # ADMIN_WHITELIST=0.0.0.0/0
-# These are used to persist user data to Firebase across restarts.
+# With firebase_rtdb gatekeeper storage, the Firebase project credentials.
 # FIREBASE_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 # FIREBASE_RTDB_URL=https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.firebaseio.com
-# These are used to log prompts to Google Sheets.
+# With prompt logging, the Google Sheets credentials.
 # GOOGLE_SHEETS_SPREADSHEET_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 # GOOGLE_SHEETS_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
@@ -1,6 +1,11 @@
-.env
+.aider*
 .env*
 !.env.vault
 .venv
 .vscode
 .idea
 build
 greeting.md
 node_modules
 .windsurfrules
 http-client.private.env.json
@@ -0,0 +1,4 @@
 #!/usr/bin/env sh
 . "$(dirname -- "$0")/_/husky.sh"
 npm run type-check
@@ -0,0 +1,13 @@
 {
  "plugins": ["prettier-plugin-ejs"],
  "overrides": [
    {
      "files": "*.ejs",
      "options": {
        "printWidth": 120,
        "bracketSameLine": true
      }
    }
  ],
  "trailingComma": "es5"
 }
@@ -0,0 +1,33 @@
 You are a Senior Full Stack Developer and an Expert in ReactJS, NextJS, JavaScript, TypeScript, HTML, CSS and modern UI/UX frameworks (e.g., TailwindCSS, Shadcn, Radix). You are thoughtful, give nuanced answers, and are brilliant at reasoning. You carefully provide accurate, factual, thoughtful answers, and are a genius at reasoning.
 - Follow the user’s requirements carefully & to the letter.
 - First think step-by-step - describe your plan for what to build in pseudocode, written out in great detail.
 - Confirm, then write code!
 - Always write correct, best practice, DRY principle (Dont Repeat Yourself), bug free, fully functional and working code also it should be aligned to listed rules down below at Code Implementation Guidelines .
 - Focus on easy and readability code, over being performant.
 - Fully implement all requested functionality.
 - Leave NO todo’s, placeholders or missing pieces.
 - Ensure code is complete! Verify thoroughly finalised.
 - Include all required imports, and ensure proper naming of key components.
 - Be concise Minimize any other prose.
 - If you think there might not be a correct answer, you say so.
 - If you do not know the answer, say so, instead of guessing.
 ### Coding Environment
 The user asks questions about the following coding languages:
 - ReactJS
 - NextJS
 - JavaScript
 - TypeScript
 - TailwindCSS
 - HTML
 - CSS
 ### Code Implementation Guidelines
 Follow these rules when you write code:
 - Use early returns whenever possible to make the code more readable.
 - Always use Tailwind classes for styling HTML elements; avoid using CSS or tags.
 - Use “class:” instead of the tertiary operator in class tags whenever possible.
 - Use descriptive variable and function/const names. Also, event functions should be named with a “handle” prefix, like “handleClick” for onClick and “handleKeyDown” for onKeyDown.
 - Implement accessibility features on elements. For example, a tag should have a tabindex=“0”, aria-label, on:click, and on:keydown, and similar attributes.
 - Use consts instead of functions, for example, “const toggle = () =>”. Also, define a type if possible.
@@ -0,0 +1,321 @@
 # Project Codebase Guide
 This document serves as a guide and index for the project codebase, designed to help developers and AI agents quickly understand its structure, components, and how to contribute.
 ## Table of Contents
 1.  [Project Overview](#project-overview)
 2.  [Directory Structure](#directory-structure)
 3.  [Core Components](#core-components)
    *   [Configuration (`src/config.ts`)](#configuration)
    *   [Server Entry Point (`src/server.ts`)](#server-entry-point)
    *   [Proxy Layer (`src/proxy/`)](#proxy-layer)
    *   [User Management (`src/user/`)](#user-management)
    *   [Admin Interface (`src/admin/`)](#admin-interface)
    *   [Shared Utilities (`src/shared/`)](#shared-utilities)
 4.  [Proxy Functionality](#proxy-functionality)
    *   [Routing (`src/proxy/routes.ts`)](#proxy-routing)
    *   [Supported Models & Providers](#supported-models--providers)
    *   [Middleware (`src/proxy/middleware/`)](#proxy-middleware)
    *   [Adding New Models](#adding-new-models)
    *   [Adding New APIs/Providers](#adding-new-apisproviders)
 5.  [Model Management](#model-management)
    *   [Model Family Definitions](#model-family-definitions)
    *   [Adding OpenAI Models](#adding-openai-models)
    *   [Model Mapping & Routing](#model-mapping--routing)
    *   [Service Information](#service-information)
    *   [Step-by-Step Guide for Adding a New Model](#step-by-step-guide-for-adding-a-new-model)
    *   [Model Patterns and Versioning](#model-patterns-and-versioning)
    *   [Response Format Handling](#response-format-handling)
 6.  [Key Management](#key-management)
    *   [Key Pool System](#key-pool-system)
    *   [Provider-Specific Key Management](#provider-specific-key-management)
    *   [Key Rotation and Health Checks](#key-rotation-and-health-checks)
 7.  [Data Management](#data-management)
    *   [Database (`src/shared/database/`)](#database)
    *   [File Storage (`src/shared/file-storage/`)](#file-storage)
 8.  [Authentication & Authorization](#authentication--authorization)
 9.  [Logging & Monitoring](#logging--monitoring)
 10. [Deployment](#deployment)
 11. [Contributing](#contributing)
 ## Project Overview
 This project provides a proxy layer for various Large Language Models (LLMs) and potentially other AI APIs. It aims to offer a unified interface, manage API keys securely, handle rate limiting, usage tracking, and potentially add features like response caching or prompt modification.
 ## Directory Structure
 ```
 .
 ├── .env.example          # Example environment variables
 ├── .gitattributes        # Git attributes
 ├── .gitignore            # Git ignore rules
 ├── .husky/               # Git hooks
 ├── .prettierrc           # Code formatting rules
 ├── CODEBASE_GUIDE.md     # This file
 ├── README.md             # Project README
 ├── data/                 # Data files (e.g., SQLite DB)
 ├── docker/               # Docker configuration
 ├── docs/                 # Documentation files
 ├── http-client.env.json  # HTTP client environment
 ├── package-lock.json     # NPM lock file
 ├── package.json          # Project dependencies and scripts
 ├── patches/              # Patches for dependencies
 ├── public/               # Static assets served by the web server
 ├── render.yaml           # Render deployment configuration
 ├── scripts/              # Utility scripts
 ├── src/                  # Source code
 │   ├── admin/            # Admin interface logic
 │   ├── config.ts         # Application configuration
 │   ├── info-page.ts      # Logic for the info page
 │   ├── logger.ts         # Logging setup
 │   ├── proxy/            # Core proxy logic for different providers
 │   ├── server.ts         # Express server setup and main entry point
 │   ├── service-info.ts   # Service information logic
 │   ├── shared/           # Shared utilities, types, and modules
 │   └── user/             # User management logic
 ├── tsconfig.json         # TypeScript configuration
 ```
 ## Core Components
 ### Configuration (`src/config.ts`)
 *   Loads environment variables and defines application settings.
 *   Contains configuration for database connections, API keys (placeholders/retrieval methods), logging levels, rate limits, etc.
 *   Uses `dotenv` and potentially a schema validation library (like Zod) to ensure required variables are present.
 ### Server Entry Point (`src/server.ts`)
 *   Initializes the Express application.
 *   Sets up core middleware (e.g., body parsing, CORS, logging).
 *   Mounts routers for different parts of the application (admin, user, proxy).
 *   Starts the HTTP server.
 ### Proxy Layer (`src/proxy/`)
 *   The heart of the application, handling requests to downstream AI APIs.
 *   Contains individual modules for each supported provider (e.g., `openai.ts`, `anthropic.ts`).
 *   Handles request transformation, authentication against the target API, and response handling.
 *   Uses middleware for common proxy tasks.
 ### User Management (`src/user/`)
 *   Handles user registration, login, session management, and potentially API key generation/management for end-users.
 *   Likely interacts with the database (`src/shared/database/`).
 ### Admin Interface (`src/admin/`)
 *   Provides an interface for administrators to manage users, monitor usage, configure settings, etc.
 *   May have its own set of routes and views.
 ### Shared Utilities (`src/shared/`)
 *   Contains reusable code across different modules.
    *   `api-schemas/`: Zod schemas for API request/response validation.
    *   `database/`: Database connection, schemas (e.g., Prisma), and query logic.
    *   `errors.ts`: Custom error classes.
    *   `key-management/`: Logic for managing API keys (if applicable).
    *   `models.ts`: Core data models/types used throughout the application.
    *   `prompt-logging/`: Logic for logging prompts and responses.
    *   `tokenization/`: Utilities for counting tokens.
    *   `utils.ts`: General utility functions.
 ## Proxy Functionality
 ### Proxy Routing (`src/proxy/routes.ts`)
 *   Defines the API endpoints for the proxy service (e.g., `/v1/chat/completions`).
 *   Maps incoming requests to the appropriate provider-specific handler based on the request path, headers, or body content (e.g., model requested).
 *   Applies relevant middleware (authentication, rate limiting, queuing, etc.).
 ### Supported Models & Providers
 *   **OpenAI:** Handled in `src/proxy/openai.ts`. Supports models like GPT-4, GPT-3.5-turbo, as well as o-series models (o1, o1-mini, o1-pro, o3, o3-mini, o3-pro, o4-mini). Handles chat completions and potentially image generation (`src/proxy/openai-image.ts`).
 *   **Anthropic:** Handled in `src/proxy/anthropic.ts`. Supports Claude models. May use AWS Bedrock (`src/proxy/aws-claude.ts`) or Anthropic's direct API.
 *   **Google AI / Vertex AI:** Handled in `src/proxy/google-ai.ts` and `src/proxy/gcp.ts`. Supports Gemini models (gemini-flash, gemini-pro, gemini-ultra).
 *   **Mistral AI:** Handled in `src/proxy/mistral-ai.ts`. Supports Mistral models via their API or potentially AWS (`src/proxy/aws-mistral.ts`).
 *   **Azure OpenAI:** Handled in `src/proxy/azure.ts`. Provides an alternative endpoint for OpenAI models via Azure.
 *   **Deepseek:** Handled in `src/proxy/deepseek.ts`.
 *   **Xai:** Handled in `src/proxy/xai.ts`.
 *   **AWS (General):** `src/proxy/aws.ts` might contain shared AWS logic (e.g., authentication).
 ### Middleware (`src/proxy/middleware/`)
 *   **`gatekeeper.ts`:** Likely handles initial request validation, authentication, and authorization checks before hitting provider logic. Checks origin (`check-origin.ts`), potentially custom tokens (`check-risu-token.ts`).
 *   **`rate-limit.ts`:** Implements rate limiting logic, potentially per-user or per-key.
 *   **`queue.ts`:** Manages request queuing, possibly to handle concurrency limits or prioritize requests.
 ### Adding New Models
 1.  **Identify the Provider:** Determine if the new model belongs to an existing provider (e.g., a new OpenAI model) or a new one.
 2.  **Update Provider Logic (if existing):**
    *   Modify the relevant provider file (e.g., `src/proxy/openai.ts`).
    *   Update model lists or logic that selects/validates models.
    *   Adjust any request/response transformations if the new model has a different API schema.
    *   Update model information in shared files like `src/shared/models.ts` if necessary.
 3.  **Update Routing (if necessary):** Modify `src/proxy/routes.ts` if the new model requires a different endpoint or routing logic.
 4.  **Configuration:** Add any new API keys or configuration parameters to `.env.example` and `src/config.ts`.
 5.  **Testing:** Add unit or integration tests for the new model.
 ### Adding New APIs/Providers
 1.  **Create Provider Module:** Create a new file in `src/proxy/` (e.g., `src/proxy/new-provider.ts`).
 2.  **Implement Handler:**
    *   Write the core logic to handle requests for this provider. This typically involves:
        *   Receiving the standardized request from the router.
        *   Transforming the request into the format expected by the new provider's API.
        *   Authenticating with the new provider's API (fetching keys from config).
        *   Making the API call (consider using a robust HTTP client like `axios` or `node-fetch`).
        *   Handling streaming responses if applicable (using helpers from `src/shared/streaming.ts`).
        *   Transforming the provider's response back into a standardized format.
        *   Handling errors gracefully.
 3.  **Add Routing:**
    *   Import the new handler in `src/proxy/routes.ts`.
    *   Add new routes or modify existing routing logic to direct requests to the new handler based on model name, path, or other criteria.
    *   Apply necessary middleware (gatekeeper, rate limiter, queue).
 4.  **Create Key Management:**
    *   Create a new directory in `src/shared/key-management/` for the provider.
    *   Implement provider-specific key management (key checkers, token counters).
 5.  **Configuration:**
    *   Add configuration variables (API keys, base URLs) to `.env.example` and `src/config.ts`.
    *   Update `src/config.ts` to load and validate the new variables.
 6.  **Model Information:** Add details about the new provider and its models to `src/shared/models.ts` or similar shared locations.
 7.  **Tokenization (if applicable):** If token counting is needed, add or update tokenization logic in `src/shared/tokenization/`.
 8.  **Testing:** Implement thorough tests for the new provider integration.
 9.  **Documentation:** Update this guide and any other relevant documentation.
 ## Model Management
 ### Model Family Definitions
 *   **Model Family Definitions:** The project uses a family-based approach to group similar models together. These are defined in `src/shared/models.ts`.
 *   Each model is part of a model family (e.g., "gpt4", "claude", "gemini-pro") which helps with routing, key management, and feature support.
 *   The `MODEL_FAMILIES` array contains all supported model families, and the `MODEL_FAMILY_SERVICE` mapping connects each family to its provider service.
 ### Adding OpenAI Models
 When adding new OpenAI models to the codebase, there are several files that must be updated:
 1. **Update Model Types (`src/shared/models.ts`):**
   - Add the new model to the `OpenAIModelFamily` type
   - Add the model to the `MODEL_FAMILIES` array
   - Add the Azure variants for the model if applicable
   - Add the model to `MODEL_FAMILY_SERVICE` mapping
   - Update `OPENAI_MODEL_FAMILY_MAP` with regex patterns to match the model names
 2. **Update Context Size Limits (`src/proxy/middleware/request/preprocessors/validate-context-size.ts`):**
   - Add regex matching for the new model
   - Set the appropriate context token limit for the model
 3. **Update Token Cost Tracking (`src/shared/stats.ts`):**
   - Add pricing information for the new model in the `getTokenCostUsd` function
   - Include both input and output prices in the comments for clarity
 4. **Update Feature Support Checks (`src/proxy/openai.ts`):**
   - If the model supports special features like the reasoning API parameter (`isO1Model` function), update the appropriate function
   - For model feature detection, prefer using regex patterns over explicit lists when possible, as this handles date-stamped versions better
 5. **Update Display Names (`src/info-page.ts`):**
   - Add friendly display names for the new models in the `MODEL_FAMILY_FRIENDLY_NAME` object
 6. **Update Key Management Provider Files:**
   - For OpenAI keys in `src/shared/key-management/openai/provider.ts`, add token counters for the new models
   - For Azure OpenAI keys in `src/shared/key-management/azure/provider.ts`, add token counters for the Azure versions
 ### Model Patterns and Versioning
 The codebase handles several patterns for model naming and versioning:
 1. **Date-stamped Models:** Many models include date stamps (e.g., `gpt-4-0125-preview`). The regex patterns in `OPENAI_MODEL_FAMILY_MAP` account for these with patterns like `^gpt-4o(-\\d{4}-\\d{2}-\\d{2})?$`.
 2. **O-Series Models:** OpenAI's o-series models (o1, o1-mini, o1-pro, o3, o3-mini, o3-pro, o4-mini) follow a different naming convention. The codebase handles these with dedicated model families and regex patterns.
 3. **Preview/Non-Preview Variants:** Some models have preview variants (e.g., `gpt-4.5-preview`). The regex patterns in `OPENAI_MODEL_FAMILY_MAP` account for these with patterns like `^gpt-4\\.5(-preview)?(-\\d{4}-\\d{2}-\\d{2})?$`.
 When adding new models, try to follow the existing patterns for consistency.
 ### Response Format Handling
 The codebase includes special handling for different API response formats:
 1. **Chat vs. Text Completions:** There's transformation logic in `openai.ts` to convert between chat completions and text completions formats (`transformTurboInstructResponse`).
 2. **Newer API Formats:** For newer APIs like the Responses API, there's transformation logic (`transformResponsesApiResponse`) to convert responses to a format compatible with existing clients.
 When adding support for new models or APIs, consider whether transformation is needed to maintain compatibility with existing clients.
 ## Key Management
 ### Key Pool System
 The project uses a sophisticated key pool system (`src/shared/key-management/key-pool.ts`) to manage API keys for different providers. Key features include:
 * **Key Selection:** The system selects the appropriate key based on model family, region preferences, and other criteria.
 * **Rotation:** Keys are rotated to distribute usage and avoid hitting rate limits.
 * **Health Checks:** Keys are checked periodically to ensure they're still valid and within rate limits.
 ### Provider-Specific Key Management
 Each provider has its own key management module in `src/shared/key-management/`:
 * **Key Checkers:** Each provider implements key checkers to validate keys and check their status.
 * **Token Counters:** Providers implement token counting logic specific to their pricing model.
 * **Models Support:** Keys are associated with specific model families they support.
 When adding a new model or provider, you'll need to update or create the appropriate key management files.
 ### Key Rotation and Health Checks
 The key pool system includes logic for:
 * **Rotation Strategy:** Keys are selected based on a prioritization strategy (`prioritize-keys.ts`).
 * **Disabling Unhealthy Keys:** Keys that fail health checks are temporarily disabled.
 * **Rate Limit Awareness:** The system tracks usage to avoid hitting provider rate limits.
 ## Data Management
 ### Database (`src/shared/database/`)
 *   Likely uses Prisma or a similar ORM.
 *   Defines database schemas (e.g., for users, API keys, usage logs).
 *   Provides functions for interacting with the database.
 *   Configuration is managed in `src/config.ts`.
 ### File Storage (`src/shared/file-storage/`)
 *   May be used for storing logs, cached data, or user-uploaded files.
 *   Could integrate with local storage or cloud providers (e.g., S3, GCS).
 ## Authentication & Authorization
 *   **User Auth:** Handled in `src/user/` potentially using sessions (`src/shared/with-session.ts`) or JWTs.
 *   **Proxy Auth:** The `gatekeeper.ts` middleware likely verifies incoming requests to the proxy endpoints. This could involve checking:
    *   Custom API keys stored in the database (`src/shared/database/`).
    *   Specific tokens (`check-risu-token.ts`).
    *   HMAC signatures (`src/shared/hmac-signing.ts`).
    *   Origin checks (`check-origin.ts`).
 *   **Downstream Auth:** Each provider module (`src/proxy/*.ts`) handles authentication with the actual AI service API using keys from the configuration.
 ## Logging & Monitoring
 *   **Logging:** Configured in `src/logger.ts`, likely using a library like `pino` or `winston`. Logs requests, errors, and important events.
 *   **Prompt Logging:** Specific logic for logging prompts and responses might exist in `src/shared/prompt-logging/`.
 *   **Stats/Monitoring:** `src/shared/stats.ts` might handle collecting and exposing application metrics.
 ## Deployment
 *   **Docker:** The project likely includes Docker configuration for containerized deployment.
 *   **Render:** The `render.yaml` file suggests the project is or can be deployed on Render.
 *   **Environment Variables:** The `.env.example` file provides a template for required environment variables in production.
 ## Contributing
 When contributing to this project:
 1. **Follow Coding Standards:** Use the established patterns and standards in the codebase. The `.prettierrc` file defines code formatting rules.
 2. **Update Documentation:** Keep this guide updated when adding new components or changing existing ones.
 3. **Add Tests:** Ensure your changes are tested appropriately.
 4. **Update Configuration:** If your changes require new environment variables, update `.env.example`.
 *This guide provides a high-level overview. For detailed information, refer to the specific source code files.* 
@@ -1,42 +1,72 @@
-# OAI Reverse Proxy
+# OAI Reverse Proxy - just a shitty fork
-
+Reverse proxy server for various LLM APIs.
 Reverse proxy server for the OpenAI and Anthropic APIs. Forwards text generation requests while rejecting administrative/billing requests. Includes optional rate limiting and prompt filtering to prevent abuse.
 ### Table of Contents
- [What is this?](#what-is-this)
+<!-- TOC -->
- [Why?](#why)
+* [OAI Reverse Proxy](#oai-reverse-proxy)
- [Usage Instructions](#setup-instructions)
+    * [Table of Contents](#table-of-contents)
-  - [Deploy to Huggingface (Recommended)](#deploy-to-huggingface-recommended)
+  * [What is this?](#what-is-this)
-  - [Deploy to Repl.it (WIP)](#deploy-to-replit-wip)
+  * [Features](#features)
- [Local Development](#local-development)
+  * [Usage Instructions](#usage-instructions)
    * [Personal Use (single-user)](#personal-use-single-user)
      * [Updating](#updating)
      * [Local Development](#local-development)
    * [Self-hosting](#self-hosting)
  * [Building](#building)
  * [Forking](#forking)
 <!-- TOC -->
 ## What is this?
-If you would like to provide a friend access to an API via keys you own, you can use this to keep your keys safe while still allowing them to generate text with the API. You can also use this if you'd like to build a client-side application which uses the OpenAI or Anthropic APIs, but don't want to build your own backend. You should never embed your real API keys in a client-side application. Instead, you can have your frontend connect to this reverse proxy and forward requests to the downstream service.
+This project allows you to run a reverse proxy server for various LLM APIs.
-This keeps your keys safe and allows you to use the rate limiting and prompt filtering features of the proxy to prevent abuse.
+## Features
-
+- [x] Support for multiple APIs
-## Why?
+  - [x] [OpenAI](https://openai.com/)
-OpenAI keys have full account permissions. They can revoke themselves, generate new keys, modify spend quotas, etc. **You absolutely should not share them, post them publicly, nor embed them in client-side applications as they can be easily stolen.**
+  - [x] [Anthropic](https://www.anthropic.com/)
-
+  - [x] [AWS Bedrock](https://aws.amazon.com/bedrock/) (Claude4 is fucked, dont care)
-This proxy only forwards text generation requests to the downstream service and rejects requests which would otherwise modify your account. 
+  - [x] [Vertex AI (GCP)](https://cloud.google.com/vertex-ai/)
-
+  - [x] [Google MakerSuite/Gemini API](https://ai.google.dev/)
---
+  - [x] [Azure OpenAI](https://azure.microsoft.com/en-us/products/ai-services/openai-service)
 - [x] Translation from OpenAI-formatted prompts to any other API, including streaming responses
 - [x] Multiple API keys with rotation and rate limit handling
 - [x] Basic user management
  - [x] Simple role-based permissions
  - [x] Per-model token quotas
  - [x] Temporary user accounts
 - [x] Event audit logging
 - [x] Optional full logging of prompts and completions
 - [x] Abuse detection and prevention
  - [x] IP address and user token model invocation rate limits
  - [x] IP blacklists
  - [x] Proof-of-work challenge for access by anonymous users
 ## Usage Instructions
-If you'd like to run your own instance of this proxy, you'll need to deploy it somewhere and configure it with your API keys. A few easy options are provided below, though you can also deploy it to any other service you'd like.
+If you'd like to run your own instance of this server, you'll need to deploy it somewhere and configure it with your API keys. A few easy options are provided below, though you can also deploy it to any other service you'd like if you know what you're doing and the service supports Node.js.
-### Deploy to Huggingface (Recommended)
+### Personal Use (single-user)
-[See here for instructions on how to deploy to a Huggingface Space.](./docs/deploy-huggingface.md)
+If you just want to run the proxy server to use yourself without hosting it for others:
-
+1. Install [Node.js](https://nodejs.org/en/download/) >= 18.0.0
-### Deploy to Render
+2. Clone this repository
 [See here for instructions on how to deploy to Render.com.](./docs/deploy-render.md)
 ## Local Development
 To run the proxy locally for development or testing, install Node.js >= 18.0.0 and follow the steps below.
 1. Clone the repo
 2. Install dependencies with `npm install`
 3. Create a `.env` file in the root of the project and add your API keys. See the [.env.example](./.env.example) file for an example.
-4. Start the server in development mode with `npm run start:dev`.
+4. Install dependencies with `npm install`
 5. Run `npm run build`
 6. Run `npm start`
-You can also use `npm run start:dev:tsc` to enable project-wide type checking at the cost of slower startup times. `npm run type-check` can be used to run type checking without starting the server.
+#### Updating
 You must re-run `npm install` and `npm run build` whenever you pull new changes from the repository.
 #### Local Development
 Use `npm run start:dev` to run the proxy in development mode with watch mode enabled. Use `npm run type-check` to run the type checker across the project.
 ### Self-hosting
 [See here for instructions on how to self-host the application on your own VPS or local machine and expose it to the internet for others to use.](./docs/self-hosting.md)
 **Ensure you set the `TRUSTED_PROXIES` environment variable according to your deployment.** Refer to [.env.example](./.env.example) and [config.ts](./src/config.ts) for more information.
 ## Building
 To build the project, run `npm run build`. This will compile the TypeScript code to JavaScript and output it to the `build` directory. You should run this whenever you pull new changes from the repository.
 Note that if you are trying to build the server on a very memory-constrained (<= 1GB) VPS, you may need to run the build with `NODE_OPTIONS=--max_old_space_size=2048 npm run build` to avoid running out of memory during the build process, assuming you have swap enabled.  The application itself should run fine on a 512MB VPS for most reasonable traffic levels.
 ## Forking
 If you are forking the repository on GitGud, you may wish to disable GitLab CI/CD or you will be spammed with emails about failed builds due not having any CI runners. You can do this by going to *Settings > General > Visibility, project features, permissions* and then disabling the "CI/CD" feature.
@@ -0,0 +1,2 @@
 *
 !.gitkeep
@@ -0,0 +1,21 @@
 stages:
  - build
 build_image:
  stage: build
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  script:
    - |
      if [ "$CI_COMMIT_REF_NAME" = "main" ]; then
        TAG="latest"
      else
        TAG=$CI_COMMIT_REF_NAME
      fi
    - echo "Building image with tag $TAG"
    - BASE64_AUTH=$(echo -n "$DOCKER_HUB_USERNAME:$DOCKER_HUB_ACCESS_TOKEN" | base64)
    - echo "{\"auths\":{\"https://index.docker.io/v1/\":{\"auth\":\"$BASE64_AUTH\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docker/ci/Dockerfile --destination docker.io/khanonci/oai-reverse-proxy:$TAG --build-arg CI_COMMIT_REF_NAME=$CI_COMMIT_REF_NAME --build-arg CI_COMMIT_SHA=$CI_COMMIT_SHA --build-arg CI_PROJECT_PATH=$CI_PROJECT_PATH
  only:
    - main
@@ -0,0 +1,22 @@
 FROM node:18-bullseye-slim
 WORKDIR /app
 COPY . .
 RUN npm ci
 RUN npm run build
 RUN npm prune --production
 EXPOSE 7860
 ENV PORT=7860
 ENV NODE_ENV=production
 ARG CI_COMMIT_REF_NAME
 ARG CI_COMMIT_SHA
 ARG CI_PROJECT_PATH
 ENV GITGUD_BRANCH=$CI_COMMIT_REF_NAME
 ENV GITGUD_COMMIT=$CI_COMMIT_SHA
 ENV GITGUD_PROJECT=$CI_PROJECT_PATH
 CMD [ "npm", "start" ]
@@ -0,0 +1,17 @@
 # Before running this, create a .env and greeting.md file.
 # Refer to .env.example for the required environment variables.
 # User-generated content is stored in the data directory.
 # When self-hosting, it's recommended to run this behind a reverse proxy like
 # nginx or Caddy to handle SSL/TLS and rate limiting. Refer to
 # docs/self-hosting.md for more information and an example nginx config.
 version: '3.8'
 services:
  oai-reverse-proxy:
    image: khanonci/oai-reverse-proxy:latest
    ports:
      - "127.0.0.1:7860:7860"
    env_file:
      - ./.env
    volumes:
      - ./greeting.md:/app/greeting.md
      - ./data:/app/data
@@ -3,9 +3,13 @@ RUN apt-get update && \
    apt-get install -y git
 RUN git clone https://gitgud.io/khanon/oai-reverse-proxy.git /app
 WORKDIR /app
 RUN chown -R 1000:1000 /app
 USER 1000
 RUN npm install
 COPY Dockerfile greeting.md* .env* ./
 RUN npm run build
 EXPOSE 7860
 ENV NODE_ENV=production
 # Huggigface free VMs have 16GB of RAM so we can be greedy
 ENV NODE_OPTIONS="--max-old-space-size=12882"
 CMD [ "npm", "start" ]
@@ -17,9 +17,8 @@ ARG GREETING_URL
 RUN if [ -n "$GREETING_URL" ]; then \
    curl -sL "$GREETING_URL" > greeting.md; \
    fi
 COPY package*.json greeting.md* ./
 RUN npm install
 COPY . .
 RUN npm install
 RUN npm run build
 RUN --mount=type=secret,id=_env,dst=/etc/secrets/.env cat /etc/secrets/.env >> .env
 EXPOSE 10000
@@ -1,4 +1,4 @@
-# Shat out by GPT-4, I did not check for correctness beyond a cursory glance
+
 openapi: 3.0.0
 info:
  version: 1.0.0
@@ -26,6 +26,26 @@ paths:
    post:
      summary: Create a new user
      operationId: createUser
      requestBody:
        content:
          application/json:
            schema:
              oneOf:
                - type: object
                  properties:
                    type:
                      type: string
                      enum: ["normal", "special"]
                - type: object
                  properties:
                    type:
                      type: string
                      enum: ["temporary"]
                    expiresAt:
                      type: integer
                      format: int64
                    tokenLimits:
                      $ref: "#/components/schemas/TokenCount"       
      responses:
        "200":
          description: The created user's token
@@ -173,6 +193,21 @@ paths:
                    type: string                    
 components:
  schemas:
    TokenCount:
      type: object
      properties:
        turbo:
          type: integer
          format: int32
        gpt4:
          type: integer
          format: int32
        "gpt4-32k":
          type: integer
          format: int32
        claude:
          type: integer
          format: int32
    User:
      type: object
      properties:
@@ -182,15 +217,18 @@ components:
          type: array
          items:
            type: string
        nickname:
          type: string
        type:
          type: string
          enum: ["normal", "special"]
        promptCount:
          type: integer
          format: int32
-        tokenCount:
+        tokenLimits:
-          type: integer
+          $ref: "#/components/schemas/TokenCount"
-          format: int32
+        tokenCounts:
          $ref: "#/components/schemas/TokenCount"
        createdAt:
          type: integer
          format: int64
@@ -202,3 +240,6 @@ components:
          format: int64
        disabledReason:
          type: string
        expiresAt:
          type: integer
          format: int64
@@ -0,0 +1,58 @@
 # Configuring the proxy for AWS Bedrock
 The proxy supports AWS Bedrock models via the `/proxy/aws/claude` endpoint. There are a few extra steps necessary to use AWS Bedrock compared to the other supported APIs.
 - [Setting keys](#setting-keys)
 - [Attaching policies](#attaching-policies)
 - [Provisioning models](#provisioning-models)
 - [Note regarding logging](#note-regarding-logging)
 ## Setting keys
 Use the `AWS_CREDENTIALS` environment variable to set the AWS API keys.
 Like other APIs, you can provide multiple keys separated by commas. Each AWS key, however, is a set of credentials including the access key, secret key, and region. These are separated by a colon (`:`).
 For example:
 ```
 AWS_CREDENTIALS=AKIA000000000000000:somesecretkey:us-east-1,AKIA111111111111111:anothersecretkey:us-west-2
 ```
 ## Attaching policies
 Unless your credentials belong to the root account, the principal will need to be granted the following permissions:
 - `bedrock:InvokeModel`
 - `bedrock:InvokeModelWithResponseStream`
 - `bedrock:GetModelInvocationLoggingConfiguration`
  - The proxy needs this to determine whether prompt/response logging is enabled. By default, the proxy won't use credentials unless it can conclusively determine that logging is disabled, for privacy reasons.
 Use the IAM console or the AWS CLI to attach these policies to the principal associated with the credentials.
 ## Provisioning models
 AWS does not automatically provide accounts with access to every model. You will need to provision the models you want to use, in the regions you want to use them in. You can do this from the AWS console.
 ⚠️ **Models are region-specific.** Currently AWS only offers Claude in a small number of regions. Switch to the AWS region you want to use, then go to the models page and request access to **Anthropic / Claude**.
 ![](./assets/aws-request-model-access.png)
 Access is generally granted more or less instantly. Once your account has access, you can enable the model by checking the box next to it.
 You can also request Claude Instant, but support for this isn't fully implemented yet.
 ### Supported model IDs
 Users can send these model IDs to the proxy to invoke the corresponding models.
 - **Claude**
  - `anthropic.claude-v1` (~18k context, claude 1.3 -- EOL 2024-02-28)
  - `anthropic.claude-v2` (~100k context, claude 2.0)
  - `anthropic.claude-v2:1` (~200k context, claude 2.1)
 - **Claude Instant**
  - `anthropic.claude-instant-v1` (~100k context, claude instant 1.2)
 ## Note regarding logging
 By default, the proxy will refuse to use keys if it finds that logging is enabled, or if it doesn't have permission to check logging status.
 If you can't attach the `bedrock:GetModelInvocationLoggingConfiguration` policy to the principal, you can set the `ALLOW_AWS_LOGGING` environment variable to `true` to force the proxy to use the keys anyway. A warning will appear on the info page when this is enabled.
@@ -0,0 +1,30 @@
 # Configuring the proxy for Azure
 The proxy supports Azure OpenAI Service via the `/proxy/azure/openai` endpoint. The process of setting it up is slightly different from regular OpenAI.
 - [Setting keys](#setting-keys)
 - [Model assignment](#model-assignment)
 ## Setting keys
 Use the `AZURE_CREDENTIALS` environment variable to set the Azure API keys.
 Like other APIs, you can provide multiple keys separated by commas. Each Azure key, however, is a set of values including the Resource Name, Deployment ID, and API key. These are separated by a colon (`:`).
 For example:
 ```
 AZURE_CREDENTIALS=contoso-ml:gpt4-8k:0123456789abcdef0123456789abcdef,northwind-corp:testdeployment:0123456789abcdef0123456789abcdef
 ```
 ## Model assignment
 Note that each Azure deployment is assigned a model when you create it in the Azure OpenAI Service portal. If you want to use a different model, you'll need to create a new deployment, and therefore a new key to be added to the AZURE_CREDENTIALS environment variable. Each credential only grants access to one model.
 ### Supported model IDs
 Users can send normal OpenAI model IDs to the proxy to invoke the corresponding models. For the most part they work the same with Azure. GPT-3.5 Turbo has an ID of "gpt-35-turbo" because Azure doesn't allow periods in model names, but the proxy should automatically convert this to the correct ID.
 As noted above, you can only use model IDs for which a deployment has been created and added to the proxy.
 ## On content filtering
 Be aware that all Azure OpenAI Service deployments have content filtering enabled by default at a Medium level. Prompts or responses which are deemed to be inappropriate will be rejected by the API. This is a feature of the Azure OpenAI Service and not the proxy.
 You can disable this from deployment's settings within Azure, but you would need to request an exemption from Microsoft for your organization first. See [this page](https://learn.microsoft.com/en-us/azure/ai-services/openai/how-to/content-filters) for more information.
@@ -0,0 +1,71 @@
 # Configuring the proxy for DALL-E
 The proxy supports DALL-E 2 and DALL-E 3 image generation via the `/proxy/openai-images` endpoint. By default it is disabled as it is somewhat expensive and potentially more open to abuse than text generation.
 - [Updating your Dockerfile](#updating-your-dockerfile)
 - [Enabling DALL-E](#enabling-dall-e)
 - [Setting quotas](#setting-quotas)
 - [Rate limiting](#rate-limiting)
 ## Updating your Dockerfile
 If you are using a previous version of the Dockerfile supplied with the proxy, it doesn't have the necessary permissions to let the proxy save temporary files.
 You can replace the entire thing with the new Dockerfile at [./docker/huggingface/Dockerfile](../docker/huggingface/Dockerfile) (or the equivalent for Render deployments).
 You can also modify your existing Dockerfile; just add the following lines after the `WORKDIR` line:
 ```Dockerfile
 # Existing
 RUN git clone https://gitgud.io/khanon/oai-reverse-proxy.git /app
 WORKDIR /app
 # Take ownership of the app directory and switch to the non-root user
 RUN chown -R 1000:1000 /app
 USER 1000
 # Existing
 RUN npm install
 ```
 ## Enabling DALL-E
 Add `dall-e` to the `ALLOWED_MODEL_FAMILIES` environment variable to enable DALL-E. For example:
 ```
 # GPT3.5 Turbo, GPT-4, GPT-4 Turbo, and DALL-E
 ALLOWED_MODEL_FAMILIES=turbo,gpt-4,gpt-4turbo,dall-e
 # All models as of this writing
 ALLOWED_MODEL_FAMILIES=turbo,gpt4,gpt4-32k,gpt4-turbo,claude,gemini-pro,aws-claude,dall-e
 ```
 Refer to [.env.example](../.env.example) for a full list of supported model families. You can add `dall-e` to that list to enable all models.
 ## Setting quotas
 DALL-E doesn't bill by token like text generation models. Instead there is a fixed cost per image generated, depending on the model, image size, and selected quality.
 The proxy still uses tokens to set quotas for users. The cost for each generated image will be converted to "tokens" at a rate of 100000 tokens per US$1.00. This works out to a similar cost-per-token as GPT-4 Turbo, so you can use similar token quotas for both.
 Use `TOKEN_QUOTA_DALL_E` to set the default quota for image generation. Otherwise it works the same as token quotas for other models.
 ```
 # ~50 standard DALL-E images per refresh period, or US$2.00
 TOKEN_QUOTA_DALL_E=200000
 ```
 Refer to [https://openai.com/pricing](https://openai.com/pricing) for the latest pricing information. As of this writing, the cheapest DALL-E 3 image costs $0.04 per generation, which works out to 4000 tokens. Higher resolution and quality settings can cost up to $0.12 per image, or 12000 tokens. 
 ## Rate limiting
 The old `MODEL_RATE_LIMIT` setting has been split into `TEXT_MODEL_RATE_LIMIT` and `IMAGE_MODEL_RATE_LIMIT`. Whatever value you previously set for `MODEL_RATE_LIMIT` will be used for text models.
 If you don't specify a `IMAGE_MODEL_RATE_LIMIT`, it defaults to half of the `TEXT_MODEL_RATE_LIMIT`, to a minimum of 1 image per minute.
 ```
 # 4 text generations per minute, 2 images per minute
 TEXT_MODEL_RATE_LIMIT=4
 IMAGE_MODEL_RATE_LIMIT=2
 ```
 If a prompt is filtered by OpenAI's content filter, it won't count towards the rate limit.
 ## Hiding recent images
 By default, the proxy shows the last 12 recently generated images by users. You can hide this section by setting `SHOW_RECENT_IMAGES` to `false`.
@@ -1,5 +1,7 @@
 # Deploy to Huggingface Space
 **⚠️ This method is no longer recommended.  Please use the [self-hosting instructions](./self-hosting.md) instead.**
 This repository can be deployed to a [Huggingface Space](https://huggingface.co/spaces).  This is a free service that allows you to run a simple server in the cloud.  You can use it to safely share your OpenAI API key with a friend.
 ### 1. Get an API key
@@ -12,12 +14,12 @@ This repository can be deployed to a [Huggingface Space](https://huggingface.co/
 - Provide a name for your Space and select "Docker" as the SDK.  Select "Blank" for the template.
 - Click "Create Space" and wait for the Space to be created.
-![Create Space](huggingface-createspace.png)
+![Create Space](assets/huggingface-createspace.png)
 ### 3. Create an empty Dockerfile
 - Once your Space is created, you'll see an option to "Create the Dockerfile in your browser".  Click that link.
-![Create Dockerfile](huggingface-dockerfile.png)
+![Create Dockerfile](assets/huggingface-dockerfile.png)
 - Paste the following into the text editor and click "Save".
 ```dockerfile
 FROM node:18-bullseye-slim
@@ -25,16 +27,19 @@ RUN apt-get update && \
    apt-get install -y git
 RUN git clone https://gitgud.io/khanon/oai-reverse-proxy.git /app
 WORKDIR /app
 RUN chown -R 1000:1000 /app
 USER 1000
 RUN npm install
 COPY Dockerfile greeting.md* .env* ./
 RUN npm run build
 EXPOSE 7860
 ENV NODE_ENV=production
 ENV NODE_OPTIONS="--max-old-space-size=12882"
 CMD [ "npm", "start" ]
 ```
 - Click "Commit new file to `main`" to save the Dockerfile.
-![Commit](huggingface-savedockerfile.png)
+![Commit](assets/huggingface-savedockerfile.png)
 ### 4. Set your API key as a secret
 - Click the Settings button in the top right corner of your repository.
@@ -82,14 +87,18 @@ MAX_OUTPUT_TOKENS_ANTHROPIC=512
 # Block prompts containing disallowed characters
 REJECT_DISALLOWED=false
 REJECT_MESSAGE="This content violates /aicg/'s acceptable use policy."
 # Show exact quota usage on the Server Info page
 QUOTA_DISPLAY_MODE=full
 ```
 See `.env.example` for a full list of available settings, or check `config.ts` for details on what each setting does.
 ## Restricting access to the server
-If you want to restrict access to the server, you can set a `PROXY_KEY` secret.  This key will need to be passed in the Authentication header of every request to the server, just like an OpenAI API key.
+If you want to restrict access to the server, you can set a `PROXY_KEY` secret.  This key will need to be passed in the Authentication header of every request to the server, just like an OpenAI API key.  Set the `GATEKEEPER` mode to `proxy_key`, and then set the `PROXY_KEY` variable to whatever password you want.
 Add this using the same method as the OPENAI_KEY secret above. Don't add this to your `.env` file because that file is public and anyone can see it.
 Example:
 ```
 GATEKEEPER=proxy_key
 PROXY_KEY=your_secret_password
 ```
@@ -1,5 +1,8 @@
 # Deploy to Render.com
-Render.com offers a free tier that includes 750 hours of compute time per month.  This is enough to run a single proxy instance 24/7.  Instances shut down after 15 minutes without traffic but start up again automatically when a request is received.
+
 **⚠️ This method is no longer supported or recommended and may not work.  Please use the [self-hosting instructions](./self-hosting.md) instead.**
 Render.com offers a free tier that includes 750 hours of compute time per month.  This is enough to run a single proxy instance 24/7.  Instances shut down after 15 minutes without traffic but start up again automatically when a request is received.  You can use something like https://app.checklyhq.com/ to ping your proxy every 15 minutes to keep it alive.
 ### 1. Create account
 - [Sign up for Render.com](https://render.com/) to create an account and access the dashboard.
@@ -28,6 +31,8 @@ The service will be created according to the instructions in the `render.yaml` f
  - For example, `OPENAI_KEY=sk-abc123`.
 - Click **Save Changes**.
 **IMPORTANT:** Set `TRUSTED_PROXIES=3`, otherwise users' IP addresses will not be recorded correctly (the server will see the IP address of Render's load balancer instead of the user's real IP address).
 The service will automatically rebuild and deploy with the new environment variables.  This will take a few minutes.  The link to your deployed proxy will appear at the top of the page.
 If you want to change the URL, go to the **Settings** tab of your Web Service and click the **Edit** button next to **Name**.  You can also set a custom domain, though I haven't tried this yet.
@@ -0,0 +1,35 @@
 # Configuring the proxy for Vertex AI (GCP)
 The proxy supports GCP models via the `/proxy/gcp/claude` endpoint. There are a few extra steps necessary to use GCP compared to the other supported APIs.
 - [Setting keys](#setting-keys)
 - [Setup Vertex AI](#setup-vertex-ai)
 - [Supported model IDs](#supported-model-ids)
 ## Setting keys
 Use the `GCP_CREDENTIALS` environment variable to set the GCP API keys.
 Like other APIs, you can provide multiple keys separated by commas. Each GCP key, however, is a set of credentials including the project id, client email, region and private key. These are separated by a colon (`:`).
 For example:
 ```
 GCP_CREDENTIALS=my-first-project:xxx@yyy.com:us-east5:-----BEGIN PRIVATE KEY-----xxx-----END PRIVATE KEY-----,my-first-project2:xxx2@yyy.com:us-east5:-----BEGIN PRIVATE KEY-----xxx-----END PRIVATE KEY-----
 ```
 ## Setup Vertex AI
 1. Go to [https://cloud.google.com/vertex-ai](https://cloud.google.com/vertex-ai) and sign up for a GCP account. ($150 free credits without credit card or $300 free credits with credit card, credits expire in 90 days)
 2. Go to [https://console.cloud.google.com/marketplace/product/google/aiplatform.googleapis.com](https://console.cloud.google.com/marketplace/product/google/aiplatform.googleapis.com) to enable Vertex AI API.
 3. Go to [https://console.cloud.google.com/vertex-ai](https://console.cloud.google.com/vertex-ai) and navigate to Model Garden to apply for access to the Claude models.
 4. Create a [Service Account](https://console.cloud.google.com/projectselector/iam-admin/serviceaccounts/create?walkthrough_id=iam--create-service-account#step_index=1) , and make sure to grant the role of "Vertex AI User" or "Vertex AI Administrator".
 5. On the service account page you just created, create a new key and select "JSON". The JSON file will be downloaded automatically.
 6. The required credential is in the JSON file you just downloaded.
 ## Supported model IDs
 Users can send these model IDs to the proxy to invoke the corresponding models.
 - **Claude**
  - `claude-3-haiku@20240307`
  - `claude-3-sonnet@20240229`
  - `claude-3-opus@20240229`
  - `claude-3-5-sonnet@20240620`
@@ -0,0 +1,135 @@
 # Proof-of-work Verification
 You can require users to complete a proof-of-work before they can access the
 proxy. This can increase the cost of denial of service attacks and slow down
 automated abuse.
 When configured, users access the challenge UI and request a token. The server
 sends a challenge to the client, which asks the user's browser to find a 
 solution to the challenge that meets a certain constraint (the difficulty
 level). Once the user has found a solution, they can submit it to the server
 and get a user token valid for a period you specify.
 The proof-of-work challenge uses the argon2id hash function.
 ## Configuration
 To enable proof-of-work verification, set the following environment variables:
 ```
 GATEKEEPER=user_token
 CAPTCHA_MODE=proof_of_work
 # Validity of the token in hours
 POW_TOKEN_HOURS=24
 # Max number of IPs that can use a user_token issued via proof-of-work
 POW_TOKEN_MAX_IPS=2
 # The difficulty level of the proof-of-work challenge. You can use one of the
 # predefined levels specified below, or you can specify a custom number of
 # expected hash iterations.
 POW_DIFFICULTY_LEVEL=low
 # The time limit for solving the challenge, in minutes
 POW_CHALLENGE_TIMEOUT=30
 ```
 ## Difficulty Levels
 The difficulty level controls how long, on average, it will take for a user to
 solve the proof-of-work challenge. Due to randomness, the actual time can very
 significantly; lucky users may solve the challenge in a fraction of the average
 time, while unlucky users may take much longer.
 The difficulty level doesn't affect the speed of the hash function itself, only
 the number of hashes that will need to be computed. Therefore, the time required
 to complete the challenge scales linearly with the difficulty level's iteration
 count.
 You can adjust the difficulty level while the proxy is running from the admin
 interface.
 Be aware that there is a time limit for solving the challenge, by default set to
 30 minutes. Above 'high' difficulty, you will probably need to increase the time
 limit or it will be very hard for users with slow devices to find a solution
 within the time limit.
 ### Low
 - Average of 200 iterations required
 - Default setting.
 ### Medium
 - Average of 900 iterations required
 ### High
 - Average of 1900 iterations required
 ### Extreme
 - Average of 4000 iterations required
 - Not recommended unless you are expecting very high levels of abuse
 - May require increasing `POW_CHALLENGE_TIMEOUT`
 ### Custom
 Setting `POW_DIFFICULTY_LEVEL` to an integer will use that number of iterations
 as the difficulty level.
 ## Other challenge settings
 - `POW_CHALLENGE_TIMEOUT`: The time limit for solving the challenge, in minutes.
  Default is 30.
 - `POW_TOKEN_HOURS`: The period of time for which a user token issued via proof-
  of-work can be used. Default is 24 hours. Starts when the challenge is solved.
 - `POW_TOKEN_MAX_IPS`: The maximum number of unique IPs that can use a single
  user token issued via proof-of-work. Default is 2.
 - `POW_TOKEN_PURGE_HOURS`: The period of time after which an expired user token
  issued via proof-of-work will be removed from the database. Until it is
  purged, users can refresh expired tokens by completing a half-difficulty
  challenge. Default is 48 hours.
 - `POW_MAX_TOKENS_PER_IP`: The maximum number of active user tokens that can
  be associated with a single IP address. After this limit is reached, the
  oldest token will be forcibly expired when a new token is issued. Set to 0
  to disable this feature. Default is 0.
 ## Custom argon2id parameters
 You can set custom argon2id parameters for the proof-of-work challenge.
 Generally, you should not need to change these unless you have a specific
 reason to do so.
 The listed values are the defaults.
 ```
 ARGON2_TIME_COST=8
 ARGON2_MEMORY_KB=65536
 ARGON2_PARALLELISM=1
 ARGON2_HASH_LENGTH=32
 ```
 Increasing parallelism will not do much except increase memory consumption for
 both the client and server, because browser proof-of-work implementations are
 single-threaded. It's better to increase the time cost if you want to increase
 the difficulty.
 Increasing memory too much may cause memory exhaustion on some mobile devices,
 particularly on iOS due to the way Safari handles WebAssembly memory allocation.
 ## Tested hash rates
 These were measured with the default argon2id parameters listed above. These
 tests were not at all scientific so take them with a grain of salt.
 Safari does not like large WASM memory usage, so concurrency is limited to 4 to
 avoid overallocating memory on mobile WebKit browsers. Thermal throttling can
 also significantly reduce hash rates on mobile devices.
 - Intel Core i9-13900K (Chrome): 33-35 H/s
 - Intel Core i9-13900K (Firefox): 29-32 H/s
 - Intel Core i9-13900K (Chrome, in VM limited to 4 cores): 12.2 - 13.0 H/s
 - iPad Pro (M2) (Safari, 6 workers): 8.0 - 10 H/s
  - Thermal throttles early. 8 cores is normal concurrency, but unstable.
 - iPhone 15 Pro Max (Safari): 4.0 - 4.6 H/s
 - Samsung Galaxy S10e (Chrome): 3.6 - 3.8 H/s
  - This is a 2019 phone almost matching an iPhone five years newer because of
    bad Safari performance.
@@ -0,0 +1,150 @@
 # Quick self-hosting guide
 Temporary guide for self-hosting. This will be improved in the future to provide more robust instructions and options. Provided commands are for Ubuntu.
 This uses prebuilt Docker images for convenience. If you want to make adjustments to the code you can instead clone the repo and follow the Local Development guide in the [README](../README.md).
 ## Table of Contents
 - [Requirements](#requirements)
 - [Running the application](#running-the-application)
 - [Setting up a reverse proxy](#setting-up-a-reverse-proxy)
  - [trycloudflare](#trycloudflare)
  - [nginx](#nginx)
    - [Example basic nginx configuration (no SSL)](#example-basic-nginx-configuration-no-ssl)
    - [Example with Cloudflare SSL](#example-with-cloudflare-ssl)
 - [Updating/Restarting the application](#updatingrestarting-the-application)
 ## Requirements
 - Docker
 - Docker Compose
 - A VPS with at least 512MB of RAM (1GB recommended)
 - A domain name
 If you don't have a VPS and domain name you can use TryCloudflare to set up a temporary URL that you can share with others. See [trycloudflare](#trycloudflare) for more information.
 ## Running the application
 - Install Docker and Docker Compose
 - Create a new directory for the application
  - This will contain your .env file, greeting file, and any user-generated files
 - Execute the following commands:
  - ```
    touch .env
    touch greeting.md
    echo "OPENAI_KEY=your-openai-key" >> .env
    curl https://gitgud.io/khanon/oai-reverse-proxy/-/raw/main/docker/docker-compose-selfhost.yml -o docker-compose.yml
    ```
  - You can set further environment variables and keys in the `.env` file. See [.env.example](../.env.example) for a list of available options.
  - You can set a custom greeting in `greeting.md`. This will be displayed on the homepage.
 - Run `docker compose up -d`
 You can check logs with `docker compose logs -n 100 -f`.
 The provided docker-compose file listens on port 7860 but binds to localhost only. You should use a reverse proxy to expose the application to the internet as described in the next section.
 ## Setting up a reverse proxy
 Rather than exposing the application directly to the internet, it is recommended to set up a reverse proxy. This will allow you to use HTTPS and add additional security measures.
 ### trycloudflare
 This will give you a temporary (72 hours) URL that you can use to let others connect to your instance securely, without having to set up a reverse proxy. If you are running the server on your home network, this is probably the best option.
 - Install `cloudflared` following the instructions at [try.cloudflare.com](https://try.cloudflare.com/).
 - Run `cloudflared tunnel --url http://localhost:7860`
 - You will be given a temporary URL that you can share with others.
 If you have a VPS, you should use a proper reverse proxy like nginx instead for a more permanent solution which will allow you to use your own domain name, handle SSL, and add additional security/anti-abuse measures.
 ### nginx
 First, install nginx.
 - `sudo apt update && sudo apt install nginx`
 #### Example basic nginx configuration (no SSL)
 - `sudo nano /etc/nginx/sites-available/oai.conf`
  - ```
    server {
        listen 80;
        server_name example.com;
        location / {
            proxy_pass http://localhost:7860;
        }
    }
    ```
  - Replace `example.com` with your domain name.
  - Ctrl+X to exit, Y to save, Enter to confirm.
 - `sudo ln -s /etc/nginx/sites-available/oai.conf /etc/nginx/sites-enabled`
 - `sudo nginx -t`
  - This will check the configuration file for errors.
 - `sudo systemctl restart nginx`
  - This will restart nginx and apply the new configuration.
 #### Example with Cloudflare SSL
 This allows you to use a self-signed certificate on the server, and have Cloudflare handle client SSL. You need to have a Cloudflare account and have your domain set up with Cloudflare already, pointing to your server's IP address.
 - Set Cloudflare to use Full SSL mode. Since we are using a self-signed certificate, don't use Full (strict) mode.
 - Create a self-signed certificate:
  - `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt`
 - `sudo nano /etc/nginx/sites-available/oai.conf`
  - ```
    server {
        listen 443 ssl;
        server_name yourdomain.com www.yourdomain.com;
        ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
        ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
        # Only allow inbound traffic from Cloudflare
        allow 173.245.48.0/20;
        allow 103.21.244.0/22;
        allow 103.22.200.0/22;
        allow 103.31.4.0/22;
        allow 141.101.64.0/18;
        allow 108.162.192.0/18;
        allow 190.93.240.0/20;
        allow 188.114.96.0/20;
        allow 197.234.240.0/22;
        allow 198.41.128.0/17;
        allow 162.158.0.0/15;
        allow 104.16.0.0/13;
        allow 104.24.0.0/14;
        allow 172.64.0.0/13;
        allow 131.0.72.0/22;
        deny all;
        location / {
            proxy_pass http://localhost:7860;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
    }
    ```
  - Replace `yourdomain.com` with your domain name.
  - Ctrl+X to exit, Y to save, Enter to confirm.
 - `sudo ln -s /etc/nginx/sites-available/oai.conf /etc/nginx/sites-enabled`
 ## Updating/Restarting the application
 After making an .env change, you need to restart the application for it to take effect.
 - `docker compose down`
 - `docker compose up -d`
 To update the application to the latest version:
 - `docker compose pull`
 - `docker compose down`
 - `docker compose up -d`
 - `docker image prune -f`
@@ -1,16 +1,19 @@
 # User Management
-The proxy supports several different user management strategies.  You can choose the one that best fits your needs by setting the `GATEKEEPER` environment variable.
+The proxy supports several different user management strategies. You can choose the one that best fits your needs by setting the `GATEKEEPER` environment variable.
-Several of these features require you to set secrets in your environment.  If using Huggingface Spaces to deploy, do not set these in your `.env` file because that file is public and anyone can see it.
+Several of these features require you to set secrets in your environment. If using Huggingface Spaces to deploy, do not set these in your `.env` file because that file is public and anyone can see it.
 ## Table of Contents
 - [No user management](#no-user-management-gatekeepernone)
 - [Single-password authentication](#single-password-authentication-gatekeeperproxy_key)
 - [Per-user authentication](#per-user-authentication-gatekeeperuser_token)
  - [Memory](#memory)
  - [Firebase Realtime Database](#firebase-realtime-database)
    - [Firebase setup instructions](#firebase-setup-instructions)
  - [SQLite Database](#sqlite-database)
 - [Whitelisting admin IP addresses](#whitelisting-admin-ip-addresses)
 ## No user management (`GATEKEEPER=none`)
@@ -18,7 +21,7 @@ This is the default mode. The proxy will not require any authentication to acces
 ## Single-password authentication (`GATEKEEPER=proxy_key`)
-This mode allows you to set a password that must be passed in the `Authentication` header of every request to the server as a bearer token.  This is useful if you want to restrict access to the server, but don't want to create a separate account for every user.
+This mode allows you to set a password that must be passed in the `Authentication` header of every request to the server as a bearer token. This is useful if you want to restrict access to the server, but don't want to create a separate account for every user.
 To set the password, create a `PROXY_KEY` secret in your environment.
@@ -26,7 +29,7 @@ To set the password, create a `PROXY_KEY` secret in your environment.
 This mode allows you to provision separate Bearer tokens for each user. You can manage users via the /admin/users via REST or through the admin interface at `/admin`.
-To begin, set `ADMIN_KEY` to a secret value.  This will be used to authenticate requests to the REST API or to log in to the UI.
+To begin, set `ADMIN_KEY` to a secret value. This will be used to authenticate requests to the REST API or to log in to the UI.
 [You can find an OpenAPI specification for the /admin/users REST API here.](openapi-admin-users.yaml)
@@ -36,11 +39,12 @@ Below are the supported data stores and their configuration options.
 ### Memory
-This is the default data store (`GATEKEEPER_STORE=memory`)  User data will be stored in memory and will be lost when the server is restarted. You are responsible for exporting and re-importing user data after a restart.
+This is the default data store (`GATEKEEPER_STORE=memory`) User data will be stored in memory and will be lost when the server is restarted. You are responsible for exporting and re-importing user data after a restart.
 ### Firebase Realtime Database
 To use Firebase Realtime Database to persist user data, set the following environment variables:
 - `GATEKEEPER_STORE`: Set this to `firebase_rtdb`
 - **Secret** `FIREBASE_RTDB_URL`: The URL of your Firebase Realtime Database, e.g. `https://my-project-default-rtdb.firebaseio.com`
 - **Secret** `FIREBASE_KEY`: A base-64 encoded service account key for your Firebase project. Refer to the instructions below for how to create this key.
@@ -49,13 +53,33 @@ To use Firebase Realtime Database to persist user data, set the following enviro
 1. Go to the [Firebase console](https://console.firebase.google.com/) and click "Add project", then follow the prompts to create a new project.
 2. From the **Project Overview** page, click **All products** in the left sidebar, then click **Realtime Database**.
-3. Click **Create database** and choose **Start in test mode**.  Click **Enable**.
+3. Click **Create database** and choose **Start in test mode**. Click **Enable**.
-    - Test mode is fine for this use case as it still requires authentication to access the database. You may wish to set up more restrictive rules if you plan to use the database for other purposes.
+   - Test mode is fine for this use case as it still requires authentication to access the database. You may wish to set up more restrictive rules if you plan to use the database for other purposes.
-    - The reference URL for the database will be displayed on the page. You will need this later.
+   - The reference URL for the database will be displayed on the page. You will need this later.
 4. Click the gear icon next to **Project Overview** in the left sidebar, then click **Project settings**.
 5. Click the **Service accounts** tab, then click **Generate new private key**.
 6. The downloaded file contains your key. Encode it as base64 and set it as the `FIREBASE_KEY` secret in your environment.
 7. Set `FIREBASE_RTDB_URL` to the reference URL of your Firebase Realtime Database, e.g. `https://my-project-default-rtdb.firebaseio.com`.
 8. Set `GATEKEEPER_STORE` to `firebase_rtdb` in your environment if you haven't already.
-The proxy server will attempt to connect to your Firebase Realtime Database at startup and will throw an error if it cannot connect.  If you see this error, check that your `FIREBASE_RTDB_URL` and `FIREBASE_KEY` secrets are set correctly.
+The proxy server will attempt to connect to your Firebase Realtime Database at startup and will throw an error if it cannot connect. If you see this error, check that your `FIREBASE_RTDB_URL` and `FIREBASE_KEY` secrets are set correctly.
 ### SQLite Database
 To use a local SQLite database file to persist user data, set the following environment variables:
 - `GATEKEEPER_STORE`: Set this to `sqlite`.
 - `SQLITE_USER_STORE_PATH` (Optional): Specifies the path to the SQLite database file.
    - If not set, it defaults to `data/user-store.sqlite` within the project directory.
    - Ensure that the directory where the SQLite file will be created (e.g., the `data/` directory) is writable by the application process.
 Using SQLite provides a simple way to persist user data locally without relying on external services. User data will be saved to the specified file and will be available across server restarts.
 ## Whitelisting admin IP addresses
 You can add your own IP ranges to the `ADMIN_WHITELIST` environment variable for additional security.
 You can provide a comma-separated list containing individual IPv4 or IPv6 addresses, or CIDR ranges.
 To whitelist an entire IP range, use CIDR notation. For example, `192.168.0.1/24` would whitelist all addresses from `192.168.0.0` to `192.168.0.255`.
 To disable the whitelist, set `ADMIN_WHITELIST=0.0.0.0/0,::0`, which will allow access from any IPv4 or IPv6 address. This is the default behavior.
@@ -0,0 +1,36 @@
 # User Quotas
 When using `user_token` authentication, you can set (model) token quotas for user.  These quotas are enforced by the proxy server and are separate from the quotas enforced by OpenAI.
 You can set the default quota via environment variables. Quotas are enforced on a per-model basis, and count both prompt tokens and completion tokens. By default, all quotas are disabled.
 Set the following environment variables to set the default quotas:
 - `TOKEN_QUOTA_TURBO`
 - `TOKEN_QUOTA_GPT4`
 - `TOKEN_QUOTA_CLAUDE`
 Quotas only apply to `normal`-type users; `special`-type users are exempt from quotas. You can change users' types via the REST API.
 **Note that changes to these environment variables will only apply to newly created users.**  To modify existing users' quotas, use the REST API or the admin UI.
 ## Automatically refreshing quotas
 You can use the `QUOTA_REFRESH_PERIOD` environment variable to automatically refresh users' quotas periodically.  This is useful if you want to give users a certain number of tokens per day, for example. The entire quota will be refreshed at the start of the specified period, and any tokens a user has not used will not be carried over.
 Quotas for all models and users will be refreshed. If you haven't set `TOKEN_QUOTA_*` for a particular model, quotas for that model will not be refreshed (so any manually set quotas will not be overwritten).
 Set the `QUOTA_REFRESH_PERIOD` environment variable to one of the following values:
 - `daily` (at midnight)
 - `hourly`
 - leave unset to disable automatic refreshing
 You can also use a cron expression, for example:
 - Every 45 seconds: `"*/45 * * * * *"`
 - Every 30 minutes: `"*/30 * * * *"`
 - Every 6 hours: `"0 */6 * * *"`
 - Every 3 days: `"0 0 */3 * *"`
 - Daily, but at mid-day: `"0 12 * * *"`
 Make sure to enclose the cron expression in quotation marks.
 All times are in the server's local time zone. Refer to [crontab.guru](https://crontab.guru/) for more examples.
@@ -0,0 +1,9 @@
 {
  "dev": {
    "proxy-host": "http://localhost:7860",
    "oai-key-1": "override in http-client.private.env.json",
    "proxy-key": "override in http-client.private.env.json",
    "azu-resource-name": "override in http-client.private.env.json",
    "azu-deployment-id": "override in http-client.private.env.json"
  }
 }
@@ -4,10 +4,13 @@
  "description": "Reverse proxy for the OpenAI API",
  "scripts": {
    "build": "tsc && copyfiles -u 1 src/**/*.ejs build",
    "database:migrate": "ts-node scripts/migrate.ts",
    "postinstall": "patch-package",
    "prepare": "husky install",
    "start": "node --trace-deprecation --trace-warnings build/server.js",
    "start:dev": "nodemon --watch src --exec ts-node --transpile-only src/server.ts",
    "start:debug": "ts-node --inspect --transpile-only src/server.ts",
    "start:watch": "nodemon --require source-map-support/register build/server.js",
    "start:replit": "tsc && node build/server.js",
    "start": "node build/server.js",
    "type-check": "tsc --noEmit"
  },
  "engines": {
@@ -17,42 +20,77 @@
  "license": "MIT",
  "dependencies": {
    "@anthropic-ai/tokenizer": "^0.0.4",
-    "axios": "^1.3.5",
+    "@aws-crypto/sha256-js": "^5.2.0",
    "@huggingface/jinja": "^0.3.0",
    "@node-rs/argon2": "^1.8.3",
    "@smithy/eventstream-codec": "^2.1.3",
    "@smithy/eventstream-serde-node": "^2.1.3",
    "@smithy/protocol-http": "^3.2.1",
    "@smithy/signature-v4": "^2.1.3",
    "@smithy/util-utf8": "^2.1.1",
    "axios": "^1.7.4",
    "better-sqlite3": "^10.0.0",
    "check-disk-space": "^3.4.0",
    "cookie-parser": "^1.4.6",
    "copyfiles": "^2.4.1",
    "cors": "^2.8.5",
    "csrf-csrf": "^2.3.0",
-    "dotenv": "^16.0.3",
+    "dotenv": "^16.3.1",
-    "ejs": "^3.1.9",
+    "ejs": "^3.1.10",
-    "express": "^4.18.2",
+    "express": "^4.19.3",
-    "firebase-admin": "^11.10.1",
+    "express-session": "^1.17.3",
    "firebase-admin": "^12.5.0",
    "glob": "^10.3.12",
    "googleapis": "^122.0.0",
-    "http-proxy-middleware": "^3.0.0-beta.1",
+    "http-proxy": "1.18.1",
    "http-proxy-middleware": "^3.0.2",
    "ipaddr.js": "^2.1.0",
    "memorystore": "^1.6.7",
    "multer": "^1.4.5-lts.1",
    "node-schedule": "^2.1.1",
    "patch-package": "^8.0.0",
    "pino": "^8.11.0",
    "pino-http": "^8.3.3",
    "proxy-agent": "^6.4.0",
    "sanitize-html": "^2.13.0",
    "sharp": "^0.34.2",
    "showdown": "^2.1.0",
    "source-map-support": "^0.5.21",
    "stream-json": "^1.8.0",
    "tiktoken": "^1.0.10",
    "tinyws": "^0.1.0",
    "uuid": "^9.0.0",
    "zlib": "^1.0.5",
-    "zod": "^3.21.4"
+    "zod": "^3.22.3",
    "zod-error": "^1.5.0"
  },
  "devDependencies": {
    "@smithy/types": "^3.3.0",
    "@types/better-sqlite3": "^7.6.10",
    "@types/cookie-parser": "^1.4.3",
    "@types/cors": "^2.8.13",
    "@types/express": "^4.17.17",
    "@types/express-session": "^1.17.7",
    "@types/multer": "^1.4.7",
    "@types/node-schedule": "^2.1.0",
    "@types/sanitize-html": "^2.9.0",
    "@types/showdown": "^2.0.0",
    "@types/stream-json": "^1.7.7",
    "@types/uuid": "^9.0.1",
    "concurrently": "^8.0.1",
-    "esbuild": "^0.17.16",
+    "esbuild": "^0.25.5",
    "esbuild-register": "^3.4.2",
    "husky": "^8.0.3",
    "nodemon": "^3.0.1",
-    "source-map-support": "^0.5.21",
+    "pino-pretty": "^10.2.3",
    "prettier": "^3.0.3",
    "prettier-plugin-ejs": "^1.0.3",
    "ts-node": "^10.9.1",
-    "typescript": "^5.0.4"
+    "typescript": "^5.4.2"
  },
  "overrides": {
-    "google-gax": "^3.6.1"
+    "node-fetch@2.x": {
      "whatwg-url": "14.x"
    }
  }
 }
@@ -0,0 +1,23 @@
 # Patches
 Contains monkey patches for certain packages, applied using `patch-package`.
 ## `http-proxy+1.18.1.patch`
 Modifies the `http-proxy` package to work around an incompatibility with
 body-parser and SOCKS5 proxies due to some esoteric stream handling behavior
 when `socks-proxy-agent` is used instead of a generic http.Agent.
 Modification involves adjusting the `buffer` property on ProxyServer's `options`
 object to be a function that returns a stream instead of a stream itself. This
 allows us to give it a function which produces a new Readable from the already-
 parsed request body.
 With the old implementation we would need to create an entirely new ProxyServer
 instance for each request, which is not ideal under heavy load.
 `http-proxy` hasn't been updated in six years so it's unlikely that this patch
 will be broken by future updates, but it's stil pinned to 1.18.1 for now.
 ### See also
 https://github.com/chimurai/http-proxy-middleware/issues/40
 https://github.com/chimurai/http-proxy-middleware/issues/299
 https://github.com/http-party/node-http-proxy/pull/1027
@@ -0,0 +1,13 @@
 diff --git a/node_modules/http-proxy/lib/http-proxy/passes/web-incoming.js b/node_modules/http-proxy/lib/http-proxy/passes/web-incoming.js
 index 7ae7355..c825c27 100644
 --- a/node_modules/http-proxy/lib/http-proxy/passes/web-incoming.js
 +++ b/node_modules/http-proxy/lib/http-proxy/passes/web-incoming.js
@@ -167,7 +167,7 @@ module.exports = {
       }
     }
 -    (options.buffer || req).pipe(proxyReq);
 +    (options.buffer(req) || req).pipe(proxyReq);
     proxyReq.on('response', function(proxyRes) {
       if(server) { server.emit('proxyRes', proxyRes, req, res); }
@@ -0,0 +1,349 @@
 /*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */
 /* Document
   ========================================================================== */
 /**
 * 1. Correct the line height in all browsers.
 * 2. Prevent adjustments of font size after orientation changes in iOS.
 */
 html {
    line-height: 1.15; /* 1 */
    -webkit-text-size-adjust: 100%; /* 2 */
 }
 /* Sections
   ========================================================================== */
 /**
 * Remove the margin in all browsers.
 */
 body {
    margin: 0;
 }
 /**
 * Render the `main` element consistently in IE.
 */
 main {
    display: block;
 }
 /**
 * Correct the font size and margin on `h1` elements within `section` and
 * `article` contexts in Chrome, Firefox, and Safari.
 */
 h1 {
    font-size: 2em;
    margin: 0.67em 0;
 }
 /* Grouping content
   ========================================================================== */
 /**
 * 1. Add the correct box sizing in Firefox.
 * 2. Show the overflow in Edge and IE.
 */
 hr {
    box-sizing: content-box; /* 1 */
    height: 0; /* 1 */
    overflow: visible; /* 2 */
 }
 /**
 * 1. Correct the inheritance and scaling of font size in all browsers.
 * 2. Correct the odd `em` font sizing in all browsers.
 */
 pre {
    font-family: monospace, monospace; /* 1 */
    font-size: 1em; /* 2 */
 }
 /* Text-level semantics
   ========================================================================== */
 /**
 * Remove the gray background on active links in IE 10.
 */
 a {
    background-color: transparent;
 }
 /**
 * 1. Remove the bottom border in Chrome 57-
 * 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari.
 */
 abbr[title] {
    border-bottom: none; /* 1 */
    text-decoration: underline; /* 2 */
    text-decoration: underline dotted; /* 2 */
 }
 /**
 * Add the correct font weight in Chrome, Edge, and Safari.
 */
 b,
 strong {
    font-weight: bolder;
 }
 /**
 * 1. Correct the inheritance and scaling of font size in all browsers.
 * 2. Correct the odd `em` font sizing in all browsers.
 */
 code,
 kbd,
 samp {
    font-family: monospace, monospace; /* 1 */
    font-size: 1em; /* 2 */
 }
 /**
 * Add the correct font size in all browsers.
 */
 small {
    font-size: 80%;
 }
 /**
 * Prevent `sub` and `sup` elements from affecting the line height in
 * all browsers.
 */
 sub,
 sup {
    font-size: 75%;
    line-height: 0;
    position: relative;
    vertical-align: baseline;
 }
 sub {
    bottom: -0.25em;
 }
 sup {
    top: -0.5em;
 }
 /* Embedded content
   ========================================================================== */
 /**
 * Remove the border on images inside links in IE 10.
 */
 img {
    border-style: none;
 }
 /* Forms
   ========================================================================== */
 /**
 * 1. Change the font styles in all browsers.
 * 2. Remove the margin in Firefox and Safari.
 */
 button,
 input,
 optgroup,
 select,
 textarea {
    font-family: inherit; /* 1 */
    font-size: 100%; /* 1 */
    line-height: 1.15; /* 1 */
    margin: 0; /* 2 */
 }
 /**
 * Show the overflow in IE.
 * 1. Show the overflow in Edge.
 */
 button,
 input { /* 1 */
    overflow: visible;
 }
 /**
 * Remove the inheritance of text transform in Edge, Firefox, and IE.
 * 1. Remove the inheritance of text transform in Firefox.
 */
 button,
 select { /* 1 */
    text-transform: none;
 }
 /**
 * Correct the inability to style clickable types in iOS and Safari.
 */
 button,
 [type="button"],
 [type="reset"],
 [type="submit"] {
    -webkit-appearance: button;
 }
 /**
 * Remove the inner border and padding in Firefox.
 */
 button::-moz-focus-inner,
 [type="button"]::-moz-focus-inner,
 [type="reset"]::-moz-focus-inner,
 [type="submit"]::-moz-focus-inner {
    border-style: none;
    padding: 0;
 }
 /**
 * Restore the focus styles unset by the previous rule.
 */
 button:-moz-focusring,
 [type="button"]:-moz-focusring,
 [type="reset"]:-moz-focusring,
 [type="submit"]:-moz-focusring {
    outline: 1px dotted ButtonText;
 }
 /**
 * Correct the padding in Firefox.
 */
 fieldset {
    padding: 0.35em 0.75em 0.625em;
 }
 /**
 * 1. Correct the text wrapping in Edge and IE.
 * 2. Correct the color inheritance from `fieldset` elements in IE.
 * 3. Remove the padding so developers are not caught out when they zero out
 *    `fieldset` elements in all browsers.
 */
 legend {
    box-sizing: border-box; /* 1 */
    color: inherit; /* 2 */
    display: table; /* 1 */
    max-width: 100%; /* 1 */
    padding: 0; /* 3 */
    white-space: normal; /* 1 */
 }
 /**
 * Add the correct vertical alignment in Chrome, Firefox, and Opera.
 */
 progress {
    vertical-align: baseline;
 }
 /**
 * Remove the default vertical scrollbar in IE 10+.
 */
 textarea {
    overflow: auto;
 }
 /**
 * 1. Add the correct box sizing in IE 10.
 * 2. Remove the padding in IE 10.
 */
 [type="checkbox"],
 [type="radio"] {
    box-sizing: border-box; /* 1 */
    padding: 0; /* 2 */
 }
 /**
 * Correct the cursor style of increment and decrement buttons in Chrome.
 */
 [type="number"]::-webkit-inner-spin-button,
 [type="number"]::-webkit-outer-spin-button {
    height: auto;
 }
 /**
 * 1. Correct the odd appearance in Chrome and Safari.
 * 2. Correct the outline style in Safari.
 */
 [type="search"] {
    -webkit-appearance: textfield; /* 1 */
    outline-offset: -2px; /* 2 */
 }
 /**
 * Remove the inner padding in Chrome and Safari on macOS.
 */
 [type="search"]::-webkit-search-decoration {
    -webkit-appearance: none;
 }
 /**
 * 1. Correct the inability to style clickable types in iOS and Safari.
 * 2. Change font properties to `inherit` in Safari.
 */
 ::-webkit-file-upload-button {
    -webkit-appearance: button; /* 1 */
    font: inherit; /* 2 */
 }
 /* Interactive
   ========================================================================== */
 /*
 * Add the correct display in Edge, IE 10+, and Firefox.
 */
 details {
    display: block;
 }
 /*
 * Add the correct display in all browsers.
 */
 summary {
    display: list-item;
 }
 /* Misc
   ========================================================================== */
 /**
 * Add the correct display in IE 10+.
 */
 template {
    display: none;
 }
 /**
 * Add the correct display in IE 10.
 */
 [hidden] {
    display: none;
 }
@@ -0,0 +1,231 @@
 /* modified https://github.com/oxalorg/sakura */
 html {
  font-size: 62.5%;
  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
    "Helvetica Neue", Arial, "Noto Sans", sans-serif;
 }
 body {
  font-size: 1.8rem;
  line-height: 1.618;
  max-width: 38em;
  margin: auto;
  color: #c9c9c9;
  background-color: #222222;
  padding: 13px;
 }
@media (max-width: 684px) {
  body {
    font-size: 1.53rem;
  }
 }
@media (max-width: 382px) {
  body {
    font-size: 1.35rem;
  }
 }
 h1,
 h2,
 h3,
 h4,
 h5,
 h6 {
  line-height: 1.1;
  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
    "Helvetica Neue", Arial, "Noto Sans", sans-serif;
  font-weight: 700;
  margin-top: 3rem;
  margin-bottom: 1.5rem;
  overflow-wrap: break-word;
  word-wrap: break-word;
  -ms-word-break: break-all;
  word-break: break-word;
 }
 h1 {
  font-size: 2.35em;
 }
 h2 {
  font-size: 2em;
 }
 h3 {
  font-size: 1.75em;
 }
 h4 {
  font-size: 1.5em;
 }
 h5 {
  font-size: 1.25em;
 }
 h6 {
  font-size: 1em;
 }
 p {
  margin-top: 0px;
  margin-bottom: 2.5rem;
 }
 small,
 sub,
 sup {
  font-size: 75%;
 }
 hr {
  border-color: #ffffff;
 }
 a {
  text-decoration: none;
  color: #ffffff;
 }
 a:visited {
  color: #e6e6e6;
 }
 a:hover {
  color: #c9c9c9;
  text-decoration: underline;
 }
 ul {
  padding-left: 1.4em;
  margin-top: 0px;
  margin-bottom: 2.5rem;
 }
 li {
  margin-bottom: 0.4em;
 }
 blockquote {
  margin-left: 0px;
  margin-right: 0px;
  padding-left: 1em;
  padding-top: 0.8em;
  padding-bottom: 0.8em;
  padding-right: 0.8em;
  border-left: 5px solid #ffffff;
  margin-bottom: 2.5rem;
  background-color: #4a4a4a;
 }
 blockquote p {
  margin-bottom: 0;
 }
 img,
 video {
  height: auto;
  max-width: 100%;
  margin-top: 0px;
  margin-bottom: 2.5rem;
 }
 pre {
  background-color: #4a4a4a;
  display: block;
  padding: 1em;
  overflow-x: auto;
  margin-top: 0px;
  margin-bottom: 2.5rem;
  font-size: 0.9em;
 }
 code,
 kbd,
 samp {
  font-size: 0.9em;
  padding: 0 0.5em;
  background-color: #4a4a4a;
  white-space: pre-wrap;
 }
 pre > code {
  padding: 0;
  background-color: transparent;
  white-space: pre;
  font-size: 1em;
 }
 table {
  text-align: justify;
  width: 100%;
  border-collapse: collapse;
  margin-bottom: 2rem;
 }
 td,
 th {
  padding: 0.5em;
  border-bottom: 1px solid #4a4a4a;
 }
 input,
 textarea {
  border: 1px solid #c9c9c9;
 }
 input:focus,
 textarea:focus {
  border: 1px solid #ffffff;
 }
 textarea {
  width: 100%;
 }
 .button,
 button,
 input[type="submit"],
 input[type="reset"],
 input[type="button"],
 input[type="file"]::file-selector-button {
  display: inline-block;
  padding: 5px 10px;
  text-align: center;
  text-decoration: none;
  white-space: nowrap;
  background-color: #ffffff;
  color: #222222;
  border-radius: 1px;
  border: 1px solid #ffffff;
  cursor: pointer;
  box-sizing: border-box;
 }
 .button[disabled],
 button[disabled],
 input[type="submit"][disabled],
 input[type="reset"][disabled],
 input[type="button"][disabled],
 input[type="file"][disabled] {
  cursor: default;
  opacity: 0.5;
 }
 .button:hover,
 button:hover,
 input[type="submit"]:hover,
 input[type="reset"]:hover,
 input[type="button"]:hover,
 input[type="file"]::file-selector-button:hover {
  background-color: #c9c9c9;
  color: #222222;
  outline: 0;
 }
 .button:focus-visible,
 button:focus-visible,
 input[type="submit"]:focus-visible,
 input[type="reset"]:focus-visible,
 input[type="button"]:focus-visible,
 input[type="file"]::file-selector-button:focus-visible {
  outline-style: solid;
  outline-width: 2px;
 }
 textarea,
 select,
 input {
  color: #c9c9c9;
  padding: 6px 10px;
  margin-bottom: 10px;
  background-color: #4a4a4a;
  border: 1px solid #4a4a4a;
  border-radius: 4px;
  box-shadow: none;
  box-sizing: border-box;
 }
 textarea:focus,
 select:focus,
 input:focus {
  border: 1px solid #ffffff;
  outline: 0;
 }
 input[type="checkbox"]:focus {
  outline: 1px dotted #ffffff;
 }
 label,
 legend,
 fieldset {
  display: block;
  margin-bottom: 0.5rem;
  font-weight: 600;
 }
@@ -0,0 +1,237 @@
 /* modified https://github.com/oxalorg/sakura */
 :root {
  --accent-color: #4a4a4a;
  --accent-color-hover: #5a5a5a;
  --link-color: #58739c;
  --link-visted-color: #6f5e6f;
 }
 html {
  font-size: 62.5%;
  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
    "Helvetica Neue", Arial, "Noto Sans", sans-serif;
 }
 body {
  font-size: 1.8rem;
  line-height: 1.618;
  max-width: 38em;
  margin: auto;
  color: #4a4a4a;
  background-color: #f9f9f9;
  padding: 13px;
 }
@media (max-width: 684px) {
  body {
    font-size: 1.53rem;
  }
 }
@media (max-width: 382px) {
  body {
    font-size: 1.35rem;
  }
 }
 h1,
 h2,
 h3,
 h4,
 h5,
 h6 {
  line-height: 1.1;
  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
    "Helvetica Neue", Arial, "Noto Sans", sans-serif;
  font-weight: 700;
  margin-top: 3rem;
  margin-bottom: 1.5rem;
  overflow-wrap: break-word;
  word-wrap: break-word;
  -ms-word-break: break-all;
  word-break: break-word;
 }
 h1 {
  font-size: 2.35em;
 }
 h2 {
  font-size: 2em;
 }
 h3 {
  font-size: 1.75em;
 }
 h4 {
  font-size: 1.5em;
 }
 h5 {
  font-size: 1.25em;
 }
 h6 {
  font-size: 1em;
 }
 p {
  margin-top: 0;
  margin-bottom: 2.5rem;
 }
 small,
 sub,
 sup {
  font-size: 75%;
 }
 hr {
  border-color: var(--accent-color);
 }
 a {
  text-decoration: none;
  color: var(--link-color);
 }
 a:visited {
  color: var(--link-visted-color);
 }
 a:hover {
  color: var(--accent-color-hover);
  text-decoration: underline;
 }
 ul {
  padding-left: 1.4em;
  margin-top: 0;
  margin-bottom: 2.5rem;
 }
 li {
  margin-bottom: 0.4em;
 }
 blockquote {
  margin-left: 0;
  margin-right: 0;
  padding-left: 1em;
  padding-top: 0.8em;
  padding-bottom: 0.8em;
  padding-right: 0.8em;
  border-left: 5px solid var(--accent-color);
  margin-bottom: 2.5rem;
  background-color: #f1f1f1;
 }
 blockquote p {
  margin-bottom: 0;
 }
 img,
 video {
  height: auto;
  max-width: 100%;
  margin-top: 0;
  margin-bottom: 2.5rem;
 }
 pre {
  background-color: #f1f1f1;
  display: block;
  padding: 1em;
  overflow-x: auto;
  margin-top: 0;
  margin-bottom: 2.5rem;
  font-size: 0.9em;
 }
 code,
 kbd,
 samp {
  font-size: 0.9em;
  padding: 0 0.5em;
  background-color: #f1f1f1;
  white-space: pre-wrap;
 }
 pre > code {
  padding: 0;
  background-color: transparent;
  white-space: pre;
  font-size: 1em;
 }
 table {
  text-align: justify;
  width: 100%;
  border-collapse: collapse;
  margin-bottom: 2rem;
 }
 td,
 th {
  padding: 0.5em;
  border-bottom: 1px solid #f1f1f1;
 }
 input,
 textarea {
  border: 1px solid #4a4a4a;
 }
 input:focus,
 textarea:focus {
  border: 1px solid var(--accent-color);
 }
 textarea {
  width: 100%;
 }
 .button,
 button,
 input[type="submit"],
 input[type="reset"],
 input[type="button"],
 input[type="file"]::file-selector-button {
  display: inline-block;
  padding: 5px 10px;
  text-align: center;
  text-decoration: none;
  white-space: nowrap;
  background-color: var(--accent-color);
  color: #f9f9f9;
  border-radius: 2px;
  border: 1px solid var(--accent-color);
  cursor: pointer;
  box-sizing: border-box;
 }
 .button[disabled],
 button[disabled],
 input[type="submit"][disabled],
 input[type="reset"][disabled],
 input[type="button"][disabled],
 input[type="file"][disabled] {
  cursor: default;
  opacity: 0.5;
 }
 .button:hover,
 button:hover,
 input[type="submit"]:hover,
 input[type="reset"]:hover,
 input[type="button"]:hover,
 input[type="file"]::file-selector-button:hover {
  background-color: var(--accent-color-hover);
  color: #f9f9f9;
  outline: 0;
 }
 .button:focus-visible,
 button:focus-visible,
 input[type="submit"]:focus-visible,
 input[type="reset"]:focus-visible,
 input[type="button"]:focus-visible,
 input[type="file"]::file-selector-button:focus-visible {
  outline-style: solid;
  outline-width: 2px;
 }
 textarea,
 select,
 input {
  color: #4a4a4a;
  padding: 6px 10px;
  margin-bottom: 10px;
  background-color: #f1f1f1;
  border: 1px solid #f1f1f1;
  border-radius: 4px;
  box-shadow: none;
  box-sizing: border-box;
 }
 textarea:focus,
 select:focus,
 input:focus {
  border: 1px solid var(--accent-color);
  outline: 0;
 }
 input[type="checkbox"]:focus {
  outline: 1px dotted var(--accent-color);
 }
 label,
 legend,
 fieldset {
  display: block;
  margin-bottom: 0.5rem;
  font-weight: 600;
 }
@@ -0,0 +1,120 @@
 importScripts(
  "https://cdn.jsdelivr.net/npm/hash-wasm@4.11.0/dist/argon2.umd.min.js"
 );
 let active = false;
 let nonce = 0;
 let signature = "";
 let lastNotify = 0;
 let hashesSinceLastNotify = 0;
 let params = {
  salt: null,
  hashLength: 0,
  iterations: 0,
  memorySize: 0,
  parallelism: 0,
  targetValue: BigInt(0),
  safariFix: false,
 };
 self.onmessage = async (event) => {
  const { data } = event;
  switch (data.type) {
    case "stop":
      active = false;
      self.postMessage({ type: "paused", hashes: hashesSinceLastNotify });
      return;
    case "start":
      active = true;
      signature = data.signature;
      nonce = data.nonce;
      const c = data.challenge;
      const salt = new Uint8Array(c.s.length / 2);
      for (let i = 0; i < c.s.length; i += 2) {
        salt[i / 2] = parseInt(c.s.slice(i, i + 2), 16);
      }
      params = {
        salt: salt,
        hashLength: c.hl,
        iterations: c.t,
        memorySize: c.m,
        parallelism: c.p,
        targetValue: BigInt(c.d.slice(0, -1)),
        safariFix: data.isMobileWebkit,
      };
      console.log("Started", params);
      self.postMessage({ type: "started" });
      setTimeout(solve, 0);
      break;
  }
 };
 const doHash = async (password) => {
  const { salt, hashLength, iterations, memorySize, parallelism } = params;
  return await self.hashwasm.argon2id({
    password,
    salt,
    hashLength,
    iterations,
    memorySize,
    parallelism,
  });
 };
 const checkHash = (hash) => {
  const { targetValue } = params;
  const hashValue = BigInt(`0x${hash}`);
  return hashValue <= targetValue;
 };
 const solve = async () => {
  if (!active) {
    console.log("Stopped solver", nonce);
    return;
  }
  // Safari WASM doesn't like multiple calls in one worker
  const batchSize = 1;
  const batch = [];
  for (let i = 0; i < batchSize; i++) {
    batch.push(nonce++);
  }
  try {
    const results = await Promise.all(
      batch.map(async (nonce) => {
        const hash = await doHash(String(nonce));
        return { hash, nonce };
      })
    );
    hashesSinceLastNotify += batchSize;
    const solution = results.find(({ hash }) => checkHash(hash));
    if (solution) {
      console.log("Solution found", solution, params.salt);
      self.postMessage({ type: "solved", nonce: solution.nonce });
      active = false;
    } else {
      if (Date.now() - lastNotify >= 500) {
        console.log("Last nonce", nonce, "Hashes", hashesSinceLastNotify);
        self.postMessage({ type: "progress", hashes: hashesSinceLastNotify });
        lastNotify = Date.now();
        hashesSinceLastNotify = 0;
      }
      setTimeout(solve, 10);
    }
  } catch (error) {
    console.error("Error", error);
    const stack = error.stack;
    const debug = {
      stack,
      lastNonce: nonce,
      targetValue: params.targetValue,
    };
    self.postMessage({ type: "error", error: error.message, debug });
    active = false;
  }
 };
@@ -0,0 +1,39 @@
 import Database from "better-sqlite3";
 import { DATABASE_VERSION, migrateDatabase } from "../src/shared/database";
 import { logger } from "../src/logger";
 import { config } from "../src/config";
 const log = logger.child({ module: "scripts/migrate" });
 async function runMigration() {
  let targetVersion = Number(process.argv[2]) || undefined;
  if (!targetVersion) {
    log.info("Enter target version or leave empty to use the latest version.");
    process.stdin.resume();
    process.stdin.setEncoding("utf8");
    const input = await new Promise<string>((resolve) => {
      process.stdin.on("data", (text) => {
        resolve((String(text) || "").trim());
      });
    });
    process.stdin.pause();
    targetVersion = Number(input);
    if (!targetVersion) {
      targetVersion = DATABASE_VERSION;
    }
  }
  const db = new Database(config.sqliteDataPath, {
    verbose: (msg, ...args) => log.debug({ args }, String(msg)),
  });
  const currentVersion = db.pragma("user_version", { simple: true });
  log.info({ currentVersion, targetVersion }, "Running migrations.");
  migrateDatabase(targetVersion, db);
 }
 runMigration().catch((error) => {
  log.error(error, "Migration failed.");
  process.exit(1);
 });
@@ -0,0 +1,309 @@
 # OAI Reverse Proxy
 ###
 # @name OpenAI -- Chat Completions
 POST https://api.openai.com/v1/chat/completions
 Authorization: Bearer {{oai-key-1}}
 Content-Type: application/json
 {
  "model": "gpt-3.5-turbo",
  "max_tokens": 30,
  "stream": false,
  "messages": [
    {
      "role": "user",
      "content": "This is a test prompt."
    }
  ]
 }
 ###
 # @name OpenAI -- Text Completions
 POST https://api.openai.com/v1/completions
 Authorization: Bearer {{oai-key-1}}
 Content-Type: application/json
 {
  "model": "gpt-3.5-turbo-instruct",
  "max_tokens": 30,
  "stream": false,
  "prompt": "This is a test prompt where"
 }
 ###
 # @name OpenAI -- Create Embedding
 POST https://api.openai.com/v1/embeddings
 Authorization: Bearer {{oai-key-1}}
 Content-Type: application/json
 {
  "model": "text-embedding-ada-002",
  "input": "This is a test embedding input."
 }
 ###
 # @name OpenAI -- Get Organizations
 GET https://api.openai.com/v1/organizations
 Authorization: Bearer {{oai-key-1}}
 ###
 # @name OpenAI -- Get Models
 GET https://api.openai.com/v1/models
 Authorization: Bearer {{oai-key-1}}
 ###
 # @name Azure OpenAI -- Chat Completions
 POST https://{{azu-resource-name}}.openai.azure.com/openai/deployments/{{azu-deployment-id}}/chat/completions?api-version=2023-09-01-preview
 api-key: {{azu-key-1}}
 Content-Type: application/json
 {
  "max_tokens": 1,
  "stream": false,
  "messages": [
    {
      "role": "user",
      "content": "This is a test prompt."
    }
  ]
 }
 ###
 # @name Proxy / OpenAI -- Get Models
 GET {{proxy-host}}/proxy/openai/v1/models
 Authorization: Bearer {{proxy-key}}
 ###
 # @name Proxy / OpenAI -- Native Chat Completions
 POST {{proxy-host}}/proxy/openai/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-4-1106-preview",
  "max_tokens": 20,
  "stream": true,
  "temperature": 1,
  "seed": 123,
  "messages": [
    {
      "role": "user",
      "content": "phrase one"
    }
  ]
 }
 ###
 # @name Proxy / OpenAI -- Native Text Completions
 POST {{proxy-host}}/proxy/openai/v1/turbo-instruct/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-3.5-turbo-instruct",
  "max_tokens": 20,
  "temperature": 0,
  "prompt": "Genshin Impact is a game about",
  "stream": false
 }
 ###
 # @name Proxy / OpenAI -- Chat-to-Text API Translation
 # Accepts a chat completion request and reformats it to work with the text completion API. `model` is ignored.
 POST {{proxy-host}}/proxy/openai/turbo-instruct/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-4",
  "max_tokens": 20,
  "stream": true,
  "messages": [
    {
      "role": "user",
      "content": "What is the name of the fourth president of the united states?"
    },
    {
      "role": "assistant",
      "content": "That would be George Washington."
    },
    {
      "role": "user",
      "content": "I don't think that's right..."
    }
  ]
 }
 ###
 # @name Proxy / OpenAI -- Create Embedding
 POST {{proxy-host}}/proxy/openai/embeddings
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "text-embedding-ada-002",
  "input": "This is a test embedding input."
 }
 ###
 # @name Proxy / Anthropic -- Native Completion (old API)
 POST {{proxy-host}}/proxy/anthropic/v1/complete
 Authorization: Bearer {{proxy-key}}
 anthropic-version: 2023-01-01
 Content-Type: application/json
 {
  "model": "claude-v1.3",
  "max_tokens_to_sample": 20,
  "temperature": 0.2,
  "stream": true,
  "prompt": "What is genshin impact\n\n:Assistant:"
 }
 ###
 # @name Proxy / Anthropic -- Native Completion (2023-06-01 API)
 POST {{proxy-host}}/proxy/anthropic/v1/complete
 Authorization: Bearer {{proxy-key}}
 anthropic-version: 2023-06-01
 Content-Type: application/json
 {
  "model": "claude-v1.3",
  "max_tokens_to_sample": 20,
  "temperature": 0.2,
  "stream": true,
  "prompt": "What is genshin impact\n\n:Assistant:"
 }
 ###
 # @name Proxy / Anthropic -- OpenAI-to-Anthropic API Translation
 POST {{proxy-host}}/proxy/anthropic/v1/chat/completions
 Authorization: Bearer {{proxy-key}}
 #anthropic-version: 2023-06-01
 Content-Type: application/json
 {
  "model": "gpt-3.5-turbo",
  "max_tokens": 20,
  "stream": false,
  "temperature": 0,
  "messages": [
    {
      "role": "user",
      "content": "What is genshin impact"
    }
  ]
 }
 ###
 # @name Proxy / AWS Claude -- Native Completion
 POST {{proxy-host}}/proxy/aws/claude/v1/complete
 Authorization: Bearer {{proxy-key}}
 anthropic-version: 2023-01-01
 Content-Type: application/json
 {
  "model": "claude-v2",
  "max_tokens_to_sample": 10,
  "temperature": 0,
  "stream": true,
  "prompt": "What is genshin impact\n\n:Assistant:"
 }
 ###
 # @name Proxy / AWS Claude -- OpenAI-to-Anthropic API Translation
 POST {{proxy-host}}/proxy/aws/claude/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-3.5-turbo",
  "max_tokens": 50,
  "stream": true,
  "messages": [
    {
      "role": "user",
      "content": "What is genshin impact?"
    }
  ]
 }
 ###
 # @name Proxy / GCP Claude -- Native Completion
 POST {{proxy-host}}/proxy/gcp/claude/v1/complete
 Authorization: Bearer {{proxy-key}}
 anthropic-version: 2023-01-01
 Content-Type: application/json
 {
  "model": "claude-v2",
  "max_tokens_to_sample": 10,
  "temperature": 0,
  "stream": true,
  "prompt": "What is genshin impact\n\n:Assistant:"
 }
 ###
 # @name Proxy / GCP Claude -- OpenAI-to-Anthropic API Translation
 POST {{proxy-host}}/proxy/gcp/claude/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-3.5-turbo",
  "max_tokens": 50,
  "stream": true,
  "messages": [
    {
      "role": "user",
      "content": "What is genshin impact?"
    }
  ]
 }
 ###
 # @name Proxy / Azure OpenAI -- Native Chat Completions
 POST {{proxy-host}}/proxy/azure/openai/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-4",
  "max_tokens": 20,
  "stream": true,
  "temperature": 1,
  "seed": 2,
  "messages": [
    {
      "role": "user",
      "content": "Hi what is the name of the fourth president of the united states?"
    },
    {
      "role": "assistant",
      "content": "That would be George Washington."
    },
    {
      "role": "user",
      "content": "That's not right."
    }
  ]
 }
 ###
 # @name Proxy / Google AI -- OpenAI-to-Google AI API Translation
 POST {{proxy-host}}/proxy/google-ai/v1/chat/completions
 Authorization: Bearer {{proxy-key}}
 Content-Type: application/json
 {
  "model": "gpt-4",
  "max_tokens": 42,
  "messages": [
    {
      "role": "user",
      "content": "Hi what is the name of the fourth president of the united states?"
    }
  ]
 }
@@ -0,0 +1,102 @@
 import Database from "better-sqlite3";
 import { v4 as uuidv4 } from "uuid";
 import { config } from "../src/config";
 function generateRandomIP() {
  return (
    Math.floor(Math.random() * 255) +
    "." +
    Math.floor(Math.random() * 255) +
    "." +
    Math.floor(Math.random() * 255) +
    "." +
    Math.floor(Math.random() * 255)
  );
 }
 function generateRandomDate() {
  const end = new Date();
  const start = new Date(end);
  start.setDate(end.getDate() - 90);
  const randomDate = new Date(
    start.getTime() + Math.random() * (end.getTime() - start.getTime())
  );
  return randomDate.toISOString();
 }
 function generateMockSHA256() {
  const characters = 'abcdef0123456789';
  let hash = '';
  for (let i = 0; i < 64; i++) {
    const randomIndex = Math.floor(Math.random() * characters.length);
    hash += characters[randomIndex];
  }
  return hash;
 }
 function getRandomModelFamily() {
  const modelFamilies = [
    "turbo",
    "gpt4",
    "gpt4-32k",
    "gpt4-turbo",
    "claude",
    "claude-opus",
    "gemini-pro",
    "mistral-tiny",
    "mistral-small",
    "mistral-medium",
    "mistral-large",
    "aws-claude",
    "aws-claude-opus",
    "gcp-claude",
    "gcp-claude-opus",
    "azure-turbo",
    "azure-gpt4",
    "azure-gpt4-32k",
    "azure-gpt4-turbo",
    "dall-e",
    "azure-dall-e",
  ];
  return modelFamilies[Math.floor(Math.random() * modelFamilies.length)];
 }
 (async () => {
  const db = new Database(config.sqliteDataPath);
  const numRows = 100;
  const insertStatement = db.prepare(`
  INSERT INTO events (type, ip, date, model, family, hashes, userToken, inputTokens, outputTokens)
  VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
 `);
  const users = Array.from({ length: 10 }, () => uuidv4());
  function getRandomUser() {
    return users[Math.floor(Math.random() * users.length)];
  }
  const transaction = db.transaction(() => {
    for (let i = 0; i < numRows; i++) {
      insertStatement.run(
        "chat_completion",
        generateRandomIP(),
        generateRandomDate(),
        getRandomModelFamily() + "-" + Math.floor(Math.random() * 100),
        getRandomModelFamily(),
        Array.from(
          { length: Math.floor(Math.random() * 10) },
          generateMockSHA256
        ).join(","),
        getRandomUser(),
        Math.floor(Math.random() * 500),
        Math.floor(Math.random() * 6000)
      );
    }
  });
  transaction();
  console.log(`Inserted ${numRows} rows into the events table.`);
  db.close();
 })();
@@ -0,0 +1,118 @@
 // uses the aws sdk to sign a request, then uses axios to send it to the bedrock REST API manually
 import axios from "axios";
 import { Sha256 } from "@aws-crypto/sha256-js";
 import { SignatureV4 } from "@smithy/signature-v4";
 import { HttpRequest } from "@smithy/protocol-http";
 const AWS_ACCESS_KEY_ID = process.env.AWS_ACCESS_KEY_ID!;
 const AWS_SECRET_ACCESS_KEY = process.env.AWS_SECRET_ACCESS_KEY!;
 // Copied from amazon bedrock docs
 // List models
 // ListFoundationModels
 // Service: Amazon Bedrock
 // List of Bedrock foundation models that you can use. For more information, see Foundation models in the
 // Bedrock User Guide.
 //   Request Syntax
 // GET /foundation-models?
 //   byCustomizationType=byCustomizationType&byInferenceType=byInferenceType&byOutputModality=byOutputModality&byProvider=byProvider
 //   HTTP/1.1
 // URI Request Parameters
 // The request uses the following URI parameters.
 // byCustomizationType (p. 38)
 // List by customization type.
 //   Valid Values: FINE_TUNING
 // byInferenceType (p. 38)
 // List by inference type.
 //   Valid Values: ON_DEMAND | PROVISIONED
 // byOutputModality (p. 38)
 // List by output modality type.
 //   Valid Values: TEXT | IMAGE | EMBEDDING
 // byProvider (p. 38)
 // A Bedrock model provider.
 //   Pattern: ^[a-z0-9-]{1,63}$
 // Request Body
 // The request does not have a request body
 // Run inference on a text model
 // Send an invoke request to run inference on a Titan Text G1 - Express model. We set the accept
 // parameter to accept any content type in the response.
 //   POST https://bedrock.us-east-1.amazonaws.com/model/amazon.titan-text-express-v1/invoke
 //   -H accept: */*
 // -H content-type: application/json
 // Payload
 // {"inputText": "Hello world"}
 // Example response
 // Response for the above request.
 // -H content-type: application/json
 // Payload
 // <the model response>
 const AMZ_REGION = "us-east-1";
 const AMZ_HOST = "invoke-bedrock.us-east-1.amazonaws.com";
 async function listModels() {
  const httpRequest = new HttpRequest({
    method: "GET",
    protocol: "https:",
    hostname: AMZ_HOST,
    path: "/foundation-models",
    headers: { ["Host"]: AMZ_HOST },
  });
  const signedRequest = await signRequest(httpRequest);
  const response = await axios.get(
    `https://${signedRequest.hostname}${signedRequest.path}`,
    { headers: signedRequest.headers }
  );
  console.log(response.data);
 }
 async function invokeModel() {
  const model = "anthropic.claude-v1";
  const httpRequest = new HttpRequest({
    method: "POST",
    protocol: "https:",
    hostname: AMZ_HOST,
    path: `/model/${model}/invoke`,
    headers: {
      ["Host"]: AMZ_HOST,
      ["accept"]: "*/*",
      ["content-type"]: "application/json",
    },
    body: JSON.stringify({
      temperature: 0.5,
      prompt: "\n\nHuman:Hello world\n\nAssistant:",
      max_tokens_to_sample: 10,
    }),
  });
  console.log("httpRequest", httpRequest);
  const signedRequest = await signRequest(httpRequest);
  const response = await axios.post(
    `https://${signedRequest.hostname}${signedRequest.path}`,
    signedRequest.body,
    { headers: signedRequest.headers }
  );
  console.log(response.status);
  console.log(response.headers);
  console.log(response.data);
  console.log("full url", response.request.res.responseUrl);
 }
 async function signRequest(request: HttpRequest) {
  const signer = new SignatureV4({
    sha256: Sha256,
    credentials: {
      accessKeyId: AWS_ACCESS_KEY_ID,
      secretAccessKey: AWS_SECRET_ACCESS_KEY,
    },
    region: AMZ_REGION,
    service: "bedrock",
  });
  return await signer.sign(request, { signingDate: new Date() });
 }
 // listModels();
 // invokeModel();
@@ -0,0 +1,45 @@
 const axios = require("axios");
 const concurrentRequests = 75;
 const headers = {
  Authorization: "Bearer test",
  "Content-Type": "application/json",
 };
 const payload = {
  model: "gpt-4",
  max_tokens: 1,
  stream: false,
  messages: [{ role: "user", content: "Hi" }],
 };
 const makeRequest = async (i) => {
  try {
    const response = await axios.post(
      "http://localhost:7860/proxy/google-ai/v1/chat/completions",
      payload,
      { headers }
    );
    console.log(
      `Req ${i} finished with status code ${response.status} and response:`,
      response.data
    );
  } catch (error) {
    const msg = error.response
    console.error(`Error in req ${i}:`, error.message, msg || "");
  }
 };
 const executeRequestsConcurrently = () => {
  const promises = [];
  for (let i = 1; i <= concurrentRequests; i++) {
    console.log(`Starting request ${i}`);
    promises.push(makeRequest(i));
  }
  Promise.all(promises).then(() => {
    console.log("All requests finished");
  });
 };
 executeRequestsConcurrently();
@@ -0,0 +1,53 @@
 const axios = require("axios");
 function randomInteger(max) {
  return Math.floor(Math.random() * max + 1);
 }
 async function testQueue() {
  const requests = Array(10).fill(undefined).map(async function() {
    const maxTokens = randomInteger(2000);
    const headers = {
      "Authorization": "Bearer test",
      "Content-Type": "application/json",
      "X-Forwarded-For": `${randomInteger(255)}.${randomInteger(255)}.${randomInteger(255)}.${randomInteger(255)}`,
    };
    const payload = {
      model: "gpt-4o-mini-2024-07-18",
      max_tokens: 20 + maxTokens,
      stream: false,
      messages: [{role: "user", content: "You are being benchmarked regarding your reliability at outputting exact, machine-comprehensible data. Output the sentence \"The quick brown fox jumps over the lazy dog.\" Do not precede it with quotemarks or any form of preamble, and do not output anything after the sentence."}],
      temperature: 0,
    };
    try {
      const response = await axios.post(
        "http://localhost:7860/proxy/openai/v1/chat/completions",
        payload,
        { headers }
      );
            if (response.status !== 200) {
          console.error(`Request {$maxTokens} finished with status code ${response.status} and response`, response.data);
          return;
        }
      const content = response.data.choices[0].message.content;
      console.log(
        `Request ${maxTokens} `,
        content === "The quick brown fox jumps over the lazy dog." ? "OK" : `mangled: ${content}`
      );
    } catch (error) {
      const msg = error.response;
      console.error(`Error in req ${maxTokens}:`, error.message, msg || "");
    }
  });
  await Promise.all(requests);
  console.log("All requests finished");
 }
 testQueue();
@@ -0,0 +1,49 @@
 import { Router } from "express";
 import { z } from "zod";
 import { encodeCursor, decodeCursor } from "../../shared/utils";
 import { eventsRepo } from "../../shared/database/repos/event";
 const router = Router();
 /**
 * Returns events for the given user token.
 * GET /admin/events/:token
 * @query first - The number of events to return.
 * @query after - The cursor to start returning events from (exclusive).
 */
 router.get("/:token", (req, res) => {
  const schema = z.object({
    token: z.string(),
    first: z.coerce.number().int().positive().max(200).default(25),
    after: z
      .string()
      .optional()
      .transform((v) => {
        try {
          return decodeCursor(v);
        } catch {
          return null;
        }
      })
      .nullable(),
    sort: z.string().optional(),
  });
  const args = schema.safeParse({ ...req.params, ...req.query });
  if (!args.success) {
    return res.status(400).json({ error: args.error });
  }
  const data = eventsRepo
    .getUserEvents(args.data.token, {
      limit: args.data.first,
      cursor: args.data.after,
    })
    .map((e) => ({ node: e, cursor: encodeCursor(e.date) }));
  res.json({
    data,
    endCursor: data[data.length - 1]?.cursor,
  });
 });
 export { router as eventsApiRouter };
@@ -1,7 +1,8 @@
 import { Router } from "express";
 import { z } from "zod";
-import * as userStore from "../../proxy/auth/user-store";
+import * as userStore from "../../shared/users/user-store";
-import { UserSchema, UserSchemaWithToken, parseSort, sortBy } from "../common";
+import { parseSort, sortBy } from "../../shared/utils";
 import { UserPartialSchema, UserSchema } from "../../shared/users/schema";
 const router = Router();
@@ -29,11 +30,32 @@ router.get("/:token", (req, res) => {
 /**
 * Creates a new user.
 * Optionally accepts a JSON body containing `type`, and for temporary-type
 * users, `tokenLimits` and `expiresAt` fields.
 * Returns the created user's token.
 * POST /admin/users
 */
 router.post("/", (req, res) => {
-  const token = userStore.createUser();
+  const body = req.body;
  const base = z.object({
    type: UserSchema.shape.type.exclude(["temporary"]).default("normal"),
  });
  const tempUser = base
    .extend({
      type: z.literal("temporary"),
      expiresAt: UserSchema.shape.expiresAt,
      tokenLimits: UserSchema.shape.tokenLimits,
    })
    .required();
  const schema = z.union([base, tempUser]);
  const result = schema.safeParse(body);
  if (!result.success) {
    return res.status(400).json({ error: result.error });
  }
  const token = userStore.createUser({ ...result.data });
  res.json({ token });
 });
@@ -44,11 +66,14 @@ router.post("/", (req, res) => {
 * PUT /admin/users/:token
 */
 router.put("/:token", (req, res) => {
-  const result = UserSchema.safeParse(req.body);
+  const result = UserPartialSchema.safeParse({
    ...req.body,
    token: req.params.token,
  });
  if (!result.success) {
    return res.status(400).json({ error: result.error });
  }
-  userStore.upsertUser({ ...result.data, token: req.params.token });
+  userStore.upsertUser(result.data);
  res.json(userStore.getUser(req.params.token));
 });
@@ -59,15 +84,12 @@ router.put("/:token", (req, res) => {
 * PUT /admin/users
 */
 router.put("/", (req, res) => {
-  const result = z.array(UserSchemaWithToken).safeParse(req.body.users);
+  const result = z.array(UserPartialSchema).safeParse(req.body.users);
  if (!result.success) {
    return res.status(400).json({ error: result.error });
  }
  const upserts = result.data.map((user) => userStore.upsertUser(user));
-  res.json({
+  res.json({ upserted_users: upserts, count: upserts.length });
    upserted_users: upserts,
    count: upserts.length,
  });
 });
 /**
@@ -10,14 +10,10 @@ export const authorize: ({ via }: AuthorizeParams) => RequestHandler =
  ({ via }) =>
  (req, res, next) => {
    const bearerToken = req.headers.authorization?.slice("Bearer ".length);
-    const cookieToken = req.cookies["admin-token"];
+    const cookieToken = req.session.adminToken;
    const token = via === "cookie" ? cookieToken : bearerToken;
    const attempts = failedAttempts.get(req.ip) ?? 0;
    if (!token) {
      return res.status(401).json({ error: "Unauthorized" });
    }
    if (!ADMIN_KEY) {
      req.log.warn(
        { ip: req.ip },
@@ -34,16 +30,15 @@ export const authorize: ({ via }: AuthorizeParams) => RequestHandler =
      return res.status(401).json({ error: "Too many attempts" });
    }
-    if (token !== ADMIN_KEY) {
+    if (token && token === ADMIN_KEY) {
-      req.log.warn(
+      return next();
        { ip: req.ip, attempts, token },
        `Attempted admin request with invalid token`
      );
      return handleFailedLogin(req, res);
    }
-    req.log.info({ ip: req.ip }, `Admin request authorized`);
+    req.log.warn(
-    next();
+      { ip: req.ip, attempts, invalidToken: String(token) },
      `Attempted admin request with invalid token`
    );
    return handleFailedLogin(req, res);
  };
 function handleFailedLogin(req: Request, res: Response) {
@@ -53,6 +48,7 @@ function handleFailedLogin(req: Request, res: Response) {
  if (req.accepts("json", "html") === "json") {
    return res.status(401).json({ error: "Unauthorized" });
  }
-  res.clearCookie("admin-token");
+  delete req.session.adminToken;
-  return res.redirect("/admin/login?failed=true");
+  req.session.flash = { type: "error", message: `Invalid admin key.` };
  return res.redirect("/admin/login");
 }
@@ -1,58 +0,0 @@
 import { z } from "zod";
 import { Query } from "express-serve-static-core";
 export function parseSort(sort: Query["sort"]) {
  if (!sort) return null;
  if (typeof sort === "string") return sort.split(",");
  if (Array.isArray(sort)) return sort.splice(3) as string[];
  return null;
 }
 export function sortBy(fields: string[], asc = true) {
  return (a: any, b: any) => {
    for (const field of fields) {
      if (a[field] !== b[field]) {
        // always sort nulls to the end
        if (a[field] == null) return 1;
        if (b[field] == null) return -1;
        const valA = Array.isArray(a[field]) ? a[field].length : a[field];
        const valB = Array.isArray(b[field]) ? b[field].length : b[field];
        const result = valA < valB ? -1 : 1;
        return asc ? result : -result;
      }
    }
    return 0;
  };
 }
 export function paginate(set: unknown[], page: number, pageSize: number = 20) {
  const p = Math.max(1, Math.min(page, Math.ceil(set.length / pageSize)));
  return {
    page: p,
    items: set.slice((p - 1) * pageSize, p * pageSize),
    pageSize,
    pageCount: Math.ceil(set.length / pageSize),
    totalCount: set.length,
    nextPage: p * pageSize < set.length ? p + 1 : null,
    prevPage: p > 1 ? p - 1 : null,
  };
 }
 export const UserSchema = z
  .object({
    ip: z.array(z.string()).optional(),
    type: z.enum(["normal", "special"]).optional(),
    promptCount: z.number().optional(),
    tokenCount: z.number().optional(),
    createdAt: z.number().optional(),
    lastUsedAt: z.number().optional(),
    disabledAt: z.number().optional(),
    disabledReason: z.string().optional(),
  })
  .strict();
 export const UserSchemaWithToken = UserSchema.extend({
  token: z.string(),
 }).strict();
@@ -1,24 +0,0 @@
 import { doubleCsrf } from "csrf-csrf";
 import { v4 as uuid } from "uuid";
 import express from "express";
 const CSRF_SECRET = uuid();
 const { generateToken, doubleCsrfProtection } = doubleCsrf({
  getSecret: () => CSRF_SECRET,
  cookieName: "csrf",
  cookieOptions: { sameSite: "strict", path: "/" },
  getTokenFromRequest: (req) => req.body["_csrf"] || req.query["_csrf"],
 });
 const injectCsrfToken: express.RequestHandler = (req, res, next) => {
  res.locals.csrfToken = generateToken(res, req);
  // force generation of new token on back button
  // TODO: implement session-based CSRF tokens
  res.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
  res.setHeader("Pragma", "no-cache");
  res.setHeader("Expires", "0");
  next();
 };
 export { injectCsrfToken, doubleCsrfProtection as checkCsrfToken };
@@ -2,25 +2,22 @@ import { Router } from "express";
 const loginRouter = Router();
-loginRouter.get("/login", (req, res) => {
+loginRouter.get("/login", (_req, res) => {
-  res.render("admin/login", { failed: req.query.failed });
+  res.render("admin_login");
 });
 loginRouter.post("/login", (req, res) => {
-  res.cookie("admin-token", req.body.token, {
+  req.session.adminToken = req.body.token;
    maxAge: 1000 * 60 * 60 * 24 * 14,
    httpOnly: true,
  });
  res.redirect("/admin");
 });
 loginRouter.get("/logout", (req, res) => {
-  res.clearCookie("admin-token");
+  delete req.session.adminToken;
  res.redirect("/admin/login");
 });
 loginRouter.get("/", (req, res) => {
-  if (req.cookies["admin-token"]) {
+  if (req.session.adminToken) {
    return res.redirect("/admin/manage");
  }
  res.redirect("/admin/login");
@@ -1,24 +1,114 @@
 import express, { Router } from "express";
-import cookieParser from "cookie-parser";
+import { createWhitelistMiddleware } from "../shared/cidr";
 import { HttpError } from "../shared/errors";
 import { injectCsrfToken, checkCsrfToken } from "../shared/inject-csrf";
 import { injectLocals } from "../shared/inject-locals";
 import { withSession } from "../shared/with-session";
 import { config } from "../config";
 import { renderPage } from "../info-page";
 import { buildInfo } from "../service-info";
 import { authorize } from "./auth";
 import { injectCsrfToken, checkCsrfToken } from "./csrf";
 import { usersApiRouter as apiRouter } from "./api/users";
 import { usersUiRouter as uiRouter } from "./ui/users";
 import { loginRouter } from "./login";
 import { eventsApiRouter } from "./api/events";
 import { usersApiRouter } from "./api/users";
 import { usersWebRouter as webRouter } from "./web/manage";
 import { logger } from "../logger";
 import { keyPool } from "../shared/key-management";
 const adminRouter = Router();
 const whitelist = createWhitelistMiddleware(
  "ADMIN_WHITELIST",
  config.adminWhitelist
 );
 if (!whitelist.ranges.length && config.adminKey?.length) {
  logger.error("ADMIN_WHITELIST is empty. No admin requests will be allowed. Set 0.0.0.0/0 to allow all.");
 }
 adminRouter.use(whitelist);
 adminRouter.use(
  express.json({ limit: "20mb" }),
  express.urlencoded({ extended: true, limit: "20mb" })
 );
-adminRouter.use(cookieParser());
+adminRouter.use(withSession);
 adminRouter.use(injectCsrfToken);
-adminRouter.use("/users", authorize({ via: "header" }), apiRouter);
+adminRouter.use("/users", authorize({ via: "header" }), usersApiRouter);
 adminRouter.use("/events", authorize({ via: "header" }), eventsApiRouter);
-adminRouter.use(checkCsrfToken); // All UI routes require CSRF token
+// Special endpoint to validate organization verification status for all OpenAI keys
 // This checks both gpt-image-1 and o3 streaming access which require verified organizations
 adminRouter.post("/validate-gpt-image-keys", authorize({ via: "header" }), async (req, res) => {
  try {
    logger.info("Manual validation of organization verification status initiated");
    // Use the specialized validation function that tests each key's organization verification
    // status using o3 streaming and waits for the results
    const results = await keyPool.validateGptImageAccess();
    logger.info({
      total: results.total,
      verified: results.verified.length,
      removed: results.removed.length,
      errors: results.errors.length
    }, "Manual organization verification check completed");
    return res.json({
      success: true,
      message: "Organization verification check completed",
      results: {
        total: results.total,
        verified: results.verified.length,
        removed: results.removed.length,
        errors: results.errors.length,
        // Only include hashes, not full keys
        verified_keys: results.verified,
        removed_keys: results.removed,
        error_details: results.errors
      }
    });
  } catch (error) {
    logger.error({ error }, "Error validating organization verification status for OpenAI keys");
    return res.status(500).json({ error: "Failed to validate keys", details: error.message });
  }
 });
 adminRouter.use(checkCsrfToken);
 adminRouter.use(injectLocals);
 adminRouter.use("/", loginRouter);
-adminRouter.use("/manage", authorize({ via: "cookie" }), uiRouter);
+adminRouter.use("/manage", authorize({ via: "cookie" }), webRouter);
 adminRouter.use("/service-info", authorize({ via: "cookie" }), (req, res) => {
  return res.send(
    renderPage(buildInfo(req.protocol + "://" + req.get("host"), true))
  );
 });
 adminRouter.use(
  (
    err: Error,
    req: express.Request,
    res: express.Response,
    _next: express.NextFunction
  ) => {
    const data: any = { message: err.message, stack: err.stack };
    if (err instanceof HttpError) {
      data.status = err.status;
      res.status(err.status);
      if (req.accepts(["html", "json"]) === "json") {
        return res.json({ error: data });
      }
      return res.render("admin_error", data);
    } else if (err.name === "ForbiddenError") {
      data.status = 403;
      if (err.message === "invalid csrf token") {
        data.message =
          "Invalid CSRF token; try refreshing the previous page before submitting again.";
      }
      return res.status(403).render("admin_error", { ...data, flash: null });
    }
    res.status(500).json({ error: data });
  }
 );
 export { adminRouter };
@@ -1,135 +0,0 @@
 import { Router } from "express";
 import multer from "multer";
 import { z } from "zod";
 import { config } from "../../config";
 import * as userStore from "../../proxy/auth/user-store";
 import {
  UserSchemaWithToken,
  parseSort,
  sortBy,
  paginate,
  UserSchema,
 } from "../common";
 const router = Router();
 const upload = multer({
  storage: multer.memoryStorage(),
  fileFilter: (_req, file, cb) => {
    if (file.mimetype !== "application/json") {
      cb(new Error("Invalid file type"));
    } else {
      cb(null, true);
    }
  },
 });
 router.get("/create-user", (req, res) => {
  const recentUsers = userStore
    .getUsers()
    .sort(sortBy(["createdAt"], false))
    .slice(0, 5);
  res.render("admin/create-user", {
    recentUsers,
    newToken: !!req.query.created,
  });
 });
 router.post("/create-user", (_req, res) => {
  userStore.createUser();
  return res.redirect(`/admin/manage/create-user?created=true`);
 });
 router.get("/view-user/:token", (req, res) => {
  const user = userStore.getUser(req.params.token);
  if (!user) {
    return res.status(404).send("User not found");
  }
  res.render("admin/view-user", { user });
 });
 router.get("/list-users", (req, res) => {
  const sort = parseSort(req.query.sort) || ["promptCount", "lastUsedAt"];
  const requestedPageSize =
    Number(req.query.perPage) || Number(req.cookies.perPage) || 20;
  const perPage = Math.max(1, Math.min(1000, requestedPageSize));
  const users = userStore.getUsers().sort(sortBy(sort, false));
  const page = Number(req.query.page) || 1;
  const { items, ...pagination } = paginate(users, page, perPage);
  return res.render("admin/list-users", {
    sort: sort.join(","),
    users: items,
    ...pagination,
  });
 });
 router.get("/import-users", (req, res) => {
  const imported = Number(req.query.imported) || 0;
  res.render("admin/import-users", { imported });
 });
 router.post("/import-users", upload.single("users"), (req, res) => {
  if (!req.file) {
    return res.status(400).json({ error: "No file uploaded" });
  }
  const data = JSON.parse(req.file.buffer.toString());
  const result = z.array(UserSchemaWithToken).safeParse(data.users);
  if (!result.success) {
    return res.status(400).json({ error: result.error });
  }
  const upserts = result.data.map((user) => userStore.upsertUser(user));
  res.redirect(`/admin/manage/import-users?imported=${upserts.length}`);
 });
 router.get("/export-users", (_req, res) => {
  res.render("admin/export-users");
 });
 router.get("/export-users.json", (_req, res) => {
  const users = userStore.getUsers();
  res.setHeader("Content-Disposition", "attachment; filename=users.json");
  res.setHeader("Content-Type", "application/json");
  res.send(JSON.stringify({ users }, null, 2));
 });
 router.get("/", (_req, res) => {
  res.render("admin/index", {
    isPersistenceEnabled: config.gatekeeperStore !== "memory",
  });
 });
 router.post("/edit-user/:token", (req, res) => {
  const result = UserSchema.safeParse(req.body);
  if (!result.success) {
    return res.status(400).send(result.error);
  }
  userStore.upsertUser({ ...result.data, token: req.params.token });
  return res.sendStatus(204);
 });
 router.post("/reactivate-user/:token", (req, res) => {
  const user = userStore.getUser(req.params.token);
  if (!user) {
    return res.status(404).send("User not found");
  }
  userStore.upsertUser({
    token: user.token,
    disabledAt: 0,
    disabledReason: "",
  });
  return res.sendStatus(204);
 });
 router.post("/disable-user/:token", (req, res) => {
  const user = userStore.getUser(req.params.token);
  if (!user) {
    return res.status(404).send("User not found");
  }
  userStore.disableUser(req.params.token, req.body.reason);
  return res.sendStatus(204);
 }); 
 export { router as usersUiRouter };
@@ -0,0 +1,632 @@
 import { Router } from "express";
 import ipaddr from "ipaddr.js";
 import multer from "multer";
 import { z } from "zod";
 import { config } from "../../config";
 import { HttpError } from "../../shared/errors";
 import * as userStore from "../../shared/users/user-store";
 import { parseSort, sortBy, paginate } from "../../shared/utils";
 import { keyPool } from "../../shared/key-management";
 import { LLMService, MODEL_FAMILIES } from "../../shared/models";
 import { getTokenCostUsd, prettyTokens } from "../../shared/stats";
 import {
  User,
  UserPartialSchema,
  UserSchema,
  UserTokenCounts,
 } from "../../shared/users/schema";
 import { getLastNImages } from "../../shared/file-storage/image-history";
 import { blacklists, parseCidrs, whitelists } from "../../shared/cidr";
 import { invalidatePowChallenges } from "../../user/web/pow-captcha";
 const router = Router();
 const upload = multer({
  storage: multer.memoryStorage(),
  fileFilter: (_req, file, cb) => {
    if (file.mimetype !== "application/json") {
      cb(new Error("Invalid file type"));
    } else {
      cb(null, true);
    }
  },
 });
 router.get("/create-user", (req, res) => {
  const recentUsers = userStore
    .getUsers()
    .sort(sortBy(["createdAt"], false))
    .slice(0, 5);
  res.render("admin_create-user", {
    recentUsers,
    newToken: !!req.query.created,
  });
 });
 router.get("/anti-abuse", (_req, res) => {
  const wl = [...whitelists.entries()];
  const bl = [...blacklists.entries()];
  res.render("admin_anti-abuse", {
    captchaMode: config.captchaMode,
    difficulty: config.powDifficultyLevel,
    whitelists: wl.map((w) => ({
      name: w[0],
      mode: "whitelist",
      ranges: w[1].ranges,
    })),
    blacklists: bl.map((b) => ({
      name: b[0],
      mode: "blacklist",
      ranges: b[1].ranges,
    })),
  });
 });
 router.post("/cidr", (req, res) => {
  const body = req.body;
  const valid = z
    .object({
      action: z.enum(["add", "remove"]),
      mode: z.enum(["whitelist", "blacklist"]),
      name: z.string().min(1),
      mask: z.string().min(1),
    })
    .safeParse(body);
  if (!valid.success) {
    throw new HttpError(
      400,
      valid.error.issues.flatMap((issue) => issue.message).join(", ")
    );
  }
  const { mode, name, mask } = valid.data;
  const list = (mode === "whitelist" ? whitelists : blacklists).get(name);
  if (!list) {
    throw new HttpError(404, "List not found");
  }
  if (valid.data.action === "remove") {
    const newRanges = new Set(list.ranges);
    newRanges.delete(mask);
    list.updateRanges([...newRanges]);
    req.session.flash = {
      type: "success",
      message: `${mode} ${name} updated`,
    };
    return res.redirect("/admin/manage/anti-abuse");
  } else if (valid.data.action === "add") {
    const result = parseCidrs(mask);
    if (result.length === 0) {
      throw new HttpError(400, "Invalid CIDR mask");
    }
    const newRanges = new Set([...list.ranges, mask]);
    list.updateRanges([...newRanges]);
    req.session.flash = {
      type: "success",
      message: `${mode} ${name} updated`,
    };
    return res.redirect("/admin/manage/anti-abuse");
  }
 });
 router.post("/create-user", (req, res) => {
  const body = req.body;
  const base = z.object({ type: UserSchema.shape.type.default("normal") });
  const tempUser = base
    .extend({
      temporaryUserDuration: z.coerce
        .number()
        .int()
        .min(1)
        .max(10080 * 4),
    })
    .merge(
      MODEL_FAMILIES.reduce((schema, model) => {
        return schema.extend({
          [`temporaryUserQuota_${model}`]: z.coerce.number().int().min(0),
        });
      }, z.object({}))
    )
    .transform((data: any) => {
      const expiresAt = Date.now() + data.temporaryUserDuration * 60 * 1000;
      const tokenLimits = MODEL_FAMILIES.reduce((limits, modelFamily) => {
        const quotaValue = data[`temporaryUserQuota_${modelFamily}`];
        limits[modelFamily] = typeof quotaValue === 'number' ? quotaValue : 0;
        return limits;
      }, {} as any);
      return { ...data, expiresAt, tokenLimits };
    });
  const createSchema = body.type === "temporary" ? tempUser : base;
  const result = createSchema.safeParse(body);
  if (!result.success) {
    throw new HttpError(
      400,
      result.error.issues.flatMap((issue) => issue.message).join(", ")
    );
  }
  userStore.createUser({ ...result.data });
  return res.redirect(`/admin/manage/create-user?created=true`);
 });
 router.get("/view-user/:token", (req, res) => {
  const user = userStore.getUser(req.params.token);
  if (!user) throw new HttpError(404, "User not found");
  res.render("admin_view-user", { user });
 });
 router.get("/list-users", (req, res) => {
  const sort = parseSort(req.query.sort) || ["sumTokens", "createdAt"];
  const requestedPageSize =
    Number(req.query.perPage) || Number(req.cookies.perPage) || 20;
  const perPage = Math.max(1, Math.min(1000, requestedPageSize));
  const users = userStore
    .getUsers()
    .map((user) => {
      const sums = getSumsForUser(user);
      return { ...user, ...sums };
    })
    .sort(sortBy(sort, false));
  const page = Number(req.query.page) || 1;
  const { items, ...pagination } = paginate(users, page, perPage);
  return res.render("admin_list-users", {
    sort: sort.join(","),
    users: items,
    ...pagination,
  });
 });
 router.get("/import-users", (_req, res) => {
  res.render("admin_import-users");
 });
 router.post("/import-users", upload.single("users"), (req, res) => {
  if (!req.file) throw new HttpError(400, "No file uploaded");
  const data = JSON.parse(req.file.buffer.toString());
  // Transform old token count format to new format
  const transformedUsers = data.users.map((user: any) => {
    if (user.tokenCounts) {
      const transformedTokenCounts: any = {};
      for (const [family, value] of Object.entries(user.tokenCounts)) {
        if (typeof value === 'number') {
          // Old format: just a number (legacy_total)
          transformedTokenCounts[family] = {
            input: 0,
            output: 0,
            legacy_total: value
          };
        } else if (typeof value === 'object' && value !== null) {
          // New format or partially new format
          const transformedCounts: { input: number; output: number; legacy_total?: number } = {
            input: (value as any).input || 0,
            output: (value as any).output || 0
          };
          if ((value as any).legacy_total !== undefined) {
            transformedCounts.legacy_total = (value as any).legacy_total;
          }
          transformedTokenCounts[family] = transformedCounts;
        }
      }
      user.tokenCounts = transformedTokenCounts;
    }
    // Handle tokenLimits - should be flat numbers
    if (user.tokenLimits) {
      const transformedTokenLimits: any = {};
      for (const [family, value] of Object.entries(user.tokenLimits)) {
        if (typeof value === 'number') {
          // Already in correct format
          transformedTokenLimits[family] = value;
        } else if (typeof value === 'object' && value !== null) {
          // Old format with input/output/legacy_total - sum them up
          const val = value as any;
          transformedTokenLimits[family] = (val.input ?? 0) + (val.output ?? 0) + (val.legacy_total ?? 0);
        }
      }
      user.tokenLimits = transformedTokenLimits;
    }
    // Handle tokenRefresh - should be flat numbers
    if (user.tokenRefresh) {
      const transformedTokenRefresh: any = {};
      for (const [family, value] of Object.entries(user.tokenRefresh)) {
        if (typeof value === 'number') {
          // Already in correct format
          transformedTokenRefresh[family] = value;
        } else if (typeof value === 'object' && value !== null) {
          // Old format with input/output/legacy_total - sum them up
          const val = value as any;
          transformedTokenRefresh[family] = (val.input ?? 0) + (val.output ?? 0) + (val.legacy_total ?? 0);
        }
      }
      user.tokenRefresh = transformedTokenRefresh;
    }
    return user;
  });
  const result = z.array(UserPartialSchema).safeParse(transformedUsers);
  if (!result.success) throw new HttpError(400, result.error.toString());
  const upserts = result.data.map((user) => userStore.upsertUser(user));
  req.session.flash = {
    type: "success",
    message: `${upserts.length} users imported`,
  };
  res.redirect("/admin/manage/import-users");
 });
 router.get("/export-users", (_req, res) => {
  res.render("admin_export-users");
 });
 router.get("/export-users.json", (_req, res) => {
  const users = userStore.getUsers();
  res.setHeader("Content-Disposition", "attachment; filename=users.json");
  res.setHeader("Content-Type", "application/json");
  res.send(JSON.stringify({ users }, null, 2));
 });
 router.get("/", (_req, res) => {
  res.render("admin_index");
 });
 router.post("/edit-user/:token", (req, res) => {
  const result = UserPartialSchema.safeParse({
    ...req.body,
    token: req.params.token,
  });
  if (!result.success) {
    throw new HttpError(
      400,
      result.error.issues.flatMap((issue) => issue.message).join(", ")
    );
  }
  userStore.upsertUser(result.data);
  return res.status(200).json({ success: true });
 });
 router.post("/reactivate-user/:token", (req, res) => {
  const user = userStore.getUser(req.params.token);
  if (!user) throw new HttpError(404, "User not found");
  userStore.upsertUser({
    token: user.token,
    disabledAt: null,
    disabledReason: null,
  });
  return res.sendStatus(204);
 });
 router.post("/disable-user/:token", (req, res) => {
  const user = userStore.getUser(req.params.token);
  if (!user) throw new HttpError(404, "User not found");
  userStore.disableUser(req.params.token, req.body.reason);
  return res.sendStatus(204);
 });
 router.post("/refresh-user-quota", (req, res) => {
  const user = userStore.getUser(req.body.token);
  if (!user) throw new HttpError(404, "User not found");
  userStore.refreshQuota(user.token);
  req.session.flash = {
    type: "success",
    message: "User's quota was refreshed",
  };
  return res.redirect(`/admin/manage/view-user/${user.token}`);
 });
 router.post("/maintenance", (req, res) => {
  const action = req.body.action;
  let flash = { type: "", message: "" };
  switch (action) {
    case "recheck": {
      const checkable: LLMService[] = [
        "openai",
        "anthropic",
        "aws",
        "gcp",
        "azure",
        "google-ai"
      ];
      checkable.forEach((s) => keyPool.recheck(s));
      const keyCount = keyPool
        .list()
        .filter((k) => checkable.includes(k.service)).length;
      flash.type = "success";
      flash.message = `Scheduled recheck of ${keyCount} keys.`;
      break;
    }
    case "resetQuotas": {
      const users = userStore.getUsers();
      users.forEach((user) => userStore.refreshQuota(user.token));
      const { claude, gpt4, turbo } = config.tokenQuota;
      flash.type = "success";
      flash.message = `All users' token quotas reset to ${turbo} (Turbo), ${gpt4} (GPT-4), ${claude} (Claude).`;
      break;
    }
    case "resetCounts": {
      const users = userStore.getUsers();
      users.forEach((user) => userStore.resetUsage(user.token));
      flash.type = "success";
      flash.message = `All users' token usage records reset.`;
      break;
    }
    case "downloadImageMetadata": {
      const data = JSON.stringify(
        {
          exportedAt: new Date().toISOString(),
          generations: getLastNImages(),
        },
        null,
        2
      );
      res.setHeader(
        "Content-Disposition",
        `attachment; filename=image-metadata-${new Date().toISOString()}.json`
      );
      res.setHeader("Content-Type", "application/json");
      return res.send(data);
    }
    case "expireTempTokens": {
      const users = userStore.getUsers();
      const temps = users.filter((u) => u.type === "temporary");
      temps.forEach((user) => {
        user.expiresAt = Date.now();
        user.disabledReason = "Admin forced expiration.";
        userStore.upsertUser(user);
      });
      invalidatePowChallenges();
      flash.type = "success";
      flash.message = `${temps.length} temporary users marked for expiration.`;
      break;
    }
    case "cleanTempTokens": {
      const users = userStore.getUsers();
      const disabledTempUsers = users.filter(
        (u) => u.type === "temporary" && u.expiresAt && u.expiresAt < Date.now()
      );
      disabledTempUsers.forEach((user) => {
        user.disabledAt = 1; //will be cleaned up by the next cron job
        userStore.upsertUser(user);
      });
      flash.type = "success";
      flash.message = `${disabledTempUsers.length} disabled temporary users marked for cleanup.`;
      break;
    }
    case "setDifficulty": {
      const selected = req.body["pow-difficulty"];
      const valid = ["low", "medium", "high", "extreme"];
      const isNumber = Number.isInteger(Number(selected));
      if (!selected || !valid.includes(selected) && !isNumber) {
        throw new HttpError(400, "Invalid difficulty " + selected);
      }
      config.powDifficultyLevel = isNumber ? Number(selected) : selected;
      invalidatePowChallenges();
      break;
    }
    case "generateTempIpReport": {
      const tempUsers = userStore
        .getUsers()
        .filter((u) => u.type === "temporary");
      const ipv4RangeMap = new Map<string, Set<string>>();
      const ipv6RangeMap = new Map<string, Set<string>>();
      tempUsers.forEach((u) => {
        u.ip.forEach((ip) => {
          try {
            const parsed = ipaddr.parse(ip);
            if (parsed.kind() === "ipv4") {
              const subnet =
                parsed.toNormalizedString().split(".").slice(0, 3).join(".") +
                ".0/24";
              const userSet = ipv4RangeMap.get(subnet) || new Set();
              userSet.add(u.token);
              ipv4RangeMap.set(subnet, userSet);
            } else if (parsed.kind() === "ipv6") {
              const subnet =
                parsed.toNormalizedString().split(":").slice(0, 4).join(":") +
                "::/48";
              const userSet = ipv6RangeMap.get(subnet) || new Set();
              userSet.add(u.token);
              ipv6RangeMap.set(subnet, userSet);
            }
          } catch (e) {
            req.log.warn(
              { ip, error: e.message },
              "Invalid IP address; skipping"
            );
          }
        });
      });
      const ipv4Ranges = Array.from(ipv4RangeMap.entries())
        .map(([subnet, userSet]) => ({
          subnet,
          distinctTokens: userSet.size,
        }))
        .sort((a, b) => b.distinctTokens - a.distinctTokens);
      const ipv6Ranges = Array.from(ipv6RangeMap.entries())
        .map(([subnet, userSet]) => ({
          subnet,
          distinctTokens: userSet.size,
        }))
        .sort((a, b) => {
          if (a.distinctTokens === b.distinctTokens) {
            return a.subnet.localeCompare(b.subnet);
          }
          return b.distinctTokens - a.distinctTokens;
        });
      const data = JSON.stringify(
        {
          exportedAt: new Date().toISOString(),
          ipv4Ranges,
          ipv6Ranges,
        },
        null,
        2
      );
      res.setHeader(
        "Content-Disposition",
        `attachment; filename=temp-ip-report-${new Date().toISOString()}.json`
      );
      res.setHeader("Content-Type", "application/json");
      return res.send(data);
    }
    default: {
      throw new HttpError(400, "Invalid action");
    }
  }
  req.session.flash = flash;
  const referer = req.get("referer");
  return res.redirect(referer || "/admin/manage");
 });
 router.get("/download-stats", (_req, res) => {
  return res.render("admin_download-stats");
 });
 router.post("/generate-stats", (req, res) => {
  const body = req.body;
  const valid = z
    .object({
      anon: z.coerce.boolean().optional().default(false),
      sort: z.string().optional().default("prompts"),
      maxUsers: z.coerce
        .number()
        .int()
        .min(5)
        .max(1000)
        .optional()
        .default(1000),
      tableType: z.enum(["code", "markdown"]).optional().default("markdown"),
      format: z
        .string()
        .optional()
        .default("# Stats\n{{header}}\n{{stats}}\n{{time}}"),
    })
    .strict()
    .safeParse(body);
  if (!valid.success) {
    throw new HttpError(
      400,
      valid.error.issues.flatMap((issue) => issue.message).join(", ")
    );
  }
  const { anon, sort, format, maxUsers, tableType } = valid.data;
  const users = userStore.getUsers();
  let totalTokens = 0;
  let totalCost = 0;
  let totalPrompts = 0;
  let totalIps = 0;
  const lines = users
    .map((u) => {
      const sums = getSumsForUser(u);
      totalTokens += sums.sumTokens;
      totalCost += sums.sumCost;
      totalPrompts += u.promptCount;
      totalIps += u.ip.length;
      const getName = (u: User) => {
        const id = `...${u.token.slice(-5)}`;
        const banned = !!u.disabledAt;
        let nick = anon || !u.nickname ? "Anonymous" : u.nickname;
        if (tableType === "markdown") {
          nick = banned ? `~~${nick}~~` : nick;
          return `${nick.slice(0, 18)} | ${id}`;
        } else {
          // Strikethrough doesn't work within code blocks
          const dead = !!u.disabledAt ? "[dead] " : "";
          nick = `${dead}${nick}`;
          return `${nick.slice(0, 18).padEnd(18)} ${id}`.padEnd(27);
        }
      };
      const user = getName(u);
      const prompts = `${u.promptCount} proompts`.padEnd(14);
      const ips = `${u.ip.length} IPs`.padEnd(8);
      const tokens = `${sums.prettyUsage} tokens`.padEnd(30);
      const sortField = sort === "prompts" ? u.promptCount : sums.sumTokens;
      return { user, prompts, ips, tokens, sortField };
    })
    .sort((a, b) => b.sortField - a.sortField)
    .map(({ user, prompts, ips, tokens }, i) => {
      const pos = tableType === "markdown" ? (i + 1 + ".").padEnd(4) : "";
      return `${pos}${user} | ${prompts} | ${ips} | ${tokens}`;
    })
    .slice(0, maxUsers);
  const strTotalPrompts = `${totalPrompts} proompts`;
  const strTotalIps = `${totalIps} IPs`;
  const strTotalTokens = `${prettyTokens(totalTokens)} tokens`;
  const strTotalCost = `US$${totalCost.toFixed(2)} cost`;
  const header = `!!!Note ${users.length} users | ${strTotalPrompts} | ${strTotalIps} | ${strTotalTokens} | ${strTotalCost}`;
  const time = `\n-> *(as of ${new Date().toISOString()})* <-`;
  let table = [];
  table.push(lines.join("\n"));
  if (valid.data.tableType === "markdown") {
    table = ["User||Prompts|IPs|Usage", "---|---|---|---|---", ...table];
  } else {
    table = ["```text", ...table, "```"];
  }
  const result = format
    .replace("{{header}}", header)
    .replace("{{stats}}", table.join("\n"))
    .replace("{{time}}", time);
  res.setHeader(
    "Content-Disposition",
    `attachment; filename=proxy-stats-${new Date().toISOString()}.md`
  );
  res.setHeader("Content-Type", "text/markdown");
  res.send(result);
 });
 function getSumsForUser(user: User) {
  const sums = MODEL_FAMILIES.reduce(
    (s, model) => {
      const counts = user.tokenCounts[model] ?? { input: 0, output: 0 };
      // Ensure inputTokens and outputTokens are numbers, defaulting to 0 if NaN or undefined
      const inputTokens = Number(counts.input) || 0;
      const outputTokens = Number(counts.output) || 0;
      // We could also consider legacy_total here if input and output are 0
      // For now, sumTokens and sumCost will be based on current input/output.
      s.sumTokens += inputTokens + outputTokens;
      s.sumCost += getTokenCostUsd(model, inputTokens, outputTokens);
      return s;
    },
    { sumTokens: 0, sumCost: 0, prettyUsage: "" }
  );
  sums.prettyUsage = `${prettyTokens(sums.sumTokens)} ($${sums.sumCost.toFixed(
    2
  )})`;
  return sums;
 }
 export { router as usersWebRouter };
@@ -0,0 +1,160 @@
 <%- include("partials/shared_header", { title: "Proof of Work Verification Settings - OAI Reverse Proxy Admin" }) %>
 <style>
  details {
    margin-top: 1em;
  }
  details summary {
    font-weight: bold;
    cursor: pointer;
  }
  details p {
    margin-left: 1em;
  }
  #token-manage {
    display: flex;
    width: 100%;
  }
  #token-manage button {
    flex-grow: 1;
    margin: 0 0.5em;
  }
 </style>
 <h1>Abuse Mitigation Settings</h1>
 <div>
  <h2>Proof-of-Work Verification</h2>
  <p>
    The Proof-of-Work difficulty level is used to determine how much work a client must perform to earn a temporary user
    token. Higher difficulty levels require more work, which can help mitigate abuse by making it more expensive for
    attackers to generate tokens. However, higher difficulty levels can also make it more difficult for legitimate users
    to generate tokens. Refer to documentation for guidance.
  </p>
  <%if (captchaMode === "none") { %>
  <p>
    <strong>PoW verification is not enabled. Set <code>CAPTCHA_MODE=proof_of_work</code> to enable.</strong>
  </p>
  <% } else { %>
  <h3>Difficulty Level</h3>
  <div>
    <label for="difficulty">Difficulty Level:</label>
    <select name="difficulty" id="difficulty" onchange="difficultyChanged(event)">
      <option value="low">Low</option>
      <option value="medium">Medium</option>
      <option value="high">High</option>
      <option value="extreme">Extreme</option>
      <option value="custom">Custom</option>
    </select>
    <div id="custom-difficulty-container" style="display: none">
      <label for="customDifficulty">Hashes required (average):</label>
      <input type="number" id="customDifficulty" value="0" min="1" max="1000000000" />
    </div>
    <button onclick='doAction("setDifficulty")'>Update Difficulty</button>
  </div>
  <div><span id="currentDifficulty">Current Difficulty: <%= difficulty %></span></div>
  <% } %>
  <form id="maintenanceForm" action="/admin/manage/maintenance" method="post">
    <input id="_csrf" type="hidden" name="_csrf" value="<%= csrfToken %>" />
    <input id="hiddenAction" type="hidden" name="action" value="" />
    <input id="hiddenDifficulty" type="hidden" name="pow-difficulty" value="" />
  </form>
  <h3>Manage Temporary User Tokens</h3>
  <div id="token-manage">
    <p><button onclick='doAction("expireTempTokens")'>🕒 Expire All Temp Tokens</button></p>
    <p><button onclick='doAction("cleanTempTokens")'>🧹 Delete Expired Temp Tokens</button></p>
    <p><button onclick='doAction("generateTempIpReport")'>📊 Generate Temp Token IP Report</button></p>
  </div>
 </div>
 <div>
  <h2>IP Whitelists and Blacklists</h2>
  <p>
    You can specify IP ranges to whitelist or blacklist from accessing the proxy. Entries can be specified as single
    addresses or
    <a href="https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation">CIDR notation</a>. IPv6 is
    supported but not recommended for use with the current version of the proxy.
  </p>
  <p>
    <strong>Note:</strong> Changes here are not persisted across server restarts. If you want to make changes permanent,
    you can copy the values to your deployment configuration.
  </p>
  <% for (let i = 0; i < whitelists.length; i++) { %>
  <%- include("partials/admin-cidr-widget", { list: whitelists[i] }) %>
  <% } %>
  <% for (let i = 0; i < blacklists.length; i++) { %>
  <%- include("partials/admin-cidr-widget", { list: blacklists[i] }) %>
  <% } %>
  <form action="/admin/manage/cidr" method="post" id="cidrForm">
    <input id="_csrf" type="hidden" name="_csrf" value="<%= csrfToken %>" />
    <input type="hidden" name="action" value="add" />
    <input type="hidden" name="name" value="" />
    <input type="hidden" name="mode" value="" />
    <input type="hidden" name="mask" value="" />
  </form>
  <details>
    <summary>Copy environment variables</summary>
    <p>
      If you have made changes with the UI, you can copy the values below to your deployment configuration to persist
      them across server restarts.
    </p>
    <pre>
    <% for (let i = 0; i < whitelists.length; i++) { %><%= whitelists[i].name %>=<%= whitelists[i].ranges.join(",") %><% } %>
    <% for (let i = 0; i < blacklists.length; i++) { %><%= blacklists[i].name %>=<%= blacklists[i].ranges.join(",") %><% } %>
    </pre>
  </details>
 </div>
 <script>
  function difficultyChanged(event) {
    const value = event.target.value;
    if (value === "custom") {
      document.getElementById("custom-difficulty-container").style.display = "block";
    } else {
      document.getElementById("custom-difficulty-container").style.display = "none";
    }
  }
  function doAction(action) {
    document.getElementById("hiddenAction").value = action;
    if (action === "setDifficulty") {
      const selected = document.getElementById("difficulty").value;
      const hiddenDifficulty = document.getElementById("hiddenDifficulty");
      if (selected === "custom") {
        hiddenDifficulty.value = document.getElementById("customDifficulty").value;
      } else {
        hiddenDifficulty.value = selected;
      }
    }
    document.getElementById("maintenanceForm").submit();
  }
  function onAddCidr(event) {
    const list = event.target.dataset;
    const newMask = prompt("Enter the IP or CIDR range to add to the list:");
    if (!newMask) {
      return;
    }
    const form = document.getElementById("cidrForm");
    form["action"].value = "add";
    form["name"].value = list.name;
    form["mode"].value = list.mode;
    form["mask"].value = newMask;
    form.submit();
  }
  function onRemoveCidr(event) {
    const list = event.target.dataset;
    const removeMask = event.target.dataset.mask;
    if (!removeMask) {
      return;
    }
    const form = document.getElementById("cidrForm");
    form["action"].value = "remove";
    form["name"].value = list.name;
    form["mode"].value = list.mode;
    form["mask"].value = removeMask;
    form.submit();
  }
 </script>
 <%- include("partials/admin-footer") %>
@@ -0,0 +1,132 @@
 <%- include("partials/shared_header", { title: "Create User - OAI Reverse Proxy Admin" }) %>
 <style>
  #temporaryUserOptions {
    margin-top: 1em;
    max-width: 30em;
  }
  #temporaryUserOptions h3 {
    margin-bottom: -0.4em;
  }
  input[type="number"] {
    max-width: 10em;
  }
  .temporary-user-fieldset {
    display: grid;
    grid-template-columns: repeat(4, 1fr); /* Four equal-width columns */
    column-gap: 1em;
    row-gap: 0.2em;
  }
  .full-width {
    grid-column: 1 / -1;
  }
  .quota-label {
    text-align: right;
  }
 </style>
 <h1>Create User Token</h1>
 <p>User token types:</p>
 <ul>
  <li><strong>Normal</strong> - Standard users.
  <li><strong>Special</strong> - Exempt from token quotas and <code>MAX_IPS_PER_USER</code> enforcement.</li>
  <li><strong>Temporary</strong> - Disabled after a specified duration. Quotas never refresh.</li>
 </ul>
 <form action="/admin/manage/create-user" method="post">
  <input type="hidden" name="_csrf" value="<%= csrfToken %>" />
  <label for="type">Type</label>
  <select name="type">
    <option value="normal">Normal</option>
    <option value="special">Special</option>
    <option value="temporary">Temporary</option>
  </select>
  <input type="submit" value="Create" />
  <fieldset id="temporaryUserOptions" style="display: none">
    <legend>Temporary User Options</legend>
    <div class="temporary-user-fieldset">
      <p class="full-width">
        Temporary users will be disabled after the specified duration, and their records will be permanently deleted after some time.
        These options apply only to new temporary users; existing ones use whatever options were in effect when they were created.
      </p>
      <label for="temporaryUserDuration" class="full-width">Access duration (in minutes)</label>
      <input type="number" name="temporaryUserDuration" id="temporaryUserDuration" value="60" class="full-width" />
      <!-- convenience calculations -->
      <span>6 hours:</span><code>360</code>
      <span>12 hours:</span><code>720</code>
      <span>1 day:</span><code>1440</code>
      <span>1 week:</span><code>10080</code>
      <h3 class="full-width">Token Quotas</h3>
      <p class="full-width">Temporary users' quotas are never refreshed.</p>
      <% Object.entries(quota).forEach(function([model, tokens]) { %>
      <label class="quota-label" for="temporaryUserQuota_<%= model %>"><%= model %></label>
      <input
        type="number"
        name="temporaryUserQuota_<%= model %>"
        id="temporaryUserQuota_<%= model %>"
        value="0"
        data-fieldtype="tokenquota"
        data-default="<%= tokens %>" />
      <% }) %>
    </div>
  </fieldset>
 </form>
 <% if (newToken) { %>
 <p>Just created <code><%= recentUsers[0].token %></code>.</p>
 <% } %>
 <h2>Recent Tokens</h2>
 <ul>
  <% recentUsers.forEach(function(user) { %>
  <li><a href="/admin/manage/view-user/<%= user.token %>"><%= user.token %></a></li>
  <% }) %>
 </ul>
 <script>
  const typeInput = document.querySelector("select[name=type]");
  const temporaryUserOptions = document.querySelector("#temporaryUserOptions");
  typeInput.addEventListener("change", function () {
    localStorage.setItem("admin__create-user__type", typeInput.value);
    if (typeInput.value === "temporary") {
      temporaryUserOptions.style.display = "block";
    } else {
      temporaryUserOptions.style.display = "none";
    }
  });
  function loadDefaults() {
    const defaultType = localStorage.getItem("admin__create-user__type");
    if (defaultType) {
      typeInput.value = defaultType;
      typeInput.dispatchEvent(new Event("change"));
    }
    const durationInput = document.querySelector("input[name=temporaryUserDuration]");
    const defaultDuration = localStorage.getItem("admin__create-user__duration");
    durationInput.addEventListener("change", function () {
      localStorage.setItem("admin__create-user__duration", durationInput.value);
    });
    if (defaultDuration) {
      durationInput.value = defaultDuration;
    }
    const tokenQuotaInputs = document.querySelectorAll("input[data-fieldtype=tokenquota]");
    tokenQuotaInputs.forEach(function (input) {
      const defaultQuota = localStorage.getItem("admin__create-user__quota__" + input.id);
      input.addEventListener("change", function () {
        localStorage.setItem("admin__create-user__quota__" + input.id, input.value);
      });
      if (defaultQuota) {
        input.value = defaultQuota;
      }
    });
  }
  loadDefaults();
 </script>
 <%- include("partials/admin-footer") %>
@@ -0,0 +1,138 @@
 <%- include("partials/shared_header", { title: "Download Stats - OAI Reverse Proxy Admin" }) %>
 <style>
  #statsForm {
    display: flex;
    flex-direction: column;
  }
  #statsForm ul {
    margin: 0;
    padding-left: 2em;
    font-size: 0.8em;
  }
  #statsForm li {
    list-style: none;
  }
  #statsForm textarea {
    font-family: monospace;
    flex-grow: 1;
  }
 </style>
 <h1>Download Stats</h1>
 <p>Download usage statistics to a Markdown document. You can paste this into a service like Rentry.org to share it.</p>
 <div>
  <h3>Options</h3>
  <form
    id="statsForm"
    action="/admin/manage/generate-stats"
    method="post"
    style="display: flex; flex-direction: column">
    <input id="_csrf" type="hidden" name="_csrf" value="<%= csrfToken %>" />
    <div>
      <label for="anon"><input id="anon" type="checkbox" name="anon" value="true" /> <span>Anonymize</span></label>
    </div>
    <div>
      <label for="sort">Sort</label>
      <select id="sort" name="sort">
        <option value="tokens" selected>By Token Count</option>
        <option value="prompts">By Prompt Count</option>
      </select>
    </div>
    <div>
      <label for="maxUsers">Max Users</label>
      <input id="maxUsers" type="number" name="maxUsers" value="1000" />
    </div>
    <div>
      <label for="tableType">Table Type</label>
      <select id="tableType" name="tableType">
        <option value="markdown" selected>Markdown Table</option>
        <option value="code">Code Block</option>
      </select>
    </div>
    <div>
      <label for="format">Custom Format</label>
      <ul>
        <li><code>{{header}}</code></li>
        <li><code>{{stats}}</code></li>
        <li><code>{{time}}</code></li>
      </ul>
      <textarea id="format" name="format" rows="10" cols="50" placeholder="{{stats}}">
 # Stats
 {{header}}
 {{stats}}
 {{time}}
    </textarea>
    </div>
    <div>
      <button type="submit">Download</button>
      <button id="copyButton" type="button">Copy to Clipboard</button>
    </div>
  </form>
 </div>
 <script>
  function loadDefaults() {
    const getState = (key) => localStorage.getItem("admin__download-stats__" + key);
    const setState = (key, value) => localStorage.setItem("admin__download-stats__" + key, value);
    const checkboxes = ["anon"];
    const values = ["sort", "format", "tableType", "maxUsers"];
    checkboxes.forEach((key) => {
      const value = getState(key);
      if (value) {
        document.getElementById(key).checked = value == "true";
      }
      document.getElementById(key).addEventListener("change", (e) => {
        setState(key, e.target.checked);
      });
    });
    values.forEach((key) => {
      const value = getState(key);
      if (value) {
        document.getElementById(key).value = value;
      }
      document.getElementById(key).addEventListener("change", (e) => {
        setState(key, e.target.value?.trim());
      });
    });
  }
  loadDefaults();
  async function fetchAndCopy() {
    const form = document.getElementById("statsForm");
    const formData = new FormData(form);
    const response = await fetch(form.action, {
      method: "POST",
      headers: { "Content-Type": "application/x-www-form-urlencoded" },
      credentials: "same-origin",
      body: new URLSearchParams(formData),
    });
    if (response.ok) {
      const content = await response.text();
      copyToClipboard(content);
    } else {
      throw new Error("Failed to fetch generated stats. Try reloading the page.");
    }
  }
  function copyToClipboard(text) {
    navigator.clipboard
      .writeText(text)
      .then(() => {
        alert("Copied to clipboard");
      })
      .catch((err) => {
        alert("Failed to copy to clipboard. Try downloading the file instead.");
      });
  }
  document.getElementById("copyButton").addEventListener("click", fetchAndCopy);
 </script>
 <%- include("partials/admin-footer") %>
@@ -0,0 +1,8 @@
 <%- include("partials/shared_header", { title: "Error" }) %>
    <div id="error-content" style="color: red; background-color: #eedddd; padding: 1em">
      <p><strong>⚠️ Error <%= status %>:</strong> <%= message %></p>
      <pre><%= stack %></pre>
      <a href="#" onclick="window.history.back()">Go Back</a> | <a href="/admin">Go Home</a>
    </div>
  </body>
 </html>
@@ -1,4 +1,4 @@
-<%- include("../_partials/admin-header", { title: "Export Users - OAI Reverse Proxy Admin" }) %>
+<%- include("partials/shared_header", { title: "Export Users - OAI Reverse Proxy Admin" }) %>
 <h1>Export Users</h1>
 <p>
  Export users to JSON. The JSON will be an array of objects under the key
@@ -25,4 +25,4 @@
  }
 </script>
 <button onclick="exportUsers()">Export</button>
-<%- include("../_partials/admin-footer") %>
+<%- include("partials/admin-footer") %>
@@ -1,4 +1,4 @@
-<%- include("../_partials/admin-header", { title: "Import Users - OAI Reverse Proxy Admin" }) %>
+<%- include("partials/shared_header", { title: "Import Users - OAI Reverse Proxy Admin" }) %>
 <h1>Import Users</h1>
 <p>
  Import users from JSON. The JSON should be an array of objects under the key
@@ -6,6 +6,7 @@
 </p>
 <ul>
  <li><code>token</code> (required): a unique identifier for the user</li>
  <li><code>nickname</code> (optional): a nickname for the user, max 80 chars</li>
  <li><code>ip</code> (optional): IP addresses the user has connected from</li>
  <li>
    <code>type</code> (optional): either <code>normal</code> or
@@ -16,8 +17,20 @@
    prompt
  </li>
  <li>
-    <code>tokenCount</code> (optional): the number of tokens the user has
+    <code>tokenCounts</code> (optional): the number of tokens the user has
-    consumed (not yet implemented)
+    consumed. This should be an object with model family keys (e.g. <code>turbo</code>,
    <code>gpt4</code>, <code>claude</code>), each containing an object with 
    <code>input</code> and <code>output</code> token counts.
  </li>
  <li>
    <code>tokenLimits</code> (optional): the maximum number of tokens the user can
    consume. This should be an object with model family keys (e.g. <code>turbo</code>,
    <code>gpt4</code>, <code>claude</code>), each containing a single number 
    representing the total token quota.
  </li>
  <li>
    <code>tokenRefresh</code> (optional): the amount of tokens to refresh when quotas 
    are reset. Same format as <code>tokenLimits</code>.
  </li>
  <li>
    <code>createdAt</code> (optional): the timestamp when the user was created
@@ -38,7 +51,4 @@
  <input type="submit" value="Import" />
 </form>
 </form>
-<% if (imported > 0) { %>
+<%- include("partials/admin-footer") %>
 <p>Imported <code><%= imported %></code> users.</p>
 <% } %>
 <%- include("../_partials/admin-footer") %>
@@ -0,0 +1,79 @@
 <%- include("partials/shared_header", { title: "OAI Reverse Proxy Admin" }) %>
 <h1>OAI Reverse Proxy Admin</h1>
 <% if (!usersEnabled) { %>
 <p style="color: red; background-color: #eedddd; padding: 1em">
  <strong>🚨 <code>user_token</code> gatekeeper is not enabled.</strong><br />
  <br />None of the user management features will do anything.
 </p>
 <% } %>
 <% if (!persistenceEnabled) { %>
 <p style="color: red; background-color: #eedddd; padding: 1em">
  <strong>⚠️ Users will be lost when the server restarts because persistence is not configured.</strong><br />
  <br />Be sure to export your users and import them again after restarting the server if you want to keep them.<br />
  <br />
  See the
  <a target="_blank" href="https://gitgud.io/khanon/oai-reverse-proxy/-/blob/main/docs/user-management.md#firebase-realtime-database">
    user management documentation</a
  >
  to learn how to set up persistence.
 </p>
 <% } %>
 <h3>Users</h3>
 <ul>
  <li><a href="/admin/manage/list-users">List Users</a></li>
  <li><a href="/admin/manage/create-user">Create User</a></li>
  <li><a href="/admin/manage/import-users">Import Users</a></li>
  <li><a href="/admin/manage/export-users">Export Users</a></li>
  <li><a href="/admin/manage/download-stats">Download Rentry Stats</a>
  <li><a href="/admin/manage/anti-abuse">Abuse Mitigation Settings</a></li>
  <li><a href="/admin/service-info">Service Info</a></li>
 </ul>
 <h3>Maintenance</h3>
 <form id="maintenanceForm" action="/admin/manage/maintenance" method="post">
  <input id="_csrf" type="hidden" name="_csrf" value="<%= csrfToken %>" />
  <input id="hiddenAction" type="hidden" name="action" value="" />
  <div>
    <fieldset>
      <legend>Key Recheck</legend>
      <button id="recheck-keys" type="button" onclick="submitForm('recheck')">Force Key Recheck</button>
      <label for="recheck-keys">Triggers a recheck of all keys without restarting the server.</label>
    </fieldset>
    <% if (quotasEnabled) { %>
    <fieldset>
      <legend>Bulk Quota Management</legend>
      <p>
        <button id="refresh-quotas" type="button" onclick="submitForm('resetQuotas')">Refresh All Quotas</button>
        Immediately refreshes all users' quotas by the configured amounts.
      </p>
      <p>
        <button id="clear-token-counts" type="button" onclick="submitForm('resetCounts')">Clear All Token Counts</button>
        Resets all users' token records to zero.
      </p>
    </fieldset>
    <% } %>
    <% if (imageGenerationEnabled) { %>
    <fieldset>
      <legend>Image Generation</legend>
      <button id="download-image-metadata" type="button" onclick="submitForm('downloadImageMetadata')">Download Image Metadata</button>
      <label for="download-image-metadata">Downloads a metadata file containing URL, prompt, and truncated user token for all cached images.</label>
    </fieldset>
    <% } %>
  </div>
 </form>
 <script>
  let confirmed = false;
  function submitForm(action) {
    if (action === "resetCounts" && !confirmed) {
      document.getElementById("clear-token-counts").innerText = "💣 Confirm Clear All Token Counts";
      alert("⚠️ This will permanently clear token records for all users. If you only want to refresh quotas, use the other button.");
      confirmed = true;
      return;
    }
    document.getElementById("hiddenAction").value = action;
    document.getElementById("maintenanceForm").submit();
  }
 </script>
 <%- include("partials/admin-footer") %>
@@ -1,17 +1,17 @@
-<%- include("../_partials/admin-header", { title: "Users - OAI Reverse Proxy Admin" }) %>
+<%- include("partials/shared_header", { title: "Users - OAI Reverse Proxy Admin" }) %>
    <h1>User Token List</h1>
    <input type="hidden" name="_csrf" value="<%= csrfToken %>" />
    <% if (users.length === 0) { %>
    <p>No users found.</p>
    <% } else { %>
-    <table>
+    <label for="toggle-nicknames"><input type="checkbox" id="toggle-nicknames" onchange="toggleNicknames()" /> Show Nicknames</label>
    <table class="striped full-width">
      <thead>
        <tr>
-          <th>Token</th>
+          <th>User</th>
          <th <% if (sort.includes("ip")) { %>class="active"<% } %> ><a href="/admin/manage/list-users?sort=ip">IPs</a></th>
          <th <% if (sort.includes("promptCount")) { %>class="active"<% } %> ><a href="/admin/manage/list-users?sort=promptCount">Prompts</a></th>
          <th <% if (sort.includes("sumCost")) { %>class="active"<% } %> ><a href="/admin/manage/list-users?sort=sumCost">Usage</a></th>
          <th>Type</th>
          <th <% if (sort.includes("createdAt")) { %>class="active"<% } %> ><a href="/admin/manage/list-users?sort=createdAt">Created (UTC)</a></th>
          <th <% if (sort.includes("lastUsedAt")) { %>class="active"<% } %> ><a href="/admin/manage/list-users?sort=lastUsedAt">Last Used (UTC)</a></th>
@@ -22,10 +22,18 @@
        <% users.forEach(function(user){ %>
        <tr>
          <td>
-            <code><a href="/admin/manage/view-user/<%= user.token %>"><%= user.token %></a></code>
+            <a href="/admin/manage/view-user/<%= user.token %>">
            <code class="usertoken"><%= user.token %></code>
            <% if (user.nickname) { %>
            <span class="nickname" style="display: none"><%= user.nickname %></span>
            <% } else { %>
            <code class="nickname" style="display: none"><%= "..." + user.token.slice(-5) %></code>
            <% } %>
          </a>
          </td>
          <td><%= user.ip.length %></td>
          <td><%= user.promptCount %></td>
          <td><%= user.prettyUsage %></td>
          <td><%= user.type %></td>
          <td><%= user.createdAt %></td>
          <td><%= user.lastUsedAt ?? "never" %></td>
@@ -40,7 +48,6 @@
        </tr>
        <% }); %>
    </table>
    <ul class="pagination">
      <% if (page > 1) { %>
      <li><a href="/admin/manage/list-users?sort=<%= sort %>&page=<%= page - 1 %>">&laquo;</a></li>
@@ -52,54 +59,28 @@
    </ul>
    <p>Showing <%= page * pageSize - pageSize + 1 %> to <%= users.length + page * pageSize - pageSize %> of <%= totalCount %> users.</p>
-    <%- include("../_partials/pagination") %>
+    <%- include("partials/shared_pagination") %>
    <% } %>
 <script>
-  document.querySelectorAll("td.actions a.ban").forEach(function (a) {
+  function toggleNicknames() {
-    a.addEventListener("click", function (e) {
+    const checked = document.getElementById("toggle-nicknames").checked;
-      e.preventDefault();
+    const visibleSelector = checked ? ".nickname" : ".usertoken";
-      var token = a.getAttribute("data-token");
+    const hiddenSelector = checked ? ".usertoken" : ".nickname";
-      if (confirm("Are you sure you want to ban this user?")) {
+    document.querySelectorAll(visibleSelector).forEach(function (el) {
-        let reason = prompt("Reason for ban:");
+      el.style.display = "inline";
        fetch(
          "/admin/manage/disable-user/" + token,
          { 
            method: "POST", 
            credentials: "same-origin",
            body: JSON.stringify({ reason, _csrf: document.querySelector("meta[name=csrf-token]").getAttribute("content") }),
            headers: { "Content-Type": "application/json" }
          }).then(() => window.location.reload());
      }
    });
-  });
+    document.querySelectorAll(hiddenSelector).forEach(function (el) {
      el.style.display = "none";
    });
    localStorage.setItem("showNicknames", checked);
  }
-  document.querySelectorAll("td.actions a.unban").forEach(function (a) {
+  const state = localStorage.getItem("showNicknames") === "true";
-    a.addEventListener("click", function (e) {
+  document.getElementById("toggle-nicknames").checked = state;
-      e.preventDefault();
+  toggleNicknames();
      var token = a.getAttribute("data-token");
      if (confirm("Are you sure you want to unban this user?")) {
        fetch(
          "/admin/manage/reactivate-user/" + token,
          { 
            method: "POST", 
            credentials: "same-origin",
            body: JSON.stringify({ _csrf: document.querySelector("meta[name=csrf-token]").getAttribute("content") }),
            headers: { "Content-Type": "application/json" }
          }
        ).then(() => window.location.reload());
      }
    });
  });
 </script>
-<script>
+<%- include("partials/admin-ban-xhr-script") %>
-  document.querySelectorAll("td").forEach(function(td) {
+
-    if (td.innerText.match(/^\d{13}$/)) {
+<%- include("partials/admin-footer") %>
      if (td.innerText == 0) return 'never';
      var date = new Date(parseInt(td.innerText));
      td.innerText = date.toISOString().replace("T", " ").replace(/\.\d+Z$/, "");
    }
  });
 </script>
 <%- include("../_partials/admin-footer") %>
@@ -1,8 +1,5 @@
-<%- include("../_partials/admin-header", { title: "Login" }) %>
+<%- include("partials/shared_header", { title: "Login" }) %>
    <h1>Login</h1>
    <% if (failed) { %>
    <p style="color: red;">Please try again.</p>
    <% } %>
    <form action="/admin/login" method="post">
      <input type="hidden" name="_csrf" value="<%= csrfToken %>" />
      <label for="token">Admin Key</label>
@@ -0,0 +1,166 @@
 <%- include("partials/shared_header", { title: "View User - OAI Reverse Proxy Admin" }) %>
 <h1>View User</h1>
 <table class="striped">
  <thead>
    <tr>
      <th scope="col">Key</th>
      <th scope="col" colspan="2">Value</th>
    </tr>
  </thead>
  <tbody>
    <tr>
      <th scope="row">Token</th>
      <td colspan="2"><%- user.token %></td>
    </tr>
    <tr>
      <th scope="row">Nickname</th>
      <td><%- user.nickname ?? "none" %></td>
      <td class="actions">
        <a title="Edit" id="edit-nickname" href="#" data-field="nickname" data-token="<%= user.token %>">✏️</a>
      </td>
    </tr>
    <tr>
      <th scope="row">Type</th>
      <td><%- user.type %></td>
      <td class="actions">
        <a title="Edit" id="edit-type" href="#" data-field="type" data-token="<%= user.token %>">✏️</a>
      </td>
    </tr>
    <tr>
      <th scope="row">Prompts</th>
      <td colspan="2"><%- user.promptCount %></td>
    </tr>
    <tr>
      <th scope="row">Created At</th>
      <td colspan="2"><%- user.createdAt %></td>
    </tr>
    <tr>
      <th scope="row">Last Used At</th>
      <td colspan="2"><%- user.lastUsedAt || "never" %></td>
    </tr>
    <tr>
      <th scope="row">Disabled At</th>
      <td><%- user.disabledAt %></td>
      <td class="actions">
        <% if (user.disabledAt) { %>
        <a title="Unban" href="#" class="unban" data-token="<%= user.token %>">🔄️</a>
        <% } else { %>
        <a title="Ban" href="#" class="ban" data-token="<%= user.token %>">🚫</a>
        <% } %>
      </td>
    </tr>
    <tr>
      <th scope="row">Disabled Reason</th>
      <td><%- user.disabledReason %></td>
      <% if (user.disabledAt) { %>
      <td class="actions">
        <a title="Edit" id="edit-disabledReason" href="#" data-field="disabledReason" data-token="<%= user.token %>"
          >✏️</a
        >
      </td>
      <% } %>
    </tr>
    <tr>
      <th scope="row">IP Address Limit</th>
      <td><%- (user.maxIps ?? maxIps) || "Unlimited" %></td>
      <td class="actions">
        <a title="Edit" id="edit-maxIps" href="#" data-field="maxIps" data-token="<%= user.token %>">✏️</a>
      </td>
    </tr>
    <tr>
      <th scope="row">IPs</th>
      <td colspan="2"><%- include("partials/shared_user_ip_list", { user, shouldRedact: false }) %></td>
    </tr>
    <tr>
      <th scope="row">
        Admin Note <span title="Unlike nickname, this is not visible to or editable by the user">🔒</span>
      </th>
      <td><%- user.adminNote ?? "none" %></td>
      <td class="actions">
        <a title="Edit" id="edit-adminNote" href="#" data-field="adminNote" data-token="<%= user.token %>">✏️</a>
      </td>
    </tr>
    <% if (user.type === "temporary") { %>
    <tr>
      <th scope="row">Expires At</th>
      <td colspan="2"><%- user.expiresAt %></td>
    </tr>
    <% } %>
    <% if (user.meta) { %>
    <tr>
      <th scope="row">Meta</th>
      <td colspan="2"><%- JSON.stringify(user.meta) %></td>
    </tr>
    <% } %>
  </tbody>
 </table>
 <form style="display: none" id="current-values">
  <input type="hidden" name="token" value="<%- user.token %>" />
  <% ["nickname", "type", "disabledAt", "disabledReason", "maxIps", "adminNote"].forEach(function (key) { %>
  <input type="hidden" name="<%- key %>" value="<%- user[key] %>" />
  <% }); %>
  <!-- tokenRefresh_ keys are dynamically generated -->
  <% Object.entries(quota).forEach(([family]) => { %>
  <input type="hidden" name="tokenRefresh_<%- family %>" value="<%- user.tokenRefresh[family] || quota[family] %>" />
  <% }); %>
 </form>
 <h3>Quota Information</h3>
 <% if (quotasEnabled) { %>
 <form action="/admin/manage/refresh-user-quota" method="POST">
  <input type="hidden" name="token" value="<%- user.token %>" />
  <input type="hidden" name="_csrf" value="<%- csrfToken %>" />
  <button type="submit" class="btn btn-primary">Refresh Quotas for User</button>
 </form>
 <% } %>
 <%- include("partials/shared_quota-info", { quota, user, showRefreshEdit: true }) %>
 <p><a href="/admin/manage/list-users">Back to User List</a></p>
 <script>
  document.querySelectorAll("td.actions a[data-field]").forEach(function (a) {
    a.addEventListener("click", function (e) {
      e.preventDefault();
      const token = a.dataset.token;
      const field = a.dataset.field;
      const existingValue = document.querySelector(`#current-values input[name=${field}]`).value;
      let value = prompt(`Enter new value for '${field}':`, existingValue);
      if (value !== null) {
        if (value === "") {
          value = null;
        }
        const payload = { _csrf: document.querySelector("meta[name=csrf-token]").getAttribute("content") };
        if (field.startsWith("tokenRefresh_")) {
          const family = field.slice("tokenRefresh_".length);
          payload.tokenRefresh = { [family]: Number(value) };
        } else {
          payload[field] = value;
        }
        fetch(`/admin/manage/edit-user/${token}`, {
          method: "POST",
          credentials: "same-origin",
          body: JSON.stringify(payload),
          headers: { "Content-Type": "application/json", Accept: "application/json" },
        })
          .then((res) => Promise.all([res.ok, res.json()]))
          .then(([ok, json]) => {
            const url = new URL(window.location.href);
            const params = new URLSearchParams();
            if (!ok) {
              alert(`Failed to edit user: ${json.message}`);
            }
            url.search = params.toString();
            window.location.assign(url);
          });
      }
    });
  });
 </script>
 <%- include("partials/admin-ban-xhr-script") %>
 <%- include("partials/admin-footer") %>
@@ -0,0 +1,32 @@
 <script>
  document.querySelectorAll("td.actions a.ban").forEach(function (a) {
    a.addEventListener("click", function (e) {
      e.preventDefault();
      var token = a.getAttribute("data-token");
      if (confirm("Are you sure you want to ban this user?")) {
        let reason = prompt("Reason for ban:");
        fetch("/admin/manage/disable-user/" + token, {
          method: "POST",
          credentials: "same-origin",
          body: JSON.stringify({ reason, _csrf: document.querySelector("meta[name=csrf-token]").getAttribute("content") }),
          headers: { "Content-Type": "application/json" },
        }).then(() => window.location.reload());
      }
    });
  });
  document.querySelectorAll("td.actions a.unban").forEach(function (a) {
    a.addEventListener("click", function (e) {
      e.preventDefault();
      var token = a.getAttribute("data-token");
      if (confirm("Are you sure you want to unban this user?")) {
        fetch("/admin/manage/reactivate-user/" + token, {
          method: "POST",
          credentials: "same-origin",
          body: JSON.stringify({ _csrf: document.querySelector("meta[name=csrf-token]").getAttribute("content") }),
          headers: { "Content-Type": "application/json" },
        }).then(() => window.location.reload());
      }
    });
  });
 </script>
@@ -0,0 +1,13 @@
 <h3>
  <%= list.name %>
  (<%= list.mode %>)
 </h3>
 <ul>
  <% list.ranges.forEach(function(mask) { %>
  <li>
    <%= mask %>
    <button class="remove" data-mode="<%= list.mode %>" data-name="<%= list.name %>" data-mask="<%= mask %>" onclick="onRemoveCidr(event)">Remove</button>
  </li>
  <% }); %>
 </ul>
 <button class="add" data-mode="<%= list.mode %>" data-name="<%= list.name %>" onclick="onAddCidr(event)">Add</button>
@@ -0,0 +1,15 @@
  <hr />
  <footer>
    <a href="/admin">Index</a> | <a href="/admin/logout">Logout</a>
  </footer>
  <script>
    document.querySelectorAll("td,time").forEach(function(td) {
      if (td.innerText.match(/^\d{13}$/)) {
        if (td.innerText == 0) return 'never';
        var date = new Date(parseInt(td.innerText));
        td.innerText = date.toISOString().replace("T", " ").replace(/\.\d+Z$/, "Z");
      }
    });
  </script>
  </body>
 </html>
@@ -1,247 +1,403 @@
-import fs from "fs";
+/*  ──────────────────────────────────────────────────────────────
-import { Request, Response } from "express";
+    Login-gated info page
-import showdown from "showdown";
+    drop-in replacement for src/info-page.ts
-import { config, listConfig } from "./config";
+    ──────────────────────────────────────────────────────────── */
 import { OpenAIKey, keyPool } from "./key-management";
 import { getUniqueIps } from "./proxy/rate-limit";
 import {
  QueuePartition,
  getEstimatedWaitTime,
  getQueueLength,
 } from "./proxy/queue";
-const INFO_PAGE_TTL = 5000;
+import fs from "fs";
 import express, { Router, Request, Response } from "express";
 import showdown from "showdown";
 import { config } from "./config";
 import { buildInfo, ServiceInfo } from "./service-info";
 import { getLastNImages } from "./shared/file-storage/image-history";
 import { keyPool } from "./shared/key-management";
 import { MODEL_FAMILY_SERVICE, ModelFamily } from "./shared/models";
 import { withSession } from "./shared/with-session";
 import { injectCsrfToken, checkCsrfToken } from "./shared/inject-csrf";
 import { getUser } from "./shared/users/user-store";
 /* ────────────────  TYPES: extend express-session  ──────────── */
 declare module "express-session" {
  interface Session {
    infoPageAuthed?: boolean;
  }
 }
 /* ────────────────  misc constants  ─────────────────────────── */
 const INFO_PAGE_TTL = 2_000; // ms
 const LOGIN_ROUTE   = "/";
 const MODEL_FAMILY_FRIENDLY_NAME: { [f in ModelFamily]: string } = {
  qwen: "Qwen",
  cohere: "Cohere",
  deepseek: "Deepseek",
  xai: "Grok",
  moonshot: "Moonshot",
  turbo: "GPT-4o Mini / 3.5 Turbo",
  gpt4: "GPT-4",
  "gpt4-32k": "GPT-4 32k",
  "gpt4-turbo": "GPT-4 Turbo",
  gpt4o: "GPT-4o",
  gpt41: "GPT-4.1",
  "gpt41-mini": "GPT-4.1 Mini",
  "gpt41-nano": "GPT-4.1 Nano",
  gpt5: "GPT-5",
  "gpt5-mini": "GPT-5 Mini",
  "gpt5-nano": "GPT-5 Nano",
  "gpt5-chat-latest": "GPT-5 Chat Latest",
  gpt45: "GPT-4.5",
  o1: "OpenAI o1",
  "o1-mini": "OpenAI o1 mini",
  "o1-pro": "OpenAI o1 pro",
  "o3-pro": "OpenAI o3 pro",
  "o3-mini": "OpenAI o3 mini",
  "o3": "OpenAI o3",
  "o4-mini": "OpenAI o4 mini",
  "codex-mini": "OpenAI Codex Mini",
  "dall-e": "DALL-E",
  "gpt-image": "GPT Image",
  claude: "Claude (Sonnet)",
  "claude-opus": "Claude (Opus)",
  "gemini-flash": "Gemini Flash",
  "gemini-pro": "Gemini Pro",
  "gemini-ultra": "Gemini Ultra",
  "mistral-tiny": "Mistral 7B",
  "mistral-small": "Mistral Nemo",
  "mistral-medium": "Mistral Medium",
  "mistral-large": "Mistral Large",
  "aws-claude": "AWS Claude (Sonnet)",
  "aws-claude-opus": "AWS Claude (Opus)",
  "aws-mistral-tiny": "AWS Mistral 7B",
  "aws-mistral-small": "AWS Mistral Nemo",
  "aws-mistral-medium": "AWS Mistral Medium",
  "aws-mistral-large": "AWS Mistral Large",
  "gcp-claude": "GCP Claude (Sonnet)",
  "gcp-claude-opus": "GCP Claude (Opus)",
  "azure-turbo": "Azure GPT-3.5 Turbo",
  "azure-gpt4": "Azure GPT-4",
  "azure-gpt4-32k": "Azure GPT-4 32k",
  "azure-gpt4-turbo": "Azure GPT-4 Turbo",
  "azure-gpt4o": "Azure GPT-4o",
  "azure-gpt45": "Azure GPT-4.5",
  "azure-gpt41": "Azure GPT-4.1",
  "azure-gpt41-mini": "Azure GPT-4.1 Mini",
  "azure-gpt41-nano": "Azure GPT-4.1 Nano",
  "azure-gpt5": "Azure GPT-5",
  "azure-gpt5-mini": "Azure GPT-5 Mini",
  "azure-gpt5-nano": "Azure GPT-5 Nano",
  "azure-gpt5-chat-latest": "Azure GPT-5 Chat Latest",
  "azure-o1": "Azure o1",
  "azure-o1-mini": "Azure o1 mini",
  "azure-o1-pro": "Azure o1 pro",
  "azure-o3-pro": "Azure o3 pro",
  "azure-o3-mini": "Azure o3 mini",
  "azure-o3": "Azure o3",
  "azure-o4-mini": "Azure o4 mini",
  "azure-codex-mini": "Azure Codex Mini",
  "azure-dall-e": "Azure DALL-E",
  "azure-gpt-image": "Azure GPT Image",
 };
 const converter = new showdown.Converter();
 /* optional markdown greeting */
 const customGreeting = fs.existsSync("greeting.md")
  ? `<div id="servergreeting">${fs.readFileSync("greeting.md", "utf8")}</div>`
  : "";
 /* ────────────────  Login page  ──────────────────────── */
 function renderLoginPage(csrf: string, error?: string) {
  const errBlock = error
    ? `<div class="error-message">${escapeHtml(error)}</div>`
    : "";
  const pageTitle = getServerTitle();
  return `<!DOCTYPE html>
 <html>
 <head>
  <title>${pageTitle} – Login</title>
  <style>
    body{font-family:Arial, sans-serif;display:flex;justify-content:center;
         align-items:center;height:100vh;margin:0;padding:20px;background:#f5f5f5;}
    .login-container{background:#fff;border-radius:8px;box-shadow:0 4px 8px rgba(0,0,0,.1);
         padding:30px;width:100%;max-width:400px;text-align:center;}
    .logo-image{max-width:200px;margin-bottom:20px;}
    .form-group{margin-bottom:20px;}
    input[type=text], input[type=password]{width:100%;padding:10px;border:1px solid #ddd;border-radius:4px;
         box-sizing:border-box;font-size:16px;}
    button{background:#4caf50;color:#fff;border:none;padding:12px 20px;border-radius:4px;
         cursor:pointer;font-size:16px;width:100%;}
    button:hover{background:#45a049;}
    .error-message{color:#f44336;margin-bottom:15px;}
    @media (prefers-color-scheme: dark) {
      body { background: #2c2c2c; color: #e0e0e0; }
      .login-container { background: #383838; box-shadow: 0 4px 12px rgba(0,0,0,0.4); border: 1px solid #4a4a4a; }
      input[type=text], input[type=password] { background: #4a4a4a; color: #e0e0e0; border: 1px solid #5a5a5a; }
      input[type=text]::placeholder, input[type=password]::placeholder { color: #999; }
      button { background: #007bff; } /* Using a blue for dark mode button */
      button:hover { background: #0056b3; }
      .error-message { color: #ff8a80; } /* Lighter red for errors in dark mode */
    }
  </style>
 </head>
 <body>
  <div class="login-container">
    ${config.loginImageUrl ? `<img src="${config.loginImageUrl}" alt="Logo" class="logo-image">` : ''}
    ${errBlock}
    <form method="POST" action="${LOGIN_ROUTE}">
      <div class="form-group">
        ${config.serviceInfoAuthMode === "password"
          ? `<input type="password" id="password" name="password" required placeholder="Service Password">`
          : `<input type="text" id="token" name="token" required placeholder="Your token">`}
        <input type="hidden" name="_csrf" value="${csrf}">
      </div>
      <button type="submit">Access Dashboard</button>
    </form>
  </div>
 </body>
 </html>`;
 }
 /* ────────────────  login-required middleware  ──────────────── */
 function requireLogin(
  req: Request,
  res: Response,
  next: express.NextFunction
 ) {
  if (req.session?.infoPageAuthed) return next();
  return res.send(renderLoginPage(res.locals.csrfToken));
 }
 /* ────────────────  INFO PAGE CACHING  ──────────────────────── */
 let infoPageHtml: string | undefined;
 let infoPageLastUpdated = 0;
-export const handleInfoPage = (req: Request, res: Response) => {
+export function handleInfoPage(req: Request, res: Response) {
  if (infoPageLastUpdated + INFO_PAGE_TTL > Date.now()) {
-    res.send(infoPageHtml);
+    return res.send(infoPageHtml);
    return;
  }
  // Sometimes huggingface doesn't send the host header and makes us guess.
  const baseUrl =
    process.env.SPACE_ID && !req.get("host")?.includes("hf.space")
      ? getExternalUrlForHuggingfaceSpaceId(process.env.SPACE_ID)
      : req.protocol + "://" + req.get("host");
-  res.send(cacheInfoPageHtml(baseUrl));
+  const info = buildInfo(baseUrl + config.proxyEndpointRoute);
-};
+  infoPageHtml = renderPage(info);
 function cacheInfoPageHtml(baseUrl: string) {
  const keys = keyPool.list();
  const openaiKeys = keys.filter((k) => k.service === "openai").length;
  const anthropicKeys = keys.filter((k) => k.service === "anthropic").length;
  const info = {
    uptime: process.uptime(),
    endpoints: {
      ...(openaiKeys ? { openai: baseUrl + "/proxy/openai" } : {}),
      ...(anthropicKeys ? { anthropic: baseUrl + "/proxy/anthropic" } : {}),
    },
    proompts: keys.reduce((acc, k) => acc + k.promptCount, 0),
    ...(config.modelRateLimit ? { proomptersNow: getUniqueIps() } : {}),
    openaiKeys,
    anthropicKeys,
    ...(openaiKeys ? getOpenAIInfo() : {}),
    ...(anthropicKeys ? getAnthropicInfo() : {}),
    config: listConfig(),
    build: process.env.BUILD_INFO || "dev",
  };
  const title = getServerTitle();
  const headerHtml = buildInfoPageHeader(new showdown.Converter(), title);
  const pageBody = `<!DOCTYPE html>
 <html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta name="robots" content="noindex" />
    <title>${title}</title>
  </head>
  <body style="font-family: sans-serif; background-color: #f0f0f0; padding: 1em;">
    ${headerHtml}
    <hr />
    <h2>Service Info</h2>
    <pre>${JSON.stringify(info, null, 2)}</pre>
  </body>
 </html>`;
  infoPageHtml = pageBody;
  infoPageLastUpdated = Date.now();
-  return pageBody;
+  res.send(infoPageHtml);
 }
-type ServiceInfo = {
+/* ────────────────  RENDER FULL INFO PAGE  ──────────────────── */
-  activeKeys: number;
+export function renderPage(info: ServiceInfo) {
-  trialKeys?: number;
+  const title = getServerTitle();
-  // activeLimit: string;
+  const headerHtml = buildInfoPageHeader(info);
  revokedKeys?: number;
  overQuotaKeys?: number;
  proomptersInQueue: number;
  estimatedQueueTime: string;
 };
-// this has long since outgrown this awful "dump everything in a <pre> tag" approach
+  return `<!doctype html>
-// but I really don't want to spend time on a proper UI for this right now
+<html lang="en">
-
+<head>
-function getOpenAIInfo() {
+  <meta charset="utf-8" />
-  const info: { [model: string]: Partial<ServiceInfo> } = {};
+  <meta name="robots" content="noindex" />
-  const keys = keyPool
+  <title>${title}</title>
-    .list()
+  <link rel="stylesheet" href="/res/css/reset.css" />
-    .filter((k) => k.service === "openai") as OpenAIKey[];
+  <link rel="stylesheet" href="/res/css/sakura.css" />
-  const hasGpt4 = keys.some((k) => k.isGpt4) && !config.turboOnly;
+  <link rel="stylesheet" href="/res/css/sakura-dark.css"
-
+        media="screen and (prefers-color-scheme: dark)" />
-  if (keyPool.anyUnchecked()) {
+  <style>
-    const uncheckedKeys = keys.filter((k) => !k.lastChecked);
+    body{font-family:sans-serif;padding:1em;max-width:900px;margin:0;}
-    info.status =
+    .self-service-links{display:flex;justify-content:center;margin-bottom:1em;
-      `Performing startup key checks (${uncheckedKeys.length} left).` as any;
+                        padding:0.5em;font-size:0.8em;}
-  } else {
+    .self-service-links a{margin:0 0.5em;}
-    delete info.status;
+  </style>
-  }
+</head>
-
+<body>
-  if (config.checkKeys) {
+  ${headerHtml}
-    const turboKeys = keys.filter((k) => !k.isGpt4);
+  <hr/>
-    const gpt4Keys = keys.filter((k) => k.isGpt4);
+  ${getSelfServiceLinks()}
-
+  <h2>Service Info</h2>
-    info.turbo = {
+  <pre>${JSON.stringify(info, null, 2)}</pre>
-      activeKeys: turboKeys.filter((k) => !k.isDisabled).length,
+</body>
-      trialKeys: turboKeys.filter((k) => k.isTrial).length,
+</html>`;
      revokedKeys: turboKeys.filter((k) => k.isRevoked).length,
      overQuotaKeys: turboKeys.filter((k) => k.isOverQuota).length,
    };
    if (hasGpt4) {
      info.gpt4 = {
        activeKeys: gpt4Keys.filter((k) => !k.isDisabled).length,
        trialKeys: gpt4Keys.filter((k) => k.isTrial).length,
        revokedKeys: gpt4Keys.filter((k) => k.isRevoked).length,
        overQuotaKeys: gpt4Keys.filter((k) => k.isOverQuota).length,
      };
    }
  } else {
    info.status = "Key checking is disabled." as any;
    info.turbo = { activeKeys: keys.filter((k) => !k.isDisabled).length };
    info.gpt4 = {
      activeKeys: keys.filter((k) => !k.isDisabled && k.isGpt4).length,
    };
  }
  const turboQueue = getQueueInformation("turbo");
  info.turbo.proomptersInQueue = turboQueue.proomptersInQueue;
  info.turbo.estimatedQueueTime = turboQueue.estimatedQueueTime;
  if (hasGpt4) {
    const gpt4Queue = getQueueInformation("gpt-4");
    info.gpt4.proomptersInQueue = gpt4Queue.proomptersInQueue;
    info.gpt4.estimatedQueueTime = gpt4Queue.estimatedQueueTime;
  }
  return info;
 }
-function getAnthropicInfo() {
+/* ────────────────  header & helper functions  ──────────────── */
-  const claudeInfo: Partial<ServiceInfo> = {};
+/*     (all copied verbatim from original file)                  */
-  const keys = keyPool.list().filter((k) => k.service === "anthropic");
+function buildInfoPageHeader(info: ServiceInfo) {
-  claudeInfo.activeKeys = keys.filter((k) => !k.isDisabled).length;
+  const title = getServerTitle();
-  const queue = getQueueInformation("claude");
+  let infoBody = `# ${title}`;
  claudeInfo.proomptersInQueue = queue.proomptersInQueue;
  claudeInfo.estimatedQueueTime = queue.estimatedQueueTime;
  return { claude: claudeInfo };
 }
 /**
 * If the server operator provides a `greeting.md` file, it will be included in
 * the rendered info page.
 **/
 function buildInfoPageHeader(converter: showdown.Converter, title: string) {
  const customGreeting = fs.existsSync("greeting.md")
    ? fs.readFileSync("greeting.md", "utf8")
    : null;
  // TODO: use some templating engine instead of this mess
  let infoBody = `<!-- Header for Showdown's parser, don't remove this line -->
 # ${title}`;
  if (config.promptLogging) {
-    infoBody += `\n## Prompt logging is enabled!
+    infoBody += `\n## Prompt Logging Enabled
-The server operator has enabled prompt logging. The prompts you send to this proxy and the AI responses you receive may be saved.
+This proxy keeps full logs of all prompts and AI responses. Prompt logs are anonymous and do not contain IP addresses or timestamps.
-Logs are anonymous and do not contain IP addresses or timestamps. [You can see the type of data logged here, along with the rest of the code.](https://gitgud.io/khanon/oai-reverse-proxy/-/blob/main/src/prompt-logging/index.ts).
+[You can see the type of data logged here, along with the rest of the code.](https://gitgud.io/khanon/oai-reverse-proxy/-/blob/main/src/shared/prompt-logging/index.ts).
 **If you are uncomfortable with this, don't send prompts to this proxy!**`;
  }
-  const waits: string[] = [];
+  if (config.staticServiceInfo) {
-  infoBody += `\n## Estimated Wait Times\nIf the AI is busy, your prompt will processed when a slot frees up.`;
+    return converter.makeHtml(infoBody + customGreeting);
  }
-  if (config.openaiKey) {
+  const waits: string[] = [];
-    const turboWait = getQueueInformation("turbo").estimatedQueueTime;
+
-    const gpt4Wait = getQueueInformation("gpt-4").estimatedQueueTime;
+  for (const modelFamily of config.allowedModelFamilies) {
-    waits.push(`**Turbo:** ${turboWait}`);
+    const service = MODEL_FAMILY_SERVICE[modelFamily];
-    if (keyPool.list().some((k) => k.isGpt4) && !config.turboOnly) {
+
-      waits.push(`**GPT-4:** ${gpt4Wait}`);
+    const hasKeys = keyPool.list().some(
      (k) => k.service === service && k.modelFamilies.includes(modelFamily)
    );
    const wait = info[modelFamily]?.estimatedQueueTime;
    if (hasKeys && wait) {
      waits.push(
        `**${MODEL_FAMILY_FRIENDLY_NAME[modelFamily] || modelFamily}**: ${wait}`
      );
    }
  }
  if (config.anthropicKey) {
    const claudeWait = getQueueInformation("claude").estimatedQueueTime;
    waits.push(`**Claude:** ${claudeWait}`);
  }
  infoBody += "\n\n" + waits.join(" / ");
  infoBody += customGreeting;
  infoBody += buildRecentImageSection();
  if (customGreeting) {
    infoBody += `\n## Server Greeting\n
 ${customGreeting}`;
  }
  return converter.makeHtml(infoBody);
 }
-/** Returns queue time in seconds, or minutes + seconds if over 60 seconds. */
+function getSelfServiceLinks() {
-function getQueueInformation(partition: QueuePartition) {
+  if (config.gatekeeper !== "user_token") return "";
-  const waitMs = getEstimatedWaitTime(partition);
+  const links = [["Check your user token", "/user/lookup"]];
-  const waitTime =
+  if (config.captchaMode !== "none") {
-    waitMs < 60000
+    links.unshift(["Request a user token", "/user/captcha"]);
-      ? `${Math.round(waitMs / 1000)}sec`
+  }
-      : `${Math.round(waitMs / 60000)}min, ${Math.round(
+  return `<div class="self-service-links">${links
-          (waitMs % 60000) / 1000
+    .map(([t, l]) => `<a href="${l}">${t}</a>`)
-        )}sec`;
+    .join(" | ")}</div>`;
  return {
    proomptersInQueue: getQueueLength(partition),
    estimatedQueueTime: waitMs > 2000 ? waitTime : "no wait",
  };
 }
 function getServerTitle() {
-  // Use manually set title if available
+  if (process.env.SERVER_TITLE) return process.env.SERVER_TITLE;
-  if (process.env.SERVER_TITLE) {
+  if (process.env.SPACE_ID)
    return process.env.SERVER_TITLE;
  }
  // Huggingface
  if (process.env.SPACE_ID) {
    return `${process.env.SPACE_AUTHOR_NAME} / ${process.env.SPACE_TITLE}`;
-  }
+  if (process.env.RENDER)
  // Render
  if (process.env.RENDER) {
    return `Render / ${process.env.RENDER_SERVICE_NAME}`;
-  }
+  return "Tunnel";
  return "OAI Reverse Proxy";
 }
 function buildRecentImageSection() {
  const imageModels: ModelFamily[] = [
    "azure-dall-e",
    "dall-e",
    "gpt-image",
    "azure-gpt-image",
  ];
  // Condition 1: Is the feature enabled via config?
  // Condition 2: Is at least one relevant image model family allowed in config?
  if (
    !config.showRecentImages ||
    imageModels.every((f) => !config.allowedModelFamilies.includes(f))
  ) {
    return ""; // Exit if feature is disabled or no relevant models are allowed
  }
  // Condition 3: Are there any actual images to display?
  const recentImages = getLastNImages(12).reverse();
  if (recentImages.length === 0) {
    // If the feature is enabled and models are allowed, but no images exist,
    // do not render the section, including its title.
    return "";
  }
  // If all conditions pass (feature enabled, models allowed, images exist), build and return the HTML
  let html = `<h2>Recent Image Generations</h2>`;
  html += `<div style="display:flex;flex-wrap:wrap;" id="recent-images">`;
  for (const { url, prompt } of recentImages) {
    const thumbUrl = url.replace(/\.png$/, "_t.jpg");
    const escapedPrompt = escapeHtml(prompt);
    html += `<div style="margin:0.5em" class="recent-image">
 <a href="${url}" target="_blank"><img src="${thumbUrl}" title="${escapedPrompt}"
 alt="${escapedPrompt}" style="max-width:150px;max-height:150px;"/></a></div>`;
  }
  html += `</div><p style="clear:both;text-align:center;">
 <a href="/user/image-history">View all recent images</a></p>`;
  return html;
 }
 function escapeHtml(unsafe: string) {
  return unsafe
    .replace(/&/g, "&amp;")
    .replace(/</g, "&lt;")
    .replace(/>/g, "&gt;")
    .replace(/"/g, "&quot;")
    .replace(/'/g, "&#39;")
    .replace(/\[/g, "&#91;")
    .replace(/]/g, "&#93;");
 }
 function getExternalUrlForHuggingfaceSpaceId(spaceId: string) {
  // Huggingface broke their amazon elb config and no longer sends the
  // x-forwarded-host header. This is a workaround.
  try {
-    const [username, spacename] = spaceId.split("/");
+    const [u, s] = spaceId.split("/");
-    return `https://${username}-${spacename.replace(/_/g, "-")}.hf.space`;
+    return `https://${u}-${s.replace(/_/g, "-")}.hf.space`;
-  } catch (e) {
+  } catch {
    return "";
  }
 }
 /* ────────────────  ROUTER  ─────────────────────────────────── */
 const infoPageRouter = Router();
 infoPageRouter.use(
  express.json({ limit: "1mb" }),
  express.urlencoded({ extended: true, limit: "1mb" }),
  withSession,
  injectCsrfToken,
  checkCsrfToken
 );
 /* login attempt */
 infoPageRouter.post(LOGIN_ROUTE, (req, res) => {
  if (config.serviceInfoAuthMode === "password") {
    const password = (req.body.password || "").trim();
    // Simple string comparison; for production, consider a timing-safe comparison library
    if (config.serviceInfoPassword && password === config.serviceInfoPassword) {
      req.session!.infoPageAuthed = true;
      return res.redirect("/");
    } else {
      return res
        .status(401)
        .send(renderLoginPage(res.locals.csrfToken, "Invalid password. Please try again."));
    }
  } else {
    // Token-based authentication (using any valid user token)
    const token = (req.body.token || "").trim();
    const user = getUser(token); // returns undefined if invalid
    if (user && !user.disabledAt) {
      // Only allow access if user exists AND is not disabled
      req.session!.infoPageAuthed = true;
      return res.redirect("/");
    } else if (user && user.disabledAt) {
      // User exists but is disabled
      const reason = user.disabledReason || "Your account has been disabled";
      return res
        .status(401)
        .send(renderLoginPage(res.locals.csrfToken, `Access denied: ${reason}`));
    } else {
      // User doesn't exist
      return res
        .status(401)
        .send(renderLoginPage(res.locals.csrfToken, "Invalid token. Please try again."));
    }
  }
 });
 /* GET /  – either login form or info page */
 if (config.enableInfoPageLogin) {
  infoPageRouter.get(LOGIN_ROUTE, requireLogin, handleInfoPage);
 } else {
  infoPageRouter.get(LOGIN_ROUTE, handleInfoPage);
 }
 /*  ─── Removed the public /status route :  simply not added ─── */
 export { infoPageRouter };
@@ -1,207 +0,0 @@
 import crypto from "crypto";
 import { Key, KeyProvider } from "..";
 import { config } from "../../config";
 import { logger } from "../../logger";
 // https://docs.anthropic.com/claude/reference/selecting-a-model
 export const ANTHROPIC_SUPPORTED_MODELS = [
  "claude-instant-v1",
  "claude-instant-v1-100k",
  "claude-v1",
  "claude-v1-100k",
  "claude-2",
 ] as const;
 export type AnthropicModel = (typeof ANTHROPIC_SUPPORTED_MODELS)[number];
 export type AnthropicKeyUpdate = Omit<
  Partial<AnthropicKey>,
  | "key"
  | "hash"
  | "lastUsed"
  | "promptCount"
  | "rateLimitedAt"
  | "rateLimitedUntil"
 >;
 export interface AnthropicKey extends Key {
  readonly service: "anthropic";
  /** The time at which this key was last rate limited. */
  rateLimitedAt: number;
  /** The time until which this key is rate limited. */
  rateLimitedUntil: number;
  /**
   * Whether this key requires a special preamble.  For unclear reasons, some
   * Anthropic keys will throw an error if the prompt does not begin with a
   * message from the user, whereas others can be used without a preamble. This
   * is despite using the same API endpoint, version, and model.
   * When a key returns this particular error, we set this flag to true.
   */
  requiresPreamble: boolean;
 }
 /**
 * Upon being rate limited, a key will be locked out for this many milliseconds
 * while we wait for other concurrent requests to finish.
 */
 const RATE_LIMIT_LOCKOUT = 2000;
 /**
 * Upon assigning a key, we will wait this many milliseconds before allowing it
 * to be used again. This is to prevent the queue from flooding a key with too
 * many requests while we wait to learn whether previous ones succeeded.
 */
 const KEY_REUSE_DELAY = 500;
 export class AnthropicKeyProvider implements KeyProvider<AnthropicKey> {
  readonly service = "anthropic";
  private keys: AnthropicKey[] = [];
  private log = logger.child({ module: "key-provider", service: this.service });
  constructor() {
    const keyConfig = config.anthropicKey?.trim();
    if (!keyConfig) {
      this.log.warn(
        "ANTHROPIC_KEY is not set. Anthropic API will not be available."
      );
      return;
    }
    let bareKeys: string[];
    bareKeys = [...new Set(keyConfig.split(",").map((k) => k.trim()))];
    for (const key of bareKeys) {
      const newKey: AnthropicKey = {
        key,
        service: this.service,
        isGpt4: false,
        isTrial: false,
        isDisabled: false,
        promptCount: 0,
        lastUsed: 0,
        rateLimitedAt: 0,
        rateLimitedUntil: 0,
        requiresPreamble: false,
        hash: `ant-${crypto
          .createHash("sha256")
          .update(key)
          .digest("hex")
          .slice(0, 8)}`,
        lastChecked: 0,
      };
      this.keys.push(newKey);
    }
    this.log.info({ keyCount: this.keys.length }, "Loaded Anthropic keys.");
  }
  public init() {
    // Nothing to do as Anthropic's API doesn't provide any usage information so
    // there is no key checker implementation and no need to start it.
  }
  public list() {
    return this.keys.map((k) => Object.freeze({ ...k, key: undefined }));
  }
  public get(_model: AnthropicModel) {
    // Currently, all Anthropic keys have access to all models. This will almost
    // certainly change when they move out of beta later this year.
    const availableKeys = this.keys.filter((k) => !k.isDisabled);
    if (availableKeys.length === 0) {
      throw new Error("No Anthropic keys available.");
    }
    // (largely copied from the OpenAI provider, without trial key support)
    // Select a key, from highest priority to lowest priority:
    // 1. Keys which are not rate limited
    //    a. If all keys were rate limited recently, select the least-recently
    //       rate limited key.
    // 2. Keys which have not been used in the longest time
    const now = Date.now();
    const keysByPriority = availableKeys.sort((a, b) => {
      const aRateLimited = now - a.rateLimitedAt < RATE_LIMIT_LOCKOUT;
      const bRateLimited = now - b.rateLimitedAt < RATE_LIMIT_LOCKOUT;
      if (aRateLimited && !bRateLimited) return 1;
      if (!aRateLimited && bRateLimited) return -1;
      if (aRateLimited && bRateLimited) {
        return a.rateLimitedAt - b.rateLimitedAt;
      }
      return a.lastUsed - b.lastUsed;
    });
    const selectedKey = keysByPriority[0];
    selectedKey.lastUsed = now;
    selectedKey.rateLimitedAt = now;
    // Intended to throttle the queue processor as otherwise it will just
    // flood the API with requests and we want to wait a sec to see if we're
    // going to get a rate limit error on this key.
    selectedKey.rateLimitedUntil = now + KEY_REUSE_DELAY;
    return { ...selectedKey };
  }
  public disable(key: AnthropicKey) {
    const keyFromPool = this.keys.find((k) => k.key === key.key);
    if (!keyFromPool || keyFromPool.isDisabled) return;
    keyFromPool.isDisabled = true;
    this.log.warn({ key: key.hash }, "Key disabled");
  }
  public update(hash: string, update: Partial<AnthropicKey>) {
    const keyFromPool = this.keys.find((k) => k.hash === hash)!;
    Object.assign(keyFromPool, update);
  }
  public available() {
    return this.keys.filter((k) => !k.isDisabled).length;
  }
  // No key checker for Anthropic
  public anyUnchecked() {
    return false;
  }
  public incrementPrompt(hash?: string) {
    const key = this.keys.find((k) => k.hash === hash);
    if (!key) return;
    key.promptCount++;
  }
  public getLockoutPeriod(_model: AnthropicModel) {
    const activeKeys = this.keys.filter((k) => !k.isDisabled);
    // Don't lock out if there are no keys available or the queue will stall.
    // Just let it through so the add-key middleware can throw an error.
    if (activeKeys.length === 0) return 0;
    const now = Date.now();
    const rateLimitedKeys = activeKeys.filter((k) => now < k.rateLimitedUntil);
    const anyNotRateLimited = rateLimitedKeys.length < activeKeys.length;
    if (anyNotRateLimited) return 0;
    // If all keys are rate-limited, return the time until the first key is
    // ready.
    const timeUntilFirstReady = Math.min(
      ...activeKeys.map((k) => k.rateLimitedUntil - now)
    );
    return timeUntilFirstReady;
  }
  /**
   * This is called when we receive a 429, which means there are already five
   * concurrent requests running on this key. We don't have any information on
   * when these requests will resolve, so all we can do is wait a bit and try
   * again. We will lock the key for 2 seconds after getting a 429 before
   * retrying in order to give the other requests a chance to finish.
   */
  public markRateLimited(keyHash: string) {
    this.log.warn({ key: keyHash }, "Key rate limited");
    const key = this.keys.find((k) => k.hash === keyHash)!;
    const now = Date.now();
    key.rateLimitedAt = now;
    key.rateLimitedUntil = now + RATE_LIMIT_LOCKOUT;
  }
  public activeLimitInUsd() {
    return "∞";
  }
 }
@@ -1,67 +0,0 @@
 import { OPENAI_SUPPORTED_MODELS, OpenAIModel } from "./openai/provider";
 import {
  ANTHROPIC_SUPPORTED_MODELS,
  AnthropicModel,
 } from "./anthropic/provider";
 import { KeyPool } from "./key-pool";
 export type AIService = "openai" | "anthropic";
 export type Model = OpenAIModel | AnthropicModel;
 export interface Key {
  /** The API key itself. Never log this, use `hash` instead. */
  readonly key: string;
  /** The service that this key is for. */
  service: AIService;
  /** Whether this is a free trial key. These are prioritized over paid keys if they can fulfill the request. */
  isTrial: boolean;
  /** Whether this key has been provisioned for GPT-4. */
  isGpt4: boolean;
  /** Whether this key is currently disabled, meaning its quota has been exceeded or it has been revoked. */
  isDisabled: boolean;
  /** The number of prompts that have been sent with this key. */
  promptCount: number;
  /** The time at which this key was last used. */
  lastUsed: number;
  /** The time at which this key was last checked. */
  lastChecked: number;
  /** Hash of the key, for logging and to find the key in the pool. */
  hash: string;
 }
 /*
 KeyPool and KeyProvider's similarities are a relic of the old design where
 there was only a single KeyPool for OpenAI keys. Now that there are multiple
 supported services, the service-specific functionality has been moved to
 KeyProvider and KeyPool is just a wrapper around multiple KeyProviders,
 delegating to the appropriate one based on the model requested.
 Existing code will continue to call methods on KeyPool, which routes them to
 the appropriate KeyProvider or returns data aggregated across all KeyProviders
 for service-agnostic functionality.
 */
 export interface KeyProvider<T extends Key = Key> {
  readonly service: AIService;
  init(): void;
  get(model: Model): T;
  list(): Omit<T, "key">[];
  disable(key: T): void;
  update(hash: string, update: Partial<T>): void;
  available(): number;
  anyUnchecked(): boolean;
  incrementPrompt(hash: string): void;
  getLockoutPeriod(model: Model): number;
  activeLimitInUsd(options?: Record<string, unknown>): string;
  markRateLimited(hash: string): void;
 }
 export const keyPool = new KeyPool();
 export const SUPPORTED_MODELS = [
  ...OPENAI_SUPPORTED_MODELS,
  ...ANTHROPIC_SUPPORTED_MODELS,
 ] as const;
 export type SupportedModel = (typeof SUPPORTED_MODELS)[number];
 export { OPENAI_SUPPORTED_MODELS, ANTHROPIC_SUPPORTED_MODELS };
 export { AnthropicKey } from "./anthropic/provider";
 export { OpenAIKey } from "./openai/provider";
@@ -1,105 +0,0 @@
 import type * as http from "http";
 import { AnthropicKeyProvider, AnthropicKeyUpdate } from "./anthropic/provider";
 import { Key, Model, KeyProvider, AIService } from "./index";
 import { OpenAIKeyProvider, OpenAIKeyUpdate } from "./openai/provider";
 type AllowedPartial = OpenAIKeyUpdate | AnthropicKeyUpdate;
 export class KeyPool {
  private keyProviders: KeyProvider[] = [];
  constructor() {
    this.keyProviders.push(new OpenAIKeyProvider());
    this.keyProviders.push(new AnthropicKeyProvider());
  }
  public init() {
    this.keyProviders.forEach((provider) => provider.init());
    const availableKeys = this.available("all");
    if (availableKeys === 0) {
      throw new Error(
        "No keys loaded. Ensure either OPENAI_KEY or ANTHROPIC_KEY is set."
      );
    }
  }
  public get(model: Model): Key {
    const service = this.getService(model);
    return this.getKeyProvider(service).get(model);
  }
  public list(): Omit<Key, "key">[] {
    return this.keyProviders.flatMap((provider) => provider.list());
  }
  public disable(key: Key, reason: "quota" | "revoked"): void {
    const service = this.getKeyProvider(key.service);
    service.disable(key);
    if (service instanceof OpenAIKeyProvider) {
      service.update(key.hash, {
        isRevoked: reason === "revoked",
        isOverQuota: reason === "quota",
      });
    }
  }
  public update(key: Key, props: AllowedPartial): void {
    const service = this.getKeyProvider(key.service);
    service.update(key.hash, props);
  }
  public available(service: AIService | "all" = "all"): number {
    return this.keyProviders.reduce((sum, provider) => {
      const includeProvider = service === "all" || service === provider.service;
      return sum + (includeProvider ? provider.available() : 0);
    }, 0);
  }
  public anyUnchecked(): boolean {
    return this.keyProviders.some((provider) => provider.anyUnchecked());
  }
  public incrementPrompt(key: Key): void {
    const provider = this.getKeyProvider(key.service);
    provider.incrementPrompt(key.hash);
  }
  public getLockoutPeriod(model: Model): number {
    const service = this.getService(model);
    return this.getKeyProvider(service).getLockoutPeriod(model);
  }
  public markRateLimited(key: Key): void {
    const provider = this.getKeyProvider(key.service);
    provider.markRateLimited(key.hash);
  }
  public updateRateLimits(key: Key, headers: http.IncomingHttpHeaders): void {
    const provider = this.getKeyProvider(key.service);
    if (provider instanceof OpenAIKeyProvider) {
      provider.updateRateLimits(key.hash, headers);
    }
  }
  public activeLimitInUsd(
    service: AIService,
    options?: Record<string, unknown>
  ): string {
    return this.getKeyProvider(service).activeLimitInUsd(options);
  }
  private getService(model: Model): AIService {
    if (model.startsWith("gpt")) {
      // https://platform.openai.com/docs/models/model-endpoint-compatibility
      return "openai";
    } else if (model.startsWith("claude-")) {
      // https://console.anthropic.com/docs/api/reference#parameters
      return "anthropic";
    }
    throw new Error(`Unknown service for model '${model}'`);
  }
  private getKeyProvider(service: AIService): KeyProvider {
    return this.keyProviders.find((provider) => provider.service === service)!;
  }
 }
@@ -1,347 +0,0 @@
 import axios, { AxiosError } from "axios";
 import { logger } from "../../logger";
 import type { OpenAIKey, OpenAIKeyProvider } from "./provider";
 /** Minimum time in between any two key checks. */
 const MIN_CHECK_INTERVAL = 3 * 1000; // 3 seconds
 /**
 * Minimum time in between checks for a given key. Because we can no longer
 * read quota usage, there is little reason to check a single key more often
 * than this.
 **/
 const KEY_CHECK_PERIOD = 60 * 60 * 1000; // 1 hour
 const POST_CHAT_COMPLETIONS_URL = "https://api.openai.com/v1/chat/completions";
 const GET_MODELS_URL = "https://api.openai.com/v1/models";
 const GET_SUBSCRIPTION_URL =
  "https://api.openai.com/dashboard/billing/subscription";
 type GetModelsResponse = {
  data: [{ id: string }];
 };
 type GetSubscriptionResponse = {
  plan: { title: string };
  has_payment_method: boolean;
  soft_limit_usd: number;
  hard_limit_usd: number;
  system_hard_limit_usd: number;
 };
 type OpenAIError = {
  error: { type: string; code: string; param: unknown; message: string };
 };
 type UpdateFn = typeof OpenAIKeyProvider.prototype.update;
 export class OpenAIKeyChecker {
  private readonly keys: OpenAIKey[];
  private log = logger.child({ module: "key-checker", service: "openai" });
  private timeout?: NodeJS.Timeout;
  private updateKey: UpdateFn;
  private lastCheck = 0;
  constructor(keys: OpenAIKey[], updateKey: UpdateFn) {
    this.keys = keys;
    this.updateKey = updateKey;
  }
  public start() {
    this.log.info("Starting key checker...");
    this.scheduleNextCheck();
  }
  public stop() {
    if (this.timeout) {
      clearTimeout(this.timeout);
    }
  }
  /**
   * Schedules the next check. If there are still keys yet to be checked, it
   * will schedule a check immediately for the next unchecked key. Otherwise,
   * it will schedule a check for the least recently checked key, respecting
   * the minimum check interval.
   **/
  private scheduleNextCheck() {
    const enabledKeys = this.keys.filter((key) => !key.isDisabled);
    if (enabledKeys.length === 0) {
      this.log.warn("All keys are disabled. Key checker stopping.");
      return;
    }
    // Perform startup checks for any keys that haven't been checked yet.
    const uncheckedKeys = enabledKeys.filter((key) => !key.lastChecked);
    if (uncheckedKeys.length > 0) {
      // Check up to 12 keys at once to speed up startup.
      const keysToCheck = uncheckedKeys.slice(0, 12);
      this.log.info(
        {
          key: keysToCheck.map((key) => key.hash),
          remaining: uncheckedKeys.length - keysToCheck.length,
        },
        "Scheduling initial checks for key batch."
      );
      this.timeout = setTimeout(async () => {
        const promises = keysToCheck.map((key) => this.checkKey(key));
        try {
          await Promise.all(promises);
        } catch (error) {
          this.log.error({ error }, "Error checking one or more keys.");
        }
        this.scheduleNextCheck();
      }, 250);
      return;
    }
    // Schedule the next check for the oldest key.
    const oldestKey = enabledKeys.reduce((oldest, key) =>
      key.lastChecked < oldest.lastChecked ? key : oldest
    );
    // Don't check any individual key too often.
    // Don't check anything at all at a rate faster than once per 3 seconds.
    const nextCheck = Math.max(
      oldestKey.lastChecked + KEY_CHECK_PERIOD,
      this.lastCheck + MIN_CHECK_INTERVAL
    );
    this.log.debug(
      { key: oldestKey.hash, nextCheck: new Date(nextCheck) },
      "Scheduling next check."
    );
    const delay = nextCheck - Date.now();
    this.timeout = setTimeout(() => this.checkKey(oldestKey), delay);
  }
  private async checkKey(key: OpenAIKey) {
    // It's possible this key might have been disabled while we were waiting
    // for the next check.
    if (key.isDisabled) {
      this.log.warn({ key: key.hash }, "Skipping check for disabled key.");
      this.scheduleNextCheck();
      return;
    }
    this.log.debug({ key: key.hash }, "Checking key...");
    let isInitialCheck = !key.lastChecked;
    try {
      // We only need to check for provisioned models on the initial check.
      if (isInitialCheck) {
        const [/* subscription,*/ provisionedModels, livenessTest] =
          await Promise.all([
            // this.getSubscription(key),
            this.getProvisionedModels(key),
            this.testLiveness(key),
          ]);
        const updates = {
          isGpt4: provisionedModels.gpt4,
          // softLimit: subscription.soft_limit_usd,
          // hardLimit: subscription.hard_limit_usd,
          // systemHardLimit: subscription.system_hard_limit_usd,
          isTrial: livenessTest.rateLimit <= 250,
          softLimit: 0,
          hardLimit: 0,
          systemHardLimit: 0,
        };
        this.updateKey(key.hash, updates);
      } else {
        // Provisioned models don't change, so we don't need to check them again
        const [/* subscription, */ _livenessTest] = await Promise.all([
          // this.getSubscription(key),
          this.testLiveness(key),
        ]);
        const updates = {
          // softLimit: subscription.soft_limit_usd,
          // hardLimit: subscription.hard_limit_usd,
          // systemHardLimit: subscription.system_hard_limit_usd,
          softLimit: 0,
          hardLimit: 0,
          systemHardLimit: 0,
        };
        this.updateKey(key.hash, updates);
      }
      this.log.info(
        { key: key.hash, hardLimit: key.hardLimit },
        "Key check complete."
      );
    } catch (error) {
      // touch the key so we don't check it again for a while
      this.updateKey(key.hash, {});
      this.handleAxiosError(key, error as AxiosError);
    }
    this.lastCheck = Date.now();
    // Only enqueue the next check if this wasn't a startup check, since those
    // are batched together elsewhere.
    if (!isInitialCheck) {
      // this.scheduleNextCheck();
    }
  }
  private async getProvisionedModels(
    key: OpenAIKey
  ): Promise<{ turbo: boolean; gpt4: boolean }> {
    const opts = { headers: { Authorization: `Bearer ${key.key}` } };
    const { data } = await axios.get<GetModelsResponse>(GET_MODELS_URL, opts);
    const models = data.data;
    const turbo = models.some(({ id }) => id.startsWith("gpt-3.5"));
    const gpt4 = models.some(({ id }) => id.startsWith("gpt-4"));
    // We want to update the key's `isGpt4` flag here, but we don't want to
    // update its `lastChecked` timestamp because we need to let the liveness
    // check run before we can consider the key checked.
    // Need to use `find` here because keys are cloned from the pool.
    const keyFromPool = this.keys.find((k) => k.hash === key.hash)!;
    this.updateKey(key.hash, {
      isGpt4: gpt4,
      lastChecked: keyFromPool.lastChecked,
    });
    return { turbo, gpt4 };
  }
  private async getSubscription(key: OpenAIKey) {
    const { data } = await axios.get<GetSubscriptionResponse>(
      GET_SUBSCRIPTION_URL,
      { headers: { Authorization: `Bearer ${key.key}` } }
    );
    // See note above about updating the key's `lastChecked` timestamp.
    const keyFromPool = this.keys.find((k) => k.hash === key.hash)!;
    this.updateKey(key.hash, {
      isTrial: !data.has_payment_method,
      lastChecked: keyFromPool.lastChecked,
    });
    return data;
  }
  private handleAxiosError(key: OpenAIKey, error: AxiosError) {
    if (error.response && OpenAIKeyChecker.errorIsOpenAIError(error)) {
      const { status, data } = error.response;
      if (status === 401) {
        this.log.warn(
          { key: key.hash, error: data },
          "Key is invalid or revoked. Disabling key."
        );
        this.updateKey(key.hash, {
          isDisabled: true,
          isRevoked: true,
          isGpt4: false,
        });
      } else if (status === 429) {
        switch (data.error.type) {
          case "insufficient_quota":
          case "access_terminated":
          case "billing_not_active":
            const isOverQuota = data.error.type === "insufficient_quota";
            const isRevoked = !isOverQuota;
            const isGpt4 = isRevoked ? false : key.isGpt4;
            this.log.warn(
              { key: key.hash, rateLimitType: data.error.type, error: data },
              "Key returned a non-transient 429 error. Disabling key."
            );
            this.updateKey(key.hash, {
              isDisabled: true,
              isRevoked,
              isOverQuota,
              isGpt4,
            });
            break;
          case "requests":
            // Trial keys have extremely low requests-per-minute limits and we
            // can often hit them just while checking the key, so we need to
            // retry the check later to know if the key has quota remaining.
            this.log.warn(
              { key: key.hash, error: data },
              "Key is currently rate limited, so its liveness cannot be checked. Retrying in fifteen seconds."
            );
            // To trigger a shorter than usual delay before the next check, we
            // will set its `lastChecked` to (NOW - (KEY_CHECK_PERIOD - 15s)).
            // This will cause the usual key check scheduling logic to schedule
            // the next check in 15 seconds. This also prevents the key from
            // holding up startup checks for other keys.
            const fifteenSeconds = 15 * 1000;
            const next = Date.now() - (KEY_CHECK_PERIOD - fifteenSeconds);
            this.updateKey(key.hash, { lastChecked: next });
            break;
          case "tokens":
            // Hitting a token rate limit, even on a trial key, actually implies
            // that the key is valid and can generate completions, so we will
            // treat this as effectively a successful `testLiveness` call.
            this.log.info(
              { key: key.hash },
              "Key is currently `tokens` rate limited; assuming it is operational."
            );
            this.updateKey(key.hash, { lastChecked: Date.now() });
            break;
          default:
            this.log.error(
              { key: key.hash, rateLimitType: data.error.type, error: data },
              "Encountered unexpected rate limit error class while checking key. This may indicate a change in the API; please report this."
            );
            // We don't know what this error means, so we just let the key
            // through and maybe it will fail when someone tries to use it.
            this.updateKey(key.hash, { lastChecked: Date.now() });
        }
      } else {
        this.log.error(
          { key: key.hash, status, error: data },
          "Encountered unexpected error status while checking key. This may indicate a change in the API; please report this."
        );
        this.updateKey(key.hash, { lastChecked: Date.now() });
      }
      return;
    }
    this.log.error(
      { key: key.hash, error: error.message },
      "Network error while checking key; trying this key again in a minute."
    );
    const oneMinute = 60 * 1000;
    const next = Date.now() - (KEY_CHECK_PERIOD - oneMinute);
    this.updateKey(key.hash, { lastChecked: next });
  }
  /**
   * Tests whether the key is valid and has quota remaining. The request we send
   * is actually not valid, but keys which are revoked or out of quota will fail
   * with a 401 or 429 error instead of the expected 400 Bad Request error.
   * This lets us avoid test keys without spending any quota.
   * 
   * We use the rate limit header to determine whether it's a trial key.
   */
  private async testLiveness(key: OpenAIKey): Promise<{ rateLimit: number }> {
    const payload = {
      model: "gpt-3.5-turbo",
      max_tokens: -1,
      messages: [{ role: "user", content: "" }],
    };
    const { headers, data } = await axios.post<OpenAIError>(
      POST_CHAT_COMPLETIONS_URL,
      payload,
      {
        headers: { Authorization: `Bearer ${key.key}` },
        validateStatus: (status) => status === 400,
      }
    );
    const rateLimitHeader = headers["x-ratelimit-limit-requests"];
    const rateLimit = parseInt(rateLimitHeader) || 3500; // trials have 200
    // invalid_request_error is the expected error
    if (data.error.type !== "invalid_request_error") {
      this.log.warn(
        { key: key.hash, error: data },
        "Unexpected 400 error class while checking key; assuming key is valid, but this may indicate a change in the API."
      );
    }
    return { rateLimit };
  }
  static errorIsOpenAIError(
    error: AxiosError
  ): error is AxiosError<OpenAIError> {
    const data = error.response?.data as any;
    return data?.error?.type;
  }
 }
@@ -1,348 +0,0 @@
 /* Manages OpenAI API keys. Tracks usage, disables expired keys, and provides
 round-robin access to keys. Keys are stored in the OPENAI_KEY environment
 variable as a comma-separated list of keys. */
 import crypto from "crypto";
 import fs from "fs";
 import http from "http";
 import path from "path";
 import { KeyProvider, Key, Model } from "../index";
 import { config } from "../../config";
 import { logger } from "../../logger";
 import { OpenAIKeyChecker } from "./checker";
 export type OpenAIModel = "gpt-3.5-turbo" | "gpt-4";
 export const OPENAI_SUPPORTED_MODELS: readonly OpenAIModel[] = [
  "gpt-3.5-turbo",
  "gpt-4",
 ] as const;
 export interface OpenAIKey extends Key {
  readonly service: "openai";
  /** Set when key check returns a 401. */
  isRevoked: boolean;
  /** Set when key check returns a non-transient 429. */
  isOverQuota: boolean;
  /** Threshold at which a warning email will be sent by OpenAI. */
  softLimit: number;
  /** Threshold at which the key will be disabled because it has reached the user-defined limit. */
  hardLimit: number;
  /** The maximum quota allocated to this key by OpenAI. */
  systemHardLimit: number;
  /** The time at which this key was last rate limited. */
  rateLimitedAt: number;
  /**
   * Last known X-RateLimit-Requests-Reset header from OpenAI, converted to a
   * number.
   * Formatted as a `\d+(m|s)` string denoting the time until the limit resets.
   * Specifically, it seems to indicate the time until the key's quota will be
   * fully restored; the key may be usable before this time as the limit is a
   * rolling window.
   *
   * Requests which return a 429 do not count against the quota.
   *
   * Requests which fail for other reasons (e.g. 401) count against the quota.
   */
  rateLimitRequestsReset: number;
  /**
   * Last known X-RateLimit-Tokens-Reset header from OpenAI, converted to a
   * number.
   * Appears to follow the same format as `rateLimitRequestsReset`.
   *
   * Requests which fail do not count against the quota as they do not consume
   * tokens.
   */
  rateLimitTokensReset: number;
 }
 export type OpenAIKeyUpdate = Omit<
  Partial<OpenAIKey>,
  "key" | "hash" | "promptCount"
 >;
 export class OpenAIKeyProvider implements KeyProvider<OpenAIKey> {
  readonly service = "openai" as const;
  private keys: OpenAIKey[] = [];
  private checker?: OpenAIKeyChecker;
  private log = logger.child({ module: "key-provider", service: this.service });
  constructor() {
    const keyString = config.openaiKey?.trim();
    if (!keyString) {
      this.log.warn("OPENAI_KEY is not set. OpenAI API will not be available.");
      return;
    }
    let bareKeys: string[];
    bareKeys = keyString.split(",").map((k) => k.trim());
    bareKeys = [...new Set(bareKeys)];
    for (const k of bareKeys) {
      const newKey = {
        key: k,
        service: "openai" as const,
        isGpt4: true,
        isTrial: false,
        isDisabled: false,
        isRevoked: false,
        isOverQuota: false,
        softLimit: 0,
        hardLimit: 0,
        systemHardLimit: 0,
        usage: 0,
        lastUsed: 0,
        lastChecked: 0,
        promptCount: 0,
        hash: `oai-${crypto
          .createHash("sha256")
          .update(k)
          .digest("hex")
          .slice(0, 8)}`,
        rateLimitedAt: 0,
        rateLimitRequestsReset: 0,
        rateLimitTokensReset: 0,
      };
      this.keys.push(newKey);
    }
    this.log.info({ keyCount: this.keys.length }, "Loaded OpenAI keys.");
  }
  public init() {
    if (config.checkKeys) {
      this.checker = new OpenAIKeyChecker(this.keys, this.update.bind(this));
      this.checker.start();
    }
  }
  /**
   * Returns a list of all keys, with the key field removed.
   * Don't mutate returned keys, use a KeyPool method instead.
   **/
  public list() {
    return this.keys.map((key) => {
      return Object.freeze({
        ...key,
        key: undefined,
      });
    });
  }
  public get(model: Model) {
    const needGpt4 = model.startsWith("gpt-4");
    const availableKeys = this.keys.filter(
      (key) => !key.isDisabled && (!needGpt4 || key.isGpt4)
    );
    if (availableKeys.length === 0) {
      let message = needGpt4
        ? "No GPT-4 keys available.  Try selecting a Turbo model."
        : "No active OpenAI keys available.";
      throw new Error(message);
    }
    if (needGpt4 && config.turboOnly) {
      throw new Error(
        "Proxy operator has disabled GPT-4 to reduce quota usage.  Try selecting a Turbo model."
      );
    }
    // Select a key, from highest priority to lowest priority:
    // 1. Keys which are not rate limited
    //    a. We ignore rate limits from over a minute ago
    //    b. If all keys were rate limited in the last minute, select the
    //       least recently rate limited key
    // 2. Keys which are trials
    // 3. Keys which have not been used in the longest time
    const now = Date.now();
    const rateLimitThreshold = 60 * 1000;
    const keysByPriority = availableKeys.sort((a, b) => {
      const aRateLimited = now - a.rateLimitedAt < rateLimitThreshold;
      const bRateLimited = now - b.rateLimitedAt < rateLimitThreshold;
      if (aRateLimited && !bRateLimited) return 1;
      if (!aRateLimited && bRateLimited) return -1;
      if (aRateLimited && bRateLimited) {
        return a.rateLimitedAt - b.rateLimitedAt;
      }
      if (a.isTrial && !b.isTrial) return -1;
      if (!a.isTrial && b.isTrial) return 1;
      return a.lastUsed - b.lastUsed;
    });
    const selectedKey = keysByPriority[0];
    selectedKey.lastUsed = now;
    // When a key is selected, we rate-limit it for a brief period of time to
    // prevent the queue processor from immediately flooding it with requests
    // while the initial request is still being processed (which is when we will
    // get new rate limit headers).
    // Instead, we will let a request through every second until the key
    // becomes fully saturated and locked out again.
    selectedKey.rateLimitedAt = now;
    selectedKey.rateLimitRequestsReset = 1000;
    return { ...selectedKey };
  }
  /** Called by the key checker to update key information. */
  public update(keyHash: string, update: OpenAIKeyUpdate) {
    const keyFromPool = this.keys.find((k) => k.hash === keyHash)!;
    Object.assign(keyFromPool, { lastChecked: Date.now(), ...update });
    // this.writeKeyStatus();
  }
  /** Disables a key, or does nothing if the key isn't in this pool. */
  public disable(key: Key) {
    const keyFromPool = this.keys.find((k) => k.key === key.key);
    if (!keyFromPool || keyFromPool.isDisabled) return;
    keyFromPool.isDisabled = true;
    this.log.warn({ key: key.hash }, "Key disabled");
  }
  public available() {
    return this.keys.filter((k) => !k.isDisabled).length;
  }
  public anyUnchecked() {
    return !!config.checkKeys && this.keys.some((key) => !key.lastChecked);
  }
  /**
   * Given a model, returns the period until a key will be available to service
   * the request, or returns 0 if a key is ready immediately.
   */
  public getLockoutPeriod(model: Model = "gpt-4"): number {
    const needGpt4 = model.startsWith("gpt-4");
    const activeKeys = this.keys.filter(
      (key) => !key.isDisabled && (!needGpt4 || key.isGpt4)
    );
    if (activeKeys.length === 0) {
      // If there are no active keys for this model we can't fulfill requests.
      // We'll return 0 to let the request through and return an error,
      // otherwise the request will be stuck in the queue forever.
      return 0;
    }
    // A key is rate-limited if its `rateLimitedAt` plus the greater of its
    // `rateLimitRequestsReset` and `rateLimitTokensReset` is after the
    // current time.
    // If there are any keys that are not rate-limited, we can fulfill requests.
    const now = Date.now();
    const rateLimitedKeys = activeKeys.filter((key) => {
      const resetTime = Math.max(
        key.rateLimitRequestsReset,
        key.rateLimitTokensReset
      );
      return now < key.rateLimitedAt + resetTime;
    }).length;
    const anyNotRateLimited = rateLimitedKeys < activeKeys.length;
    if (anyNotRateLimited) {
      return 0;
    }
    // If all keys are rate-limited, return the time until the first key is
    // ready.
    const timeUntilFirstReady = Math.min(
      ...activeKeys.map((key) => {
        const resetTime = Math.max(
          key.rateLimitRequestsReset,
          key.rateLimitTokensReset
        );
        return key.rateLimitedAt + resetTime - now;
      })
    );
    return timeUntilFirstReady;
  }
  public markRateLimited(keyHash: string) {
    this.log.warn({ key: keyHash }, "Key rate limited");
    const key = this.keys.find((k) => k.hash === keyHash)!;
    key.rateLimitedAt = Date.now();
  }
  public incrementPrompt(keyHash?: string) {
    const key = this.keys.find((k) => k.hash === keyHash);
    if (!key) return;
    key.promptCount++;
  }
  public updateRateLimits(keyHash: string, headers: http.IncomingHttpHeaders) {
    const key = this.keys.find((k) => k.hash === keyHash)!;
    const requestsReset = headers["x-ratelimit-reset-requests"];
    const tokensReset = headers["x-ratelimit-reset-tokens"];
    // Sometimes OpenAI only sends one of the two rate limit headers, it's
    // unclear why.
    if (requestsReset && typeof requestsReset === "string") {
      this.log.info(
        { key: key.hash, requestsReset },
        `Updating rate limit requests reset time`
      );
      key.rateLimitRequestsReset = getResetDurationMillis(requestsReset);
    }
    if (tokensReset && typeof tokensReset === "string") {
      this.log.info(
        { key: key.hash, tokensReset },
        `Updating rate limit tokens reset time`
      );
      key.rateLimitTokensReset = getResetDurationMillis(tokensReset);
    }
    if (!requestsReset && !tokensReset) {
      this.log.warn(
        { key: key.hash },
        `No rate limit headers in OpenAI response; skipping update`
      );
      return;
    }
  }
  /**
   * Returns the total quota limit of all keys in USD. Keys which are disabled
   * are not included in the total.
   */
  public activeLimitInUsd(
    { gpt4 }: { gpt4: boolean } = { gpt4: false }
  ): string {
    const keys = this.keys.filter((k) => !k.isDisabled && k.isGpt4 === gpt4);
    const totalLimit = keys.reduce((acc, { hardLimit }) => acc + hardLimit, 0);
    return `$${totalLimit.toFixed(2)}`;
  }
  /** Writes key status to disk. */
  // public writeKeyStatus() {
  //   const keys = this.keys.map((key) => ({
  //     key: key.key,
  //     isGpt4: key.isGpt4,
  //     usage: key.usage,
  //     hardLimit: key.hardLimit,
  //     isDisabled: key.isDisabled,
  //   }));
  //   fs.writeFileSync(
  //     path.join(__dirname, "..", "keys.json"),
  //     JSON.stringify(keys, null, 2)
  //   );
  // }
 }
 /**
 * Converts reset string ("21.0032s" or "21ms") to a number of milliseconds.
 * Result is clamped to 10s even though the API returns up to 60s, because the
 * API returns the time until the entire quota is reset, even if a key may be
 * able to fulfill requests before then due to partial resets.
 **/
 function getResetDurationMillis(resetDuration?: string): number {
  const match = resetDuration?.match(/(\d+(\.\d+)?)(s|ms)/);
  if (match) {
    const [, time, , unit] = match;
    const value = parseFloat(time);
    const result = unit === "s" ? value * 1000 : value;
    return Math.min(result, 10000);
  }
  return 0;
 }
@@ -1,6 +1,20 @@
 import pino from "pino";
 import { config } from "./config";
 const transport =
  process.env.NODE_ENV === "production"
    ? undefined
    : {
        target: "pino-pretty",
        options: {
          singleLine: true,
          messageFormat: "{if module}\x1b[90m[{module}] \x1b[39m{end}{msg}",
          ignore: "module",
        },
      };
 export const logger = pino({
  level: config.logLevel,
  base: { pid: process.pid, module: "server" },
  transport,
 });
@@ -1 +0,0 @@
 export * as sheets from "./sheets";
@@ -0,0 +1,9 @@
 import { NextFunction, Request, Response } from "express";
 export function addV1(req: Request, res: Response, next: NextFunction) {
  // Clients don't consistently use the /v1 prefix so we'll add it for them.
  if (!req.path.startsWith("/v1/") && !req.path.match(/^\/(v1alpha|v1beta)\//)) {
    req.url = `/v1${req.url}`;
  }
  next();
 }
@@ -1,24 +1,16 @@
 import { Request, RequestHandler, Router } from "express";
 import * as http from "http";
 import { createProxyMiddleware } from "http-proxy-middleware";
 import { config } from "../config";
 import { logger } from "../logger";
 import { createQueueMiddleware } from "./queue";
 import { ipLimiter } from "./rate-limit";
 import { handleProxyError } from "./middleware/common";
 import {
  addKey,
  addAnthropicPreamble,
  blockZoomerOrigins,
  createPreprocessorMiddleware,
  finalizeBody,
  languageFilter,
  removeOriginHeaders,
 } from "./middleware/request";
-import {
+import { ProxyResHandlerWithBody } from "./middleware/response";
-  ProxyResHandlerWithBody,
+import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
-  createOnProxyResHandler,
+import { ProxyReqManager } from "./middleware/request/proxy-req-manager";
-} from "./middleware/response";
+import { claudeModels } from "../shared/claude-models";
 import { validateClaude41OpusParameters } from "../shared/claude-4-1-validation";
 let modelsCache: any = null;
 let modelsCacheTime = 0;
@@ -28,36 +20,32 @@ const getModelsResponse = () => {
    return modelsCache;
  }
-  if (!config.anthropicKey) return { object: "list", data: [] };
+  if (!config.anthropicKey) return { object: "list", data: [], has_more: false, first_id: null, last_id: null };
-  const claudeVariants = [
+  const date = new Date()
-    "claude-v1",
+  const models = claudeModels.map(model => ({
-    "claude-v1-100k",
+    // Common
-    "claude-instant-v1",
+    id: model.anthropicId,
    "claude-instant-v1-100k",
    "claude-v1.3",
    "claude-v1.3-100k",
    "claude-v1.2",
    "claude-v1.0",
    "claude-instant-v1.1",
    "claude-instant-v1.1-100k",
    "claude-instant-v1.0",
    "claude-2", // claude-2 is 100k by default it seems
    "claude-2.0",
  ];
  const models = claudeVariants.map((id) => ({
    id,
    object: "model",
    created: new Date().getTime(),
    owned_by: "anthropic",
-    permission: [],
+    // Anthropic
-    root: "claude",
+    type: "model",
-    parent: null,
+    display_name: model.displayName,
    created_at: date.toISOString(),
    // OpenAI
    object: "model",
    created: date.getTime(),
  }));  
-  modelsCache = { object: "list", data: models };
+  modelsCache = { 
-  modelsCacheTime = new Date().getTime();
+    // Common
    object: "list",
    data: models,
    // Anthropic
    has_more: false,
    first_id: models[0]?.id,
    last_id: models[models.length - 1]?.id,
  };
  modelsCacheTime = date.getTime();
  return modelsCache;
 };
@@ -66,32 +54,7 @@ const handleModelRequest: RequestHandler = (_req, res) => {
  res.status(200).json(getModelsResponse());
 };
-const rewriteAnthropicRequest = (
+const anthropicBlockingResponseHandler: ProxyResHandlerWithBody = async (
  proxyReq: http.ClientRequest,
  req: Request,
  res: http.ServerResponse
 ) => {
  const rewriterPipeline = [
    addKey,
    addAnthropicPreamble,
    languageFilter,
    blockZoomerOrigins,
    removeOriginHeaders,
    finalizeBody,
  ];
  try {
    for (const rewriter of rewriterPipeline) {
      rewriter(proxyReq, req, res, {});
    }
  } catch (error) {
    req.log.error(error, "Error while executing proxy rewriter");
    proxyReq.destroy(error as Error);
  }
 };
 /** Only used for non-streaming requests. */
 const anthropicResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
@@ -101,42 +64,63 @@ const anthropicResponseHandler: ProxyResHandlerWithBody = async (
    throw new Error("Expected body to be an object");
  }
-  if (config.promptLogging) {
+  let newBody = body;
-    const host = req.get("host");
+  switch (`${req.inboundApi}<-${req.outboundApi}`) {
-    body.proxy_note = `Prompts are logged on this proxy instance. See ${host} for more information.`;
+    case "openai<-anthropic-text":
      req.log.info("Transforming Anthropic Text back to OpenAI format");
      newBody = transformAnthropicTextResponseToOpenAI(body, req);
      break;
    case "openai<-anthropic-chat":
      req.log.info("Transforming Anthropic Chat back to OpenAI format");
      newBody = transformAnthropicChatResponseToOpenAI(body);
      break;
    case "anthropic-text<-anthropic-chat":
      req.log.info("Transforming Anthropic Chat back to Anthropic chat format");
      newBody = transformAnthropicChatResponseToAnthropicText(body);
      break;
  }
-  if (req.inboundApi === "openai") {
+  res.status(200).json({ ...newBody, proxy: body.proxy });
    req.log.info("Transforming Anthropic response to OpenAI format");
    body = transformAnthropicResponse(body);
  }
  // TODO: Remove once tokenization is stable
  if (req.debug) {
    body.proxy_tokenizer_debug_info = req.debug;
  }
  res.status(200).json(body);
 };
-/**
+function flattenChatResponse(
- * Transforms a model response from the Anthropic API to match those from the
+  content: { type: string; text: string }[]
- * OpenAI API, for users using Claude via the OpenAI-compatible endpoint. This
+): string {
- * is only used for non-streaming requests as streaming requests are handled
+  return content
- * on-the-fly.
+    .map((part: { type: string; text: string }) =>
- */
+      part.type === "text" ? part.text : ""
-function transformAnthropicResponse(
+    )
    .join("\n");
 }
 export function transformAnthropicChatResponseToAnthropicText(
  anthropicBody: Record<string, any>
 ): Record<string, any> {
  return {
    type: "completion",
    id: "ant-" + anthropicBody.id,
    completion: flattenChatResponse(anthropicBody.content),
    stop_reason: anthropicBody.stop_reason,
    stop: anthropicBody.stop_sequence,
    model: anthropicBody.model,
    usage: anthropicBody.usage,
  };
 }
 function transformAnthropicTextResponseToOpenAI(
  anthropicBody: Record<string, any>,
  req: Request
 ): Record<string, any> {
  const totalTokens = (req.promptTokens ?? 0) + (req.outputTokens ?? 0);
  return {
    id: "ant-" + anthropicBody.log_id,
    object: "chat.completion",
    created: Date.now(),
    model: anthropicBody.model,
    usage: {
-      prompt_tokens: 0,
+      prompt_tokens: req.promptTokens,
-      completion_tokens: 0,
+      completion_tokens: req.outputTokens,
-      total_tokens: 0,
+      total_tokens: totalTokens,
    },
    choices: [
      {
@@ -151,54 +135,250 @@ function transformAnthropicResponse(
  };
 }
-const anthropicProxy = createQueueMiddleware(
+export function transformAnthropicChatResponseToOpenAI(
-  createProxyMiddleware({
+  anthropicBody: Record<string, any>
-    target: "https://api.anthropic.com",
+): Record<string, any> {
-    changeOrigin: true,
+  return {
-    on: {
+    id: "ant-" + anthropicBody.id,
-      proxyReq: rewriteAnthropicRequest,
+    object: "chat.completion",
-      proxyRes: createOnProxyResHandler([anthropicResponseHandler]),
+    created: Date.now(),
-      error: handleProxyError,
+    model: anthropicBody.model,
-    },
+    usage: anthropicBody.usage,
-    selfHandleResponse: true,
+    choices: [
-    logger,
+      {
-    pathRewrite: {
+        message: {
-      // Send OpenAI-compat requests to the real Anthropic endpoint.
+          role: "assistant",
-      "^/v1/chat/completions": "/v1/complete",
+          content: flattenChatResponse(anthropicBody.content),
-    },
+        },
-  })
+        finish_reason: anthropicBody.stop_reason,
        index: 0,
      },
    ],
  };
 }
 /**
 * If a client using the OpenAI compatibility endpoint requests an actual OpenAI
 * model, reassigns it to Sonnet.
 */
 function maybeReassignModel(req: Request) {
  const model = req.body.model;
  if (model.includes("claude")) return; // use whatever model the user requested
  req.body.model = "claude-3-5-sonnet-latest";
 }
 /**
 * If client requests more than 4096 output tokens the request must have a
 * particular version header.
 * https://docs.anthropic.com/en/release-notes/api#july-15th-2024
 * 
 * Also adds the required beta header for 1-hour cache duration if requested.
 * Also validates Claude 4.1 Opus parameters (temperature/top_p).
 */
 function setAnthropicBetaHeader(req: Request) {
  // Validate Claude 4.1 Opus parameters before processing
  validateClaude41OpusParameters(req);
  const { max_tokens_to_sample } = req.body;
  // Initialize beta headers array
  const betaHeaders: string[] = [];
  // Add max tokens beta header if needed
  if (max_tokens_to_sample > 4096) {
    betaHeaders.push("max-tokens-3-5-sonnet-2024-07-15");
  }
  // Add extended cache TTL beta header if 1h cache is requested
  if (req.body.cache_control?.ttl === "1h") {
    betaHeaders.push("extended-cache-ttl-2025-04-11");
  }
  // Set the combined beta headers if any were added
  if (betaHeaders.length > 0) {
    req.headers["anthropic-beta"] = betaHeaders.join(",");
  }
 }
 /**
 * Adds web search tool for Claude-3.5 and Claude-3.7 models when enable_web_search is true
 * 
 * Supports all optional parameters documented in the Claude API:
 * - max_uses: Limit the number of searches per request
 * - allowed_domains: Only include results from these domains
 * - blocked_domains: Never include results from these domains
 * - user_location: Localize search results
 */
 function addWebSearchTool(req: Request) {
  // Check if this is a Claude model that supports web search and if web search is enabled
  const isClaude35 = req.body.model?.includes("claude-3-5") || req.body.model?.includes("claude-3.5");
  const isClaude37 = req.body.model?.includes("claude-3-7") || req.body.model?.includes("claude-3.7");
  const isClaude4 = req.body.model?.includes("claude-sonnet-4") || req.body.model?.includes("claude-opus-4");
  const useWebSearch = (isClaude35 || isClaude37 || isClaude4) && Boolean(req.body.enable_web_search);
  if (useWebSearch) {
    // Create the base web search tool
    const webSearchTool: any = {
      'type': 'web_search_20250305',
      'name': 'web_search',
    };
    // Add optional parameters if provided by the client
    // max_uses: Limit the number of searches per request
    if (typeof req.body.web_search_max_uses === 'number') {
      webSearchTool.max_uses = req.body.web_search_max_uses;
      delete req.body.web_search_max_uses;
    }
    // allowed_domains: Only include results from these domains
    if (Array.isArray(req.body.web_search_allowed_domains)) {
      webSearchTool.allowed_domains = req.body.web_search_allowed_domains;
      delete req.body.web_search_allowed_domains;
    }
    // blocked_domains: Never include results from these domains
    if (Array.isArray(req.body.web_search_blocked_domains)) {
      webSearchTool.blocked_domains = req.body.web_search_blocked_domains;
      delete req.body.web_search_blocked_domains;
    }
    // user_location: Localize search results
    if (req.body.web_search_user_location) {
      webSearchTool.user_location = req.body.web_search_user_location;
      delete req.body.web_search_user_location;
    }
    // Add the web search tool to the tools array
    req.body.tools = [...(req.body.tools || []), webSearchTool];
  }
  // Delete custom parameters as they're not standard Claude API parameters
  delete req.body.enable_web_search;
  delete req.body.reasoning_effort;
 }
 function selectUpstreamPath(manager: ProxyReqManager) {
  const req = manager.request;
  const pathname = req.url.split("?")[0];
  req.log.debug({ pathname }, "Anthropic path filter");
  const isText = req.outboundApi === "anthropic-text";
  const isChat = req.outboundApi === "anthropic-chat";
  if (isChat && pathname === "/v1/complete") {
    manager.setPath("/v1/messages");
  }
  if (isText && pathname === "/v1/chat/completions") {
    manager.setPath("/v1/complete");
  }
  if (isChat && pathname === "/v1/chat/completions") {
    manager.setPath("/v1/messages");
  }
  if (isChat && ["sonnet", "opus"].includes(req.params.type)) {
    manager.setPath("/v1/messages");
  }
 }
 const anthropicProxy = createQueuedProxyMiddleware({
  target: "https://api.anthropic.com",
  mutations: [selectUpstreamPath, addKey, finalizeBody],
  blockingResponseHandler: anthropicBlockingResponseHandler,
 });
 const nativeAnthropicChatPreprocessor = createPreprocessorMiddleware(
  { inApi: "anthropic-chat", outApi: "anthropic-chat", service: "anthropic" },
  { afterTransform: [setAnthropicBetaHeader, addWebSearchTool] }
 );
-const anthropicRouter = Router();
+const nativeTextPreprocessor = createPreprocessorMiddleware(
-// Fix paths because clients don't consistently use the /v1 prefix.
+  {
-anthropicRouter.use((req, _res, next) => {
+    inApi: "anthropic-text",
-  if (!req.path.startsWith("/v1/")) {
+    outApi: "anthropic-text",
-    req.url = `/v1${req.url}`;
+    service: "anthropic",
  },
  { afterTransform: [setAnthropicBetaHeader, addWebSearchTool] }
 );
 const textToChatPreprocessor = createPreprocessorMiddleware(
  {
    inApi: "anthropic-text",
    outApi: "anthropic-chat",
    service: "anthropic",
  },
  { afterTransform: [setAnthropicBetaHeader, addWebSearchTool] }
 );
 /**
 * Routes text completion prompts to anthropic-chat if they need translation
 * (claude-3 based models do not support the old text completion endpoint).
 */
 const preprocessAnthropicTextRequest: RequestHandler = (req, res, next) => {
  const model = req.body.model;
  const isClaude4Model = model?.includes("claude-sonnet-4") || model?.includes("claude-opus-4");
  if (model?.startsWith("claude-3") || isClaude4Model) {
    textToChatPreprocessor(req, res, next);
  } else {
    nativeTextPreprocessor(req, res, next);
  }
-  next();
+};
-});
+
 const oaiToTextPreprocessor = createPreprocessorMiddleware(
  {
    inApi: "openai",
    outApi: "anthropic-text",
    service: "anthropic",
  },
  { afterTransform: [setAnthropicBetaHeader] }
 );
 const oaiToChatPreprocessor = createPreprocessorMiddleware(
  {
    inApi: "openai",
    outApi: "anthropic-chat",
    service: "anthropic",
  },
  { afterTransform: [setAnthropicBetaHeader, addWebSearchTool] }
 );
 /**
 * Routes an OpenAI prompt to either the legacy Claude text completion endpoint
 * or the new Claude chat completion endpoint, based on the requested model.
 */
 const preprocessOpenAICompatRequest: RequestHandler = (req, res, next) => {
  maybeReassignModel(req);
  const model = req.body.model;
  const isClaude4 = model?.includes("claude-sonnet-4") || model?.includes("claude-opus-4");
  if (model?.includes("claude-3") || isClaude4) {
    oaiToChatPreprocessor(req, res, next);
  } else {
    oaiToTextPreprocessor(req, res, next);
  }
 };
 const anthropicRouter = Router();
 anthropicRouter.get("/v1/models", handleModelRequest);
 // Native Anthropic chat completion endpoint.
 anthropicRouter.post(
  "/v1/messages",
  ipLimiter,
  nativeAnthropicChatPreprocessor,
  anthropicProxy
 );
 // Anthropic text completion endpoint. Translates to Anthropic chat completion
 // if the requested model is a Claude 3 model.
 anthropicRouter.post(
  "/v1/complete",
  ipLimiter,
-  createPreprocessorMiddleware({ inApi: "anthropic", outApi: "anthropic" }),
+  preprocessAnthropicTextRequest,
  anthropicProxy
 );
-// OpenAI-to-Anthropic compatibility endpoint.
+// OpenAI-to-Anthropic compatibility endpoint. Accepts an OpenAI chat completion
 // request and transforms/routes it to the appropriate Anthropic format and
 // endpoint based on the requested model.
 anthropicRouter.post(
  "/v1/chat/completions",
  ipLimiter,
-  createPreprocessorMiddleware({ inApi: "openai", outApi: "anthropic" }),
+  preprocessOpenAICompatRequest,
  anthropicProxy
 );
 // Redirect browser requests to the homepage.
 anthropicRouter.get("*", (req, res, next) => {
  const isBrowser = req.headers["user-agent"]?.includes("Mozilla");
  if (isBrowser) {
    res.redirect("/");
  } else {
    next();
  }
 });
 export const anthropic = anthropicRouter;
@@ -1,64 +0,0 @@
 /**
 * Authenticates RisuAI.xyz users using a special x-risu-tk header provided by
 * RisuAI.xyz. This lets us rate limit and limit queue concurrency properly,
 * since otherwise RisuAI.xyz users share the same IP address and can't be
 * distinguished.
 * Contributors: @kwaroran
 */
 import axios from "axios";
 import { Request, Response, NextFunction } from "express";
 const RISUAI_TOKEN_CHECKER_URL = "https://sv.risuai.xyz/public/api/checktoken";
 const validRisuTokens = new Set<string>();
 let lastFailedRisuTokenCheck = 0;
 export async function checkRisuToken(
  req: Request,
  _res: Response,
  next: NextFunction
 ) {
  let header = req.header("x-risu-tk") || null;
  if (!header) {
    return next();
  }
  const timeSinceLastFailedCheck = Date.now() - lastFailedRisuTokenCheck;
  if (timeSinceLastFailedCheck < 60 * 1000) {
    req.log.warn(
      { timeSinceLastFailedCheck },
      "Skipping RisuAI token check due to recent failed check"
    );
    return next();
  }
  try {
    if (!validRisuTokens.has(header)) {
      req.log.info("Authenticating new RisuAI token");
      const validCheck = await axios.post<{ vaild: boolean }>(
        RISUAI_TOKEN_CHECKER_URL,
        { token: header },
        { headers: { "Content-Type": "application/json" } }
      );
      if (!validCheck.data.vaild) {
        req.log.warn("Invalid RisuAI token; using IP instead");
      } else {
        req.log.info("RisuAI token authenticated");
        validRisuTokens.add(header);
        req.risuToken = header;
      }
    } else {
      req.log.debug("RisuAI token already known");
      req.risuToken = header;
    }
  } catch (err) {
    lastFailedRisuTokenCheck = Date.now();
    req.log.warn(
      { error: err.message },
      "Error authenticating RisuAI token; using IP instead"
    );
  }
  next();
 }
@@ -1,66 +0,0 @@
 import type { Request, RequestHandler } from "express";
 import { config } from "../../config";
 import { authenticate, getUser } from "./user-store";
 const GATEKEEPER = config.gatekeeper;
 const PROXY_KEY = config.proxyKey;
 const ADMIN_KEY = config.adminKey;
 function getProxyAuthorizationFromRequest(req: Request): string | undefined {
  // Anthropic's API uses x-api-key instead of Authorization.  Some clients will
  // pass the _proxy_ key in this header too, instead of providing it as a
  // Bearer token in the Authorization header.  So we need to check both.
  // Prefer the Authorization header if both are present.
  if (req.headers.authorization) {
    const token = req.headers.authorization?.slice("Bearer ".length);
    delete req.headers.authorization;
    return token;
  }
  if (req.headers["x-api-key"]) {
    const token = req.headers["x-api-key"]?.toString();
    delete req.headers["x-api-key"];
    return token;
  }
  return undefined;
 }
 export const gatekeeper: RequestHandler = (req, res, next) => {
  const token = getProxyAuthorizationFromRequest(req);
  // TODO: Generate anonymous users based on IP address for public or proxy_key
  // modes so that all middleware can assume a user of some sort is present.
  if (ADMIN_KEY && token === ADMIN_KEY) {
    return next();
  }
  if (GATEKEEPER === "none") {
    return next();
  }
  if (GATEKEEPER === "proxy_key" && token === PROXY_KEY) {
    return next();
  }
  if (GATEKEEPER === "user_token" && token) {
    const user = authenticate(token, req.ip);
    if (user) {
      req.user = user;
      return next();
    } else {
      const maybeBannedUser = getUser(token);
      if (maybeBannedUser?.disabledAt) {
        return res.status(403).json({
          error: `Forbidden: ${
            maybeBannedUser.disabledReason || "Token disabled"
          }`,
        });
      }
    }
  }
  res.status(401).json({ error: "Unauthorized" });
 };
@@ -1,211 +0,0 @@
 /**
 * Basic user management. Handles creation and tracking of proxy users, personal
 * access tokens, and quota management. Supports in-memory and Firebase Realtime
 * Database persistence stores.
 *
 * Users are identified solely by their personal access token. The token is
 * used to authenticate the user for all proxied requests.
 */
 import admin from "firebase-admin";
 import { v4 as uuid } from "uuid";
 import { config, getFirebaseApp } from "../../config";
 import { logger } from "../../logger";
 export interface User {
  /** The user's personal access token. */
  token: string;
  /** The IP addresses the user has connected from. */
  ip: string[];
  /** The user's privilege level. */
  type: UserType;
  /** The number of prompts the user has made. */
  promptCount: number;
  /** The number of tokens the user has consumed. Not yet implemented. */
  tokenCount: number;
  /** The time at which the user was created. */
  createdAt: number;
  /** The time at which the user last connected. */
  lastUsedAt?: number;
  /** The time at which the user was disabled, if applicable. */
  disabledAt?: number;
  /** The reason for which the user was disabled, if applicable. */
  disabledReason?: string;
 }
 /**
 * Possible privilege levels for a user.
 * - `normal`: Default role. Subject to usual rate limits and quotas.
 * - `special`: Special role. Higher quotas and exempt from auto-ban/lockout.
 * TODO: implement auto-ban/lockout for normal users when they do naughty shit
 */
 export type UserType = "normal" | "special";
 type UserUpdate = Partial<User> & Pick<User, "token">;
 const MAX_IPS_PER_USER = config.maxIpsPerUser;
 const users: Map<string, User> = new Map();
 const usersToFlush = new Set<string>();
 export async function init() {
  logger.info({ store: config.gatekeeperStore }, "Initializing user store...");
  if (config.gatekeeperStore === "firebase_rtdb") {
    await initFirebase();
  }
  logger.info("User store initialized.");
 }
 /** Creates a new user and returns their token. */
 export function createUser() {
  const token = uuid();
  users.set(token, {
    token,
    ip: [],
    type: "normal",
    promptCount: 0,
    tokenCount: 0,
    createdAt: Date.now(),
  });
  usersToFlush.add(token);
  return token;
 }
 /** Returns the user with the given token if they exist. */
 export function getUser(token: string) {
  return users.get(token);
 }
 /** Returns a list of all users. */
 export function getUsers() {
  return Array.from(users.values()).map((user) => ({ ...user }));
 }
 /**
 * Upserts the given user. Intended for use with the /admin API for updating
 * user information via JSON. Use other functions for more specific operations.
 */
 export function upsertUser(user: UserUpdate) {
  const existing: User = users.get(user.token) ?? {
    token: user.token,
    ip: [],
    type: "normal",
    promptCount: 0,
    tokenCount: 0,
    createdAt: Date.now(),
  };
  users.set(user.token, {
    ...existing,
    ...user,
  });
  usersToFlush.add(user.token);
  // Immediately schedule a flush to the database if we're using Firebase.
  if (config.gatekeeperStore === "firebase_rtdb") {
    setImmediate(flushUsers);
  }
  return users.get(user.token);
 }
 /** Increments the prompt count for the given user. */
 export function incrementPromptCount(token: string) {
  const user = users.get(token);
  if (!user) return;
  user.promptCount++;
  usersToFlush.add(token);
 }
 /** Increments the token count for the given user by the given amount. */
 export function incrementTokenCount(token: string, amount = 1) {
  const user = users.get(token);
  if (!user) return;
  user.tokenCount += amount;
  usersToFlush.add(token);
 }
 /**
 * Given a user's token and IP address, authenticates the user and adds the IP
 * to the user's list of IPs. Returns the user if they exist and are not
 * disabled, otherwise returns undefined.
 */
 export function authenticate(token: string, ip: string) {
  const user = users.get(token);
  if (!user || user.disabledAt) return;
  if (!user.ip.includes(ip)) user.ip.push(ip);
  // If too many IPs are associated with the user, disable the account.
  const ipLimit =
    user.type === "special" || !MAX_IPS_PER_USER ? Infinity : MAX_IPS_PER_USER;
  if (user.ip.length > ipLimit) {
    disableUser(token, "Too many IP addresses associated with this token.");
    return;
  }
  user.lastUsedAt = Date.now();
  usersToFlush.add(token);
  return user;
 }
 /** Disables the given user, optionally providing a reason. */
 export function disableUser(token: string, reason?: string) {
  const user = users.get(token);
  if (!user) return;
  user.disabledAt = Date.now();
  user.disabledReason = reason;
  usersToFlush.add(token);
 }
 // TODO: Firebase persistence is pretend right now and just polls the in-memory
 // store to sync it with Firebase when it changes. Will refactor to abstract
 // persistence layer later so we can support multiple stores.
 let firebaseTimeout: NodeJS.Timeout | undefined;
 async function initFirebase() {
  logger.info("Connecting to Firebase...");
  const app = getFirebaseApp();
  const db = admin.database(app);
  const usersRef = db.ref("users");
  const snapshot = await usersRef.once("value");
  const users: Record<string, User> | null = snapshot.val();
  firebaseTimeout = setInterval(flushUsers, 20 * 1000);
  if (!users) {
    logger.info("No users found in Firebase.");
    return;
  }
  for (const token in users) {
    upsertUser(users[token]);
  }
  usersToFlush.clear();
  const numUsers = Object.keys(users).length;
  logger.info({ users: numUsers }, "Loaded users from Firebase");
 }
 async function flushUsers() {
  const app = getFirebaseApp();
  const db = admin.database(app);
  const usersRef = db.ref("users");
  const updates: Record<string, User> = {};
  for (const token of usersToFlush) {
    const user = users.get(token);
    if (!user) {
      continue;
    }
    updates[token] = user;
  }
  usersToFlush.clear();
  const numUpdates = Object.keys(updates).length;
  if (numUpdates === 0) {
    return;
  }
  await usersRef.update(updates);
  logger.info(
    { users: Object.keys(updates).length },
    "Flushed users to Firebase"
  );
 }
@@ -0,0 +1,341 @@
 import { Request, RequestHandler, Router } from "express";
 import { v4 } from "uuid";
 import {
  transformAnthropicChatResponseToAnthropicText,
  transformAnthropicChatResponseToOpenAI,
 } from "./anthropic";
 import { ipLimiter } from "./rate-limit";
 import {
  createPreprocessorMiddleware,
  finalizeSignedRequest,
  signAwsRequest,
 } from "./middleware/request";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 import { ProxyReqManager } from "./middleware/request/proxy-req-manager";
 import { validateClaude41OpusParameters } from "../shared/claude-4-1-validation";
 const awsBlockingResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  let newBody = body;
  switch (`${req.inboundApi}<-${req.outboundApi}`) {
    case "openai<-anthropic-text":
      req.log.info("Transforming Anthropic Text back to OpenAI format");
      newBody = transformAwsTextResponseToOpenAI(body, req);
      break;
    case "openai<-anthropic-chat":
      req.log.info("Transforming AWS Anthropic Chat back to OpenAI format");
      newBody = transformAnthropicChatResponseToOpenAI(body);
      break;
    case "anthropic-text<-anthropic-chat":
      req.log.info("Transforming AWS Anthropic Chat back to Text format");
      newBody = transformAnthropicChatResponseToAnthropicText(body);
      break;
  }
  // AWS does not always confirm the model in the response, so we have to add it
  if (!newBody.model && req.body.model) {
    newBody.model = req.body.model;
  }
  res.status(200).json({ ...newBody, proxy: body.proxy });
 };
 function transformAwsTextResponseToOpenAI(
  awsBody: Record<string, any>,
  req: Request
 ): Record<string, any> {
  const totalTokens = (req.promptTokens ?? 0) + (req.outputTokens ?? 0);
  return {
    id: "aws-" + v4(),
    object: "chat.completion",
    created: Date.now(),
    model: req.body.model,
    usage: {
      prompt_tokens: req.promptTokens,
      completion_tokens: req.outputTokens,
      total_tokens: totalTokens,
    },
    choices: [
      {
        message: {
          role: "assistant",
          content: awsBody.completion?.trim(),
        },
        finish_reason: awsBody.stop_reason,
        index: 0,
      },
    ],
  };
 }
 const awsClaudeProxy = createQueuedProxyMiddleware({
  target: ({ signedRequest }) => {
    if (!signedRequest) throw new Error("Must sign request before proxying");
    return `${signedRequest.protocol}//${signedRequest.hostname}`;
  },
  mutations: [signAwsRequest, finalizeSignedRequest],
  blockingResponseHandler: awsBlockingResponseHandler,
 });
 const nativeTextPreprocessor = createPreprocessorMiddleware(
  { inApi: "anthropic-text", outApi: "anthropic-text", service: "aws" },
  { afterTransform: [maybeReassignModel] }
 );
 const textToChatPreprocessor = createPreprocessorMiddleware(
  { inApi: "anthropic-text", outApi: "anthropic-chat", service: "aws" },
  { afterTransform: [maybeReassignModel] }
 );
 /**
 * Routes text completion prompts to aws anthropic-chat if they need translation
 * (claude-3 based models do not support the old text completion endpoint).
 */
 const preprocessAwsTextRequest: RequestHandler = (req, res, next) => {
  if (req.body.model?.includes("claude-3")) {
    textToChatPreprocessor(req, res, next);
  } else {
    nativeTextPreprocessor(req, res, next);
  }
 };
 const oaiToAwsTextPreprocessor = createPreprocessorMiddleware(
  { inApi: "openai", outApi: "anthropic-text", service: "aws" },
  { afterTransform: [maybeReassignModel] }
 );
 const oaiToAwsChatPreprocessor = createPreprocessorMiddleware(
  { inApi: "openai", outApi: "anthropic-chat", service: "aws" },
  { afterTransform: [maybeReassignModel] }
 );
 /**
 * Routes an OpenAI prompt to either the legacy Claude text completion endpoint
 * or the new Claude chat completion endpoint, based on the requested model.
 */
 const preprocessOpenAICompatRequest: RequestHandler = (req, res, next) => {
  if (req.body.model?.includes("claude-3")) {
    oaiToAwsChatPreprocessor(req, res, next);
  } else {
    oaiToAwsTextPreprocessor(req, res, next);
  }
 };
 const awsClaudeRouter = Router();
 // Native(ish) Anthropic text completion endpoint.
 awsClaudeRouter.post(
  "/v1/complete",
  ipLimiter,
  preprocessAwsTextRequest,
  awsClaudeProxy
 );
 // Native Anthropic chat completion endpoint.
 awsClaudeRouter.post(
  "/v1/messages",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "anthropic-chat", outApi: "anthropic-chat", service: "aws" },
    { afterTransform: [maybeReassignModel] }
  ),
  awsClaudeProxy
 );
 // OpenAI-to-AWS Anthropic compatibility endpoint.
 awsClaudeRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  preprocessOpenAICompatRequest,
  awsClaudeProxy
 );
 /**
 * Tries to deal with:
 * - frontends sending AWS model names even when they want to use the OpenAI-
 *   compatible endpoint
 * - frontends sending Anthropic model names that AWS doesn't recognize
 * - frontends sending OpenAI model names because they expect the proxy to
 *   translate them
 *
 * If client sends AWS model ID it will be used verbatim. Otherwise, various
 * strategies are used to try to map a non-AWS model name to AWS model ID.
 */
 function maybeReassignModel(req: Request) {
  // Validate Claude 4.1 Opus parameters before processing
  validateClaude41OpusParameters(req);
  const model = req.body.model;
  // If it looks like an AWS model, use it as-is
  if (model.includes("anthropic.claude")) {
    return;
  }
  // Anthropic model names can look like:
  // - claude-v1
  // - claude-2.1
  // - claude-3-5-sonnet-20240620 (old format: number-model)
  // - claude-3-opus-latest (old format: number-model)
  // - claude-sonnet-4-20250514 (new format: model-number)
  // - claude-opus-4-latest (new format: model-number)
  // - anthropic.claude-3-sonnet-20240229-v1:0 (AWS format with old naming)
  // - anthropic.claude-sonnet-4-20250514-v1:0 (AWS format with new naming)
  const pattern =
    /^(?:anthropic\.)?claude-(?:(?:(instant-)?(v)?(\d+)([.-](\d))?(-\d+k)?(-sonnet-|-opus-|-haiku-)?(latest|\d*))|(?:(sonnet-|opus-|haiku-)(\d+)([.-](\d))?(-\d+k)?-(latest|\d+)))(?:-v\d+(?::\d+)?)?$/i;
  const match = model.match(pattern);
  if (!match) {
    throw new Error(`Provided model name (${model}) doesn't resemble a Claude model ID.`);
  }
  // Check which format matched (old or new)
  // New format: claude-sonnet-4-20250514 or anthropic.claude-sonnet-4-20250514-v1:0
  // Old format: claude-3-sonnet-20240229 or anthropic.claude-3-sonnet-20240229-v1:0
  const isNewFormat = !!match[9];
  let major, minor, name, rev;
  if (isNewFormat) {
    // New format: claude-sonnet-4-20250514
    // match[9] = sonnet-/opus-/haiku-
    // match[10] = 4 (major version)
    // match[12] = minor version (if any, from [.-](\d) pattern)
    // match[14] = revision (latest or date)
    const modelType = match[9]?.match(/([a-z]+)/)?.[1] || "";
    name = modelType;
    major = match[10];
    minor = match[12];
    rev = match[14];
    // Special case: if revision is a single digit and no minor version,
    // treat revision as minor version (e.g., claude-opus-4-1 -> version 4.1)
    if (!minor && rev && /^\d$/.test(rev)) {
      minor = rev;
      rev = undefined;
    }
    // Handle instant case for completeness
    const instant = match[1];
    if (instant) {
      req.body.model = "anthropic.claude-instant-v1";
      return;
    }
  } else {
    // Old format: claude-3-sonnet-20240229
    // match[1] = instant- (if any)
    // match[3] = 3 (major version)
    // match[5] = minor version (if any)
    // match[7] = -sonnet-/-opus-/-haiku- (if any)
    // match[8] = revision (latest or date)
    const instant = match[1];
    if (instant) {
      req.body.model = "anthropic.claude-instant-v1";
      return;
    }
    major = match[3];
    minor = match[5];
    name = match[7]?.match(/([a-z]+)/)?.[1] || "";
    rev = match[8];
  }
  const ver = minor ? `${major}.${minor}` : major;
  switch (ver) {
    case "1":
    case "1.0":
      req.body.model = "anthropic.claude-v1";
      return;
    case "2":
    case "2.0":
      req.body.model = "anthropic.claude-v2";
      return;
    case "2.1":
      req.body.model = "anthropic.claude-v2:1";
      return;
    case "3":
    case "3.0":
      // there is only one snapshot for all Claude 3 models so there is no need
      // to check the revision
      switch (name) {
        case "sonnet":
          req.body.model = "anthropic.claude-3-sonnet-20240229-v1:0";
          return;
        case "haiku":
          req.body.model = "anthropic.claude-3-haiku-20240307-v1:0";
          return;
        case "opus":
          req.body.model = "anthropic.claude-3-opus-20240229-v1:0";
          return;
      }
      break;
    case "3.5":
      switch (name) {
        case "sonnet":
          switch (rev) {
            case "20241022":
            case "latest":
              req.body.model = "anthropic.claude-3-5-sonnet-20241022-v2:0";
              return;
            case "20240620":
              req.body.model = "anthropic.claude-3-5-sonnet-20240620-v1:0";
              return;
          }
          break;
        case "haiku":
          switch (rev) {
            case "20241022":
            case "latest":
              req.body.model = "anthropic.claude-3-5-haiku-20241022-v1:0";
              return;
          }
        case "opus":
          // Add after model id is announced never
          break;
      }
    case "3.7":
      switch (name) {
        case "sonnet":
          req.body.model = "anthropic.claude-3-7-sonnet-20250219-v1:0";
          return;
      }
      break;
    case "4":
    case "4.0":
      // Mapping "claude-4-..." variants to their actual AWS Bedrock IDs
      // as defined in src/shared/claude-models.ts.
      switch (name) {
        case "sonnet":
          req.body.model = "anthropic.claude-sonnet-4-20250514-v1:0";
          return;
        case "opus":
          req.body.model = "anthropic.claude-opus-4-20250514-v1:0";
          return;
        // No case for "haiku" here, as "claude-4-haiku" is not defined
        // in claude-models.ts. It will fall through and throw an error.
      }
      break;
    case "4.1":
      // Mapping "claude-4.1-..." variants to their actual AWS Bedrock IDs
      // as defined in src/shared/claude-models.ts.
      switch (name) {
        case "opus":
          req.body.model = "anthropic.claude-opus-4-1-20250805-v1:0";
          return;
        // No sonnet or haiku variants for 4.1 yet
      }
      break;
  }
  throw new Error(`Provided model name (${model}) could not be mapped to a known AWS Claude model ID.`);
 }
 export const awsClaude = awsClaudeRouter;
@@ -0,0 +1,95 @@
 import { Request, Router } from "express";
 import {
  detectMistralInputApi,
  transformMistralTextToMistralChat,
 } from "./mistral-ai";
 import { ipLimiter } from "./rate-limit";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import {
  createPreprocessorMiddleware,
  finalizeSignedRequest,
  signAwsRequest,
 } from "./middleware/request";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 const awsMistralBlockingResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  let newBody = body;
  if (req.inboundApi === "mistral-ai" && req.outboundApi === "mistral-text") {
    newBody = transformMistralTextToMistralChat(body);
  }
  // AWS does not always confirm the model in the response, so we have to add it
  if (!newBody.model && req.body.model) {
    newBody.model = req.body.model;
  }
  res.status(200).json({ ...newBody, proxy: body.proxy });
 };
 const awsMistralProxy = createQueuedProxyMiddleware({
  target: ({ signedRequest }) => {
    if (!signedRequest) throw new Error("Must sign request before proxying");
    return `${signedRequest.protocol}//${signedRequest.hostname}`;
  },
  mutations: [signAwsRequest,finalizeSignedRequest],
  blockingResponseHandler: awsMistralBlockingResponseHandler,
 });
 function maybeReassignModel(req: Request) {
  const model = req.body.model;
  // If it looks like an AWS model, use it as-is
  if (model.startsWith("mistral.")) {
    return;
  }
  // Mistral 7B Instruct
  else if (model.includes("7b")) {
    req.body.model = "mistral.mistral-7b-instruct-v0:2";
  }
  // Mistral 8x7B Instruct
  else if (model.includes("8x7b")) {
    req.body.model = "mistral.mixtral-8x7b-instruct-v0:1";
  }
  // Mistral Large (Feb 2024)
  else if (model.includes("large-2402")) {
    req.body.model = "mistral.mistral-large-2402-v1:0";
  }
  // Mistral Large 2 (July 2024)
  else if (model.includes("large")) {
    req.body.model = "mistral.mistral-large-2407-v1:0";
  }
  // Mistral Small (Feb 2024)
  else if (model.includes("small")) {
    req.body.model = "mistral.mistral-small-2402-v1:0";
  } else {
    throw new Error(
      `Can't map '${model}' to a supported AWS model ID; make sure you are requesting a Mistral model supported by Amazon Bedrock`
    );
  }
 }
 const nativeMistralChatPreprocessor = createPreprocessorMiddleware(
  { inApi: "mistral-ai", outApi: "mistral-ai", service: "aws" },
  {
    beforeTransform: [detectMistralInputApi],
    afterTransform: [maybeReassignModel],
  }
 );
 const awsMistralRouter = Router();
 awsMistralRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  nativeMistralChatPreprocessor,
  awsMistralProxy
 );
 export const awsMistral = awsMistralRouter;
@@ -0,0 +1,98 @@
 /* Shared code between AWS Claude and AWS Mistral endpoints. */
 import { Request, Response, Router } from "express";
 import { config } from "../config";
 import { addV1 } from "./add-v1";
 import { awsClaude } from "./aws-claude";
 import { awsMistral } from "./aws-mistral";
 import { AwsBedrockKey, keyPool } from "../shared/key-management";
 import { claudeModels, findByAwsId } from "../shared/claude-models";
 const awsRouter = Router();
 awsRouter.get(["/:vendor?/v1/models", "/:vendor?/models"], handleModelsRequest);
 awsRouter.use("/claude", addV1, awsClaude);
 awsRouter.use("/mistral", addV1, awsMistral);
 const MODELS_CACHE_TTL = 10000;
 let modelsCache: Record<string, any> = {};
 let modelsCacheTime: Record<string, number> = {};
 function handleModelsRequest(req: Request, res: Response) {
  if (!config.awsCredentials) return { object: "list", data: [] };
  const vendor = req.params.vendor?.length
    ? req.params.vendor === "claude"
      ? "anthropic"
      : req.params.vendor
    : "all";
  const cacheTime = modelsCacheTime[vendor] || 0;
  if (new Date().getTime() - cacheTime < MODELS_CACHE_TTL) {
    return res.json(modelsCache[vendor]);
  }
  const availableAwsModelIds = new Set<string>();
  for (const key of keyPool.list()) {
    if (key.isDisabled || key.service !== "aws") continue;
    (key as AwsBedrockKey).modelIds.forEach((id) => availableAwsModelIds.add(id));
  }
  const mistralMappings = new Map([
    ["mistral.mistral-7b-instruct-v0:2", "Mistral 7B Instruct"],
    ["mistral.mixtral-8x7b-instruct-v0:1", "Mixtral 8x7B Instruct"],
    ["mistral.mistral-large-2402-v1:0", "Mistral Large 2402"],
    ["mistral.mistral-large-2407-v1:0", "Mistral Large 2407"],
    ["mistral.mistral-small-2402-v1:0", "Mistral Small 2402"],
  ]);
  const date = new Date();
  const claudeModelsList = claudeModels
    .filter(model => availableAwsModelIds.has(model.awsId))
    .map(model => ({
      id: model.anthropicId,
      owned_by: "anthropic",
      type: "model",
      display_name: model.displayName,
      created_at: date.toISOString(),
      object: "model",
      created: date.getTime(),
      permission: [],
      root: "anthropic",
      parent: null,
    }));
  const mistralModelsList = Array.from(mistralMappings.keys())
    .filter(id => availableAwsModelIds.has(id))
    .map(id => {
      return {
        id,
        owned_by: "mistral",
        type: "model",
        display_name: mistralMappings.get(id) || id.split('.')[1],
        created_at: date.toISOString(),
        object: "model",
        created: date.getTime(),
        permission: [],
        root: "mistral",
        parent: null,
      };
    });
  const allModels = [...claudeModelsList, ...mistralModelsList];
  const filteredModels = vendor === "all" 
    ? allModels 
    : allModels.filter(m => m.root === vendor);
  modelsCache[vendor] = {
    object: "list",
    data: filteredModels,
    has_more: false,
    first_id: filteredModels[0]?.id,
    last_id: filteredModels[filteredModels.length - 1]?.id,
  };
  modelsCacheTime[vendor] = date.getTime();
  return res.json(modelsCache[vendor]);
 }
 export const aws = awsRouter;
@@ -0,0 +1,77 @@
 import { RequestHandler, Router } from "express";
 import { config } from "../config";
 import { generateModelList } from "./openai";
 import { ipLimiter } from "./rate-limit";
 import {
  addAzureKey,
  createPreprocessorMiddleware,
  finalizeSignedRequest,
 } from "./middleware/request";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 let modelsCache: any = null;
 let modelsCacheTime = 0;
 const handleModelRequest: RequestHandler = (_req, res) => {
  if (new Date().getTime() - modelsCacheTime < 1000 * 60) {
    return res.status(200).json(modelsCache);
  }
  if (!config.azureCredentials) return { object: "list", data: [] };
  const result = generateModelList("azure");
  modelsCache = { object: "list", data: result };
  modelsCacheTime = new Date().getTime();
  res.status(200).json(modelsCache);
 };
 const azureOpenaiResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  res.status(200).json({ ...body, proxy: body.proxy });
 };
 const azureOpenAIProxy = createQueuedProxyMiddleware({
  target: ({ signedRequest }) => {
    if (!signedRequest) throw new Error("Must sign request before proxying");
    const { hostname, protocol } = signedRequest;
    return `${protocol}//${hostname}`;
  },
  mutations: [addAzureKey, finalizeSignedRequest],
  blockingResponseHandler: azureOpenaiResponseHandler,
 });
 const azureOpenAIRouter = Router();
 azureOpenAIRouter.get("/v1/models", handleModelRequest);
 azureOpenAIRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  createPreprocessorMiddleware({
    inApi: "openai",
    outApi: "openai",
    service: "azure",
  }),
  azureOpenAIProxy
 );
 azureOpenAIRouter.post(
  "/v1/images/generations",
  ipLimiter,
  createPreprocessorMiddleware({
    inApi: "openai-image",
    outApi: "openai-image",
    service: "azure",
  }),
  azureOpenAIProxy
 );
 export const azure = azureOpenAIRouter;
@@ -0,0 +1,106 @@
 /**
 * Authenticates RisuAI.xyz users using a special x-risu-tk header provided by
 * RisuAI.xyz. This lets us rate limit and limit queue concurrency properly,
 * since otherwise RisuAI.xyz users share the same IP address and can't be
 * distinguished.
 * Contributors: @kwaroran
 */
 import crypto from "crypto";
 import { Request, Response, NextFunction } from "express";
 import { logger } from "../logger";
 const log = logger.child({ module: "check-risu-token" });
 const RISUAI_PUBLIC_KEY = `
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEXBmHQfy/YdNIu9lfNC
 xHbVwb2aYx07pBEmqQJtvVEOISj80fASxg+cMJH+/0a/Z4gQgzUJl0HszRpMXAfu
 wmRoetedyC/6CLraHke0Qad/AEHAKwG9A+NwsHRv/cDfP8euAr20cnOyVa79bZsl
 1wlHYQQGo+ve+P/FXtjLGJ/KZYr479F5jkIRKZxPE8mRmkhAVS/u+18QM94BzfoI
 0LlbwvvCHe18QSX6viDK+HsqhhyYDh+0FgGNJw6xKYLdExbQt77FSukH7NaJmVAs
 kYuIJbnAGw5Oq0L6dXFW2DFwlcLz51kPVOmDc159FsQjyuPnta7NiZAANS8KM1CJ
 pwIDAQAB`;
 let IMPORTED_RISU_KEY: CryptoKey | null = null;
 type RisuToken = { id: string; expiresIn: number };
 type SignedToken = { data: RisuToken; sig: string };
 (async () => {
  try {
    log.debug("Importing Risu public key");
    IMPORTED_RISU_KEY = await crypto.subtle.importKey(
      "spki",
      Buffer.from(RISUAI_PUBLIC_KEY.replace(/\s/g, ""), "base64"),
      { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" },
      true,
      ["verify"]
    );
    log.debug("Imported Risu public key");
  } catch (err) {
    log.warn({ error: err.message }, "Error importing Risu public key");
    IMPORTED_RISU_KEY = null;
  }
 })();
 export async function checkRisuToken(
  req: Request,
  _res: Response,
  next: NextFunction
 ) {
  let header = req.header("x-risu-tk") || null;
  if (!header || !IMPORTED_RISU_KEY) {
    return next();
  }
  try {
    const { valid, data } = await validCheck(header);
    if (!valid || !data) {
      req.log.warn(
        { token: header, data },
        "Invalid RisuAI token; using IP instead"
      );
    } else {
      req.log.info("RisuAI token validated");
      req.risuToken = String(data.id);
    }
  } catch (err) {
    req.log.warn(
      { error: err.message },
      "Error validating RisuAI token; using IP instead"
    );
  }
  next();
 }
 async function validCheck(header: string) {
  let tk: SignedToken;
  try {
    tk = JSON.parse(
      Buffer.from(decodeURIComponent(header), "base64").toString("utf-8")
    );
  } catch (err) {
    log.warn({ error: err.message }, "Provided unparseable RisuAI token");
    return { valid: false };
  }
  const data: RisuToken = tk.data;
  const sig = Buffer.from(tk.sig, "base64");
  if (data.expiresIn < Math.floor(Date.now() / 1000)) {
    log.warn({ token: header }, "Provided expired RisuAI token");
    return { valid: false };
  }
  const valid = await crypto.subtle.verify(
    { name: "RSASSA-PKCS1-v1_5" },
    IMPORTED_RISU_KEY!,
    sig,
    Buffer.from(JSON.stringify(data))
  );
  if (!valid) {
    log.warn({ token: header }, "RisuAI token failed signature check");
  }
  return { valid, data };
 }
@@ -0,0 +1,222 @@
 import { Request, RequestHandler, Router } from "express";
 import { createPreprocessorMiddleware } from "./middleware/request";
 import { ipLimiter } from "./rate-limit";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 import { addKey, finalizeBody } from "./middleware/request";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import axios from "axios";
 import { CohereKey, keyPool } from "../shared/key-management";
 import { isCohereModel, normalizeMessages } from "../shared/api-schemas/cohere";
 import { logger } from "../logger";
 const log = logger.child({ module: "proxy", service: "cohere" });
 let modelsCache: any = null;
 let modelsCacheTime = 0;
 const cohereResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  res.status(200).json({ ...body, proxy: body.proxy });
 };
 const getModelsResponse = async () => {
  // Return cache if less than 1 minute old
  if (new Date().getTime() - modelsCacheTime < 1000 * 60) {
    return modelsCache;
  }
  try {
    // Get a Cohere key directly
    const modelToUse = "command"; // Use any Cohere model here - just for key selection
    const cohereKey = keyPool.get(modelToUse, "cohere") as CohereKey;
    if (!cohereKey || !cohereKey.key) {
      log.warn("No valid Cohere key available for model listing");
      throw new Error("No valid Cohere API key available");
    }
    // Fetch models directly from Cohere API
    const response = await axios.get("https://api.cohere.com/v1/models", {
      headers: {
        "Content-Type": "application/json",
        "Authorization": `Bearer ${cohereKey.key}`,
        "Cohere-Version": "2022-12-06"
      },
    });
    if (!response.data || !response.data.models) {
      throw new Error("Unexpected response format from Cohere API");
    }
    // Extract models and filter by those that support the chat endpoint
    const filteredModels = response.data.models
      .filter((model: any) => {
        return model.endpoints && model.endpoints.includes("chat");
      })
      .map((model: any) => ({
        id: model.name,
        name: model.name,
        // Adding additional OpenAI-compatible fields
        context_window: model.context_window_size || 4096,
        max_tokens: model.max_tokens || 4096
      }));
    log.debug({ modelCount: filteredModels.length, models: filteredModels.map((m: any) => m.id) }, "Filtered models from Cohere API");
    // Format response to ensure OpenAI compatibility
    const models = {
      object: "list",
      data: filteredModels.map((model: any) => ({
        id: model.id,
        object: "model",
        created: Math.floor(Date.now() / 1000),
        owned_by: "cohere",
        permission: [],
        root: model.id,
        parent: null,
        context_length: model.context_window,
      })),
    };
    log.debug({ modelCount: filteredModels.length }, "Retrieved models from Cohere API");
    // Cache the response
    modelsCache = models;
    modelsCacheTime = new Date().getTime();
    return models;
  } catch (error) {
    // Provide detailed logging for better troubleshooting
    if (error instanceof Error) {
      log.error(
        { errorMessage: error.message, stack: error.stack },
        "Error fetching Cohere models"
      );
    } else {
      log.error({ error }, "Unknown error fetching Cohere models");
    }
    // Return empty list as fallback
    return {
      object: "list",
      data: [],
    };
  }
 };
 const handleModelRequest: RequestHandler = async (_req, res) => {
  try {
    const models = await getModelsResponse();
    res.status(200).json(models);
  } catch (error) {
    if (error instanceof Error) {
      log.error(
        { errorMessage: error.message, stack: error.stack },
        "Error handling model request"
      );
    } else {
      log.error({ error }, "Unknown error handling model request");
    }
    res.status(500).json({ error: "Failed to fetch models" });
  }
 };
 // Function to prepare messages for Cohere API
 function prepareMessages(req: Request) {
  if (req.body.messages && Array.isArray(req.body.messages)) {
    req.body.messages = normalizeMessages(req.body.messages);
  }
 }
 // Function to remove parameters not supported by Cohere models
 function removeUnsupportedParameters(req: Request) {
  const model = req.body.model;
  // Remove parameters that Cohere doesn't support
  if (req.body.logit_bias !== undefined) {
    delete req.body.logit_bias;
  }
  if (req.body.top_logprobs !== undefined) {
    delete req.body.top_logprobs;
  }
  if (req.body.max_completion_tokens !== undefined) {
    delete req.body.max_completion_tokens;
  }
  // Handle structured output format
  if (req.body.response_format && req.body.response_format.schema) {
    // Transform to Cohere's format if needed
    const jsonSchema = req.body.response_format.schema;
    req.body.response_format = {
      type: "json_object",
      schema: jsonSchema
    };
  }
  // Logging for debugging
  if (process.env.NODE_ENV !== 'production') {
    log.debug({ body: req.body }, "Request after parameter cleanup");
  }
 }
 // Set up count token functionality for Cohere models
 function countCohereTokens(req: Request) {
  const model = req.body.model;
  if (isCohereModel(model)) {
    // Count tokens using prompt tokens (simplified)
    if (req.promptTokens) {
      req.log.debug(
        { tokens: req.promptTokens },
        "Estimated token count for Cohere prompt"
      );
    }
  }
 }
 const cohereProxy = createQueuedProxyMiddleware({
  mutations: [
    addKey,
    // Add Cohere-Version header to every request
    (manager) => {
      manager.setHeader("Cohere-Version", "2022-12-06");
    },
    finalizeBody
  ],
  target: "https://api.cohere.ai/compatibility",
  blockingResponseHandler: cohereResponseHandler,
 });
 const cohereRouter = Router();
 cohereRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "openai", outApi: "openai", service: "cohere" },
    { afterTransform: [ prepareMessages, removeUnsupportedParameters, countCohereTokens ] }
  ),
  cohereProxy
 );
 cohereRouter.post(
  "/v1/embeddings",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "openai", outApi: "openai", service: "cohere" },
    { afterTransform: [] }
  ),
  cohereProxy
 );
 cohereRouter.get("/v1/models", handleModelRequest);
 export const cohere = cohereRouter;
@@ -0,0 +1,135 @@
 import { Request, RequestHandler, Router } from "express";
 import { createPreprocessorMiddleware } from "./middleware/request";
 import { ipLimiter } from "./rate-limit";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 import { addKey, finalizeBody } from "./middleware/request";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import axios from "axios";
 import { DeepseekKey, keyPool } from "../shared/key-management";
 let modelsCache: any = null;
 let modelsCacheTime = 0;
 const deepseekResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  let newBody = body;
  res.status(200).json({ ...newBody, proxy: body.proxy });
 };
 const getModelsResponse = async () => {
  // Return cache if less than 1 minute old
  if (new Date().getTime() - modelsCacheTime < 1000 * 60) {
    return modelsCache;
  }
  try {
    // Get a Deepseek key directly using keyPool.get()
    const modelToUse = "deepseek-chat"; // Use any Deepseek model here - just for key selection
    const deepseekKey = keyPool.get(modelToUse, "deepseek") as DeepseekKey;
    if (!deepseekKey || !deepseekKey.key) {
      throw new Error("Failed to get valid Deepseek key");
    }
    // Fetch models from Deepseek API with authorization
    const response = await axios.get("https://api.deepseek.com/models", {
      headers: {
        "Content-Type": "application/json",
        "Authorization": `Bearer ${deepseekKey.key}`
      },
    });
    // If successful, update the cache
    if (response.data && response.data.data) {
      modelsCache = {
        object: "list",
        data: response.data.data.map((model: any) => ({
          id: model.id,
          object: "model",
          owned_by: "deepseek",
        })),
      };
    } else {
      throw new Error("Unexpected response format from Deepseek API");
    }
  } catch (error) {
    console.error("Error fetching Deepseek models:", error);
    throw error; // No fallback - error will be passed to caller
  }
  modelsCacheTime = new Date().getTime();
  return modelsCache;
 };
 const handleModelRequest: RequestHandler = async (_req, res) => {
  try {
    const modelsResponse = await getModelsResponse();
    res.status(200).json(modelsResponse);
  } catch (error) {
    console.error("Error in handleModelRequest:", error);
    res.status(500).json({ error: "Failed to fetch models" });
  }
 };
 const deepseekProxy = createQueuedProxyMiddleware({
  mutations: [addKey, finalizeBody],
  target: "https://api.deepseek.com/beta",
  blockingResponseHandler: deepseekResponseHandler,
 });
 const deepseekRouter = Router();
 // combines all the assistant messages at the end of the context and adds the
 // beta 'prefix' option, makes prefills work the same way they work for Claude
 function enablePrefill(req: Request) {
  // If you want to disable
  if (process.env.NO_DEEPSEEK_PREFILL) return
  const msgs = req.body.messages;
  if (msgs.at(-1)?.role !== 'assistant') return;
  let i = msgs.length - 1;
  let content = '';
  while (i >= 0 && msgs[i].role === 'assistant') {
    // maybe we should also add a newline between messages? no for now.
    content = msgs[i--].content + content;
  }
  msgs.splice(i + 1, msgs.length, { role: 'assistant', content, prefix: true });
 }
 function removeReasonerStuff(req: Request) {
  if (req.body.model === "deepseek-reasoner") {
    // https://api-docs.deepseek.com/guides/reasoning_model
    delete req.body.presence_penalty;
    delete req.body.frequency_penalty;
    delete req.body.temperature;
    delete req.body.top_p;
    delete req.body.logprobs;
    delete req.body.top_logprobs;
  }
 }
 deepseekRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "openai", outApi: "openai", service: "deepseek" },
    { afterTransform: [ enablePrefill, removeReasonerStuff ] }
  ),
  deepseekProxy
 );
 deepseekRouter.get("/v1/models", handleModelRequest);
 export const deepseek = deepseekRouter;
@@ -0,0 +1,124 @@
 import type { Request, Response, RequestHandler } from "express";
 import { config } from "../config";
 import { authenticate, getUser } from "../shared/users/user-store";
 import { sendErrorToClient } from "./middleware/response/error-generator";
 const GATEKEEPER = config.gatekeeper;
 const PROXY_KEY = config.proxyKey;
 const ADMIN_KEY = config.adminKey;
 function getProxyAuthorizationFromRequest(req: Request): string | undefined {
  // Anthropic's API uses x-api-key instead of Authorization.  Some clients will
  // pass the _proxy_ key in this header too, instead of providing it as a
  // Bearer token in the Authorization header.  So we need to check both.
  // Prefer the Authorization header if both are present.
  // Google AI uses a key querystring parameter.
  if (req.headers.authorization) {
    const token = req.headers.authorization?.slice("Bearer ".length);
    delete req.headers.authorization;
    return token;
  }
  if (req.headers["x-api-key"]) {
    const token = req.headers["x-api-key"]?.toString();
    delete req.headers["x-api-key"];
    return token;
  }
  if (req.headers["x-goog-api-key"]) {
    const token = req.headers["x-goog-api-key"]?.toString();
    delete req.headers["x-goog-api-key"];
    return token;
  }
  if (req.query.key) {
    const token = req.query.key?.toString();
    delete req.query.key;
    return token;
  }
  return undefined;
 }
 export const gatekeeper: RequestHandler = (req, res, next) => {
  const token = getProxyAuthorizationFromRequest(req);
  // TODO: Generate anonymous users based on IP address for public or proxy_key
  // modes so that all middleware can assume a user of some sort is present.
  if (ADMIN_KEY && token === ADMIN_KEY) {
    return next();
  }
  if (GATEKEEPER === "none") {
    return next();
  }
  if (GATEKEEPER === "proxy_key" && token === PROXY_KEY) {
    return next();
  }
  if (GATEKEEPER === "user_token" && token) {
    // RisuAI users all come from a handful of aws lambda IPs so we cannot use
    // IP alone to distinguish between them and prevent usertoken sharing.
    // Risu sends a signed token in the request headers with an anonymous user
    // ID that we can instead use to associate requests with an individual.
    const ip = req.risuToken?.length
      ? `risu${req.risuToken}-${req.ip}`
      : req.ip;
    const { user, result } = authenticate(token, ip);
    switch (result) {
      case "success":
        req.user = user;
        return next();
      case "limited":
        return sendError(
          req,
          res,
          403,
          `Forbidden: no more IP addresses allowed for this user token`,
          { currentIp: ip, maxIps: user?.maxIps }
        );
      case "disabled":
        const bannedUser = getUser(token);
        if (bannedUser?.disabledAt) {
          const reason = bannedUser.disabledReason || "User token disabled";
          return sendError(req, res, 403, `Forbidden: ${reason}`);
        }
    }
  }
  sendError(req, res, 401, "Unauthorized");
 };
 function sendError(
  req: Request,
  res: Response,
  status: number,
  message: string,
  data: any = {}
 ) {
  const isPost = req.method === "POST";
  const hasBody = isPost && req.body;
  const hasModel = hasBody && req.body.model;
  if (!hasModel) {
    return res.status(status).json({ error: message });
  }
  sendErrorToClient({
    req,
    res,
    options: {
      title: `Proxy gatekeeper error (HTTP ${status})`,
      message,
      format: "unknown",
      statusCode: status,
      reqId: req.id,
      obj: data,
    },
  });
 }
@@ -0,0 +1,257 @@
 import { Request, RequestHandler, Router } from "express";
 import { config } from "../config";
 import { transformAnthropicChatResponseToOpenAI } from "./anthropic";
 import { ipLimiter } from "./rate-limit";
 import {
  createPreprocessorMiddleware,
  finalizeSignedRequest,
  signGcpRequest,
 } from "./middleware/request";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 import { validateClaude41OpusParameters } from "../shared/claude-4-1-validation";
 const LATEST_GCP_SONNET_MINOR_VERSION = "20240229";
 let modelsCache: any = null;
 let modelsCacheTime = 0;
 const getModelsResponse = () => {
  if (new Date().getTime() - modelsCacheTime < 1000 * 60) {
    return modelsCache;
  }
  if (!config.gcpCredentials) return { object: "list", data: [] };
  // https://docs.anthropic.com/en/docs/about-claude/models
  const variants = [
    "claude-3-haiku@20240307",
    "claude-3-5-haiku@20241022",
    "claude-3-5-sonnet@20240620",
    "claude-3-5-sonnet-v2@20241022",
    "claude-3-7-sonnet@20250219",
    "claude-sonnet-4@20250514",
    "claude-opus-4@20250514",
    "claude-opus-4-1@20250805",
  ];
  const models = variants.map((id) => ({
    id,
    object: "model",
    created: new Date().getTime(),
    owned_by: "anthropic",
    permission: [],
    root: "claude",
    parent: null,
  }));
  modelsCache = { object: "list", data: models };
  modelsCacheTime = new Date().getTime();
  return modelsCache;
 };
 const handleModelRequest: RequestHandler = (_req, res) => {
  res.status(200).json(getModelsResponse());
 };
 const gcpBlockingResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  let newBody = body;
  switch (`${req.inboundApi}<-${req.outboundApi}`) {
    case "openai<-anthropic-chat":
      req.log.info("Transforming Anthropic Chat back to OpenAI format");
      newBody = transformAnthropicChatResponseToOpenAI(body);
      break;
  }
  res.status(200).json({ ...newBody, proxy: body.proxy });
 };
 const gcpProxy = createQueuedProxyMiddleware({
  target: ({ signedRequest }) => {
    if (!signedRequest) throw new Error("Must sign request before proxying");
    return `${signedRequest.protocol}//${signedRequest.hostname}`;
  },
  mutations: [signGcpRequest, finalizeSignedRequest],
  blockingResponseHandler: gcpBlockingResponseHandler,
 });
 const oaiToChatPreprocessor = createPreprocessorMiddleware(
  { inApi: "openai", outApi: "anthropic-chat", service: "gcp" },
  { afterTransform: [maybeReassignModel] }
 );
 /**
 * Routes an OpenAI prompt to either the legacy Claude text completion endpoint
 * or the new Claude chat completion endpoint, based on the requested model.
 */
 const preprocessOpenAICompatRequest: RequestHandler = (req, res, next) => {
  oaiToChatPreprocessor(req, res, next);
 };
 const gcpRouter = Router();
 gcpRouter.get("/v1/models", handleModelRequest);
 // Native Anthropic chat completion endpoint.
 gcpRouter.post(
  "/v1/messages",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "anthropic-chat", outApi: "anthropic-chat", service: "gcp" },
    { afterTransform: [maybeReassignModel] }
  ),
  gcpProxy
 );
 // OpenAI-to-GCP Anthropic compatibility endpoint.
 gcpRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  preprocessOpenAICompatRequest,
  gcpProxy
 );
 /**
 * Tries to deal with:
 * - frontends sending GCP model names even when they want to use the OpenAI-
 *   compatible endpoint
 * - frontends sending Anthropic model names that GCP doesn't recognize
 * - frontends sending OpenAI model names because they expect the proxy to
 *   translate them
 *
 * If client sends GCP model ID it will be used verbatim. Otherwise, various
 * strategies are used to try to map a non-GCP model name to GCP model ID.
 */
 function maybeReassignModel(req: Request) {
  // Validate Claude 4.1 Opus parameters before processing
  validateClaude41OpusParameters(req);
  const model = req.body.model;
  const DEFAULT_MODEL = "claude-3-5-sonnet-v2@20241022";
  // If it looks like an GCP model, use it as-is
  if (model.startsWith("claude-") && model.includes("@")) {
    return;
  }
  // Anthropic model names can look like:
  // - claude-3-sonnet
  // - claude-3.5-sonnet
  // - claude-3-5-haiku
  // - claude-3-5-haiku-latest
  // - claude-3-5-sonnet-20240620
  // - claude-opus-4-1 (new format)
  // - claude-4.1-opus (alternative format)
  const pattern = /^claude-(?:(\d+)[.-]?(\d)?-(sonnet|opus|haiku)(?:-(latest|\d+))?|(opus|sonnet|haiku)-(\d+)[.-]?(\d)?(?:-(latest|\d+))?)/i;
  const match = model.match(pattern);
  if (!match) {
    req.body.model = DEFAULT_MODEL;
    return;
  }
  // Handle both formats: claude-3-5-sonnet and claude-opus-4-1
  const [_, major1, minor1, flavor1, rev1, flavor2, major2, minor2, rev2] = match;
  let major, minor, flavor, rev;
  if (major1) {
    // Old format: claude-3-5-sonnet
    major = major1;
    minor = minor1;
    flavor = flavor1;
    rev = rev1;
  } else {
    // New format: claude-opus-4-1
    major = major2;
    minor = minor2;
    flavor = flavor2;
    rev = rev2;
  }
  const ver = minor ? `${major}.${minor}` : major;
  switch (ver) {
    case "3":
    case "3.0":
      switch (flavor) {
        case "haiku":
          req.body.model = "claude-3-haiku@20240307";
          break;
        case "opus":
          req.body.model = "claude-3-opus@20240229";
          break;
        case "sonnet":
          req.body.model = "claude-3-sonnet@20240229";
          break;
        default:
          req.body.model = "claude-3-sonnet@20240229";
      }
      return;
    case "3.5":
      switch (flavor) {
        case "haiku":
          req.body.model = "claude-3-5-haiku@20241022";
          return;
        case "opus":
          // no 3.5 opus yet
          req.body.model = DEFAULT_MODEL;
          return;
        case "sonnet":
          if (rev === "20240620") {
            req.body.model = "claude-3-5-sonnet@20240620";
          } else {
            // includes -latest, edit if anthropic actually releases 3.5 sonnet v3
            req.body.model = DEFAULT_MODEL;
          }
          return;
        default:
          req.body.model = DEFAULT_MODEL;
      }
      return;
    case "3.7":
      switch (flavor) {
        case "sonnet":
          req.body.model = "claude-3-7-sonnet@20250219";
          return;
      }
      break;
    case "4":
    case "4.0":
      switch (flavor) {
        case "opus":
          req.body.model = "claude-opus-4@20250514";
          return;
        case "sonnet":
          req.body.model = "claude-sonnet-4@20250514";
          return;
        default:
          req.body.model = DEFAULT_MODEL;
      }
      break;
    case "4.1":
      switch (flavor) {
        case "opus":
          req.body.model = "claude-opus-4-1@20250805";
          return;
        default:
          req.body.model = DEFAULT_MODEL;
      }
      break;
    default:
      req.body.model = DEFAULT_MODEL;
  }
 }
 export const gcp = gcpRouter;
@@ -0,0 +1,296 @@
 import { Request, RequestHandler, Router, Response, NextFunction } from "express";
 import { v4 } from "uuid";
 import { GoogleAIKey, keyPool } from "../shared/key-management";
 import { config } from "../config";
 import { ipLimiter } from "./rate-limit";
 import {
  createPreprocessorMiddleware,
  finalizeSignedRequest,
 } from "./middleware/request";
 import { ProxyResHandlerWithBody } from "./middleware/response";
 import { addGoogleAIKey } from "./middleware/request/mutators/add-google-ai-key";
 import { createQueuedProxyMiddleware } from "./middleware/request/proxy-middleware-factory";
 import axios from "axios";
 let modelsCache: any = null;
 let modelsCacheTime = 0;
 // Cache for native Google AI models
 let nativeModelsCache: any = null;
 let nativeModelsCacheTime = 0;
 // https://ai.google.dev/models/gemini
 // TODO: list models https://ai.google.dev/tutorials/rest_quickstart#list_models
 const getModelsResponse = () => {
  if (new Date().getTime() - modelsCacheTime < 1000 * 60) {
    return modelsCache;
  }
  if (!config.googleAIKey) return { object: "list", data: [] };
  const keys = keyPool
    .list()
    .filter((k) => k.service === "google-ai") as GoogleAIKey[];
  if (keys.length === 0) {
    modelsCache = { object: "list", data: [] };
    modelsCacheTime = new Date().getTime();
    return modelsCache;
  }
  // Get all model IDs from keys, excluding any with "bard" in the name
  const modelIds = Array.from(
    new Set(keys.map((k) => k.modelIds).flat())
  ).filter((id) => id.startsWith("models/") && !id.includes("bard"));
  // Strip "models/" prefix from IDs before creating model objects
  const models = modelIds.map((id) => ({
    // Strip "models/" prefix from ID for consistency with request processing
    id: id.startsWith("models/") ? id.slice("models/".length) : id,
    object: "model",
    created: new Date().getTime(),
    owned_by: "google",
    permission: [],
    root: "google",
    parent: null,
  }));
  modelsCache = { object: "list", data: models };
  modelsCacheTime = new Date().getTime();
  return modelsCache;
 };
 // Function to fetch native models from Google AI API
 const getNativeModelsResponse = async () => {
  // Return cached value if it was refreshed in the last minute
  if (new Date().getTime() - nativeModelsCacheTime < 1000 * 60) {
    return nativeModelsCache;
  }
  /*
   * The official Google API requires an API key.  However SillyTavern only needs
   * a list of model IDs and does not care about any other model metadata.  We
   * can therefore generate a **synthetic** response from the keys already
   * loaded into the proxy (same source we use for the OpenAI-compatible
   * endpoint) and completely avoid the outbound request.  This removes the
   * need for the frontend to supply the proxy password as an API key and
   * prevents 4xx/5xx errors when the real Google API is unreachable or the key
   * is missing.
   */
  const openaiStyle = getModelsResponse();
  const models = (openaiStyle.data || []).map((m: any) => ({
    // Google AI Studio returns names in the format "models/<id>"
    name: `models/${m.id}`,
    supportedGenerationMethods: ["generateContent"],
  }));
  nativeModelsCache = { models };
  nativeModelsCacheTime = new Date().getTime();
  return nativeModelsCache;
 };
 const handleModelRequest: RequestHandler = (_req: Request, res: any) => {
  res.status(200).json(getModelsResponse());
 };
 // Native Gemini API model list request
 const handleNativeModelRequest: RequestHandler = async (_req: Request, res: any) => {
  try {
    const modelsResponse = await getNativeModelsResponse();
    res.status(200).json(modelsResponse);
  } catch (error) {
    console.error("Error in handleNativeModelRequest:", error);
    res.status(500).json({ error: "Failed to fetch models" });
  }
 };
 const googleAIBlockingResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  let newBody = body;
  if (req.inboundApi === "openai") {
    req.log.info("Transforming Google AI response to OpenAI format");
    newBody = transformGoogleAIResponse(body, req);
  }
  res.status(200).json({ ...newBody, proxy: body.proxy });
 };
 function transformGoogleAIResponse(
  resBody: Record<string, any>,
  req: Request
 ): Record<string, any> {
  const totalTokens = (req.promptTokens ?? 0) + (req.outputTokens ?? 0);
  // Handle the case where content might have different structures
  let content = "";
  // Check if the response has the expected structure
  if (resBody.candidates && resBody.candidates[0]) {
    const candidate = resBody.candidates[0];
    // Extract content text with multiple fallbacks
    if (candidate.content?.parts && candidate.content.parts[0]?.text) {
      // Regular format with parts array containing text
      content = candidate.content.parts[0].text;
    } else if (candidate.content?.text) {
      // Alternate format with direct text property
      content = candidate.content.text;
    } else if (typeof candidate.content?.parts?.[0] === 'string') {
      // Some formats might have string parts
      content = candidate.content.parts[0];
    }
    // Apply cleanup to the content if needed
    content = content.replace(/^(.{0,50}?): /, () => "");
  }
  return {
    id: "goo-" + v4(),
    object: "chat.completion",
    created: Date.now(),
    model: req.body.model,
    usage: {
      prompt_tokens: req.promptTokens,
      completion_tokens: req.outputTokens,
      total_tokens: totalTokens,
    },
    choices: [
      {
        message: { role: "assistant", content },
        finish_reason: resBody.candidates?.[0]?.finishReason || "STOP",
        index: 0,
      },
    ],
  };
 }
 const googleAIProxy = createQueuedProxyMiddleware({
  target: ({ signedRequest }: { signedRequest: any }) => {
    if (!signedRequest) throw new Error("Must sign request before proxying");
    const { protocol, hostname} = signedRequest;
    return `${protocol}//${hostname}`;
  },
  mutations: [addGoogleAIKey, finalizeSignedRequest],
  blockingResponseHandler: googleAIBlockingResponseHandler,
 });
 const googleAIRouter = Router();
 googleAIRouter.get("/v1/models", handleModelRequest);
 googleAIRouter.get("/:apiVersion(v1alpha|v1beta)/models", handleNativeModelRequest);
 /**
 * Processes the thinking budget for Gemini 2.5 Flash model.
 * Validation has been disabled - budget is passed through without limits.
 */
 function processThinkingBudget(req: Request) {
  // Validation disabled - budget is passed through without any range limits
  // Previously enforced 0-24576 token limit
 }
 function setStreamFlag(req: Request) {
  const isStreaming = req.url.includes("streamGenerateContent");
  if (isStreaming) {
    req.body.stream = true;
    req.isStreaming = true;
  } else {
    req.body.stream = false;
    req.isStreaming = false;
  }
 }
 /**
 * Strips 'models/' prefix from the beginning of model IDs if present.
 * No longer forces redirection to gemini-1.5-pro-latest for non-Gemini models.
 **/
 function maybeReassignModel(req: Request) {
  // Ensure model is on body as a lot of middleware will expect it.
  const model = req.body.model || req.url.split("/").pop()?.split(":").shift();
  if (!model) {
    throw new Error("You must specify a model with your request.");
  }
  req.body.model = model;
  // Only strip the 'models/' prefix if present
  if (model.startsWith("models/")) {
    req.body.model = model.slice("models/".length);
    req.log.info({ originalModel: model, updatedModel: req.body.model }, "Stripped 'models/' prefix from model ID");
  }
  // No longer redirecting non-Gemini models to gemini-1.5-pro-latest
  // This allows the original model to be passed through to the API
  // If it's an invalid model, the Google AI API will return the appropriate error
 }
 /**
 * Middleware to check for and block requests to experimental models.
 * This function is intended to be used as a RequestPreprocessor.
 * It throws an error if an experimental model is detected, which should be
 * caught by the proxy's onError handler.
 * 
 * Models can be allowed through the ALLOWED_EXP_MODELS environment variable.
 */
 function checkAndBlockExperimentalModels(req: Request) { // Changed signature
  const modelId = req.body.model as string | undefined;
  // Check if the model ID contains "exp" (case-insensitive)
  if (modelId && modelId.toLowerCase().includes("exp")) {
    // Check if this specific model is in the allowlist
    const allowedModels = config.allowedExpModels
      ?.split(",")
      .map(model => model.trim())
      .filter(model => model.length > 0) || [];
    const isAllowed = allowedModels.some(allowedModel => 
      modelId.toLowerCase() === allowedModel.toLowerCase()
    );
    if (isAllowed) {
      req.log.info({ modelId }, "Allowing experimental Google AI model via allowlist.");
      return; // Allow the request to proceed
    }
    req.log.warn({ modelId }, "Blocking request to experimental Google AI model.");
    const err: any = new Error("Experimental models are too unstable to be supported in proxy code. Please use preview models instead.");
    err.statusCode = 400;
    throw err;
  }
  // If no experimental model, do nothing, allowing request to proceed.
 }
 // Native Google AI chat completion endpoint
 googleAIRouter.post(
  "/:apiVersion(v1alpha|v1beta)/models/:modelId:(generateContent|streamGenerateContent)",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "google-ai", outApi: "google-ai", service: "google-ai" },
    { 
      beforeTransform: [maybeReassignModel], 
      afterTransform: [checkAndBlockExperimentalModels, setStreamFlag, processThinkingBudget] 
    }
  ),
  googleAIProxy
 );
 // OpenAI-to-Google AI compatibility endpoint.
 googleAIRouter.post(
  "/v1/chat/completions",
  ipLimiter,
  createPreprocessorMiddleware(
    { inApi: "openai", outApi: "google-ai", service: "google-ai" },
    { 
      afterTransform: [maybeReassignModel, checkAndBlockExperimentalModels, processThinkingBudget] 
    }
  ),
  googleAIProxy
 );
 export const googleAI = googleAIRouter;
@@ -1,106 +0,0 @@
 /* Pretends to be a KoboldAI API endpoint and translates incoming Kobold
 requests to OpenAI API equivalents. */
 import { Request, Response, Router } from "express";
 import http from "http";
 import { createProxyMiddleware } from "http-proxy-middleware";
 import { config } from "../config";
 import { logger } from "../logger";
 import { ipLimiter } from "./rate-limit";
 import { handleProxyError } from "./middleware/common";
 import {
  addKey,
  createPreprocessorMiddleware,
  finalizeBody,
  languageFilter,
  transformKoboldPayload,
 } from "./middleware/request";
 import {
  createOnProxyResHandler,
  ProxyResHandlerWithBody,
 } from "./middleware/response";
 export const handleModelRequest = (_req: Request, res: Response) => {
  res.status(200).json({ result: "Connected to OpenAI reverse proxy" });
 };
 export const handleSoftPromptsRequest = (_req: Request, res: Response) => {
  res.status(200).json({ soft_prompts_list: [] });
 };
 const rewriteRequest = (
  proxyReq: http.ClientRequest,
  req: Request,
  res: Response
 ) => {
  req.body.stream = false;
  const rewriterPipeline = [
    addKey,
    transformKoboldPayload,
    languageFilter,
    finalizeBody,
  ];
  try {
    for (const rewriter of rewriterPipeline) {
      rewriter(proxyReq, req, res, {});
    }
  } catch (error) {
    logger.error(error, "Error while executing proxy rewriter");
    proxyReq.destroy(error as Error);
  }
 };
 const koboldResponseHandler: ProxyResHandlerWithBody = async (
  _proxyRes,
  req,
  res,
  body
 ) => {
  if (typeof body !== "object") {
    throw new Error("Expected body to be an object");
  }
  const koboldResponse = {
    results: [{ text: body.choices[0].message.content }],
    model: body.model,
    ...(config.promptLogging && {
      proxy_note: `Prompt logging is enabled on this proxy instance. See ${req.get(
        "host"
      )} for more information.`,
    }),
  };
  res.send(JSON.stringify(koboldResponse));
 };
 const koboldOaiProxy = createProxyMiddleware({
  target: "https://api.openai.com",
  changeOrigin: true,
  pathRewrite: {
    "^/api/v1/generate": "/v1/chat/completions",
  },
  on: {
    proxyReq: rewriteRequest,
    proxyRes: createOnProxyResHandler([koboldResponseHandler]),
    error: handleProxyError,
  },
  selfHandleResponse: true,
  logger,
 });
 const koboldRouter = Router();
 koboldRouter.get("/api/v1/model", handleModelRequest);
 koboldRouter.get("/api/v1/config/soft_prompts_list", handleSoftPromptsRequest);
 koboldRouter.post(
  "/api/v1/generate",
  ipLimiter,
  createPreprocessorMiddleware({ inApi: "kobold", outApi: "openai" }),
  koboldOaiProxy
 );
 koboldRouter.use((req, res) => {
  logger.warn(`Unhandled kobold request: ${req.method} ${req.path}`);
  res.status(404).json({ error: "Not found" });
 });
 export const kobold = koboldRouter;
@@ -1,143 +1,323 @@
 import { Request, Response } from "express";
-import httpProxy from "http-proxy";
+import http from "http";
 import { Socket } from "net";
 import { ZodError } from "zod";
 import { generateErrorMessage } from "zod-error";
 import { HttpError } from "../../shared/errors";
 import { assertNever } from "../../shared/utils";
 import { QuotaExceededError } from "./request/preprocessors/apply-quota-limits";
 import { sendErrorToClient } from "./response/error-generator";
 const OPENAI_CHAT_COMPLETION_ENDPOINT = "/v1/chat/completions";
 const OPENAI_TEXT_COMPLETION_ENDPOINT = "/v1/completions";
 const OPENAI_EMBEDDINGS_ENDPOINT = "/v1/embeddings";
 const OPENAI_IMAGE_COMPLETION_ENDPOINT = "/v1/images/generations";
 const OPENAI_RESPONSES_ENDPOINT = "/v1/responses";
 const ANTHROPIC_COMPLETION_ENDPOINT = "/v1/complete";
 const ANTHROPIC_MESSAGES_ENDPOINT = "/v1/messages";
 const ANTHROPIC_SONNET_COMPAT_ENDPOINT = "/v1/sonnet";
 const ANTHROPIC_OPUS_COMPAT_ENDPOINT = "/v1/opus";
 const GOOGLE_AI_ALPHA_COMPLETION_ENDPOINT = "/v1alpha/models";
 const GOOGLE_AI_BETA_COMPLETION_ENDPOINT = "/v1beta/models";
-/** Returns true if we're making a request to a completion endpoint. */
+export function isTextGenerationRequest(req: Request) {
 export function isCompletionRequest(req: Request) {
  return (
    req.method === "POST" &&
-    [OPENAI_CHAT_COMPLETION_ENDPOINT, ANTHROPIC_COMPLETION_ENDPOINT].some(
+    [
-      (endpoint) => req.path.startsWith(endpoint)
+      OPENAI_CHAT_COMPLETION_ENDPOINT,
-    )
+      OPENAI_TEXT_COMPLETION_ENDPOINT,
      OPENAI_RESPONSES_ENDPOINT,
      ANTHROPIC_COMPLETION_ENDPOINT,
      ANTHROPIC_MESSAGES_ENDPOINT,
      ANTHROPIC_SONNET_COMPAT_ENDPOINT,
      ANTHROPIC_OPUS_COMPAT_ENDPOINT,
      GOOGLE_AI_ALPHA_COMPLETION_ENDPOINT,
      GOOGLE_AI_BETA_COMPLETION_ENDPOINT,
    ].some((endpoint) => req.path.startsWith(endpoint))
  );
 }
-export function writeErrorResponse(
+export function isImageGenerationRequest(req: Request) {
  return (
    req.method === "POST" &&
    req.path.startsWith(OPENAI_IMAGE_COMPLETION_ENDPOINT)
  );
 }
 export function isEmbeddingsRequest(req: Request) {
  return (
    req.method === "POST" && req.path.startsWith(OPENAI_EMBEDDINGS_ENDPOINT)
  );
 }
 export function sendProxyError(
  req: Request,
  res: Response,
  statusCode: number,
  statusMessage: string,
  errorPayload: Record<string, any>
 ) {
-  const errorSource = errorPayload.error?.type?.startsWith("proxy")
+  const msg =
-    ? "proxy"
+    statusCode === 500
-    : "upstream";
+      ? `The proxy encountered an error while trying to process your prompt.`
      : `The proxy encountered an error while trying to send your prompt to the API.`;
-  // If we're mid-SSE stream, send a data event with the error payload and end
+  sendErrorToClient({
-  // the stream. Otherwise just send a normal error response.
+    options: {
-  if (
+      format: req.inboundApi,
-    res.headersSent ||
+      title: `Proxy error (HTTP ${statusCode} ${statusMessage})`,
-    res.getHeader("content-type") === "text/event-stream"
+      message: `${msg} Further details are provided below.`,
-  ) {
+      obj: errorPayload,
-    const errorContent =
+      reqId: req.id,
-      statusCode === 403
+      model: req.body?.model,
-        ? JSON.stringify(errorPayload)
+    },
-        : JSON.stringify(errorPayload, null, 2);
+    req,
-
+    res,
-    const msg = buildFakeSseMessage(
+  });
      `${errorSource} error (${statusCode})`,
      errorContent,
      req
    );
    res.write(msg);
    res.write(`data: [DONE]\n\n`);
    res.end();
  } else {
    if (req.debug) {
      errorPayload.error.proxy_tokenizer_debug_info = req.debug;
    }
    res.status(statusCode).json(errorPayload);
  }
 }
-export const handleProxyError: httpProxy.ErrorCallback = (err, req, res) => {
+/**
-  req.log.error({ err }, `Error during proxy request middleware`);
+ * Handles errors thrown during preparation of a proxy request (before it is
-  handleInternalError(err, req as Request, res as Response);
+ * sent to the upstream API), typically due to validation, quota, or other
-};
+ * pre-flight checks. Depending on the error class, this function will send an
-
+ * appropriate error response to the client, streaming it if necessary.
-export const handleInternalError = (
+ */
 export const classifyErrorAndSend = (
  err: Error,
  req: Request,
-  res: Response
+  res: Response | Socket
 ) => {
  if (res instanceof Socket) {
    // We should always have an Express response object here, but http-proxy's
    // ErrorCallback type says it could be just a Socket.
    req.log.error(err, "Caught error while proxying request to target but cannot send error response to client.");
    return res.destroy();
  }
  try {
-    const isZod = err instanceof ZodError;
+    const { statusCode, statusMessage, userMessage, ...errorDetails } =
-    const isForbidden = err.name === "ForbiddenError";
+      classifyError(err);
-    if (isZod) {
+    sendProxyError(req, res, statusCode, statusMessage, {
-      writeErrorResponse(req, res, 400, {
+      error: { message: userMessage, ...errorDetails },
-        error: {
+    });
-          type: "proxy_validation_error",
+  } catch (error) {
-          proxy_note: `Reverse proxy couldn't validate your request when trying to transform it. Your client may be sending invalid data.`,
+    req.log.error(error, `Error writing error response headers, giving up.`);
-          issues: err.issues,
+    res.end();
          stack: err.stack,
          message: err.message,
        },
      });
    } else if (isForbidden) {
      // Spoofs a vaguely threatening OpenAI error message. Only invoked by the
      // block-zoomers rewriter to scare off tiktokers.
      writeErrorResponse(req, res, 403, {
        error: {
          type: "organization_account_disabled",
          code: "policy_violation",
          param: null,
          message: err.message,
        },
      });
    } else {
      writeErrorResponse(req, res, 500, {
        error: {
          type: "proxy_internal_error",
          proxy_note: `Reverse proxy encountered an error before it could reach the upstream API.`,
          message: err.message,
          stack: err.stack,
        },
      });
    }
  } catch (e) {
    req.log.error(
      { error: e },
      `Error writing error response headers, giving up.`
    );
  }
 };
-export function buildFakeSseMessage(
+function classifyError(err: Error): {
-  type: string,
+  /** HTTP status code returned to the client. */
-  string: string,
+  statusCode: number;
-  req: Request
+  /** HTTP status message returned to the client. */
-) {
+  statusMessage: string;
-  let fakeEvent;
+  /** Message displayed to the user. */
-  const useBackticks = !type.includes("403");
+  userMessage: string;
-  const msgContent = useBackticks
+  /** Short error type, e.g. "proxy_validation_error". */
-    ? `\`\`\`\n[${type}: ${string}]\n\`\`\`\n`
+  type: string;
-    : `[${type}: ${string}]`;
+} & Record<string, any> {
  const defaultError = {
    statusCode: 500,
    statusMessage: "Internal Server Error",
    userMessage: `Reverse proxy error: ${err.message}`,
    type: "proxy_internal_error",
    stack: err.stack,
  };
-  if (req.inboundApi === "anthropic") {
+  switch (err.constructor.name) {
-    fakeEvent = {
+    case "HttpError":
-      completion: msgContent,
+      const statusCode = (err as HttpError).status;
-      stop_reason: type,
+      return {
-      truncated: false, // I've never seen this be true
+        statusCode,
-      stop: null,
+        statusMessage: `HTTP ${statusCode} ${http.STATUS_CODES[statusCode]}`,
-      model: req.body?.model,
+        userMessage: `Reverse proxy error: ${err.message}`,
-      log_id: "proxy-req-" + req.id,
+        type: "proxy_http_error",
-    };
+      };
-  } else {
+    case "BadRequestError":
-    fakeEvent = {
+      return {
-      id: "chatcmpl-" + req.id,
+        statusCode: 400,
-      object: "chat.completion.chunk",
+        statusMessage: "Bad Request",
-      created: Date.now(),
+        userMessage: `Request is not valid. (${err.message})`,
-      model: req.body?.model,
+        type: "proxy_bad_request",
-      choices: [
+      };
-        {
+    case "NotFoundError":
-          delta: { content: msgContent },
+      return {
-          index: 0,
+        statusCode: 404,
-          finish_reason: type,
+        statusMessage: "Not Found",
        userMessage: `Requested resource not found. (${err.message})`,
        type: "proxy_not_found",
      };
    case "PaymentRequiredError":
      return {
        statusCode: 402,
        statusMessage: "No Keys Available",
        userMessage: err.message,
        type: "proxy_no_keys_available",
      };
    case "ZodError":
      const userMessage = generateErrorMessage((err as ZodError).issues, {
        prefix: "Request validation failed. ",
        path: { enabled: true, label: null, type: "breadcrumbs" },
        code: { enabled: false },
        maxErrors: 3,
        transform: ({ issue, ...rest }) => {
          return `At '${rest.pathComponent}': ${issue.message}`;
        },
-      ],
+      });
-    };
+      return {
        statusCode: 400,
        statusMessage: "Bad Request",
        userMessage,
        type: "proxy_validation_error",
      };
    case "ZoomerForbiddenError":
      // Mimics a ban notice from OpenAI, thrown when blockZoomerOrigins blocks
      // a request.
      return {
        statusCode: 403,
        statusMessage: "Forbidden",
        userMessage: `Your account has been disabled for violating our terms of service.`,
        type: "organization_account_disabled",
        code: "policy_violation",
      };
    case "ForbiddenError":
      return {
        statusCode: 403,
        statusMessage: "Forbidden",
        userMessage: `Request is not allowed. (${err.message})`,
        type: "proxy_forbidden",
      };
    case "QuotaExceededError":
      return {
        statusCode: 429,
        statusMessage: "Too Many Requests",
        userMessage: `You've exceeded your token quota for this model type.`,
        type: "proxy_quota_exceeded",
        info: (err as QuotaExceededError).quotaInfo,
      };
    case "Error":
      if ("code" in err) {
        switch (err.code) {
          case "ENOTFOUND":
            return {
              statusCode: 502,
              statusMessage: "Bad Gateway",
              userMessage: `Reverse proxy encountered a DNS error while trying to connect to the upstream service.`,
              type: "proxy_network_error",
              code: err.code,
            };
          case "ECONNREFUSED":
            return {
              statusCode: 502,
              statusMessage: "Bad Gateway",
              userMessage: `Reverse proxy couldn't connect to the upstream service.`,
              type: "proxy_network_error",
              code: err.code,
            };
          case "ECONNRESET":
            return {
              statusCode: 504,
              statusMessage: "Gateway Timeout",
              userMessage: `Reverse proxy timed out while waiting for the upstream service to respond.`,
              type: "proxy_network_error",
              code: err.code,
            };
        }
      }
      return defaultError;
    default:
      return defaultError;
  }
 }
 export function getCompletionFromBody(req: Request, body: Record<string, any>) {
  const format = req.outboundApi;
  switch (format) {
    case "openai":
    case "mistral-ai":
      // Few possible values:
      // - choices[0].message.content
      // - choices[0].message with no content if model is invoking a tool
      return body.choices?.[0]?.message?.content || "";
    case "openai-responses":
      // Handle the original Responses API format
      if (body.output && Array.isArray(body.output)) {
        // Look for a message type in the output array
        for (const item of body.output) {
          if (item.type === "message" && item.content && Array.isArray(item.content)) {
            // Extract text content from each content item
            return item.content
              .filter((contentItem: any) => contentItem.type === "output_text")
              .map((contentItem: any) => contentItem.text)
              .join("");
          }
        }
      }
      // If we've been transformed to chat completion format already
      return body.choices?.[0]?.message?.content || "";
    case "mistral-text":
      return body.outputs?.[0]?.text || "";
    case "openai-text":
      return body.choices[0].text;
    case "anthropic-chat":
      if (!body.content) {
        req.log.error(
          { body: JSON.stringify(body) },
          "Received empty Anthropic chat completion"
        );
        return "";
      }
      return body.content
        .map(({ text, type }: { type: string; text: string }) =>
          type === "text" ? text : `[Unsupported content type: ${type}]`
        )
        .join("\n");
    case "anthropic-text":
      if (!body.completion) {
        req.log.error(
          { body: JSON.stringify(body) },
          "Received empty Anthropic text completion"
        );
        return "";
      }
      return body.completion.trim();
    case "google-ai":
      if ("choices" in body) {
        return body.choices[0].message.content;
      }
      const text = body.candidates[0].content?.parts?.[0]?.text;
      if (!text) {
        req.log.warn(
          { body: JSON.stringify(body) },
          "Received empty Google AI text completion"
        );
        return "";
      }
      return text;
    case "openai-image":
      return body.data?.map((item: any) => item.url).join("\n");
    default:
      assertNever(format);
  }
 }
 export function getModelFromBody(req: Request, resBody: Record<string, any>) {
  const format = req.outboundApi;
  switch (format) {
    case "openai":
    case "openai-text":
    case "openai-responses":
      return resBody.model;
    case "mistral-ai":
    case "mistral-text":
    case "openai-image":
    case "google-ai":
      // These formats don't have a model in the response body.
      return req.body.model;
    case "anthropic-chat":
    case "anthropic-text":
      // Anthropic confirms the model in the response, but AWS Claude doesn't.
      return resBody.model || req.body.model;
    default:
      assertNever(format);
  }
  return `data: ${JSON.stringify(fakeEvent)}\n\n`;
 }
@@ -1,32 +0,0 @@
 import { AnthropicKey, Key } from "../../../key-management";
 import { isCompletionRequest } from "../common";
 import { ProxyRequestMiddleware } from ".";
 /**
 * Some keys require the prompt to start with `\n\nHuman:`. There is no way to
 * know this without trying to send the request and seeing if it fails. If a
 * key is marked as requiring a preamble, it will be added here.
 */
 export const addAnthropicPreamble: ProxyRequestMiddleware = (
  _proxyReq,
  req
 ) => {
  if (!isCompletionRequest(req) || req.key?.service !== "anthropic") {
    return;
  }
  let preamble = "";
  let prompt = req.body.prompt;
  assertAnthropicKey(req.key);
  if (req.key.requiresPreamble) {
    preamble = prompt.startsWith("\n\nHuman:") ? "" : "\n\nHuman:";
    req.log.debug({ key: req.key.hash, preamble }, "Adding preamble to prompt");
  }
  req.body.prompt = preamble + prompt;
 };
 function assertAnthropicKey(key: Key): asserts key is AnthropicKey {
  if (key.service !== "anthropic") {
    throw new Error(`Expected an Anthropic key, got '${key.service}'`);
  }
 }
@@ -1,65 +0,0 @@
 import { Key, keyPool } from "../../../key-management";
 import { isCompletionRequest } from "../common";
 import { ProxyRequestMiddleware } from ".";
 /** Add a key that can service this request to the request object. */
 export const addKey: ProxyRequestMiddleware = (proxyReq, req) => {
  let assignedKey: Key;
  if (!isCompletionRequest(req)) {
    // Horrible, horrible hack to stop the proxy from complaining about clients
    // not sending a model when they are requesting the list of models (which
    // requires a key, but obviously not a model).
    // TODO: shouldn't even proxy /models to the upstream API, just fake it
    // using the models our key pool has available.
    req.body.model = "gpt-3.5-turbo";
  }
  if (!req.inboundApi || !req.outboundApi) {
    const err = new Error(
      "Request API format missing. Did you forget to add the request preprocessor to your router?"
    );
    req.log.error(
      { in: req.inboundApi, out: req.outboundApi, path: req.path },
      err.message
    );
    throw err;
  }
  if (!req.body?.model) {
    throw new Error("You must specify a model with your request.");
  }
  // This should happen somewhere else but addKey is guaranteed to run first.
  req.isStreaming = req.body.stream === true || req.body.stream === "true";
  req.body.stream = req.isStreaming;
  // Anthropic support has a special endpoint that accepts OpenAI-formatted
  // requests and translates them into Anthropic requests.  On this endpoint,
  // the requested model is an OpenAI one even though we're actually sending
  // an Anthropic request.
  // For such cases, ignore the requested model entirely.
  if (req.inboundApi === "openai" && req.outboundApi === "anthropic") {
    req.log.debug("Using an Anthropic key for an OpenAI-compatible request");
    assignedKey = keyPool.get("claude-v1");
  } else {
    assignedKey = keyPool.get(req.body.model);
  }
  req.key = assignedKey;
  req.log.info(
    {
      key: assignedKey.hash,
      model: req.body?.model,
      fromApi: req.inboundApi,
      toApi: req.outboundApi,
    },
    "Assigned key to request"
  );
  if (assignedKey.service === "anthropic") {
    proxyReq.setHeader("X-API-Key", assignedKey.key);
  } else {
    proxyReq.setHeader("Authorization", `Bearer ${assignedKey.key}`);
  }
 };
@@ -1,129 +0,0 @@
 import { Request } from "express";
 import { z } from "zod";
 import { config } from "../../../config";
 import { countTokens } from "../../../tokenization";
 import { RequestPreprocessor } from ".";
 const CLAUDE_MAX_CONTEXT = config.maxContextTokensAnthropic;
 const OPENAI_MAX_CONTEXT = config.maxContextTokensOpenAI;
 /**
 * Assigns `req.promptTokens` and `req.outputTokens` based on the request body
 * and outbound API format, which combined determine the size of the context.
 * If the context is too large, an error is thrown.
 * This preprocessor should run after any preprocessor that transforms the
 * request body.
 */
 export const checkContextSize: RequestPreprocessor = async (req) => {
  let prompt;
  switch (req.outboundApi) {
    case "openai":
      req.outputTokens = req.body.max_tokens;
      prompt = req.body.messages;
      break;
    case "anthropic":
      req.outputTokens = req.body.max_tokens_to_sample;
      prompt = req.body.prompt;
      break;
    default:
      throw new Error(`Unknown outbound API: ${req.outboundApi}`);
  }
  const result = await countTokens({ req, prompt, service: req.outboundApi });
  req.promptTokens = result.token_count;
  // TODO: Remove once token counting is stable
  req.log.debug({ result: result }, "Counted prompt tokens.");
  req.debug = req.debug ?? {};
  req.debug = { ...req.debug, ...result };
  maybeReassignModel(req);
  validateContextSize(req);
 };
 function validateContextSize(req: Request) {
  assertRequestHasTokenCounts(req);
  const promptTokens = req.promptTokens;
  const outputTokens = req.outputTokens;
  const contextTokens = promptTokens + outputTokens;
  const model = req.body.model;
  const proxyMax =
    (req.outboundApi === "openai" ? OPENAI_MAX_CONTEXT : CLAUDE_MAX_CONTEXT) ||
    Number.MAX_SAFE_INTEGER;
  let modelMax = 0;
  if (model.match(/gpt-3.5-turbo-16k/)) {
    modelMax = 16384;
  } else if (model.match(/gpt-3.5-turbo/)) {
    modelMax = 4096;
  } else if (model.match(/gpt-4-32k/)) {
    modelMax = 32768;
  } else if (model.match(/gpt-4/)) {
    modelMax = 8192;
  } else if (model.match(/claude-(?:instant-)?v1(?:\.\d)?(?:-100k)/)) {
    modelMax = 100000;
  } else if (model.match(/claude-(?:instant-)?v1(?:\.\d)?$/)) {
    modelMax = 9000;
  } else if (model.match(/claude-2/)) {
    modelMax = 100000;
  } else {
    // Don't really want to throw here because I don't want to have to update
    // this ASAP every time a new model is released.
    req.log.warn({ model }, "Unknown model, using 100k token limit.");
    modelMax = 100000;
  }
  const finalMax = Math.min(proxyMax, modelMax);
  z.number()
    .int()
    .max(finalMax, {
      message: `Your request exceeds the context size limit for this model or proxy. (max: ${finalMax} tokens, requested: ${promptTokens} prompt + ${outputTokens} output = ${contextTokens} context tokens)`,
    })
    .parse(contextTokens);
  req.log.debug(
    { promptTokens, outputTokens, contextTokens, modelMax, proxyMax },
    "Prompt size validated"
  );
  req.debug.prompt_tokens = promptTokens;
  req.debug.max_model_tokens = modelMax;
  req.debug.max_proxy_tokens = proxyMax;
 }
 function assertRequestHasTokenCounts(
  req: Request
 ): asserts req is Request & { promptTokens: number; outputTokens: number } {
  z.object({
    promptTokens: z.number().int().min(1),
    outputTokens: z.number().int().min(1),
  })
    .nonstrict()
    .parse(req);
 }
 /**
 * For OpenAI-to-Anthropic requests, users can't specify the model, so we need
 * to pick one based on the final context size. Ideally this would happen in
 * the `transformOutboundPayload` preprocessor, but we don't have the context
 * size at that point (and need a transformed body to calculate it).
 */
 function maybeReassignModel(req: Request) {
  if (req.inboundApi !== "openai" || req.outboundApi !== "anthropic") {
    return;
  }
  const bigModel = process.env.CLAUDE_BIG_MODEL || "claude-v1-100k";
  const contextSize = req.promptTokens! + req.outputTokens!;
  if (contextSize > 8500) {
    req.log.debug(
      { model: bigModel, contextSize },
      "Using Claude 100k model for OpenAI-to-Anthropic request"
    );
    req.body.model = bigModel;
  }
  // Small model is the default already set in `transformOutboundPayload`
 }
@@ -1,14 +0,0 @@
 import { fixRequestBody } from "http-proxy-middleware";
 import type { ProxyRequestMiddleware } from ".";
 /** Finalize the rewritten request body. Must be the last rewriter. */
 export const finalizeBody: ProxyRequestMiddleware = (proxyReq, req) => {
  if (["POST", "PUT", "PATCH"].includes(req.method ?? "") && req.body) {
    const updatedBody = JSON.stringify(req.body);
    proxyReq.setHeader("Content-Length", Buffer.byteLength(updatedBody));
    (req as any).rawBody = Buffer.from(updatedBody);
    // body-parser and http-proxy-middleware don't play nice together
    fixRequestBody(proxyReq, req);
  }
 };
@@ -1,33 +1,38 @@
 import type { Request } from "express";
 import type { ClientRequest } from "http";
 import type { ProxyReqCallback } from "http-proxy";
-// Express middleware (runs before http-proxy-middleware, can be async)
+import { ProxyReqManager } from "./proxy-req-manager";
-export { createPreprocessorMiddleware } from "./preprocess";
+export {
-export { checkContextSize } from "./check-context-size";
+  createPreprocessorMiddleware,
-export { setApiFormat } from "./set-api-format";
+  createEmbeddingsPreprocessorMiddleware,
-export { transformOutboundPayload } from "./transform-outbound-payload";
+} from "./preprocessor-factory";
-// HPM middleware (runs on onProxyReq, cannot be async)
+// Preprocessors (runs before request is queued, usually body transformation/validation)
-export { addKey } from "./add-key";
+export { applyQuotaLimits } from "./preprocessors/apply-quota-limits";
-export { addAnthropicPreamble } from "./add-anthropic-preamble";
+export { blockZoomerOrigins } from "./preprocessors/block-zoomer-origins";
-export { blockZoomerOrigins } from "./block-zoomer-origins";
+export { countPromptTokens } from "./preprocessors/count-prompt-tokens";
-export { finalizeBody } from "./finalize-body";
+export { languageFilter } from "./preprocessors/language-filter";
-export { languageFilter } from "./language-filter";
+export { setApiFormat } from "./preprocessors/set-api-format";
-export { limitCompletions } from "./limit-completions";
+export { transformOutboundPayload } from "./preprocessors/transform-outbound-payload";
-export { removeOriginHeaders } from "./remove-origin-headers";
+export { validateContextSize } from "./preprocessors/validate-context-size";
-export { transformKoboldPayload } from "./transform-kobold-payload";
+export { validateModelFamily } from "./preprocessors/validate-model-family";
 export { validateVision } from "./preprocessors/validate-vision";
 // Proxy request mutators (runs every time request is dequeued, before proxying, usually for auth/signing)
 export { addKey, addKeyForEmbeddingsRequest } from "./mutators/add-key";
 export { addAzureKey } from "./mutators/add-azure-key";
 export { finalizeBody } from "./mutators/finalize-body";
 export { finalizeSignedRequest } from "./mutators/finalize-signed-request";
 export { signAwsRequest } from "./mutators/sign-aws-request";
 export { signGcpRequest } from "./mutators/sign-vertex-ai-request";
 export { stripHeaders } from "./mutators/strip-headers";
 /**
- * Middleware that runs prior to the request being handled by http-proxy-
+ * Middleware that runs prior to the request being queued or handled by
- * middleware.
+ * http-proxy-middleware. You will not have access to the proxied
 * request/response objects since they have not yet been sent to the API.
 *
- * Async functions can be used here, but you will not have access to the proxied
+ * User will have been authenticated by the proxy's gatekeeper, but the request
- * request/response objects, nor the data set by ProxyRequestMiddleware
+ * won't have been assigned an upstream API key yet.
 * functions as they have not yet been run.
 *
 * User will have been authenticated by the time this middleware runs, but your
 * request won't have been assigned an API key yet.
 *
 * Note that these functions only run once ever per request, even if the request
 * is automatically retried by the request queue middleware.
@@ -35,14 +40,14 @@ export { transformKoboldPayload } from "./transform-kobold-payload";
 export type RequestPreprocessor = (req: Request) => void | Promise<void>;
 /**
- * Middleware that runs immediately before the request is sent to the API in
+ * Middleware that runs immediately before the request is proxied to the
- * response to http-proxy-middleware's `proxyReq` event.
+ * upstream API, after dequeueing the request from the request queue.
 *
- * Async functions cannot be used here as HPM's event emitter is not async and
+ * Because these middleware may be run multiple times per request if a retryable
- * will not wait for the promise to resolve before sending the request.
+ * error occurs and the request put back in the queue, they must be idempotent.
- *
+ * A change manager is provided to allow the middleware to make changes to the
- * Note that these functions may be run multiple times per request if the
+ * request which can be automatically reverted.
 * first attempt is rate limited and the request is automatically retried by the
 * request queue middleware.
 */
-export type ProxyRequestMiddleware = ProxyReqCallback<ClientRequest, Request>;
+export type ProxyReqMutator = (
  changeManager: ProxyReqManager
 ) => void | Promise<void>;
@@ -1,51 +0,0 @@
 import { Request } from "express";
 import { config } from "../../../config";
 import { logger } from "../../../logger";
 import { isCompletionRequest } from "../common";
 import { ProxyRequestMiddleware } from ".";
 const DISALLOWED_REGEX =
  /[\u2E80-\u2E99\u2E9B-\u2EF3\u2F00-\u2FD5\u3005\u3007\u3021-\u3029\u3038-\u303B\u3400-\u4DB5\u4E00-\u9FD5\uF900-\uFA6D\uFA70-\uFAD9]/;
 // Our shitty free-tier VMs will fall over if we test every single character in
 // each 15k character request ten times a second. So we'll just sample 20% of
 // the characters and hope that's enough.
 const containsDisallowedCharacters = (text: string) => {
  const sampleSize = Math.ceil(text.length * 0.2);
  const sample = text
    .split("")
    .sort(() => 0.5 - Math.random())
    .slice(0, sampleSize)
    .join("");
  return DISALLOWED_REGEX.test(sample);
 };
 /** Block requests containing too many disallowed characters. */
 export const languageFilter: ProxyRequestMiddleware = (_proxyReq, req) => {
  if (!config.rejectDisallowed) {
    return;
  }
  if (isCompletionRequest(req)) {
    const combinedText = getPromptFromRequest(req);
    if (containsDisallowedCharacters(combinedText)) {
      logger.warn(`Blocked request containing bad characters`);
      _proxyReq.destroy(new Error(config.rejectMessage));
    }
  }
 };
 function getPromptFromRequest(req: Request) {
  const service = req.outboundApi;
  const body = req.body;
  switch (service) {
    case "anthropic":
      return body.prompt;
    case "openai":
      return body.messages
        .map((m: { content: string }) => m.content)
        .join("\n");
    default:
      throw new Error(`Unknown service: ${service}`);
  }
 }
@@ -1,16 +0,0 @@
 import { isCompletionRequest } from "../common";
 import { ProxyRequestMiddleware } from ".";
 /**
 * Don't allow multiple completions to be requested to prevent abuse.
 * OpenAI-only, Anthropic provides no such parameter.
 **/
 export const limitCompletions: ProxyRequestMiddleware = (_proxyReq, req) => {
  if (isCompletionRequest(req) && req.outboundApi === "openai") {
    const originalN = req.body?.n || 1;
    req.body.n = 1;
    if (originalN !== req.body.n) {
      req.log.warn(`Limiting completion choices from ${originalN} to 1`);
    }
  }
 };
@@ -0,0 +1,84 @@
 import {
  APIFormat,
  AzureOpenAIKey,
  keyPool,
 } from "../../../../shared/key-management";
 import { ProxyReqMutator } from "../index";
 export const addAzureKey: ProxyReqMutator = async (manager) => {
  const req = manager.request;
  const validAPIs: APIFormat[] = ["openai", "openai-image"];
  const apisValid = [req.outboundApi, req.inboundApi].every((api) =>
    validAPIs.includes(api)
  );
  const serviceValid = req.service === "azure";
  if (!apisValid || !serviceValid) {
    throw new Error("addAzureKey called on invalid request");
  }
  if (!req.body?.model) {
    throw new Error("You must specify a model with your request.");
  }
  const model = req.body.model.startsWith("azure-")
    ? req.body.model
    : `azure-${req.body.model}`;
  // TODO: untracked mutation to body, I think this should just be a
  // RequestPreprocessor because we don't need to do it every dequeue.
  req.body.model = model;
  const key = keyPool.get(model, "azure");
  manager.setKey(key);
  // Handles the sole Azure API deviation from the OpenAI spec (that I know of)
  // TODO: this should also probably be a RequestPreprocessor
  const notNullOrUndefined = (x: any) => x !== null && x !== undefined;
  if ([req.body.logprobs, req.body.top_logprobs].some(notNullOrUndefined)) {
    // OpenAI wants logprobs: true/false and top_logprobs: number
    // Azure seems to just want to combine them into logprobs: number
    // if (typeof req.body.logprobs === "boolean") {
    //   req.body.logprobs = req.body.top_logprobs || undefined;
    //   delete req.body.top_logprobs
    // }
    // Temporarily just disabling logprobs for Azure because their model support
    // is random: `This model does not support the 'logprobs' parameter.`
    delete req.body.logprobs;
    delete req.body.top_logprobs;
  }
  req.log.info(
    { key: key.hash, model },
    "Assigned Azure OpenAI key to request"
  );
  const cred = req.key as AzureOpenAIKey;
  const { resourceName, deploymentId, apiKey } = getCredentialsFromKey(cred);
  const operation =
    req.outboundApi === "openai" ? "/chat/completions" : "/images/generations";
  const apiVersion =
    req.outboundApi === "openai" ? "2023-09-01-preview" : "2024-02-15-preview";
  manager.setSignedRequest({
    method: "POST",
    protocol: "https:",
    hostname: `${resourceName}.openai.azure.com`,
    path: `/openai/deployments/${deploymentId}${operation}?api-version=${apiVersion}`,
    headers: {
      ["host"]: `${resourceName}.openai.azure.com`,
      ["content-type"]: "application/json",
      ["api-key"]: apiKey,
    },
    body: JSON.stringify(req.body),
  });
 };
 function getCredentialsFromKey(key: AzureOpenAIKey) {
  const [resourceName, deploymentId, apiKey] = key.key.split(":");
  if (!resourceName || !deploymentId || !apiKey) {
    throw new Error("Assigned Azure OpenAI key is not in the correct format.");
  }
  return { resourceName, deploymentId, apiKey };
 }
--- a/Show More
+++ b/Show More