@askalf/dario 1.1.0 → 1.1.2

package/README.md

@@ -10,6 +10,7 @@
   <a href="#quick-start">Quick Start</a> &bull;
   <a href="#how-it-works">How It Works</a> &bull;
   <a href="#usage-examples">Examples</a> &bull;
+  <a href="#cli-backend">CLI Backend</a> &bull;
   <a href="#faq">FAQ</a>
 </p>
 
@@ -32,7 +33,9 @@ That's it. Any tool that speaks the Anthropic API now uses your subscription.
 
 You pay $100-200/mo for Claude Max or Pro. But that subscription only works on claude.ai and Claude Code. If you want to use Claude with **any other tool** — OpenClaw, Cursor, Continue, Aider, your own scripts — you need a separate API key with separate billing.
 
-**dario fixes this.** It creates a local proxy that translates API key auth into your subscription's OAuth tokens. Your tools don't know the difference.
+**Note:** Claude subscriptions have undocumented weekly usage limits. When exceeded, Opus and Sonnet may return 429 errors while Haiku continues working. Use `--cli` mode to route through Claude Code's binary, which is not affected by these limits.
+
+**dario fixes this.** It creates a local proxy that translates API key auth into your subscription's OAuth tokens — and with `--cli` mode, routes through the Claude Code binary for uninterrupted access.
 
 ## Quick Start
 
@@ -64,7 +67,7 @@ dario proxy
 ```
 
 ```
-dario v1.0.0 — http://localhost:3456
+dario — http://localhost:3456
 
 Your Claude subscription is now an API.
 
@@ -73,6 +76,7 @@ Usage:
   ANTHROPIC_API_KEY=dario
 
 OAuth: healthy (expires in 11h 42m)
+Model: passthrough (client decides)
 ```
 
 ### Use it
@@ -89,6 +93,59 @@ continue  # in VS Code, set base URL in config
 python my_script.py
 ```
 
+## CLI Backend
+
+If you're getting rate limited on Opus or Sonnet, use `--cli` mode. This routes requests through the Claude Code binary instead of hitting the API directly — and Claude Code has priority routing that bypasses subscription rate limits.
+
+```bash
+dario proxy --cli                    # Opus works even when rate limited
+dario proxy --cli --model=opus       # Force Opus + CLI backend
+```
+
+```
+dario — http://localhost:3456
+
+Your Claude subscription is now an API.
+
+Usage:
+  ANTHROPIC_BASE_URL=http://localhost:3456
+  ANTHROPIC_API_KEY=dario
+
+Backend: Claude CLI (bypasses rate limits)
+Model: claude-opus-4-6 (all requests)
+```
+
+**Requirements:** Claude Code must be installed (`npm install -g @anthropic-ai/claude-code` or already installed via the desktop app).
+
+**Trade-offs vs direct API mode:**
+
+| | Direct API (default) | CLI Backend (`--cli`) |
+|---|---|---|
+| Streaming | Yes | No (full response) |
+| Tool use passthrough | Yes | No |
+| Latency | Low | Higher (process spawn) |
+| Rate limits | Subject to weekly quota | Bypassed |
+| Opus when throttled | Blocked | **Works** |
+
+## Model Selection
+
+Force a specific model for all requests — useful when your tool doesn't let you configure the model:
+
+```bash
+dario proxy --model=opus      # Force Opus 4.6
+dario proxy --model=sonnet    # Force Sonnet 4.6
+dario proxy --model=haiku     # Force Haiku 4.5
+dario proxy                   # Passthrough (client decides)
+```
+
+Full model IDs also work: `--model=claude-opus-4-6`
+
+Combine with `--cli` for rate-limit-proof Opus:
+
+```bash
+dario proxy --cli --model=opus
+```
+
 ## Usage Examples
 
 ### curl
@@ -139,7 +196,7 @@ const message = await client.messages.create({
 });
 ```
 
-### Streaming
+### Streaming (direct API mode only)
 
 ```bash
 curl http://localhost:3456/v1/messages \
@@ -157,7 +214,7 @@ curl http://localhost:3456/v1/messages \
 
 ```bash
 # OpenClaw
-ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario openclaw start
+ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario openclaw
 
 # Aider
 ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario aider --model claude-opus-4-6
@@ -168,6 +225,8 @@ ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario your-tool-here
 
 ## How It Works
 
+### Direct API Mode (default)
+
 ```
 ┌──────────┐     ┌─────────────────┐     ┌──────────────────┐
 │ Your App │ ──> │  dario (proxy)  │ ──> │ api.anthropic.com│
@@ -178,15 +237,23 @@ ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario your-tool-here
 └──────────┘     └─────────────────┘     └──────────────────┘
 ```
 
+### CLI Backend Mode (`--cli`)
+
+```
+┌──────────┐     ┌─────────────────┐     ┌──────────────────┐
+│ Your App │ ──> │  dario (proxy)  │ ──> │  claude --print  │
+│          │     │  localhost:3456  │     │  (Claude Code)   │
+│ sends    │     │  extracts prompt│     │                  │
+│ API      │     │  spawns CLI     │     │  has priority    │
+│ request  │     │  wraps response │     │  routing         │
+└──────────┘     └─────────────────┘     └──────────────────┘
+```
+
 1. **`dario login`** — Standard PKCE OAuth flow. Opens Claude's auth page in your browser. You authorize, dario stores the tokens locally in `~/.dario/credentials.json`. No server involved, no secrets leave your machine.
 
-2. **`dario proxy`** — Starts an HTTP server on localhost that implements the full [Anthropic Messages API](https://docs.anthropic.com/en/api/messages). When a request arrives, dario:
-   - Strips the incoming API key (you can use any string)
-   - Injects your OAuth access token as a Bearer header
-   - Forwards the request to `api.anthropic.com`
-   - Streams the response back to your app
+2. **`dario proxy`** — Starts an HTTP server on localhost that implements the Anthropic Messages API. In direct mode, it swaps your API key for an OAuth bearer token. In CLI mode, it routes through the Claude Code binary.
 
-3. **Auto-refresh** — OAuth tokens expire. Dario refreshes them automatically in the background every 15 minutes. Refresh tokens rotate on each use. You never have to re-login unless you explicitly log out.
+3. **Auto-refresh** — OAuth tokens expire. Dario refreshes them automatically in the background every 15 minutes. Refresh tokens rotate on each use.
 
 ## Commands
 
@@ -203,22 +270,28 @@ ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario your-tool-here
 
 | Flag | Description | Default |
 |------|-------------|---------|
+| `--cli` | Use Claude CLI as backend (bypasses rate limits) | off |
+| `--model=MODEL` | Force a model (`opus`, `sonnet`, `haiku`, or full ID) | passthrough |
 | `--port=PORT` | Port to listen on | `3456` |
-| `--verbose` / `-v` | Log every request with token counts | off |
+| `--verbose` / `-v` | Log every request | off |
 
 ## Supported Features
 
-Everything the Anthropic Messages API supports:
-
-- All Claude models (`opus-4-6`, `sonnet-4-6`, `haiku-4-5`)
+### Direct API Mode
+- All Claude models (Opus 4.6, Sonnet 4.6, Haiku 4.5)
 - Streaming and non-streaming
 - Tool use / function calling
 - System prompts and multi-turn conversations
-- Prompt caching
-- Extended thinking
+- Prompt caching and extended thinking
 - All `anthropic-beta` features (headers pass through)
 - CORS enabled (works from browser apps on localhost)
 
+### CLI Backend Mode
+- All Claude models — including Opus when rate limited
+- Non-streaming responses
+- System prompts and multi-turn conversations (via context injection)
+- Bypasses subscription rate limits
+
 ## Endpoints
 
 | Path | Description |
@@ -249,14 +322,16 @@ curl http://localhost:3456/health
 | Credential storage | `~/.dario/credentials.json` with `0600` permissions (owner-only) |
 | OAuth flow | PKCE (Proof Key for Code Exchange) — no client secret needed |
 | Token transmission | OAuth tokens never leave localhost. Only forwarded to `api.anthropic.com` over HTTPS |
-| Network exposure | Proxy binds to `localhost` only — not accessible from other machines |
+| Network exposure | Proxy binds to `127.0.0.1` only — not accessible from other machines |
+| SSRF protection | Allowlisted API paths only. Internal networks and cloud metadata blocked |
 | Token rotation | Refresh tokens rotate on every use (single-use) |
+| Error sanitization | Token patterns redacted from all error messages |
 | Data collection | Zero. No telemetry, no analytics, no phoning home |
 
 ## FAQ
 
 **Does this violate Anthropic's terms of service?**
-Dario uses the same public OAuth client ID and PKCE flow that Claude Code uses. It authenticates you as you, with your subscription, through Anthropic's official OAuth endpoints. It doesn't bypass any access controls — it just bridges the auth method.
+Dario uses the same public OAuth client ID and PKCE flow that Claude Code uses. It authenticates you as you, with your subscription, through Anthropic's official OAuth endpoints. The `--cli` mode literally uses Claude Code itself as the backend.
 
 **What subscription plans work?**
 Claude Max and Claude Pro. Any plan that lets you use Claude Code.
@@ -267,12 +342,12 @@ Should work if your plan includes Claude Code access. Not tested yet — please
 **What happens when my token expires?**
 Dario auto-refreshes tokens 30 minutes before expiry. You should never see an auth error in normal use. If something goes wrong, `dario refresh` forces an immediate refresh, or `dario login` to re-authenticate.
 
+**I'm getting rate limited on Opus. What do I do?**
+Use `--cli` mode: `dario proxy --cli`. This routes through the Claude Code binary, which has priority access that bypasses subscription rate limits.
+
 **Can I run this on a server?**
 Dario binds to localhost by default. For server use, you'd need to handle the initial browser-based login on a machine with a browser, then copy `~/.dario/credentials.json` to your server. Auto-refresh will keep it alive from there.
 
-**What's the rate limit?**
-Whatever your subscription plan provides. Dario doesn't add any limits — it's a transparent proxy.
-
 **Why "dario"?**
 Named after [Dario Amodei](https://en.wikipedia.org/wiki/Dario_Amodei), CEO of Anthropic.
 
@@ -286,6 +361,9 @@ import { startProxy, getAccessToken, getStatus } from "@askalf/dario";
 // Start the proxy programmatically
 await startProxy({ port: 3456, verbose: true });
 
+// CLI backend mode
+await startProxy({ port: 3456, cliBackend: true, model: "opus" });
+
 // Or just get a raw access token
 const token = await getAccessToken();
 
@@ -296,12 +374,12 @@ console.log(status.expiresIn); // "11h 42m"
 
 ## Contributing
 
-PRs welcome. The codebase is ~500 lines of TypeScript across 4 files:
+PRs welcome. The codebase is ~700 lines of TypeScript across 4 files:
 
 | File | Purpose |
 |------|---------|
 | `src/oauth.ts` | PKCE flow, token storage, refresh logic |
-| `src/proxy.ts` | HTTP proxy server |
+| `src/proxy.ts` | HTTP proxy server + CLI backend |
 | `src/cli.ts` | CLI entry point |
 | `src/index.ts` | Library exports |
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askalf/dario",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "description": "Use your Claude subscription as an API. Two commands, no API key. OAuth bridge for Claude Max/Pro.",
   "type": "module",
   "bin": {