@chatpanel/gateway 0.2.0 → 0.2.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@chatpanel/gateway",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Local privacy gateway — redacts PII out of OpenAI/Anthropic API traffic before it reaches a model, then restores it in the reply. Point opencode, codex, aider, Claude Code, etc. at it.",
   "type": "module",
   "bin": {

package/src/configstore.js

@@ -29,7 +29,8 @@ export function persistConfig(cfg, path = configPath()) {
 export function publicConfig(cfg, { proUnlocked = false } = {}) {
   return {
     backend: cfg.backend,
-    destinations: Array.isArray(cfg.destinations) ? cfg.destinations : [],
+    // Strip per-destination apiKey (write-only).
+    destinations: (Array.isArray(cfg.destinations) ? cfg.destinations : []).map((d) => { const { apiKey, ...rest } = d; return { ...rest, hasKey: !!apiKey }; }),
     bridge: { url: cfg.bridge?.url, agent: cfg.bridge?.agent, hasToken: !!cfg.bridge?.token },
     upstreams: cfg.upstreams,
     redaction: {
@@ -50,14 +51,22 @@ export function publicConfig(cfg, { proUnlocked = false } = {}) {
 export function applyConfigPatch(cfg, patch = {}) {
   if (patch.backend === 'bridge' || patch.backend === 'api') cfg.backend = patch.backend;
   if (Array.isArray(patch.destinations)) {
+    // Preserve a destination's apiKey when the patch omits it (it's write-only —
+    // publicConfig strips it, so the UI never round-trips it back).
+    const prev = new Map((Array.isArray(cfg.destinations) ? cfg.destinations : []).map((d) => [d.id, d]));
     cfg.destinations = patch.destinations
       .filter((d) => d && typeof d.id === 'string' && (d.type === 'agent' || d.type === 'api'))
-      .map((d) => ({
-        id: d.id, type: d.type,
-        ...(d.type === 'agent' ? { agent: d.agent || d.id } : {}),
-        ...(d.type === 'api' ? { baseUrl: String(d.baseUrl || ''), protocol: d.protocol === 'anthropic' ? 'anthropic' : 'openai' } : {}),
-        models: Array.isArray(d.models) ? d.models.filter((m) => typeof m === 'string' && m) : [],
-      }));
+      .map((d) => {
+        const out = { id: d.id, type: d.type, models: Array.isArray(d.models) ? d.models.filter((m) => typeof m === 'string' && m) : [] };
+        if (d.type === 'agent') out.agent = d.agent || d.id;
+        if (d.type === 'api') {
+          out.baseUrl = String(d.baseUrl || '');
+          out.protocol = d.protocol === 'anthropic' ? 'anthropic' : 'openai';
+          const key = (typeof d.apiKey === 'string' && d.apiKey) ? d.apiKey : prev.get(d.id)?.apiKey;
+          if (key) out.apiKey = key;
+        }
+        return out;
+      });
   }
   if (patch.bridge && typeof patch.bridge === 'object') {
     if (typeof patch.bridge.url === 'string') cfg.bridge.url = patch.bridge.url;

package/src/server.js

@@ -32,7 +32,7 @@ import * as openai from './openai.js';
 import * as responses from './responses.js';
 import * as anthropic from './anthropic.js';
 
-export const VERSION = '0.2.0';
+export const VERSION = '0.2.1';
 
 const KNOWN_AGENTS = new Set(['codex', 'claude', 'opencode', 'pi', 'kiro', 'antigravity']);
 
@@ -83,6 +83,18 @@ function pickAgent(model, cfg) {
   return KNOWN_AGENTS.has(model) ? model : cfg.bridge.agent;
 }
 
+// Guard against an api destination pointing back at THIS gateway (loopback host +
+// our own port) — forwarding there would loop forever.
+function isSelfUrl(baseUrl, cfg) {
+  try {
+    const u = new URL(baseUrl);
+    const host = u.hostname.replace(/^\[|\]$/g, '');
+    const loop = host === '127.0.0.1' || host === 'localhost' || host === '::1';
+    const port = u.port || (u.protocol === 'https:' ? '443' : '80');
+    return loop && String(port) === String(cfg.port);
+  } catch { return false; }
+}
+
 async function readBody(req, maxBytes) {
   const chunks = [];
   let size = 0;
@@ -156,12 +168,19 @@ async function handleBridge(req, res, { kind, adapter, redactable, pathname, age
 
 // ---- backend: api ----------------------------------------------------------
 
-async function handleApi(req, res, { adapter, pathname, search, base }, outBody, vault) {
+async function handleApi(req, res, { adapter, pathname, search, base, destKey, destProtocol }, outBody, vault) {
   let upstream;
   try {
+    const headers = forwardHeaders(req.headers, base);
+    // If the destination carries its own key (imported from a configured API),
+    // forward WITH it instead of relying on the client's auth header.
+    if (destKey) {
+      if (destProtocol === 'anthropic') { headers['x-api-key'] = destKey; delete headers.authorization; }
+      else { headers.authorization = `Bearer ${destKey}`; }
+    }
     upstream = await fetch(base.replace(/\/$/, '') + pathname + search, {
       method: req.method,
-      headers: forwardHeaders(req.headers, base),
+      headers,
       body: ['GET', 'HEAD'].includes(req.method) ? undefined : outBody,
     });
   } catch (e) {
@@ -280,7 +299,10 @@ export function createGateway(cfg = loadConfig()) {
     }
     if (dest && dest.type === 'api') {
       if (!dest.baseUrl) return sendJson(res, 502, { error: `destination "${dest.id}" has no baseUrl` });
-      return handleApi(req, res, { ...r, pathname, search: url.search, base: dest.baseUrl }, outBody, vault);
+      if (isSelfUrl(dest.baseUrl, cfg)) {
+        return sendJson(res, 508, { error: { message: `destination "${dest.id}" points back at the gateway (${dest.baseUrl}) — refusing to forward (would loop).`, type: 'loop_detected' } });
+      }
+      return handleApi(req, res, { ...r, pathname, search: url.search, base: dest.baseUrl, destKey: dest.apiKey, destProtocol: dest.protocol }, outBody, vault);
     }
     return handleBridge(req, res, { ...r, pathname, agentOverride: dest?.agent }, body, vault, cfg);
   });