npm - @nick3/copilot-api - Versions diffs - 1.0.8 → 1.1.5 - Mend

@nick3/copilot-api 1.0.8 → 1.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +72 -22
package/dist/{accounts-manager-CJtqVqDx.js → accounts-manager-MluR5e6y.js} +74 -6
package/dist/accounts-manager-MluR5e6y.js.map +1 -0
package/dist/admin/assets/{index-DU5shzxS.js → index-C9gbhsHu.js} +16 -15
package/dist/admin/index.html +1 -1
package/dist/main.js +2 -2
package/dist/main.js.map +1 -1
package/dist/{server-BnJIteDi.js → server-6hnk3aRJ.js} +209 -117
package/dist/server-6hnk3aRJ.js.map +1 -0
package/package.json +4 -1
package/dist/accounts-manager-CJtqVqDx.js.map +0 -1
package/dist/server-BnJIteDi.js.map +0 -1

package/dist/{server-BnJIteDi.js → server-6hnk3aRJ.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { HTTPError, PATHS, accountFromState, accountsManager, copilotBaseUrl, copilotHeaders, forwardError, getAliasTargetSet, getConfig, getCopilotUsage, getExtraPromptForModel, getModelAliases, getModelAliasesInfo, getModelRefreshIntervalMs, getReasoningEffortForModel, getSmallModel, isForceAgentEnabled, isFreeModelLoadBalancingEnabled, isMessageStartInputTokensFallbackEnabled, isNullish, listAccountsFromRegistry, mergeConfigWithDefaults, shouldCompactUseSmallModel, sleep, state } from "./accounts-manager-CJtqVqDx.js";
+import { HTTPError, PATHS, accountFromState, accountsManager, copilotBaseUrl, copilotHeaders, forwardError, getAliasTargetSet, getConfig, getCopilotUsage, getExtraPromptForModel, getModelAliases, getModelAliasesInfo, getModelRefreshIntervalMs, getReasoningEffortForModel, getSmallModel, isForceAgentEnabled, isFreeModelLoadBalancingEnabled, isMessageStartInputTokensFallbackEnabled, isNullish, listAccountsFromRegistry, mergeConfigWithDefaults, shouldCompactUseSmallModel, sleep, state } from "./accounts-manager-MluR5e6y.js";
 import consola from "consola";
 import fs, { readFile } from "node:fs/promises";
 import * as path$1 from "node:path";
@@ -14,27 +14,56 @@ import { streamSSE } from "hono/streaming";
 import util from "node:util";
 import { events } from "fetch-event-stream";
-//#region src/lib/api-key-auth.ts
-const API_KEY_ENV_VAR = "COPILOT_API_KEY";
-function resolveConfiguredApiKey() {
-	const envKey = process.env[API_KEY_ENV_VAR]?.trim();
-	if (envKey) return envKey;
-	const configKey = getConfig().apiKey?.trim();
-	if (configKey) return configKey;
-}
-function parseBearerToken(value) {
-	const trimmed = value.trim();
-	if (!trimmed.toLowerCase().startsWith("bearer ")) return void 0;
-	return trimmed.slice(7).trim() || void 0;
-}
-function extractRequestApiKey(headers) {
-	const headerToken = headers.get("x-api-key")?.trim();
-	if (headerToken) return headerToken;
-	const bearer = headers.get("authorization");
-	if (bearer) {
-		const token = parseBearerToken(bearer);
-		if (token) return token;
+//#region src/lib/request-auth.ts
+const LEGACY_API_KEY_ENV_VAR = "COPILOT_API_KEY";
+let warnedLegacyEnvFallback = false;
+let warnedLegacyConfigFallback = false;
+function normalizeApiKeys(apiKeys) {
+	if (!Array.isArray(apiKeys)) {
+		if (apiKeys !== void 0) consola.warn("Invalid auth.apiKeys config. Expected an array of strings.");
+		return [];
+	}
+	const normalizedKeys = apiKeys.filter((key) => typeof key === "string").map((key) => key.trim()).filter((key) => key.length > 0);
+	if (normalizedKeys.length !== apiKeys.length) consola.warn("Invalid auth.apiKeys entries found. Only non-empty strings are allowed.");
+	return [...new Set(normalizedKeys)];
+}
+function getConfiguredApiKeys() {
+	const config = getConfig();
+	const configuredApiKeys = normalizeApiKeys(config.auth?.apiKeys);
+	if (configuredApiKeys.length > 0) return configuredApiKeys;
+	const envApiKey = process.env[LEGACY_API_KEY_ENV_VAR]?.trim();
+	if (envApiKey) {
+		if (!warnedLegacyEnvFallback) {
+			warnedLegacyEnvFallback = true;
+			consola.warn(`Using legacy ${LEGACY_API_KEY_ENV_VAR}. Please migrate to config.auth.apiKeys.`);
+		}
+		return [envApiKey];
+	}
+	const legacyConfigApiKey = config.apiKey?.trim();
+	if (legacyConfigApiKey) {
+		if (!warnedLegacyConfigFallback) {
+			warnedLegacyConfigFallback = true;
+			consola.warn("Using deprecated config.apiKey. Please migrate to config.auth.apiKeys.");
+		}
+		return [legacyConfigApiKey];
 	}
+	return configuredApiKeys;
+}
+function extractRequestApiKey(c) {
+	const xApiKey = c.req.header("x-api-key")?.trim();
+	if (xApiKey) return xApiKey;
+	const authorization = c.req.header("authorization");
+	if (!authorization) return null;
+	const [scheme, ...rest] = authorization.trim().split(/\s+/);
+	if (scheme.toLowerCase() !== "bearer") return null;
+	return rest.join(" ").trim() || null;
+}
+function createUnauthorizedResponse(c) {
+	c.header("WWW-Authenticate", "Bearer realm=\"copilot-api\"");
+	return c.json({ error: {
+		message: "Unauthorized. Provide Authorization: Bearer <key> or x-api-key.",
+		type: "unauthorized"
+	} }, 401);
 }
 function normalizePathname(pathname) {
 	if (pathname.length > 1 && pathname.endsWith("/")) return pathname.slice(0, -1);
@@ -43,10 +72,6 @@ function normalizePathname(pathname) {
 function hasPrefixBoundary(pathname, prefix) {
 	return pathname === prefix || pathname.startsWith(`${prefix}/`);
 }
-function isProtectedPath(pathnameRaw) {
-	const pathname = normalizePathname(pathnameRaw);
-	return hasPrefixBoundary(pathname, "/v1") || hasPrefixBoundary(pathname, "/token") || hasPrefixBoundary(pathname, "/usage") || hasPrefixBoundary(pathname, "/chat/completions") || hasPrefixBoundary(pathname, "/embeddings") || hasPrefixBoundary(pathname, "/models") || hasPrefixBoundary(pathname, "/responses");
-}
 function timingSafeKeyCompare(a, b) {
 	try {
 		const aBuf = Buffer.from(a);
@@ -57,30 +82,21 @@ function timingSafeKeyCompare(a, b) {
 		return false;
 	}
 }
-function createApiKeyAuthMiddleware(options = {}) {
-	const getConfiguredKey = options.getConfiguredApiKey ?? resolveConfiguredApiKey;
-	const isPathProtected = options.isProtectedPath ?? isProtectedPath;
+function createAuthMiddleware(options = {}) {
+	const getApiKeys = options.getApiKeys ?? getConfiguredApiKeys;
+	const allowUnauthenticatedPaths = new Set((options.allowUnauthenticatedPaths ?? ["/"]).map((path$2) => normalizePathname(path$2)));
+	const allowUnauthenticatedPathPrefixes = (options.allowUnauthenticatedPathPrefixes ?? []).map((path$2) => normalizePathname(path$2));
+	const allowOptionsBypass = options.allowOptionsBypass ?? true;
 	return async (c, next) => {
-		if (c.req.method === "OPTIONS") {
-			await next();
-			return;
-		}
-		const url = new URL(c.req.url, "http://local");
-		if (!isPathProtected(url.pathname)) {
-			await next();
-			return;
-		}
-		const configuredKey = getConfiguredKey();
-		if (!configuredKey) {
-			await next();
-			return;
-		}
-		const providedKey = extractRequestApiKey(c.req.raw.headers);
-		if (!providedKey || !timingSafeKeyCompare(providedKey, configuredKey)) return c.json({ error: {
-			message: "Unauthorized. Provide Authorization: Bearer <key> or x-api-key.",
-			type: "unauthorized"
-		} }, 401);
-		await next();
+		if (allowOptionsBypass && c.req.method === "OPTIONS") return next();
+		const pathname = normalizePathname(new URL(c.req.url, "http://local").pathname);
+		if (allowUnauthenticatedPaths.has(pathname)) return next();
+		if (allowUnauthenticatedPathPrefixes.some((prefix) => hasPrefixBoundary(pathname, prefix))) return next();
+		const apiKeys = getApiKeys();
+		if (apiKeys.length === 0) return next();
+		const requestApiKey = extractRequestApiKey(c);
+		if (!(requestApiKey ? apiKeys.some((apiKey) => timingSafeKeyCompare(requestApiKey, apiKey)) : false)) return createUnauthorizedResponse(c);
+		return next();
 	};
 }
@@ -705,6 +721,7 @@ function parseTriStateBool(value) {
 	if (value === "0") return false;
 }
 const CONFIG_KEYS = new Set([
+	"auth",
 	"extraPrompts",
 	"smallModel",
 	"freeModelLoadBalancing",
@@ -755,6 +772,16 @@ function parseOptionalNonNegativeNumber(value, field) {
 	if (!Number.isFinite(value) || value < 0) return { error: `${field} must be a non-negative number` };
 	return { value };
 }
+function parseAuthConfig(value) {
+	if (value === null || value === void 0) return { clear: true };
+	if (!isPlainObject(value)) return { error: "auth must be an object" };
+	for (const key of Object.keys(value)) if (key !== "apiKeys") return { error: `auth.${key} is not supported` };
+	if (!("apiKeys" in value) || value.apiKeys === null || value.apiKeys === void 0) return { value: { apiKeys: [] } };
+	if (!Array.isArray(value.apiKeys)) return { error: "auth.apiKeys must be an array of strings" };
+	const normalizedApiKeys = value.apiKeys.filter((item) => typeof item === "string").map((item) => item.trim()).filter((item) => item.length > 0);
+	if (normalizedApiKeys.length !== value.apiKeys.length) return { error: "auth.apiKeys must contain non-empty strings only" };
+	return { value: { apiKeys: [...new Set(normalizedApiKeys)] } };
+}
 function parseStringRecord(value, field) {
 	if (value === null || value === void 0) return { clear: true };
 	if (!isPlainObject(value)) return { error: `${field} must be an object with string values` };
@@ -830,6 +857,15 @@ function applyOptionalString(next, key, value) {
 	}
 	next[key] = parsed.value;
 }
+function applyAuthConfig(next, value) {
+	const parsed = parseAuthConfig(value);
+	if ("error" in parsed) return parsed.error;
+	if ("clear" in parsed) {
+		delete next.auth;
+		return;
+	}
+	next.auth = parsed.value;
+}
 function applyOptionalBoolean(next, key, value) {
 	const parsed = parseOptionalBoolean(value, key);
 	if ("error" in parsed) return parsed.error;
@@ -875,51 +911,29 @@ function applyModelAliases(next, value) {
 	}
 	next.modelAliases = parsed.value;
 }
+const CONFIG_PATCH_HANDLERS = {
+	auth: applyAuthConfig,
+	extraPrompts: applyExtraPrompts,
+	smallModel: (next, value) => applyOptionalString(next, "smallModel", value),
+	freeModelLoadBalancing: (next, value) => applyOptionalBoolean(next, "freeModelLoadBalancing", value),
+	apiKey: (next, value) => applyOptionalString(next, "apiKey", value),
+	modelReasoningEfforts: applyReasoningEfforts,
+	modelAliases: applyModelAliases,
+	allowOriginalModelNamesForAliases: (next, value) => applyOptionalBoolean(next, "allowOriginalModelNamesForAliases", value),
+	useFunctionApplyPatch: (next, value) => applyOptionalBoolean(next, "useFunctionApplyPatch", value),
+	forceAgent: (next, value) => applyOptionalBoolean(next, "forceAgent", value),
+	compactUseSmallModel: (next, value) => applyOptionalBoolean(next, "compactUseSmallModel", value),
+	messageStartInputTokensFallback: (next, value) => applyOptionalBoolean(next, "messageStartInputTokensFallback", value),
+	modelRefreshIntervalHours: (next, value) => applyOptionalNumber(next, "modelRefreshIntervalHours", value)
+};
 function applyConfigPatch(base, input) {
 	const next = { ...base };
 	for (const [rawKey, value] of Object.entries(input)) {
 		const key = rawKey;
 		if (!CONFIG_KEYS.has(key)) return { error: `Unknown config key: ${rawKey}` };
-		let error;
-		switch (rawKey) {
-			case "extraPrompts":
-				error = applyExtraPrompts(next, value);
-				break;
-			case "smallModel":
-				error = applyOptionalString(next, "smallModel", value);
-				break;
-			case "freeModelLoadBalancing":
-				error = applyOptionalBoolean(next, "freeModelLoadBalancing", value);
-				break;
-			case "apiKey":
-				error = applyOptionalString(next, "apiKey", value);
-				break;
-			case "modelReasoningEfforts":
-				error = applyReasoningEfforts(next, value);
-				break;
-			case "modelAliases":
-				error = applyModelAliases(next, value);
-				break;
-			case "allowOriginalModelNamesForAliases":
-				error = applyOptionalBoolean(next, "allowOriginalModelNamesForAliases", value);
-				break;
-			case "useFunctionApplyPatch":
-				error = applyOptionalBoolean(next, "useFunctionApplyPatch", value);
-				break;
-			case "forceAgent":
-				error = applyOptionalBoolean(next, "forceAgent", value);
-				break;
-			case "compactUseSmallModel":
-				error = applyOptionalBoolean(next, "compactUseSmallModel", value);
-				break;
-			case "messageStartInputTokensFallback":
-				error = applyOptionalBoolean(next, "messageStartInputTokensFallback", value);
-				break;
-			case "modelRefreshIntervalHours":
-				error = applyOptionalNumber(next, "modelRefreshIntervalHours", value);
-				break;
-			default: return { error: `Unsupported config key: ${rawKey}` };
-		}
+		const handler = CONFIG_PATCH_HANDLERS[rawKey];
+		if (!handler) return { error: `Unsupported config key: ${rawKey}` };
+		const error = handler(next, value);
 		if (error) return { error };
 	}
 	return { config: next };
@@ -2237,11 +2251,12 @@ const createResponses = async (payload, { vision, initiator, upstreamRequestId }
 //#endregion
 //#region src/routes/messages/responses-translation.ts
 const MESSAGE_TYPE = "message";
+const CODEX_PHASE_MODEL = "gpt-5.3-codex";
 const THINKING_TEXT$1 = "Thinking...";
 const translateAnthropicMessagesToResponsesPayload = (payload, modelOverride) => {
 	const model = modelOverride ?? payload.model;
 	const input = [];
-	for (const message of payload.messages) input.push(...translateMessage(message));
+	for (const message of payload.messages) input.push(...translateMessage(message, payload.model));
 	const translatedTools = convertAnthropicTools(payload.tools);
 	const toolChoice = convertAnthropicToolChoice(payload.tool_choice);
 	const { safetyIdentifier, promptCacheKey } = parseUserId(payload.metadata?.user_id);
@@ -2267,9 +2282,9 @@ const translateAnthropicMessagesToResponsesPayload = (payload, modelOverride) =>
 		include: ["reasoning.encrypted_content"]
 	};
 };
-const translateMessage = (message) => {
+const translateMessage = (message, model) => {
 	if (message.role === "user") return translateUserMessage(message);
-	return translateAssistantMessage(message);
+	return translateAssistantMessage(message, model);
 };
 const translateUserMessage = (message) => {
 	if (typeof message.content === "string") return [createMessage("user", message.content)];
@@ -2278,36 +2293,46 @@ const translateUserMessage = (message) => {
 	const pendingContent = [];
 	for (const block of message.content) {
 		if (block.type === "tool_result") {
-			flushPendingContent("user", pendingContent, items);
+			flushPendingContent(pendingContent, items, { role: "user" });
 			items.push(createFunctionCallOutput(block));
 			continue;
 		}
 		const converted = translateUserContentBlock(block);
 		if (converted) pendingContent.push(converted);
 	}
-	flushPendingContent("user", pendingContent, items);
+	flushPendingContent(pendingContent, items, { role: "user" });
 	return items;
 };
-const translateAssistantMessage = (message) => {
-	if (typeof message.content === "string") return [createMessage("assistant", message.content)];
+const translateAssistantMessage = (message, model) => {
+	const assistantPhase = resolveAssistantPhase(model, message.content);
+	if (typeof message.content === "string") return [createMessage("assistant", message.content, assistantPhase)];
 	if (!Array.isArray(message.content)) return [];
 	const items = [];
 	const pendingContent = [];
 	for (const block of message.content) {
 		if (block.type === "tool_use") {
-			flushPendingContent("assistant", pendingContent, items);
+			flushPendingContent(pendingContent, items, {
+				role: "assistant",
+				phase: assistantPhase
+			});
 			items.push(createFunctionToolCall(block));
 			continue;
 		}
 		if (block.type === "thinking" && block.signature && block.signature.includes("@")) {
-			flushPendingContent("assistant", pendingContent, items);
+			flushPendingContent(pendingContent, items, {
+				role: "assistant",
+				phase: assistantPhase
+			});
 			items.push(createReasoningContent(block));
 			continue;
 		}
 		const converted = translateAssistantContentBlock(block);
 		if (converted) pendingContent.push(converted);
 	}
-	flushPendingContent("assistant", pendingContent, items);
+	flushPendingContent(pendingContent, items, {
+		role: "assistant",
+		phase: assistantPhase
+	});
 	return items;
 };
 const translateUserContentBlock = (block) => {
@@ -2323,17 +2348,26 @@ const translateAssistantContentBlock = (block) => {
 		default: return;
 	}
 };
-const flushPendingContent = (role, pendingContent, target) => {
+const flushPendingContent = (pendingContent, target, message) => {
 	if (pendingContent.length === 0) return;
 	const messageContent = [...pendingContent];
-	target.push(createMessage(role, messageContent));
+	target.push(createMessage(message.role, messageContent, message.phase));
 	pendingContent.length = 0;
 };
-const createMessage = (role, content) => ({
+const createMessage = (role, content, phase) => ({
 	type: MESSAGE_TYPE,
 	role,
-	content
+	content,
+	...role === "assistant" && phase ? { phase } : {}
 });
+const resolveAssistantPhase = (model, content) => {
+	if (!shouldApplyCodexPhase(model)) return;
+	if (typeof content === "string") return "final_answer";
+	if (!Array.isArray(content)) return;
+	if (!content.some((block) => block.type === "text")) return;
+	return content.some((block) => block.type === "tool_use") ? "commentary" : "final_answer";
+};
+const shouldApplyCodexPhase = (model) => model === CODEX_PHASE_MODEL;
 const createTextContent = (text) => ({
 	type: "input_text",
 	text
@@ -2608,7 +2642,7 @@ const createChatCompletions = async (payload, account, options) => {
 	const ctx = account ?? accountFromState();
 	if (!ctx.copilotToken) throw new Error("Copilot token not found");
 	const enableVision = payload.messages.some((x) => typeof x.content !== "string" && x.content?.some((x$1) => x$1.type === "image_url"));
-	const initiator = getChatInitiator(payload.messages);
+	const initiator = options?.initiator ?? getChatInitiator(payload.messages);
 	const headers = {
 		...copilotHeaders(ctx, enableVision, options?.upstreamRequestId),
 		"X-Initiator": initiator
@@ -4057,7 +4091,7 @@ const createMessages = async (payload, account, options) => {
 	const ctx = account ?? accountFromState();
 	if (!ctx.copilotToken) throw new Error("Copilot token not found");
 	const enableVision = payload.messages.some((message) => Array.isArray(message.content) && message.content.some((block) => block.type === "image"));
-	const initiator = getMessagesInitiator(payload);
+	const initiator = options?.initiator ?? getMessagesInitiator(payload);
 	const headers = {
 		...copilotHeaders(ctx, enableVision, options?.upstreamRequestId),
 		"X-Initiator": initiator
@@ -4335,6 +4369,51 @@ function closeThinkingBlockIfOpen(state$1, events$1) {
 	}
 }
+//#endregion
+//#region src/routes/messages/subagent-marker.ts
+const subagentMarkerPrefix = "__SUBAGENT_MARKER__";
+const parseSubagentMarkerFromFirstUser = (payload) => {
+	const firstUserMessage = payload.messages.find((msg) => msg.role === "user");
+	if (!firstUserMessage || !Array.isArray(firstUserMessage.content)) return null;
+	for (const block of firstUserMessage.content) {
+		if (block.type !== "text") continue;
+		const marker = parseSubagentMarkerFromSystemReminder(block.text);
+		if (marker) return marker;
+	}
+	return null;
+};
+const parseSubagentMarkerFromSystemReminder = (text) => {
+	const startTag = "<system-reminder>";
+	const endTag = "</system-reminder>";
+	let searchFrom = 0;
+	while (true) {
+		const reminderStart = text.indexOf(startTag, searchFrom);
+		if (reminderStart === -1) break;
+		const contentStart = reminderStart + 17;
+		const reminderEnd = text.indexOf(endTag, contentStart);
+		if (reminderEnd === -1) break;
+		const reminderContent = text.slice(contentStart, reminderEnd);
+		const markerIndex = reminderContent.indexOf(subagentMarkerPrefix);
+		if (markerIndex === -1) {
+			searchFrom = reminderEnd + 18;
+			continue;
+		}
+		const markerJson = reminderContent.slice(markerIndex + 19).trim();
+		try {
+			const parsed = JSON.parse(markerJson);
+			if (!parsed.session_id || !parsed.agent_id || !parsed.agent_type) {
+				searchFrom = reminderEnd + 18;
+				continue;
+			}
+			return parsed;
+		} catch {
+			searchFrom = reminderEnd + 18;
+			continue;
+		}
+	}
+	return null;
+};
 //#endregion
 //#region src/routes/messages/handler.ts
 const logger$2 = createHandlerLogger("messages-handler");
@@ -4353,6 +4432,9 @@ async function handleCompletion(c) {
 	const userAgent = c.req.header("user-agent") ?? void 0;
 	const anthropicPayload = await c.req.json();
 	logger$2.debug("Anthropic request payload:", JSON.stringify(anthropicPayload));
+	const subagentMarker = parseSubagentMarkerFromFirstUser(anthropicPayload);
+	const initiatorOverride = subagentMarker ? "agent" : void 0;
+	if (subagentMarker) logger$2.debug("Detected Subagent marker:", JSON.stringify(subagentMarker));
 	const anthropicBeta = c.req.header("anthropic-beta");
 	const isCompact = isCompactRequest(anthropicPayload);
 	if (anthropicBeta && isWarmupProbeRequest(anthropicPayload)) anthropicPayload.model = getSmallModel();
@@ -4381,11 +4463,12 @@ async function handleCompletion(c) {
 		userAgent,
 		userId,
 		safetyIdentifier: normalizedSafetyIdentifier,
-		promptCacheKey: normalizedPromptCacheKey
+		promptCacheKey: normalizedPromptCacheKey,
+		initiator: initiatorOverride
 	});
 	if (blockedResponse) return blockedResponse;
 	const openAIPayload = translateToOpenAI(anthropicPayload);
-	const fallbackInitiator = getChatInitiator(openAIPayload.messages);
+	const fallbackInitiator = initiatorOverride ?? getChatInitiator(openAIPayload.messages);
 	const selection = await accountsManager.selectAccountForRequest([
 		{
 			modelId: clientModel,
@@ -4448,6 +4531,7 @@ async function handleCompletion(c) {
 		c,
 		anthropicPayload,
 		anthropicBetaHeader: anthropicBeta ?? void 0,
+		initiatorOverride,
 		instr,
 		selectedModel
 	});
@@ -4455,27 +4539,32 @@ async function handleCompletion(c) {
 		c,
 		anthropicPayload,
 		openAIPayload,
+		initiatorOverride,
 		selectedModel,
 		instr
 	});
 	return await handleWithChatCompletions({
 		c,
 		openAIPayload,
+		initiatorOverride,
 		selectedModel,
 		instr
 	});
 }
 const handleWithChatCompletions = async (params) => {
-	const { c, openAIPayload, selectedModel, instr } = params;
+	const { c, openAIPayload, initiatorOverride, selectedModel, instr } = params;
 	logger$2.debug("Translated OpenAI request payload:", JSON.stringify(openAIPayload));
 	const ctx = toAccountContext(instr.account);
-	const initiator = getChatInitiator(openAIPayload.messages);
+	const initiator = initiatorOverride ?? getChatInitiator(openAIPayload.messages);
 	const upstreamRequestId = randomUUID();
 	instr.initiator = initiator;
 	instr.upstreamRequestId = upstreamRequestId;
 	let response;
 	try {
-		response = await createChatCompletions(openAIPayload, ctx, { upstreamRequestId });
+		response = await createChatCompletions(openAIPayload, ctx, {
+			upstreamRequestId,
+			initiator
+		});
 	} catch (error) {
 		return await handleChatCompletionsCreateError({
 			error,
@@ -4505,19 +4594,20 @@ const handleWithChatCompletions = async (params) => {
 	}));
 };
 const handleWithResponsesApi = async (params) => {
-	const { c, anthropicPayload, openAIPayload, selectedModel, instr } = params;
+	const { c, anthropicPayload, openAIPayload, initiatorOverride, selectedModel, instr } = params;
 	const responsesPayload = translateAnthropicMessagesToResponsesPayload(anthropicPayload, selectedModel.id);
 	logger$2.debug("Translated Responses payload:", JSON.stringify(responsesPayload));
 	const { vision, initiator } = getResponsesRequestOptions(responsesPayload);
+	const resolvedInitiator = initiatorOverride ?? initiator;
 	const ctx = toAccountContext(instr.account);
 	const upstreamRequestId = randomUUID();
-	instr.initiator = initiator;
+	instr.initiator = resolvedInitiator;
 	instr.upstreamRequestId = upstreamRequestId;
 	let response;
 	try {
 		response = await createResponses(responsesPayload, {
 			vision,
-			initiator,
+			initiator: resolvedInitiator,
 			upstreamRequestId
 		}, ctx);
 	} catch (error) {
@@ -4969,7 +5059,7 @@ async function streamMessagesAndLog(params) {
 	}
 }
 const handleWithMessagesApi = async (params) => {
-	const { c, anthropicPayload, anthropicBetaHeader, instr, selectedModel } = params;
+	const { c, anthropicPayload, anthropicBetaHeader, initiatorOverride, instr, selectedModel } = params;
 	for (const msg of anthropicPayload.messages) if (msg.role === "assistant" && Array.isArray(msg.content)) msg.content = msg.content.filter((block) => {
 		if (block.type !== "thinking") return true;
 		return block.thinking && block.thinking !== "Thinking..." && block.signature && !block.signature.includes("@");
@@ -4981,13 +5071,15 @@ const handleWithMessagesApi = async (params) => {
 	logger$2.debug("Translated Messages payload:", JSON.stringify(anthropicPayload));
 	const ctx = toAccountContext(instr.account);
 	const upstreamRequestId = randomUUID();
-	instr.initiator = getMessagesInitiator(anthropicPayload);
+	const initiator = initiatorOverride ?? getMessagesInitiator(anthropicPayload);
+	instr.initiator = initiator;
 	instr.upstreamRequestId = upstreamRequestId;
 	let response;
 	try {
 		response = await createMessages(anthropicPayload, ctx, {
 			anthropicBetaHeader,
-			upstreamRequestId
+			upstreamRequestId,
+			initiator
 		});
 	} catch (error) {
 		return await handleMessagesCreateError({
@@ -5635,7 +5727,7 @@ usageRoute.get("/:accountIndex", async (c) => {
 const server = new Hono();
 server.use(logger());
 server.use(cors());
-server.use("*", createApiKeyAuthMiddleware());
+server.use("*", createAuthMiddleware({ allowUnauthenticatedPathPrefixes: ["/admin", "/api/admin"] }));
 server.get("/", (c) => c.text("Server running"));
 server.route("/chat/completions", completionRoutes);
 server.route("/models", modelRoutes);
@@ -5653,4 +5745,4 @@ server.route("/v1/messages", messageRoutes);
 //#endregion
 export { server };
-//# sourceMappingURL=server-BnJIteDi.js.map
+//# sourceMappingURL=server-6hnk3aRJ.js.map