@pikoloo/codex-proxy 1.0.6 → 1.0.7

package/src/routes/chat-route.js

@@ -10,6 +10,7 @@ import { DEFAULT_OPENAI_MODEL, isKiloEnabled, resolveModelRouting } from '../mod
 import { getCredentialsOrError, sendAuthError } from '../middleware/credentials.js';
 import { handleStreamError } from '../middleware/sse.js';
 import { logger } from '../utils/logger.js';
+import { recordUsageEventSafe } from '../usage-metrics.js';
 
 /**
  * POST /v1/chat/completions
@@ -21,9 +22,19 @@ export async function handleChatCompletion(req, res) {
   const body = req.body;
   const requestedModel = body.model || DEFAULT_OPENAI_MODEL;
 
-  const { isKilo, kiloTarget, upstreamModel } = resolveModelRouting(requestedModel);
+  const { isKilo, kiloTarget, upstreamModel, reasoningLevel } = resolveModelRouting(requestedModel);
 
   if (isKilo && !isKiloEnabled()) {
+    recordChatMetric({
+      body,
+      requestedModel,
+      upstreamModel,
+      provider: 'kilo',
+      accountLabel: 'kilo',
+      startTime,
+      status: 403,
+      errorType: 'kilo_disabled'
+    });
     return res.status(403).json({
       error: {
         message: 'Kilo routing is disabled. Set CODEX_CLAUDE_PROXY_ENABLE_KILO=true to enable third-party Kilo model routing.',
@@ -38,11 +49,20 @@ export async function handleChatCompletion(req, res) {
     creds = await getCredentialsOrError();
     if (!creds) {
       logger.response(401, { error: 'No active account' });
+      recordChatMetric({
+        body,
+        requestedModel,
+        upstreamModel,
+        provider: 'openai',
+        startTime,
+        status: 401,
+        errorType: 'auth_error'
+      });
       return sendAuthError(res, 'No active account. Add an account via /accounts/add');
     }
   }
 
-  const anthropicRequest = _buildAnthropicRequest(body, upstreamModel);
+  const anthropicRequest = _buildAnthropicRequest(body, upstreamModel, reasoningLevel);
 
   logger.request('POST', '/v1/chat/completions', {
     model: upstreamModel,
@@ -58,9 +78,30 @@ export async function handleChatCompletion(req, res) {
 
     const duration = Date.now() - startTime;
     logger.response(200, { model: upstreamModel, tokens: response.usage?.output_tokens || 0, duration });
+    recordChatMetric({
+      body,
+      requestedModel,
+      upstreamModel,
+      provider: isKilo ? 'kilo' : 'openai',
+      accountLabel: isKilo ? 'kilo' : creds.email,
+      usage: response.usage,
+      startTime,
+      status: 200,
+      duration
+    });
 
     res.json(_buildOpenAIResponse(response, requestedModel));
   } catch (error) {
+    recordChatMetric({
+      body,
+      requestedModel,
+      upstreamModel,
+      provider: isKilo ? 'kilo' : 'openai',
+      accountLabel: isKilo ? 'kilo' : creds?.email,
+      startTime,
+      status: error.status || 500,
+      errorType: classifyMetricError(error)
+    });
     handleStreamError(res, error, upstreamModel, startTime);
   }
 }
@@ -117,7 +158,7 @@ export function handleCountTokens(req, res) {
  * @param {string} upstreamModel
  * @returns {object}
  */
-function _buildAnthropicRequest(body, upstreamModel) {
+function _buildAnthropicRequest(body, upstreamModel, reasoningLevel = null) {
   const anthropicRequest = {
     model: upstreamModel,
     messages: [],
@@ -125,6 +166,10 @@ function _buildAnthropicRequest(body, upstreamModel) {
     stream: false
   };
 
+  if (reasoningLevel) {
+    anthropicRequest.reasoningLevel = reasoningLevel;
+  }
+
   if (body.messages) {
     const systemMsg = body.messages.find(m => m.role === 'system');
     if (systemMsg) {
@@ -226,4 +271,32 @@ function _buildOpenAIResponse(response, responseModel) {
   };
 }
 
+function recordChatMetric(options) {
+  const body = options.body || {};
+  recordUsageEventSafe({
+    startedAt: new Date(options.startTime || Date.now()).toISOString(),
+    completedAt: new Date().toISOString(),
+    endpoint: '/v1/chat/completions',
+    requestedModel: options.requestedModel,
+    upstreamModel: options.upstreamModel,
+    accountLabel: options.accountLabel,
+    provider: options.provider,
+    stream: false,
+    messageCount: Array.isArray(body.messages) ? body.messages.length : 0,
+    toolCount: Array.isArray(body.tools) ? body.tools.length : 0,
+    usage: options.usage,
+    status: options.status,
+    errorType: options.errorType,
+    durationMs: options.duration ?? Date.now() - (options.startTime || Date.now())
+  });
+}
+
+function classifyMetricError(error) {
+  const message = error?.message || '';
+  if (message.includes('AUTH_EXPIRED')) return 'auth_expired';
+  if (message.startsWith('KILO_API_ERROR:')) return 'kilo_api_error';
+  if (message.startsWith('API_ERROR:')) return 'api_error';
+  return 'unknown_error';
+}
+
 export default { handleChatCompletion, handleCountTokens };

package/src/routes/messages-route.js

@@ -7,6 +7,7 @@ import { logger } from '../utils/logger.js';
 import { AccountRotator } from '../account-rotation/index.js';
 import { listAccounts, getActiveAccount, save } from '../account-manager.js';
 import { getServerSettings, isMultiAccountRotationEnabled } from '../server-settings.js';
+import { recordUsageEventSafe, tapUsageEventStream } from '../usage-metrics.js';
 
 const MAX_RETRIES = 5;
 const MAX_WAIT_BEFORE_ERROR_MS = 120000;
@@ -37,10 +38,21 @@ export async function handleMessages(req, res) {
     const requestedModel = body.model || DEFAULT_OPENAI_MODEL;
     const isStreaming = body.stream !== false;
     
-    const { isKilo, kiloTarget, upstreamModel } = resolveModelRouting(requestedModel);
+    const { isKilo, kiloTarget, upstreamModel, reasoningLevel } = resolveModelRouting(requestedModel);
     
     if (isKilo) {
         if (!isKiloEnabled()) {
+            recordMessageMetric({
+                body,
+                endpoint: '/v1/messages',
+                requestedModel,
+                upstreamModel,
+                provider: 'kilo',
+                accountLabel: 'kilo',
+                startTime,
+                status: 403,
+                errorType: 'kilo_disabled'
+            });
             return res.status(403).json({
                 type: 'error',
                 error: {
@@ -59,10 +71,20 @@ export async function handleMessages(req, res) {
     if (!isMultiAccountRotationEnabled()) {
         const creds = await getCredentialsOrError();
         if (!creds) {
+            recordMessageMetric({
+                body,
+                endpoint: '/v1/messages',
+                requestedModel,
+                upstreamModel,
+                provider: 'openai',
+                startTime,
+                status: 401,
+                errorType: 'auth_error'
+            });
             return sendAuthError(res);
         }
 
-        const anthropicRequest = { ...body, model: upstreamModel };
+        const anthropicRequest = { ...body, model: upstreamModel, ...(reasoningLevel ? { reasoningLevel } : {}) };
         try {
             if (isStreaming) {
                 await _streamDirectWithRotation(res, anthropicRequest, creds, requestedModel, startTime, null);
@@ -71,6 +93,17 @@ export async function handleMessages(req, res) {
             }
             return;
         } catch (error) {
+            recordMessageMetric({
+                body,
+                endpoint: '/v1/messages',
+                requestedModel,
+                upstreamModel,
+                provider: 'openai',
+                accountLabel: creds.email,
+                startTime,
+                status: error.status || 500,
+                errorType: classifyMetricError(error)
+            });
             return handleStreamError(res, error, requestedModel, startTime);
         }
     }
@@ -79,6 +112,16 @@ export async function handleMessages(req, res) {
     const accountSnapshot = listAccounts();
 
     if (accountSnapshot.total === 0) {
+        recordMessageMetric({
+            body,
+            endpoint: '/v1/messages',
+            requestedModel,
+            upstreamModel,
+            provider: 'openai',
+            startTime,
+            status: 401,
+            errorType: 'auth_error'
+        });
         return sendAuthError(res, 'No active account with valid credentials. Add an account via /accounts/add');
     }
     
@@ -91,6 +134,16 @@ export async function handleMessages(req, res) {
             const minWait = rotator.getMinWaitTimeMs(upstreamModel);
             
             if (minWait > MAX_WAIT_BEFORE_ERROR_MS) {
+                recordMessageMetric({
+                    body,
+                    endpoint: '/v1/messages',
+                    requestedModel,
+                    upstreamModel,
+                    provider: 'openai',
+                    startTime,
+                    status: 429,
+                    errorType: 'rate_limited'
+                });
                 return handleStreamError(res, new Error(`RESOURCE_EXHAUSTED: All accounts rate-limited. Wait ${Math.round(minWait/1000)}s`), requestedModel, startTime);
             }
             
@@ -109,6 +162,16 @@ export async function handleMessages(req, res) {
                 attempt--;
                 continue;
             }
+            recordMessageMetric({
+                body,
+                endpoint: '/v1/messages',
+                requestedModel,
+                upstreamModel,
+                provider: 'openai',
+                startTime,
+                status: 401,
+                errorType: 'auth_error'
+            });
             return sendAuthError(res, 'No available accounts');
         }
         
@@ -118,7 +181,7 @@ export async function handleMessages(req, res) {
             continue;
         }
         
-        const anthropicRequest = { ...body, model: upstreamModel };
+        const anthropicRequest = { ...body, model: upstreamModel, ...(reasoningLevel ? { reasoningLevel } : {}) };
         
         try {
             if (isStreaming) {
@@ -152,16 +215,51 @@ export async function handleMessages(req, res) {
                 continue;
             }
             
+            recordMessageMetric({
+                body,
+                endpoint: '/v1/messages',
+                requestedModel,
+                upstreamModel,
+                provider: 'openai',
+                accountLabel: account.email,
+                startTime,
+                status: error.status || 500,
+                errorType: classifyMetricError(error)
+            });
             return handleStreamError(res, error, requestedModel, startTime);
         }
     }
     
+    recordMessageMetric({
+        body,
+        endpoint: '/v1/messages',
+        requestedModel,
+        upstreamModel,
+        provider: 'openai',
+        startTime,
+        status: 500,
+        errorType: 'max_retries'
+    });
     return handleStreamError(res, new Error('Max retries exceeded'), requestedModel, startTime);
 }
 
 async function _streamDirectWithRotation(res, anthropicRequest, creds, responseModel, startTime, rotator) {
     initSSEResponse(res);
-    const stream = sendMessageStream(anthropicRequest, creds.accessToken, creds.accountId, rotator, creds.email);
+    const sourceStream = sendMessageStream(anthropicRequest, creds.accessToken, creds.accountId, rotator, creds.email);
+    const stream = tapUsageEventStream(sourceStream, (usage) => {
+        recordMessageMetric({
+            body: anthropicRequest,
+            endpoint: '/v1/messages',
+            requestedModel: responseModel,
+            upstreamModel: anthropicRequest.model,
+            provider: 'openai',
+            accountLabel: creds.email,
+            stream: true,
+            usage,
+            startTime,
+            status: 200
+        });
+    });
     await pipeSSEStream(res, stream);
     logger.response(200, { model: anthropicRequest.model, duration: Date.now() - startTime });
 }
@@ -170,12 +268,39 @@ async function _sendDirectWithRotation(res, anthropicRequest, creds, responseMod
     const response = await sendMessage(anthropicRequest, creds.accessToken, creds.accountId);
     const duration = Date.now() - startTime;
     logger.response(200, { model: anthropicRequest.model, tokens: response.usage?.output_tokens || 0, duration });
+    recordMessageMetric({
+        body: anthropicRequest,
+        endpoint: '/v1/messages',
+        requestedModel: responseModel,
+        upstreamModel: anthropicRequest.model,
+        provider: 'openai',
+        accountLabel: creds.email,
+        stream: false,
+        usage: response.usage,
+        startTime,
+        status: 200,
+        duration
+    });
     res.json({ ...response, model: responseModel });
 }
 
 async function _streamKilo(res, anthropicRequest, kiloTarget, responseModel, startTime) {
     initSSEResponse(res);
-    const stream = sendKiloMessageStream(anthropicRequest, kiloTarget);
+    const sourceStream = sendKiloMessageStream(anthropicRequest, kiloTarget);
+    const stream = tapUsageEventStream(sourceStream, (usage) => {
+        recordMessageMetric({
+            body: anthropicRequest,
+            endpoint: '/v1/messages',
+            requestedModel: responseModel,
+            upstreamModel: kiloTarget,
+            provider: 'kilo',
+            accountLabel: 'kilo',
+            stream: true,
+            usage,
+            startTime,
+            status: 200
+        });
+    });
     await pipeSSEStream(res, stream);
     logger.response(200, { model: kiloTarget, duration: Date.now() - startTime });
 }
@@ -184,6 +309,19 @@ async function _sendKilo(res, anthropicRequest, kiloTarget, responseModel, start
     const response = await sendKiloMessage(anthropicRequest, kiloTarget);
     const duration = Date.now() - startTime;
     logger.response(200, { model: kiloTarget, tokens: response.usage?.output_tokens || 0, duration });
+    recordMessageMetric({
+        body: anthropicRequest,
+        endpoint: '/v1/messages',
+        requestedModel: responseModel,
+        upstreamModel: kiloTarget,
+        provider: 'kilo',
+        accountLabel: 'kilo',
+        stream: false,
+        usage: response.usage,
+        startTime,
+        status: 200,
+        duration
+    });
     res.json({
         id: response.id || undefined,
         type: 'message',
@@ -200,4 +338,36 @@ function sleep(ms) {
     return new Promise(resolve => setTimeout(resolve, ms));
 }
 
+function recordMessageMetric(options) {
+    const body = options.body || {};
+    recordUsageEventSafe({
+        startedAt: new Date(options.startTime || Date.now()).toISOString(),
+        completedAt: new Date().toISOString(),
+        endpoint: options.endpoint,
+        requestedModel: options.requestedModel,
+        upstreamModel: options.upstreamModel,
+        accountLabel: options.accountLabel,
+        provider: options.provider,
+        stream: options.stream ?? body.stream !== false,
+        messageCount: Array.isArray(body.messages) ? body.messages.length : 0,
+        toolCount: Array.isArray(body.tools) ? body.tools.length : 0,
+        usage: options.usage,
+        status: options.status,
+        errorType: options.errorType,
+        durationMs: options.duration ?? Date.now() - (options.startTime || Date.now())
+    });
+}
+
+function classifyMetricError(error) {
+    const message = error?.message || '';
+    if (message.startsWith('RATE_LIMITED:') || message.startsWith('RESOURCE_EXHAUSTED:')) return 'rate_limited';
+    if (message.includes('AUTH_EXPIRED')) return 'auth_expired';
+    if (message.startsWith('CLOUDFLARE_BLOCKED:')) return 'cloudflare_blocked';
+    if (message.startsWith('FORBIDDEN:')) return 'forbidden';
+    if (message.startsWith('INVALID_REQUEST:')) return 'invalid_request';
+    if (message.startsWith('KILO_API_ERROR:')) return 'kilo_api_error';
+    if (message.startsWith('API_ERROR:')) return 'api_error';
+    return 'unknown_error';
+}
+
 export default { handleMessages };

package/src/routes/metrics-route.js

@@ -0,0 +1,43 @@
+import { getUsageMetricsStore } from '../usage-metrics.js';
+
+const VALID_RANGES = new Set(['24h', '7d', '30d', 'all']);
+const VALID_STATUSES = new Set(['success', 'error']);
+
+function parseFilters(query = {}) {
+  const limit = Number(query.limit);
+  const status = String(query.status || '');
+  return {
+    range: VALID_RANGES.has(query.range) ? query.range : '24h',
+    model: typeof query.model === 'string' && query.model.trim() ? query.model.trim() : undefined,
+    account: typeof query.account === 'string' && query.account.trim() ? query.account.trim() : undefined,
+    status: VALID_STATUSES.has(status) || /^\d+$/.test(status) ? status : undefined,
+    limit: Number.isFinite(limit) ? Math.max(1, Math.min(100, Math.trunc(limit))) : 50
+  };
+}
+
+function routeStore(options = {}) {
+  return options.metricsStore || getUsageMetricsStore();
+}
+
+export async function handleGetMetricsSummary(req, res, options = {}) {
+  const { limit, ...filters } = parseFilters(req.query);
+  const summary = await routeStore(options).getSummary(filters);
+  res.json({ success: true, summary });
+}
+
+export async function handleGetMetricsRecent(req, res, options = {}) {
+  const filters = parseFilters(req.query);
+  const recent = await routeStore(options).getRecentEvents(filters);
+  res.json({ success: true, ...recent });
+}
+
+export async function handleGetMetricsStorage(req, res, options = {}) {
+  const storage = await routeStore(options).getStorageInfo();
+  res.json({ success: true, storage });
+}
+
+export default {
+  handleGetMetricsSummary,
+  handleGetMetricsRecent,
+  handleGetMetricsStorage
+};

package/src/routes/settings-route.js

@@ -5,14 +5,40 @@
  *   POST /settings/haiku-model
  *   GET  /settings/account-strategy
  *   POST /settings/account-strategy
+ *   GET  /settings/claude-proxy
+ *   POST /settings/claude-proxy
  *   GET  /settings/kilo-models
  */
 
 import { getServerSettings, isMultiAccountRotationEnabled, setServerSettings } from '../server-settings.js';
 import { fetchFreeModels } from '../kilo-models.js';
-import { isKiloEnabled } from '../model-mapper.js';
+import {
+  CLAUDE_MODEL_ALIASES,
+  DEFAULT_MODEL_MAPPINGS,
+  DEFAULT_REASONING_MAPPINGS,
+  OPENAI_MODEL_OPTIONS,
+  REASONING_LEVEL_OPTIONS,
+  isKiloEnabled,
+  normalizeModelMappings,
+  normalizeReasoningMappings
+} from '../model-mapper.js';
 
 const VALID_STRATEGIES = ['sticky', 'round-robin'];
+const VALID_OPENAI_MODEL_IDS = new Set(OPENAI_MODEL_OPTIONS.map((model) => model.id));
+const VALID_REASONING_LEVEL_IDS = new Set(REASONING_LEVEL_OPTIONS.map((level) => level.id));
+
+function modelMappingsPayload(modelMappings, reasoningMappings) {
+  return {
+    success: true,
+    aliases: CLAUDE_MODEL_ALIASES,
+    models: OPENAI_MODEL_OPTIONS,
+    reasoningLevels: REASONING_LEVEL_OPTIONS,
+    defaults: DEFAULT_MODEL_MAPPINGS,
+    reasoningDefaults: DEFAULT_REASONING_MAPPINGS,
+    modelMappings: normalizeModelMappings(modelMappings),
+    reasoningMappings: normalizeReasoningMappings(reasoningMappings)
+  };
+}
 
 /**
  * GET /settings/haiku-model
@@ -99,6 +125,89 @@ export async function handleGetKiloModels(req, res) {
   }
 }
 
+/**
+ * GET /settings/model-mappings
+ * Returns editable Claude alias -> upstream GPT model mappings.
+ */
+export function handleGetModelMappings(req, res) {
+  const settings = getServerSettings();
+  res.json(modelMappingsPayload(settings.modelMappings, settings.reasoningMappings));
+}
+
+/**
+ * POST /settings/model-mappings
+ * Updates one or more Claude alias mappings.
+ */
+export function handleSetModelMappings(req, res) {
+  const { modelMappings, reasoningMappings } = req.body || {};
+  const hasModelMappings = modelMappings !== undefined;
+  const hasReasoningMappings = reasoningMappings !== undefined;
+
+  if (!hasModelMappings && !hasReasoningMappings) {
+    return res.status(400).json({
+      success: false,
+      error: 'modelMappings or reasoningMappings is required'
+    });
+  }
+
+  if (hasModelMappings && (!modelMappings || typeof modelMappings !== 'object' || Array.isArray(modelMappings))) {
+    return res.status(400).json({
+      success: false,
+      error: 'modelMappings is required and must be an object'
+    });
+  }
+
+  if (hasReasoningMappings && (!reasoningMappings || typeof reasoningMappings !== 'object' || Array.isArray(reasoningMappings))) {
+    return res.status(400).json({
+      success: false,
+      error: 'reasoningMappings must be an object'
+    });
+  }
+
+  const modelAliases = hasModelMappings ? Object.keys(modelMappings) : [];
+  const reasoningAliases = hasReasoningMappings ? Object.keys(reasoningMappings) : [];
+  const unknownAliases = [...modelAliases, ...reasoningAliases].filter((alias) => !CLAUDE_MODEL_ALIASES.includes(alias));
+  if (unknownAliases.length > 0) {
+    return res.status(400).json({
+      success: false,
+      error: `Invalid model mapping alias. Use one of: ${CLAUDE_MODEL_ALIASES.join(', ')}`
+    });
+  }
+
+  for (const [alias, model] of Object.entries(modelMappings || {})) {
+    if (typeof model !== 'string' || !VALID_OPENAI_MODEL_IDS.has(model)) {
+      return res.status(400).json({
+        success: false,
+        error: `Invalid model for ${alias}. Use one of: ${OPENAI_MODEL_OPTIONS.map((option) => option.id).join(', ')}`
+      });
+    }
+  }
+
+  for (const [alias, reasoning] of Object.entries(reasoningMappings || {})) {
+    if (typeof reasoning !== 'string' || !VALID_REASONING_LEVEL_IDS.has(reasoning)) {
+      return res.status(400).json({
+        success: false,
+        error: `Invalid reasoning level for ${alias}. Use one of: ${REASONING_LEVEL_OPTIONS.map((option) => option.id).join(', ')}`
+      });
+    }
+  }
+
+  const settings = getServerSettings();
+  const nextMappings = {
+    ...normalizeModelMappings(settings.modelMappings),
+    ...(modelMappings || {})
+  };
+  const nextReasoningMappings = {
+    ...normalizeReasoningMappings(settings.reasoningMappings),
+    ...(reasoningMappings || {})
+  };
+  const nextSettings = setServerSettings({
+    modelMappings: nextMappings,
+    reasoningMappings: nextReasoningMappings
+  });
+  res.json(modelMappingsPayload(nextSettings.modelMappings, nextSettings.reasoningMappings));
+}
+
 /**
  * GET /settings/account-strategy
  * Returns the current account selection strategy.
@@ -134,10 +243,47 @@ export function handleSetAccountStrategy(req, res) {
   });
 }
 
+/**
+ * GET /settings/claude-proxy
+ * Returns Claude proxy configuration preferences.
+ */
+export function handleGetClaudeProxySetting(req, res) {
+  const settings = getServerSettings();
+  res.json({
+    success: true,
+    configureClaudeOnStartup: settings.configureClaudeOnStartup === true
+  });
+}
+
+/**
+ * POST /settings/claude-proxy
+ * Updates Claude proxy configuration preferences.
+ */
+export function handleSetClaudeProxySetting(req, res) {
+  const { configureClaudeOnStartup } = req.body || {};
+
+  if (typeof configureClaudeOnStartup !== 'boolean') {
+    return res.status(400).json({
+      success: false,
+      error: 'configureClaudeOnStartup is required and must be a boolean'
+    });
+  }
+
+  const settings = setServerSettings({ configureClaudeOnStartup });
+  res.json({
+    success: true,
+    configureClaudeOnStartup: settings.configureClaudeOnStartup === true
+  });
+}
+
 export default { 
   handleGetHaikuModel, 
   handleSetHaikuModel,
   handleGetKiloModels,
+  handleGetModelMappings,
+  handleSetModelMappings,
   handleGetAccountStrategy,
-  handleSetAccountStrategy
+  handleSetAccountStrategy,
+  handleGetClaudeProxySetting,
+  handleSetClaudeProxySetting
 };

package/src/security.js

@@ -3,7 +3,8 @@ const CONTROL_PATH_PREFIXES = [
   '/accounts',
   '/settings',
   '/claude/config',
-  '/api/logs'
+  '/api/logs',
+  '/api/metrics'
 ];
 const SAFE_FETCH_SITES = new Set(['same-origin', 'same-site', 'none']);
 const SENSITIVE_KEY_RE = /(api[_-]?key|auth[_-]?token|access[_-]?token|refresh[_-]?token|id[_-]?token|secret|password)/i;