@pikoloo/codex-proxy 1.0.7 → 1.2.2

package/src/routes/api-routes.js

@@ -9,7 +9,7 @@ import { join, dirname } from 'path';
 import { fileURLToPath } from 'url';
 import { createRequire } from 'module';
 
-import { getStatus, ACCOUNTS_FILE } from '../account-manager.js';
+import { getStatus, ACCOUNT_FILE } from '../account-manager.js';
 
 // Route handlers
 import { handleMessages } from './messages-route.js';
@@ -21,8 +21,6 @@ import {
   handleGetKiloModels,
   handleGetModelMappings,
   handleSetModelMappings,
-  handleGetAccountStrategy,
-  handleSetAccountStrategy,
   handleGetClaudeProxySetting,
   handleSetClaudeProxySetting
 } from './settings-route.js';
@@ -30,20 +28,16 @@ import { handleGetLogs, handleStreamLogs } from './logs-route.js';
 import { handleGetMetricsRecent, handleGetMetricsStorage, handleGetMetricsSummary } from './metrics-route.js';
 import { handleGetClaudeConfig, handleSetProxyMode, handleSetDirectMode, handleSetClaudeApiEndpoint } from './claude-config-route.js';
 import {
-  handleListAccounts,
+  handleGetAccount,
   handleAccountStatus,
   handleOAuthCleanup,
   handleAddAccount,
   handleAddAccountManual,
-  handleSwitchAccount,
   handleRefreshAccount,
-  handleRefreshAllAccounts,
-  handleRefreshActiveAccount,
   handleRemoveAccount,
   handleImportAccount,
-  handleGetQuota,
-  handleGetAllQuotas
-} from './accounts-route.js';
+  handleGetQuota
+} from './account-route.js';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const require = createRequire(import.meta.url);
@@ -56,7 +50,7 @@ export function registerApiRoutes(app, { port }) {
 
   // ─── Health ────────────────────────────────────────────────────────────────
   app.get('/health', (req, res) => {
-    res.json({ status: 'ok', ...getStatus(), configPath: ACCOUNTS_FILE });
+    res.json({ status: 'ok', ...getStatus(), configPath: ACCOUNT_FILE });
   });
 
   // ─── Anthropic Messages API ────────────────────────────────────────────────
@@ -68,8 +62,8 @@ export function registerApiRoutes(app, { port }) {
 
   // ─── Models ────────────────────────────────────────────────────────────────
   app.get('/v1/models', handleListModels);
-  app.get('/accounts/models', handleAccountModels);
-  app.get('/accounts/usage', handleAccountUsage);
+  app.get('/account/models', handleAccountModels);
+  app.get('/account/usage', handleAccountUsage);
 
   // ─── Settings ──────────────────────────────────────────────────────────────
   app.get('/settings/haiku-model', handleGetHaikuModel);
@@ -77,27 +71,21 @@ export function registerApiRoutes(app, { port }) {
   app.get('/settings/kilo-models', handleGetKiloModels);
   app.get('/settings/model-mappings', handleGetModelMappings);
   app.post('/settings/model-mappings', handleSetModelMappings);
-  app.get('/settings/account-strategy', handleGetAccountStrategy);
-  app.post('/settings/account-strategy', handleSetAccountStrategy);
   app.get('/settings/claude-proxy', handleGetClaudeProxySetting);
   app.post('/settings/claude-proxy', handleSetClaudeProxySetting);
 
   // ─── Account Management ───────────────────────────────────────────────────
-  app.get('/accounts', handleListAccounts);
-  app.get('/accounts/status', handleAccountStatus);
-  app.get('/accounts/quota', handleGetQuota);
-  app.get('/accounts/quota/all', handleGetAllQuotas);
-
-  app.post('/accounts/add', handleAddAccount);
-  app.post('/accounts/add/manual', handleAddAccountManual);
-  app.post('/accounts/switch', handleSwitchAccount);
-  app.post('/accounts/import', handleImportAccount);
-  app.post('/accounts/refresh', handleRefreshActiveAccount);
-  app.post('/accounts/refresh/all', handleRefreshAllAccounts);
-  app.post('/accounts/oauth/cleanup', handleOAuthCleanup);
-  app.post('/accounts/:email/refresh', handleRefreshAccount);
-
-  app.delete('/accounts/:email', handleRemoveAccount);
+  app.get('/account', handleGetAccount);
+  app.get('/account/status', handleAccountStatus);
+  app.get('/account/quota', handleGetQuota);
+
+  app.post('/account/add', handleAddAccount);
+  app.post('/account/add/manual', handleAddAccountManual);
+  app.post('/account/import', handleImportAccount);
+  app.post('/account/refresh', handleRefreshAccount);
+  app.post('/account/oauth/cleanup', handleOAuthCleanup);
+
+  app.delete('/account', handleRemoveAccount);
 
   // ─── Claude CLI Configuration ──────────────────────────────────────────────
   app.get('/claude/config', handleGetClaudeConfig);

package/src/routes/chat-route.js

@@ -48,7 +48,7 @@ export async function handleChatCompletion(req, res) {
   if (!isKilo) {
     creds = await getCredentialsOrError();
     if (!creds) {
-      logger.response(401, { error: 'No active account' });
+      logger.response(401, { error: 'No configured account' });
       recordChatMetric({
         body,
         requestedModel,
@@ -58,7 +58,7 @@ export async function handleChatCompletion(req, res) {
         status: 401,
         errorType: 'auth_error'
       });
-      return sendAuthError(res, 'No active account. Add an account via /accounts/add');
+      return sendAuthError(res, 'No configured account. Add an account via /account/add');
     }
   }
 
@@ -77,7 +77,7 @@ export async function handleChatCompletion(req, res) {
       : await sendMessage(anthropicRequest, creds.accessToken, creds.accountId);
 
     const duration = Date.now() - startTime;
-    logger.response(200, { model: upstreamModel, tokens: response.usage?.output_tokens || 0, duration });
+    logger.response(200, { model: upstreamModel, usage: response.usage, duration });
     recordChatMetric({
       body,
       requestedModel,

package/src/routes/messages-route.js

@@ -1,37 +1,11 @@
 import { sendMessageStream, sendMessage } from '../direct-api.js';
 import { sendKiloMessageStream, sendKiloMessage } from '../kilo-api.js';
 import { DEFAULT_OPENAI_MODEL, isKiloEnabled, resolveModelRouting } from '../model-mapper.js';
-import { sendAuthError, getCredentialsOrError, getCredentialsForAccount } from '../middleware/credentials.js';
+import { sendAuthError, getCredentialsOrError } from '../middleware/credentials.js';
 import { initSSEResponse, pipeSSEStream, handleStreamError } from '../middleware/sse.js';
 import { logger } from '../utils/logger.js';
-import { AccountRotator } from '../account-rotation/index.js';
-import { listAccounts, getActiveAccount, save } from '../account-manager.js';
-import { getServerSettings, isMultiAccountRotationEnabled } from '../server-settings.js';
 import { recordUsageEventSafe, tapUsageEventStream } from '../usage-metrics.js';
 
-const MAX_RETRIES = 5;
-const MAX_WAIT_BEFORE_ERROR_MS = 120000;
-const SHORT_RATE_LIMIT_THRESHOLD_MS = 5000;
-
-let accountRotator = null;
-let currentStrategy = null;
-
-function getAccountRotator() {
-    const settings = getServerSettings();
-    const strategy = settings.accountStrategy || 'sticky';
-    
-    if (!accountRotator || currentStrategy !== strategy) {
-        accountRotator = new AccountRotator({
-            listAccounts,
-            save,
-            getActiveAccount
-        }, strategy);
-        currentStrategy = strategy;
-        logger.info(`[Messages] Account strategy: ${strategy}`);
-    }
-    return accountRotator;
-}
-
 export async function handleMessages(req, res) {
     const startTime = Date.now();
     const body = req.body;
@@ -68,50 +42,8 @@ export async function handleMessages(req, res) {
             : _sendKilo(res, { ...body, model: upstreamModel }, kiloTarget, requestedModel, startTime);
     }
 
-    if (!isMultiAccountRotationEnabled()) {
-        const creds = await getCredentialsOrError();
-        if (!creds) {
-            recordMessageMetric({
-                body,
-                endpoint: '/v1/messages',
-                requestedModel,
-                upstreamModel,
-                provider: 'openai',
-                startTime,
-                status: 401,
-                errorType: 'auth_error'
-            });
-            return sendAuthError(res);
-        }
-
-        const anthropicRequest = { ...body, model: upstreamModel, ...(reasoningLevel ? { reasoningLevel } : {}) };
-        try {
-            if (isStreaming) {
-                await _streamDirectWithRotation(res, anthropicRequest, creds, requestedModel, startTime, null);
-            } else {
-                await _sendDirectWithRotation(res, anthropicRequest, creds, requestedModel, startTime, null);
-            }
-            return;
-        } catch (error) {
-            recordMessageMetric({
-                body,
-                endpoint: '/v1/messages',
-                requestedModel,
-                upstreamModel,
-                provider: 'openai',
-                accountLabel: creds.email,
-                startTime,
-                status: error.status || 500,
-                errorType: classifyMetricError(error)
-            });
-            return handleStreamError(res, error, requestedModel, startTime);
-        }
-    }
-    
-    const rotator = getAccountRotator();
-    const accountSnapshot = listAccounts();
-
-    if (accountSnapshot.total === 0) {
+    const creds = await getCredentialsOrError();
+    if (!creds) {
         recordMessageMetric({
             body,
             endpoint: '/v1/messages',
@@ -122,131 +54,39 @@ export async function handleMessages(req, res) {
             status: 401,
             errorType: 'auth_error'
         });
-        return sendAuthError(res, 'No active account with valid credentials. Add an account via /accounts/add');
+        return sendAuthError(res);
     }
-    
-    rotator.clearExpiredLimits();
-    
-    const maxAttempts = Math.max(MAX_RETRIES, accountSnapshot.total);
-    
-    for (let attempt = 0; attempt < maxAttempts; attempt++) {
-        if (rotator.isAllRateLimited(upstreamModel)) {
-            const minWait = rotator.getMinWaitTimeMs(upstreamModel);
-            
-            if (minWait > MAX_WAIT_BEFORE_ERROR_MS) {
-                recordMessageMetric({
-                    body,
-                    endpoint: '/v1/messages',
-                    requestedModel,
-                    upstreamModel,
-                    provider: 'openai',
-                    startTime,
-                    status: 429,
-                    errorType: 'rate_limited'
-                });
-                return handleStreamError(res, new Error(`RESOURCE_EXHAUSTED: All accounts rate-limited. Wait ${Math.round(minWait/1000)}s`), requestedModel, startTime);
-            }
-            
-            logger.info(`[Messages] All accounts rate-limited, waiting ${Math.round(minWait/1000)}s...`);
-            await sleep(minWait + 500);
-            rotator.clearExpiredLimits();
-            attempt--;
-            continue;
-        }
-        
-        const { account, waitMs } = rotator.selectAccount(upstreamModel);
-        
-        if (!account) {
-            if (waitMs > 0) {
-                await sleep(waitMs);
-                attempt--;
-                continue;
-            }
-            recordMessageMetric({
-                body,
-                endpoint: '/v1/messages',
-                requestedModel,
-                upstreamModel,
-                provider: 'openai',
-                startTime,
-                status: 401,
-                errorType: 'auth_error'
-            });
-            return sendAuthError(res, 'No available accounts');
-        }
-        
-        const creds = await getCredentialsForAccount(account.email);
-        if (!creds) {
-            rotator.markInvalid(account.email, 'Failed to get credentials');
-            continue;
-        }
-        
-        const anthropicRequest = { ...body, model: upstreamModel, ...(reasoningLevel ? { reasoningLevel } : {}) };
-        
-        try {
-            if (isStreaming) {
-                await _streamDirectWithRotation(res, anthropicRequest, creds, requestedModel, startTime, rotator);
-            } else {
-                await _sendDirectWithRotation(res, anthropicRequest, creds, requestedModel, startTime, rotator);
-            }
-            rotator.notifySuccess(account, upstreamModel);
-            return;
-        } catch (error) {
-            if (error.message.startsWith('RATE_LIMITED:')) {
-                const parts = error.message.split(':');
-                const resetMs = parseInt(parts[1], 10);
-                const errorText = parts.slice(2).join(':');
-                
-                rotator.notifyRateLimit(account, upstreamModel);
-                
-                if (resetMs <= SHORT_RATE_LIMIT_THRESHOLD_MS) {
-                    logger.info(`[Messages] Short rate limit on ${account.email}, waiting ${resetMs}ms...`);
-                    await sleep(resetMs);
-                    attempt--;
-                    continue;
-                }
-                
-                logger.info(`[Messages] Rate limit on ${account.email}, switching account...`);
-                continue;
-            }
-            
-            if (error.message.includes('AUTH_EXPIRED')) {
-                rotator.markInvalid(account.email, 'Auth expired');
-                continue;
-            }
-            
-            recordMessageMetric({
-                body,
-                endpoint: '/v1/messages',
-                requestedModel,
-                upstreamModel,
-                provider: 'openai',
-                accountLabel: account.email,
-                startTime,
-                status: error.status || 500,
-                errorType: classifyMetricError(error)
-            });
-            return handleStreamError(res, error, requestedModel, startTime);
+
+    const anthropicRequest = { ...body, model: upstreamModel, ...(reasoningLevel ? { reasoningLevel } : {}) };
+    try {
+        if (isStreaming) {
+            await _streamDirect(res, anthropicRequest, creds, requestedModel, startTime);
+        } else {
+            await _sendDirect(res, anthropicRequest, creds, requestedModel, startTime);
         }
+        return;
+    } catch (error) {
+        recordMessageMetric({
+            body,
+            endpoint: '/v1/messages',
+            requestedModel,
+            upstreamModel,
+            provider: 'openai',
+            accountLabel: creds.email,
+            startTime,
+            status: error.message?.startsWith('RATE_LIMITED:') ? 429 : error.status || 500,
+            errorType: classifyMetricError(error)
+        });
+        return handleStreamError(res, error, requestedModel, startTime);
     }
-    
-    recordMessageMetric({
-        body,
-        endpoint: '/v1/messages',
-        requestedModel,
-        upstreamModel,
-        provider: 'openai',
-        startTime,
-        status: 500,
-        errorType: 'max_retries'
-    });
-    return handleStreamError(res, new Error('Max retries exceeded'), requestedModel, startTime);
 }
 
-async function _streamDirectWithRotation(res, anthropicRequest, creds, responseModel, startTime, rotator) {
+async function _streamDirect(res, anthropicRequest, creds, responseModel, startTime) {
     initSSEResponse(res);
-    const sourceStream = sendMessageStream(anthropicRequest, creds.accessToken, creds.accountId, rotator, creds.email);
+    const sourceStream = sendMessageStream(anthropicRequest, creds.accessToken, creds.accountId);
+    let finalUsage = null;
     const stream = tapUsageEventStream(sourceStream, (usage) => {
+        finalUsage = usage;
         recordMessageMetric({
             body: anthropicRequest,
             endpoint: '/v1/messages',
@@ -261,13 +101,13 @@ async function _streamDirectWithRotation(res, anthropicRequest, creds, responseM
         });
     });
     await pipeSSEStream(res, stream);
-    logger.response(200, { model: anthropicRequest.model, duration: Date.now() - startTime });
+    logger.response(200, { model: anthropicRequest.model, usage: finalUsage, duration: Date.now() - startTime });
 }
 
-async function _sendDirectWithRotation(res, anthropicRequest, creds, responseModel, startTime, rotator) {
+async function _sendDirect(res, anthropicRequest, creds, responseModel, startTime) {
     const response = await sendMessage(anthropicRequest, creds.accessToken, creds.accountId);
     const duration = Date.now() - startTime;
-    logger.response(200, { model: anthropicRequest.model, tokens: response.usage?.output_tokens || 0, duration });
+    logger.response(200, { model: anthropicRequest.model, usage: response.usage, duration });
     recordMessageMetric({
         body: anthropicRequest,
         endpoint: '/v1/messages',
@@ -287,7 +127,9 @@ async function _sendDirectWithRotation(res, anthropicRequest, creds, responseMod
 async function _streamKilo(res, anthropicRequest, kiloTarget, responseModel, startTime) {
     initSSEResponse(res);
     const sourceStream = sendKiloMessageStream(anthropicRequest, kiloTarget);
+    let finalUsage = null;
     const stream = tapUsageEventStream(sourceStream, (usage) => {
+        finalUsage = usage;
         recordMessageMetric({
             body: anthropicRequest,
             endpoint: '/v1/messages',
@@ -302,13 +144,13 @@ async function _streamKilo(res, anthropicRequest, kiloTarget, responseModel, sta
         });
     });
     await pipeSSEStream(res, stream);
-    logger.response(200, { model: kiloTarget, duration: Date.now() - startTime });
+    logger.response(200, { model: kiloTarget, usage: finalUsage, duration: Date.now() - startTime });
 }
 
 async function _sendKilo(res, anthropicRequest, kiloTarget, responseModel, startTime) {
     const response = await sendKiloMessage(anthropicRequest, kiloTarget);
     const duration = Date.now() - startTime;
-    logger.response(200, { model: kiloTarget, tokens: response.usage?.output_tokens || 0, duration });
+    logger.response(200, { model: kiloTarget, usage: response.usage, duration });
     recordMessageMetric({
         body: anthropicRequest,
         endpoint: '/v1/messages',
@@ -334,10 +176,6 @@ async function _sendKilo(res, anthropicRequest, kiloTarget, responseModel, start
     });
 }
 
-function sleep(ms) {
-    return new Promise(resolve => setTimeout(resolve, ms));
-}
-
 function recordMessageMetric(options) {
     const body = options.body || {};
     recordUsageEventSafe({
@@ -360,7 +198,7 @@ function recordMessageMetric(options) {
 
 function classifyMetricError(error) {
     const message = error?.message || '';
-    if (message.startsWith('RATE_LIMITED:') || message.startsWith('RESOURCE_EXHAUSTED:')) return 'rate_limited';
+    if (message.startsWith('RATE_LIMITED:')) return 'rate_limited';
     if (message.includes('AUTH_EXPIRED')) return 'auth_expired';
     if (message.startsWith('CLOUDFLARE_BLOCKED:')) return 'cloudflare_blocked';
     if (message.startsWith('FORBIDDEN:')) return 'forbidden';

package/src/routes/models-route.js

@@ -2,12 +2,12 @@
  * Models Route
  * Handles:
  *   GET /v1/models            — OpenAI-compatible model list
- *   GET /accounts/models      — Raw model list for the active/specified account
- *   GET /accounts/usage       — Usage stats for the active/specified account
+ *   GET /account/models       — Raw model list for the configured account
+ *   GET /account/usage        — Usage stats for the configured account
  */
 
 import { fetchModels, fetchUsage } from '../model-api.js';
-import { getActiveAccount, loadAccounts } from '../account-manager.js';
+import { getActiveAccount } from '../account-manager.js';
 import { logger } from '../utils/logger.js';
 import { getCredentialsOrError } from '../middleware/credentials.js';
 import { DEFAULT_OPENAI_MODEL, DEFAULT_SMALL_OPENAI_MODEL, LATEST_CODEX_MODEL } from '../model-mapper.js';
@@ -61,16 +61,16 @@ export async function handleListModels(req, res) {
 }
 
 /**
- * GET /accounts/models
- * Returns the raw model list for the active or specified account.
+ * GET /account/models
+ * Returns the raw model list for the configured account.
  */
 export async function handleAccountModels(req, res) {
-  const account = _resolveAccount(req.query.email);
+  const account = getActiveAccount();
 
   if (!account) {
     return res.status(404).json({
       success: false,
-      error: req.query.email ? `Account not found: ${req.query.email}` : 'No active account'
+      error: 'No account configured'
     });
   }
 
@@ -84,16 +84,16 @@ export async function handleAccountModels(req, res) {
 }
 
 /**
- * GET /accounts/usage
- * Returns usage stats for the active or specified account.
+ * GET /account/usage
+ * Returns usage stats for the configured account.
  */
 export async function handleAccountUsage(req, res) {
-  const account = _resolveAccount(req.query.email);
+  const account = getActiveAccount();
 
   if (!account) {
     return res.status(404).json({
       success: false,
-      error: req.query.email ? `Account not found: ${req.query.email}` : 'No active account'
+      error: 'No account configured'
     });
   }
 
@@ -106,14 +106,4 @@ export async function handleAccountUsage(req, res) {
   }
 }
 
-// ─── Helpers ─────────────────────────────────────────────────────────────────
-
-function _resolveAccount(email) {
-  if (email) {
-    const data = loadAccounts();
-    return data.accounts.find(a => a.email === email) || null;
-  }
-  return getActiveAccount();
-}
-
 export default { handleListModels, handleAccountModels, handleAccountUsage };

package/src/routes/settings-route.js

@@ -3,14 +3,12 @@
  * Handles server settings endpoints:
  *   GET  /settings/haiku-model
  *   POST /settings/haiku-model
- *   GET  /settings/account-strategy
- *   POST /settings/account-strategy
  *   GET  /settings/claude-proxy
  *   POST /settings/claude-proxy
  *   GET  /settings/kilo-models
  */
 
-import { getServerSettings, isMultiAccountRotationEnabled, setServerSettings } from '../server-settings.js';
+import { getServerSettings, setServerSettings } from '../server-settings.js';
 import { fetchFreeModels } from '../kilo-models.js';
 import {
   CLAUDE_MODEL_ALIASES,
@@ -23,7 +21,6 @@ import {
   normalizeReasoningMappings
 } from '../model-mapper.js';
 
-const VALID_STRATEGIES = ['sticky', 'round-robin'];
 const VALID_OPENAI_MODEL_IDS = new Set(OPENAI_MODEL_OPTIONS.map((model) => model.id));
 const VALID_REASONING_LEVEL_IDS = new Set(REASONING_LEVEL_OPTIONS.map((level) => level.id));
 
@@ -208,41 +205,6 @@ export function handleSetModelMappings(req, res) {
   res.json(modelMappingsPayload(nextSettings.modelMappings, nextSettings.reasoningMappings));
 }
 
-/**
- * GET /settings/account-strategy
- * Returns the current account selection strategy.
- */
-export function handleGetAccountStrategy(req, res) {
-  const settings = getServerSettings();
-  res.json({
-    success: true,
-    accountStrategy: settings.accountStrategy,
-    rotationEnabled: isMultiAccountRotationEnabled()
-  });
-}
-
-/**
- * POST /settings/account-strategy
- * Updates the account selection strategy.
- */
-export function handleSetAccountStrategy(req, res) {
-  const { accountStrategy } = req.body || {};
-
-  if (!VALID_STRATEGIES.includes(accountStrategy)) {
-    return res.status(400).json({
-      success: false,
-      error: `Invalid accountStrategy. Use one of: ${VALID_STRATEGIES.join(', ')}`
-    });
-  }
-
-  const settings = setServerSettings({ accountStrategy });
-  res.json({
-    success: true,
-    accountStrategy: settings.accountStrategy,
-    rotationEnabled: isMultiAccountRotationEnabled()
-  });
-}
-
 /**
  * GET /settings/claude-proxy
  * Returns Claude proxy configuration preferences.
@@ -282,8 +244,6 @@ export default {
   handleGetKiloModels,
   handleGetModelMappings,
   handleSetModelMappings,
-  handleGetAccountStrategy,
-  handleSetAccountStrategy,
   handleGetClaudeProxySetting,
   handleSetClaudeProxySetting
 };

package/src/security.js

@@ -1,6 +1,6 @@
 const LOOPBACK_HOSTS = new Set(['localhost', '127.0.0.1', '::1', '[::1]']);
 const CONTROL_PATH_PREFIXES = [
-  '/accounts',
+  '/account',
   '/settings',
   '/claude/config',
   '/api/logs',