codex-slot 0.1.22 → 0.1.24

package/README.md

@@ -10,6 +10,7 @@
 - Manage multiple accounts or workspaces as separate slots
 - Refresh and cache the latest usage from the official usage endpoint
 - Expose a local provider endpoint for Codex
+- Proxy ChatGPT backend plugin requests through the selected cslot account
 - Apply local block rules for temporary, 5-hour, and weekly limits
 - Automatically switch `~/.codex/config.toml` to the `cslot` provider while the local proxy is running (and restore it on stop)
 
@@ -71,8 +72,8 @@ codex-slot start --port 4399
 ```
 
 `start` will automatically write the required provider config into `~/.codex/config.toml`.
-It prefers port `4399` by default and will switch to the next available port automatically when `4399` is busy, then sync that actual port into config:
-Each start also generates a fresh local `api_key` and syncs it into the managed provider config.
+It prefers port `4399` by default and will switch to the next available port automatically when `4399` is busy, then sync that actual port into config.
+The local provider does not use a separate cslot API key; cslot authenticates upstream requests with the selected Codex ChatGPT account token internally.
 
 ```bash
 codex-slot start
@@ -106,6 +107,7 @@ The project is intentionally split by responsibility:
 - `src/service-control.ts`: background service lifecycle management
 - `src/status-command.ts`: usage refresh output and interactive toggle UI
 - `src/codex-config.ts`: managed `~/.codex/config.toml` apply/restore logic
+- `src/backend-proxy-service.ts`: ChatGPT backend proxy for Codex plugin/runtime requests
 - `src/account-store.ts`, `src/usage-sync.ts`, `src/scheduler.ts`, `src/status.ts`: core domain and runtime logic
 - `src/text.ts`: shared bilingual text and locale-independent formatting helpers
 
@@ -131,17 +133,23 @@ Instead it:
 name = "cslot"
 base_url = "http://127.0.0.1:4399/v1"
 wire_api = "responses"
-experimental_bearer_token = "<your-local-api-key>"
+requires_openai_auth = true
 ```
 
 Behavior:
 
 - A managed marker block is inserted for `model_provider = "cslot"` and `[model_providers.cslot]`
-- On `cslot stop`, the original `model_provider` line and original `[model_providers.cslot]` block are restored from the saved snapshot
+- On `cslot stop`, the original `model_provider` line and original `[model_providers.cslot]` block are restored from the saved snapshot; legacy local bearer-token fields in the cslot provider are removed
 - Other providers and settings in `config.toml` are left untouched
 - If you start with `--port`, the port is saved to `~/.cslot/config.yaml`
 - If you start without `--port`, `4399` is preferred first and the next free port is chosen automatically on conflict, and the actual chosen port is written back to `~/.cslot/config.yaml` and the managed provider block
-- Every `start` rotates the local `api_key`, and the new value is written to both `~/.cslot/config.yaml` and the managed provider block
+- `requires_openai_auth = true` keeps Codex App treating the local cslot provider as a ChatGPT-authenticated provider, so plugin navigation and trusted plugin runtimes are not disabled as API-key/custom-provider mode
+- `/backend-api/*` requests are forwarded to ChatGPT backend with the current selected account's upstream token; client `Authorization` headers are not forwarded upstream
+
+## Codex App Plugins
+
+`codex-slot start` also switches the main `~/.codex` login state to the selected managed account while cslot is running.
+This keeps Codex app plugins that depend on the main ChatGPT login state working without a separate manual setup step.
 
 ## Data Directory
 

package/dist/app/service-lifecycle-service.js

@@ -253,17 +253,14 @@ async function startManagedService(portOverride) {
             pid: runningPid,
             port: config.server.port,
             logPath: (0, config_1.getServiceLogPath)(),
-            autoSwitched: false,
-            apiKeyRotated: false
+            autoSwitched: false
         };
     }
     if (config.server.port !== port) {
         config.server.port = port;
         (0, config_1.saveConfig)(config);
     }
-    // 每次真正启动服务前都轮换一次本地 api_key，并让受管 config.toml 使用同一新值。
-    const persistedConfig = (0, config_1.rotateServerApiKey)(config);
-    (0, codex_config_1.applyManagedCodexConfig)(undefined, { config: persistedConfig });
+    (0, codex_config_1.applyManagedCodexConfig)(undefined, { config });
     applyManagedAuthIfPossible();
     const logPath = (0, config_1.getServiceLogPath)();
     const logFd = node_fs_1.default.openSync(logPath, "a");
@@ -293,8 +290,7 @@ async function startManagedService(portOverride) {
         pid: childPid,
         port,
         logPath,
-        autoSwitched,
-        apiKeyRotated: true
+        autoSwitched
     };
 }
 /**

package/dist/backend-proxy-service.js

@@ -0,0 +1,241 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.proxyChatGptBackendWithRetry = void 0;
+exports.createBackendProxyService = createBackendProxyService;
+const account_store_1 = require("./account-store");
+const config_1 = require("./config");
+const scheduler_1 = require("./scheduler");
+const state_repository_1 = require("./state-repository");
+const state_1 = require("./state");
+const text_1 = require("./text");
+const upstream_client_1 = require("./upstream-client");
+const upstream_error_policy_1 = require("./upstream-error-policy");
+const usage_sync_1 = require("./usage-sync");
+/**
+ * 解析本地 ChatGPT backend 代理请求，并转换成上游 backend path。
+ *
+ * 业务含义：
+ * 1. 本地代理只承载 `/backend-api/*` 这一类 ChatGPT backend 请求。
+ * 2. backend path 与 query 保留原样透传给上游，具体上游鉴权由 cslot 内部接管。
+ *
+ * @param request 原始本地代理请求。
+ * @returns 可发往上游的 backend path；不属于 backend 代理范围时返回错误结果。
+ * @throws 当 URL 解析失败时返回错误结果，不向上游发请求。
+ */
+function resolveBackendPath(request) {
+    const parsedUrl = new URL(request.url, "http://127.0.0.1");
+    const backendPrefix = "/backend-api";
+    if (!parsedUrl.pathname.startsWith(`${backendPrefix}/`)) {
+        return {
+            error: buildSendResult(404, {
+                error: {
+                    message: (0, text_1.bi)("不支持的 ChatGPT backend 代理路径", "Unsupported ChatGPT backend proxy path"),
+                    type: "unsupported_backend_proxy_path"
+                }
+            })
+        };
+    }
+    const backendPath = parsedUrl.pathname.slice(backendPrefix.length);
+    return {
+        pathWithQuery: `${backendPath}${parsedUrl.search}`
+    };
+}
+/**
+ * 提取上游响应中允许透传给客户端的响应头。
+ *
+ * @param headers 上游响应头对象。
+ * @returns 可透传响应头。
+ * @throws 无显式抛出。
+ */
+function pickResponseHeaders(headers) {
+    const picked = {};
+    const contentType = headers["content-type"];
+    const cacheControl = headers["cache-control"];
+    if (typeof contentType === "string") {
+        picked["content-type"] = contentType;
+    }
+    if (typeof cacheControl === "string") {
+        picked["cache-control"] = cacheControl;
+    }
+    return picked;
+}
+/**
+ * 构造统一错误响应结果。
+ *
+ * @param statusCode HTTP 状态码。
+ * @param payload 响应体。
+ * @param headers 可选响应头。
+ * @returns 代理服务可直接写回的 send 结果。
+ * @throws 无显式抛出。
+ */
+function buildSendResult(statusCode, payload, headers) {
+    return {
+        type: "send",
+        statusCode,
+        payload,
+        headers
+    };
+}
+/**
+ * 为当前请求失败的账号设置临时熔断状态，避免短时间内被重复选中。
+ *
+ * @param dependencies 代理服务依赖集合。
+ * @param accountId 账号标识。
+ * @param reason 本地状态中记录的失败原因。
+ * @param blockSeconds 熔断持续秒数。
+ * @returns 无返回值。
+ * @throws 当状态写入失败时透传底层异常。
+ */
+function markAccountFailure(dependencies, accountId, reason, blockSeconds) {
+    dependencies.setAccountBlock(accountId, Math.floor(Date.now() / 1000) + blockSeconds, reason);
+}
+/**
+ * 使用指定候选账号向 ChatGPT backend 发送请求。
+ *
+ * @param dependencies 代理服务依赖集合。
+ * @param picked 当前候选账号。
+ * @param accessToken 可用 access token。
+ * @param pathWithQuery 已解析的 backend path 与 query。
+ * @param request 原始本地代理请求。
+ * @returns 上游响应。
+ * @throws 当网络层或 undici 请求失败时透传底层异常。
+ */
+async function sendWithAccount(dependencies, picked, accessToken, pathWithQuery, request) {
+    const config = dependencies.loadConfig();
+    const auth = dependencies.readAuthFile(picked.account.codex_home);
+    return await dependencies.sendChatGptBackendRequest({
+        chatGptBaseUrl: config.upstream.chatgpt_base_url,
+        method: request.method.toUpperCase(),
+        pathWithQuery,
+        requestHeaders: request.headers,
+        accessToken,
+        accountIdHeader: auth?.tokens?.account_id,
+        body: request.body
+    });
+}
+/**
+ * 创建 ChatGPT backend 代理服务。
+ *
+ * 业务含义：
+ * 1. 该服务复用 cslot 的账号调度与 token 刷新能力。
+ * 2. `/backend-api/*` 请求全量透传给 ChatGPT backend，但官方 token 始终只在 cslot 内部使用。
+ * 3. 非模型 backend 请求不套用 responses 的额度熔断语义，只对缺凭据、网络异常与 5xx 做账号级兜底。
+ *
+ * @param overrides 可选依赖覆盖项。
+ * @returns ChatGPT backend 代理服务实例。
+ * @throws 无显式抛出。
+ */
+function createBackendProxyService(overrides) {
+    const dependencies = {
+        loadConfig: config_1.loadConfig,
+        listCandidateAccounts: scheduler_1.listCandidateAccounts,
+        readAuthFile: account_store_1.readAuthFile,
+        sendChatGptBackendRequest: upstream_client_1.sendChatGptBackendRequest,
+        refreshAccountTokens: usage_sync_1.refreshAccountTokens,
+        setAccountBlock: state_1.setAccountBlock,
+        recordAccountScheduleSuccess: state_repository_1.recordAccountScheduleSuccess,
+        ...overrides
+    };
+    return {
+        async proxyChatGptBackendWithRetry(request) {
+            const route = resolveBackendPath(request);
+            if (route.error) {
+                return route.error;
+            }
+            const candidates = dependencies.listCandidateAccounts();
+            if (candidates.length === 0) {
+                return buildSendResult(503, {
+                    error: {
+                        message: (0, text_1.bi)("当前没有可用账号", "No available account"),
+                        type: "no_available_account"
+                    }
+                });
+            }
+            let lastErrorPayload = {
+                error: {
+                    message: (0, text_1.bi)("所有账号都请求失败", "All accounts failed"),
+                    type: "all_accounts_failed"
+                }
+            };
+            let lastStatusCode = 503;
+            for (const picked of candidates) {
+                const auth = dependencies.readAuthFile(picked.account.codex_home);
+                let accessToken = auth?.tokens?.access_token;
+                if (!accessToken) {
+                    markAccountFailure(dependencies, picked.account.id, "invalid_account_auth", 10 * 60);
+                    lastErrorPayload = {
+                        error: {
+                            message: (0, text_1.bi)(`账号 ${picked.account.id} 缺少 access_token`, `Account ${picked.account.id} is missing access_token`),
+                            type: "invalid_account_auth"
+                        }
+                    };
+                    continue;
+                }
+                let upstream;
+                try {
+                    upstream = await sendWithAccount(dependencies, picked, accessToken, route.pathWithQuery, request);
+                }
+                catch (error) {
+                    if ((0, upstream_error_policy_1.isNetworkUnavailableError)(error)) {
+                        lastErrorPayload = (0, upstream_error_policy_1.buildNetworkUnavailablePayload)(picked.account.id, error);
+                        continue;
+                    }
+                    markAccountFailure(dependencies, picked.account.id, "request_failed", 60);
+                    lastErrorPayload = {
+                        error: {
+                            message: `账号 ${picked.account.id} 请求 ChatGPT backend 失败: ${error instanceof Error ? error.message : String(error)}`,
+                            type: "account_backend_request_failed"
+                        }
+                    };
+                    continue;
+                }
+                if (upstream.statusCode === 401) {
+                    try {
+                        const refreshed = await dependencies.refreshAccountTokens(picked.account.id);
+                        accessToken = refreshed.tokens?.access_token ?? accessToken;
+                        upstream = await sendWithAccount(dependencies, picked, accessToken, route.pathWithQuery, request);
+                    }
+                    catch (error) {
+                        if ((0, upstream_error_policy_1.isNetworkUnavailableError)(error)) {
+                            lastErrorPayload = (0, upstream_error_policy_1.buildNetworkUnavailablePayload)(picked.account.id, error);
+                            continue;
+                        }
+                        markAccountFailure(dependencies, picked.account.id, "token_refresh_failed", 10 * 60);
+                        lastErrorPayload = {
+                            error: {
+                                message: `账号 ${picked.account.id} 刷新 token 失败: ${error instanceof Error ? error.message : String(error)}`,
+                                type: "account_token_refresh_failed"
+                            }
+                        };
+                        continue;
+                    }
+                }
+                const responseHeaders = pickResponseHeaders(upstream.headers);
+                if (upstream.statusCode >= 500) {
+                    const errorText = await upstream.body.text();
+                    markAccountFailure(dependencies, picked.account.id, "upstream_5xx", 60);
+                    lastStatusCode = upstream.statusCode;
+                    lastErrorPayload = {
+                        error: {
+                            message: `账号 ${picked.account.id} ChatGPT backend 异常: ${errorText}`,
+                            type: "account_backend_upstream_failed"
+                        }
+                    };
+                    continue;
+                }
+                dependencies.recordAccountScheduleSuccess(picked.account.id);
+                return {
+                    type: "proxy",
+                    statusCode: upstream.statusCode,
+                    headers: {
+                        ...responseHeaders,
+                        connection: "keep-alive"
+                    },
+                    body: upstream.body
+                };
+            }
+            return buildSendResult(lastStatusCode, lastErrorPayload);
+        }
+    };
+}
+exports.proxyChatGptBackendWithRetry = createBackendProxyService().proxyChatGptBackendWithRetry;

package/dist/cli.js

@@ -93,7 +93,7 @@ function registerRuntimeCommands(program) {
         .addHelpText("after", [
         "",
         `${(0, text_1.bi)("说明", "Notes")}:`,
-        `  ${(0, text_1.bi)("start 会自动接管 `~/.codex/config.toml`；默认优先使用 4399，冲突时自动顺延；每次启动都会重新生成本地 api_key；指定端口时会写入该端口；stop 会恢复接管前内容。", "`start` will manage `~/.codex/config.toml` automatically; it prefers 4399 by default, switches to the next free port on conflict, generates a fresh local api_key on every start, writes the specified port when provided, and `stop` restores the previous content.")}`,
+        `  ${(0, text_1.bi)("start 会自动接管 `~/.codex/config.toml`；默认优先使用 4399，冲突时自动顺延；指定端口时会写入该端口；stop 会恢复接管前内容。", "`start` will manage `~/.codex/config.toml` automatically; it prefers 4399 by default, switches to the next free port on conflict, writes the specified port when provided, and `stop` restores the previous content.")}`,
     ].join("\n"))
         .action(async (options) => {
         await (0, service_control_1.handleStart)(options.port);

package/dist/codex-config.js

@@ -66,17 +66,16 @@ function buildManagedModelProviderBlock(eol) {
  * @returns 带标记的 provider 配置块文本。
  */
 function buildManagedProviderBlock(eol, config) {
-    return [
+    const lines = [
         PROVIDER_BLOCK_START_MARKER,
         "[model_providers.cslot]",
         'name = "cslot"',
         `base_url = "http://${config.server.host}:${config.server.port}/v1"`,
         'wire_api = "responses"',
-        `experimental_bearer_token = "${config.server.api_key}"`,
-        "[model_providers.cslot.http_headers]",
-        `Authorization = "Bearer ${config.server.api_key}"`,
-        PROVIDER_BLOCK_END_MARKER
-    ].join(eol);
+        "requires_openai_auth = true"
+    ];
+    lines.push(PROVIDER_BLOCK_END_MARKER);
+    return lines.join(eol);
 }
 /**
  * 判断候选表头是否属于指定父表的子表。
@@ -262,6 +261,51 @@ function findTableSectionRange(content, header) {
 function findProviderSectionRange(content) {
     return findTableSectionRange(content, "[model_providers.cslot]");
 }
+/**
+ * 清理旧版本 cslot provider 中的本地鉴权配置。
+ *
+ * @param providerBlock 原始 `[model_providers.cslot]` 表块。
+ * @returns 移除 `experimental_bearer_token` 与 `http_headers.Authorization` 后的表块。
+ * @throws 无显式抛出。
+ */
+function sanitizeLegacyCslotProviderBlock(providerBlock) {
+    const eol = detectEol(providerBlock);
+    const lines = providerBlock.split(/\r?\n/);
+    const sanitized = [];
+    let skippingLegacyHttpHeaders = false;
+    for (const line of lines) {
+        const trimmed = line.trim();
+        if (trimmed === "[model_providers.cslot.http_headers]") {
+            skippingLegacyHttpHeaders = true;
+            continue;
+        }
+        if (skippingLegacyHttpHeaders && trimmed.startsWith("[") && !isChildTableHeader("[model_providers.cslot.http_headers]", trimmed)) {
+            skippingLegacyHttpHeaders = false;
+        }
+        if (skippingLegacyHttpHeaders) {
+            continue;
+        }
+        if (/^experimental_bearer_token\s*=/.test(trimmed)) {
+            continue;
+        }
+        sanitized.push(line);
+    }
+    return sanitized.join(eol);
+}
+/**
+ * 清理当前文本中已有 cslot provider 的旧本地鉴权配置。
+ *
+ * @param content 当前 `config.toml` 内容。
+ * @returns 已清理旧鉴权字段的文本内容。
+ * @throws 无显式抛出。
+ */
+function sanitizeExistingCslotProviderSection(content) {
+    const range = findProviderSectionRange(content);
+    if (!range) {
+        return content;
+    }
+    return `${content.slice(0, range.start)}${sanitizeLegacyCslotProviderBlock(range.value)}${content.slice(range.end)}`;
+}
 /**
  * 查找指定表头所在的行起始偏移。
  *
@@ -507,9 +551,10 @@ function buildManagedSnapshot(targetFile, strippedCurrent, previousManagedState)
             : null) ??
             previousManagedState?.original_model_provider_next_table_header ??
             null,
-        original_cslot_provider_block: originalProviderSection?.value ??
-            previousManagedState?.original_cslot_provider_block ??
-            null,
+        original_cslot_provider_block: (originalProviderSection ? sanitizeLegacyCslotProviderBlock(originalProviderSection.value) : null) ??
+            (previousManagedState?.original_cslot_provider_block
+                ? sanitizeLegacyCslotProviderBlock(previousManagedState.original_cslot_provider_block)
+                : null),
         original_cslot_provider_previous_table_header: (originalProviderSection
             ? findPreviousTableHeaderBeforeOffset(strippedCurrent, originalProviderSection.start)
             : null) ??
@@ -552,7 +597,6 @@ function applyManagedCodexConfig(targetPathOrDir, options) {
     if (!options?.silent) {
         console.log((0, text_1.bi)(`已写入: ${targetFile}`, `Written to: ${targetFile}`));
         console.log(`base_url=http://${config.server.host}:${config.server.port}/v1`);
-        console.log(`api_key=${config.server.api_key}`);
         console.log((0, text_1.bi)("提示: start 会自动接管 codex provider，stop 会精确恢复接管前内容。", "Note: start will manage the Codex provider automatically, and stop will restore the exact previous content."));
     }
     return targetFile;
@@ -575,7 +619,7 @@ function deactivateManagedCodexConfig() {
     }
     const current = node_fs_1.default.readFileSync(targetFile, "utf8");
     const eol = detectEol(current);
-    let restored = stripAllManagedBlocks(current);
+    let restored = sanitizeExistingCslotProviderSection(stripAllManagedBlocks(current));
     const existingModelProviderLine = findModelProviderLine(restored);
     if (!existingModelProviderLine && managedState.original_model_provider_block) {
         restored = insertRootBlock(restored, managedState.original_model_provider_block, eol, managedState.original_model_provider_next_table_header);

package/dist/config.js

@@ -4,7 +4,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getUserHomeDir = getUserHomeDir;
-exports.generateServerApiKey = generateServerApiKey;
 exports.getCslotHome = getCslotHome;
 exports.getConfigPath = getConfigPath;
 exports.getPidPath = getPidPath;
@@ -12,10 +11,8 @@ exports.getServiceLogPath = getServiceLogPath;
 exports.expandHome = expandHome;
 exports.loadConfig = loadConfig;
 exports.saveConfig = saveConfig;
-exports.rotateServerApiKey = rotateServerApiKey;
 exports.getManagedHome = getManagedHome;
 exports.upsertAccount = upsertAccount;
-const node_crypto_1 = __importDefault(require("node:crypto"));
 const node_fs_1 = __importDefault(require("node:fs"));
 const node_os_1 = __importDefault(require("node:os"));
 const node_path_1 = __importDefault(require("node:path"));
@@ -35,23 +32,23 @@ const configSchema = zod_1.z.object({
         .object({
         host: zod_1.z.string().default("127.0.0.1"),
         port: zod_1.z.number().int().default(4399),
-        api_key: zod_1.z.string().default("cslot-defaultkey"),
         body_limit_mb: zod_1.z.number().positive().default(512)
     })
         .default({
         host: "127.0.0.1",
         port: 4399,
-        api_key: "cslot-defaultkey",
         body_limit_mb: 512
     }),
     upstream: zod_1.z
         .object({
         codex_base_url: zod_1.z.string().default("https://chatgpt.com/backend-api/codex"),
+        chatgpt_base_url: zod_1.z.string().default("https://chatgpt.com/backend-api"),
         auth_base_url: zod_1.z.string().default("https://auth.openai.com"),
         oauth_client_id: zod_1.z.string().default("app_EMoamEEZ73f0CkXaXp7hrann")
     })
         .default({
         codex_base_url: "https://chatgpt.com/backend-api/codex",
+        chatgpt_base_url: "https://chatgpt.com/backend-api",
         auth_base_url: "https://auth.openai.com",
         oauth_client_id: "app_EMoamEEZ73f0CkXaXp7hrann"
     }),
@@ -65,17 +62,6 @@ const configSchema = zod_1.z.object({
 function getUserHomeDir() {
     return process.env.HOME || process.env.USERPROFILE || node_os_1.default.homedir();
 }
-/**
- * 生成新的本地服务 API Key。
- *
- * 该 key 仅用于本地代理服务与受管 `~/.codex/config.toml` 之间的鉴权，
- * 不会影响上游官方 access token。
- *
- * @returns 随机生成的本地 API Key。
- */
-function generateServerApiKey() {
-    return `cslot-${node_crypto_1.default.randomBytes(18).toString("hex")}`;
-}
 /**
  * 返回 cslot 的根目录，并确保基础目录结构存在。
  *
@@ -139,17 +125,16 @@ function expandHome(input) {
 function loadConfig() {
     const configPath = getConfigPath();
     if (!node_fs_1.default.existsSync(configPath)) {
-        const defaultApiKey = generateServerApiKey();
         const defaultConfig = {
             version: 1,
             server: {
                 host: "127.0.0.1",
                 port: 4399,
-                api_key: defaultApiKey,
                 body_limit_mb: 512
             },
             upstream: {
                 codex_base_url: "https://chatgpt.com/backend-api/codex",
+                chatgpt_base_url: "https://chatgpt.com/backend-api",
                 auth_base_url: "https://auth.openai.com",
                 oauth_client_id: "app_EMoamEEZ73f0CkXaXp7hrann"
             },
@@ -161,18 +146,7 @@ function loadConfig() {
     const raw = node_fs_1.default.readFileSync(configPath, "utf8");
     const parsed = raw.trim() ? yaml_1.default.parse(raw) : {};
     const normalized = configSchema.parse(parsed);
-    let changed = JSON.stringify(parsed) !== JSON.stringify(normalized);
-    if ((!parsed || typeof parsed !== "object" || !("server" in parsed)) ||
-        !(parsed.server && typeof parsed.server === "object" && "api_key" in parsed.server)) {
-        normalized.server.api_key = generateServerApiKey();
-        changed = true;
-    }
-    // 兼容历史默认值，统一迁移到新的随机本地 key。
-    if (normalized.server.api_key === "local-only-key" ||
-        normalized.server.api_key === "cslot-defaultkey") {
-        normalized.server.api_key = generateServerApiKey();
-        changed = true;
-    }
+    const changed = JSON.stringify(parsed) !== JSON.stringify(normalized);
     // 当旧配置缺少新字段时，将补全后的配置回写，便于用户直接编辑查看。
     if (changed) {
         saveConfig(normalized);
@@ -191,25 +165,6 @@ function saveConfig(config) {
     const text = yaml_1.default.stringify(config);
     node_fs_1.default.writeFileSync(configPath, text, "utf8");
 }
-/**
- * 刷新本地代理服务 API Key，并将结果写回配置文件。
- *
- * 业务语义：
- * 1. 每次真正启动本地代理前都重新生成一个新的本地 key。
- * 2. 该 key 会同时驱动本地服务鉴权与 `~/.codex/config.toml` 中的 provider 头。
- * 3. 若调用方已经持有最新配置对象，可直接传入，避免重复读取磁盘。
- *
- * @param config 可选的当前配置对象；未传入时会自动从磁盘读取。
- * @returns 已写回磁盘的最新配置对象，其中 `server.api_key` 一定是新值。
- * @throws 当配置读写失败时抛出文件系统错误。
- */
-function rotateServerApiKey(config) {
-    const nextConfig = config ?? loadConfig();
-    // 每次启动前轮换本地鉴权 key，避免长期复用同一个静态口令。
-    nextConfig.server.api_key = generateServerApiKey();
-    saveConfig(nextConfig);
-    return nextConfig;
-}
 /**
  * 根据账号标识生成其独立的 HOME 目录。
  *

package/dist/server.js

@@ -6,18 +6,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.startServer = startServer;
 const fastify_1 = __importDefault(require("fastify"));
 const config_1 = require("./config");
+const backend_proxy_service_1 = require("./backend-proxy-service");
 const proxy_retry_service_1 = require("./proxy-retry-service");
 const status_1 = require("./status");
 const scheduler_1 = require("./scheduler");
-const text_1 = require("./text");
 const usage_sync_1 = require("./usage-sync");
-function getBearerToken(headerValue) {
-    if (!headerValue) {
-        return null;
-    }
-    const match = /^Bearer\s+(.+)$/i.exec(headerValue);
-    return match?.[1] ?? null;
-}
 /**
  * 读取代理请求的原始 body 字节，供多账号重试时重复发送同一份载荷。
  *
@@ -51,20 +44,6 @@ async function startServer(port) {
         logger: false,
         bodyLimit: Math.floor(config.server.body_limit_mb * 1024 * 1024)
     });
-    app.addHook("onRequest", async (request, reply) => {
-        if (request.url === "/health") {
-            return;
-        }
-        const bearer = getBearerToken(request.headers.authorization);
-        if (bearer !== config.server.api_key) {
-            return reply.code(401).send({
-                error: {
-                    message: (0, text_1.bi)("本地 API Key 无效", "Invalid local API key"),
-                    type: "invalid_local_api_key"
-                }
-            });
-        }
-    });
     app.get("/health", async () => {
         return { ok: true };
     });
@@ -96,6 +75,29 @@ async function startServer(port) {
         }
         reply.raw.end();
     };
+    const backendProxyHandler = async (request, reply) => {
+        const requestBody = request.body ? await readRawRequestBody(request.body) : undefined;
+        const result = await (0, backend_proxy_service_1.proxyChatGptBackendWithRetry)({
+            method: request.method,
+            url: request.url,
+            headers: request.headers,
+            body: requestBody
+        });
+        if (result.type === "send") {
+            reply.code(result.statusCode);
+            for (const [headerName, headerValue] of Object.entries(result.headers ?? {})) {
+                reply.header(headerName, headerValue);
+            }
+            reply.send(result.payload);
+            return;
+        }
+        reply.hijack();
+        reply.raw.writeHead(result.statusCode, result.headers);
+        for await (const chunk of result.body) {
+            reply.raw.write(chunk);
+        }
+        reply.raw.end();
+    };
     await app.register(async (proxyApp) => {
         // 代理路由需要原样透传 body，不能在本地先做 JSON 解析与大小限制拦截。
         proxyApp.removeAllContentTypeParsers();
@@ -108,6 +110,20 @@ async function startServer(port) {
         proxyApp.post("/backend-api/codex/responses", { bodyLimit: Number.MAX_SAFE_INTEGER }, async (request, reply) => {
             await proxyHandler(request.body, request.headers, reply);
         });
+        proxyApp.route({
+            method: ["GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"],
+            url: "/backend-api/*",
+            bodyLimit: Number.MAX_SAFE_INTEGER,
+            handler: async (request, reply) => {
+                const body = request.body;
+                await backendProxyHandler({
+                    method: request.method,
+                    url: request.url,
+                    headers: request.headers,
+                    body
+                }, reply);
+            }
+        });
     });
     await app.listen({
         host: config.server.host,

package/dist/service-control.js

@@ -26,9 +26,6 @@ async function handleStart(portOverride) {
     if (result.autoSwitched) {
         console.log((0, text_1.bi)(`默认端口 4399 已被占用，已自动切换到 ${result.port}`, `Default port 4399 is busy. Automatically switched to ${result.port}`));
     }
-    if (result.apiKeyRotated) {
-        console.log((0, text_1.bi)("本次启动已重新生成本地 api_key，并同步写入受管配置。", "A new local api_key was generated for this start and synced to the managed config."));
-    }
     console.log((0, text_1.bi)(`服务已启动: http://${config.server.host}:${result.port}`, `Service started: http://${config.server.host}:${result.port}`));
     console.log(`PID: ${result.pid}`);
     console.log((0, text_1.bi)(`日志: ${result.logPath}`, `Log: ${result.logPath}`));

package/dist/upstream-client.js

@@ -2,12 +2,14 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.buildUpstreamHeaders = buildUpstreamHeaders;
 exports.sendCodexResponsesRequest = sendCodexResponsesRequest;
+exports.buildChatGptBackendHeaders = buildChatGptBackendHeaders;
+exports.sendChatGptBackendRequest = sendChatGptBackendRequest;
 const undici_1 = require("undici");
 /**
  * 构造发往上游的请求头，并移除仅属于本地代理链路的头信息。
  *
  * 业务含义：
- * 1. 本地服务使用独立 api_key 鉴权，转发时必须替换为真实上游 access token。
+ * 1. 本地服务只监听 loopback 地址，转发时必须替换为真实上游 access token。
  * 2. body 会在本地先读取成 Buffer 以支持失败后切换账号重试，因此这里重算 content-length。
  *
  * @param requestHeaders 客户端发到本地服务的原始请求头。
@@ -61,3 +63,68 @@ async function sendCodexResponsesRequest(options) {
         body: options.body
     });
 }
+/**
+ * 构造发往 ChatGPT backend API 的通用请求头。
+ *
+ * 业务含义：
+ * 1. 该方法服务于非模型兼容接口，例如 Browser Use 的安全检查接口。
+ * 2. 调用方残留的 Authorization 不能透传给上游，必须替换为当前调度账号的官方 access token。
+ *
+ * @param requestHeaders 客户端发到本地服务的原始请求头。
+ * @param accessToken 当前候选账号可用的上游访问令牌。
+ * @param accountIdHeader 可选的 ChatGPT 账号标识头。
+ * @param bodyLength 可选请求体长度；无请求体时不写 content-length。
+ * @returns 可直接传给 ChatGPT backend 的请求头对象。
+ * @throws 无显式抛出。
+ */
+function buildChatGptBackendHeaders(requestHeaders, accessToken, accountIdHeader, bodyLength) {
+    const headers = {};
+    for (const [headerName, headerValue] of Object.entries(requestHeaders)) {
+        const normalizedName = headerName.toLowerCase();
+        if (headerValue == null ||
+            normalizedName === "authorization" ||
+            normalizedName === "host" ||
+            normalizedName === "connection" ||
+            normalizedName === "content-length") {
+            continue;
+        }
+        headers[normalizedName] = Array.isArray(headerValue)
+            ? headerValue.join(", ")
+            : headerValue;
+    }
+    headers.authorization = `Bearer ${accessToken}`;
+    if (!headers.accept) {
+        headers.accept = "application/json";
+    }
+    headers["user-agent"] = "codex-slot/0.1.1";
+    if (typeof bodyLength === "number") {
+        headers["content-length"] = String(bodyLength);
+    }
+    if (accountIdHeader) {
+        headers["chatgpt-account-id"] = accountIdHeader;
+    }
+    return headers;
+}
+/**
+ * 向 ChatGPT backend API 发送一次通用请求。
+ *
+ * 业务含义：
+ * 1. 该 Adapter 只负责安全地拼接 backend 基地址、路由和鉴权头。
+ * 2. 允许代理哪些 backend 路由由更上层策略控制，避免这里承担访问控制职责。
+ *
+ * @param options 上游请求参数。
+ * @returns undici 上游响应对象。
+ * @throws 当网络层或 undici 请求失败时透传底层异常。
+ */
+async function sendChatGptBackendRequest(options) {
+    const baseUrl = options.chatGptBaseUrl.replace(/\/+$/, "");
+    const pathWithQuery = options.pathWithQuery.startsWith("/")
+        ? options.pathWithQuery
+        : `/${options.pathWithQuery}`;
+    const bodyLength = options.body && options.body.length > 0 ? options.body.length : undefined;
+    return await (0, undici_1.request)(`${baseUrl}${pathWithQuery}`, {
+        method: options.method,
+        headers: buildChatGptBackendHeaders(options.requestHeaders, options.accessToken, options.accountIdHeader, bodyLength),
+        body: options.body && options.body.length > 0 ? options.body : undefined
+    });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codex-slot",
-  "version": "0.1.22",
+  "version": "0.1.24",
   "description": "本地 Codex 多账号切换与状态管理工具",
   "type": "commonjs",
   "main": "dist/cli.js",