ima2-gen 1.1.6 → 1.1.7

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ima2-gen",
-  "version": "1.1.6",
+  "version": "1.1.7",
   "description": "Local OAuth image generation studio with classic and node workflows",
   "type": "module",
   "bin": {
@@ -18,7 +18,7 @@
     "test:package-install": "node --test tests/package-install-smoke.mjs",
     "setup": "node bin/ima2.js setup",
     "prepublishOnly": "npm test && npm run build && npm run test:package-install && npm run lint:pkg",
-    "lint:pkg": "node -e \"const p=require('./package.json'); const req=['name','version','bin']; for(const k of req){if(!p[k])throw new Error('missing '+k)} const mustInclude=['bin/','lib/','routes/','server.js']; for(const f of mustInclude){if(!p.files.includes(f))throw new Error('files[] must include '+f)}\"",
+    "lint:pkg": "node -e \"const p=require('./package.json'); const req=['name','version','bin']; for(const k of req){if(!p[k])throw new Error('missing '+k)} const mustInclude=['bin/','lib/','routes/','integrations/','server.js']; for(const f of mustInclude){if(!p.files.includes(f))throw new Error('files[] must include '+f)}\"",
     "release:patch": "npm version patch && npm publish && git push origin main --tags",
     "release:minor": "npm version minor && npm publish && git push origin main --tags",
     "release:major": "npm version major && npm publish && git push origin main --tags"
@@ -39,6 +39,7 @@
     "bin/",
     "lib/",
     "routes/",
+    "integrations/",
     "ui/dist/",
     "docs/",
     "assets/",

package/routes/annotations.js

@@ -0,0 +1,95 @@
+import { getDb } from "../lib/db.js";
+
+const MAX_ANNOTATION_PAYLOAD_CHARS = 256 * 1024;
+
+function getBrowserId(req) {
+  const browserId = req.headers["x-ima2-browser-id"];
+  return typeof browserId === "string" && browserId.trim() ? browserId.trim() : null;
+}
+
+function isSafeFilename(filename) {
+  return (
+    typeof filename === "string" &&
+    filename.length > 0 &&
+    filename.length <= 240 &&
+    !filename.includes("..") &&
+    !filename.startsWith("/") &&
+    !filename.includes("\\")
+  );
+}
+
+function normalizePayload(value) {
+  const payload = value?.annotations ?? value;
+  if (!payload || typeof payload !== "object" || Array.isArray(payload)) {
+    return { error: "annotations payload is required" };
+  }
+  const paths = Array.isArray(payload.paths) ? payload.paths : [];
+  const boxes = Array.isArray(payload.boxes) ? payload.boxes : [];
+  const memos = Array.isArray(payload.memos) ? payload.memos : [];
+  const normalized = { paths, boxes, memos };
+  const text = JSON.stringify(normalized);
+  if (text.length > MAX_ANNOTATION_PAYLOAD_CHARS) {
+    return { error: "annotations payload is too large" };
+  }
+  return { payload: normalized, text };
+}
+
+export function registerAnnotationRoutes(app) {
+  app.get("/api/annotations/:filename", (req, res) => {
+    try {
+      const browserId = getBrowserId(req);
+      const filename = decodeURIComponent(req.params.filename);
+      if (!browserId) return res.status(400).json({ error: "X-Ima2-Browser-Id header is required" });
+      if (!isSafeFilename(filename)) return res.status(400).json({ error: "invalid filename" });
+
+      const row = getDb()
+        .prepare("SELECT payload FROM image_annotations WHERE browser_id = ? AND filename = ?")
+        .get(browserId, filename);
+      const annotations = row ? JSON.parse(row.payload) : null;
+      res.json({ annotations });
+    } catch (err) {
+      res.status(500).json({ error: err.message });
+    }
+  });
+
+  app.put("/api/annotations/:filename", (req, res) => {
+    try {
+      const browserId = getBrowserId(req);
+      const filename = decodeURIComponent(req.params.filename);
+      if (!browserId) return res.status(400).json({ error: "X-Ima2-Browser-Id header is required" });
+      if (!isSafeFilename(filename)) return res.status(400).json({ error: "invalid filename" });
+
+      const normalized = normalizePayload(req.body);
+      if (normalized.error) return res.status(400).json({ error: normalized.error });
+
+      const id = `${browserId}:${filename}`;
+      getDb().prepare(`
+        INSERT INTO image_annotations (id, browser_id, filename, payload, schema_version, updated_at)
+        VALUES (?, ?, ?, ?, 1, unixepoch())
+        ON CONFLICT(browser_id, filename) DO UPDATE SET
+          payload = excluded.payload,
+          schema_version = excluded.schema_version,
+          updated_at = unixepoch()
+      `).run(id, browserId, filename, normalized.text);
+      res.json({ ok: true });
+    } catch (err) {
+      res.status(500).json({ error: err.message });
+    }
+  });
+
+  app.delete("/api/annotations/:filename", (req, res) => {
+    try {
+      const browserId = getBrowserId(req);
+      const filename = decodeURIComponent(req.params.filename);
+      if (!browserId) return res.status(400).json({ error: "X-Ima2-Browser-Id header is required" });
+      if (!isSafeFilename(filename)) return res.status(400).json({ error: "invalid filename" });
+
+      getDb()
+        .prepare("DELETE FROM image_annotations WHERE browser_id = ? AND filename = ?")
+        .run(browserId, filename);
+      res.json({ ok: true });
+    } catch (err) {
+      res.status(500).json({ error: err.message });
+    }
+  });
+}

package/routes/canvasVersions.js

@@ -0,0 +1,64 @@
+import express from "express";
+import { createCanvasVersion, updateCanvasVersion } from "../lib/canvasVersionStore.js";
+
+function decodeHeader(value) {
+  if (typeof value !== "string" || !value) return null;
+  try {
+    return decodeURIComponent(value);
+  } catch {
+    return value;
+  }
+}
+
+function getRequestBuffer(req) {
+  return Buffer.isBuffer(req.body) ? req.body : Buffer.alloc(0);
+}
+
+function getPrompt(req) {
+  return decodeHeader(req.headers["x-ima2-canvas-prompt"]);
+}
+
+export function registerCanvasVersionRoutes(app, ctx) {
+  const rawPng = express.raw({ type: "image/png", limit: ctx.config.server.bodyLimit });
+
+  app.post("/api/canvas-versions", rawPng, async (req, res) => {
+    try {
+      const sourceFilename =
+        typeof req.query.sourceFilename === "string"
+          ? req.query.sourceFilename
+          : decodeHeader(req.headers["x-ima2-canvas-source-filename"]);
+      const item = await createCanvasVersion(ctx, {
+        sourceFilename,
+        prompt: getPrompt(req),
+        buffer: getRequestBuffer(req),
+      });
+      res.status(201).json({ item });
+    } catch (err) {
+      res.status(err.status || 500).json({
+        error: err.message,
+        code: err.code || "CANVAS_VERSION_SAVE_FAILED",
+      });
+    }
+  });
+
+  app.put("/api/canvas-versions/:filename", rawPng, async (req, res) => {
+    try {
+      const filename = decodeURIComponent(req.params.filename);
+      const sourceFilename =
+        typeof req.query.sourceFilename === "string"
+          ? req.query.sourceFilename
+          : decodeHeader(req.headers["x-ima2-canvas-source-filename"]);
+      const item = await updateCanvasVersion(ctx, filename, {
+        sourceFilename,
+        prompt: getPrompt(req),
+        buffer: getRequestBuffer(req),
+      });
+      res.json({ item });
+    } catch (err) {
+      res.status(err.status || 500).json({
+        error: err.message,
+        code: err.code || "CANVAS_VERSION_SAVE_FAILED",
+      });
+    }
+  });
+}

package/routes/comfy.js

@@ -0,0 +1,39 @@
+import { exportImageToComfy, isComfyBridgeError } from "../lib/comfyBridge.js";
+
+const ALLOWED_BODY_KEYS = new Set(["filename"]);
+
+function hasExactBodyShape(body) {
+  if (!body || typeof body !== "object" || Array.isArray(body)) return false;
+  const keys = Object.keys(body);
+  return keys.length === 1 && ALLOWED_BODY_KEYS.has(keys[0]) && typeof body.filename === "string";
+}
+
+function errorPayload(code, message) {
+  return {
+    ok: false,
+    error: { code, message },
+  };
+}
+
+export function registerComfyRoutes(app, ctx) {
+  app.post("/api/comfy/export-image", async (req, res) => {
+    try {
+      if (!hasExactBodyShape(req.body)) {
+        return res.status(400).json(errorPayload(
+          "COMFY_IMAGE_INVALID",
+          "Request body must contain exactly one filename.",
+        ));
+      }
+      const result = await exportImageToComfy(ctx, { filename: req.body.filename });
+      return res.json(result);
+    } catch (error) {
+      if (isComfyBridgeError(error)) {
+        return res.status(error.status).json(errorPayload(error.code, error.message));
+      }
+      return res.status(502).json(errorPayload(
+        "COMFY_UPLOAD_FAILED",
+        "Could not upload image to ComfyUI.",
+      ));
+    }
+  });
+}

package/routes/edit.js

@@ -4,9 +4,10 @@ import { randomBytes } from "crypto";
 import { editViaOAuth } from "../lib/oauthProxy.js";
 import { classifyUpstreamError } from "../lib/errorClassify.js";
 import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
-import { normalizeImageModel } from "../lib/imageModels.js";
+import { normalizeImageModel, normalizeReasoningEffort } from "../lib/imageModels.js";
 import { startJob, finishJob } from "../lib/inflight.js";
 import { logEvent, logError } from "../lib/logger.js";
+import { hasPngAlphaChannel, parsePngInfo } from "../lib/pngInfo.js";
 
 function validateModeration(ctx, moderation) {
   if (typeof moderation !== "string" || !ctx.config.oauth.validModeration.has(moderation)) {
@@ -15,6 +16,49 @@ function validateModeration(ctx, moderation) {
   return { moderation };
 }
 
+const MAX_EDIT_MASK_BYTES = 16 * 1024 * 1024;
+const BASE64_RE = /^[A-Za-z0-9+/]+={0,2}$/;
+
+function stripPngDataUrl(value) {
+  if (typeof value !== "string") return "";
+  return value.replace(/^data:image\/png;base64,/, "");
+}
+
+function decodePngDataUrl(value, invalidCode, pngCode) {
+  const b64 = stripPngDataUrl(value).replace(/\s+/g, "");
+  if (!b64 || b64.length % 4 !== 0 || !BASE64_RE.test(b64)) {
+    return { error: "image must be valid base64", code: invalidCode };
+  }
+  const buffer = Buffer.from(b64, "base64");
+  if (buffer.length === 0 || buffer.toString("base64").replace(/=+$/, "") !== b64.replace(/=+$/, "")) {
+    return { error: "image must be valid base64", code: invalidCode };
+  }
+  const info = parsePngInfo(buffer);
+  if (info.error) return { error: "image must be a PNG image", code: pngCode };
+  return { b64, buffer, info };
+}
+
+function validateEditMask(imageB64, mask) {
+  if (mask == null) return { mask: null, maskBytes: 0 };
+  if (typeof mask !== "string" || mask.length === 0) {
+    return { error: "mask must be a PNG data URL or base64 string", code: "INVALID_EDIT_MASK" };
+  }
+  const maskCheck = decodePngDataUrl(mask, "INVALID_EDIT_MASK_BASE64", "INVALID_EDIT_MASK_PNG");
+  if (maskCheck.error) return maskCheck;
+  if (maskCheck.buffer.length > MAX_EDIT_MASK_BYTES) {
+    return { error: "mask is too large", code: "EDIT_MASK_TOO_LARGE" };
+  }
+  if (!hasPngAlphaChannel(maskCheck.info)) {
+    return { error: "mask PNG must include an alpha channel", code: "EDIT_MASK_NO_ALPHA" };
+  }
+  const imageCheck = decodePngDataUrl(imageB64, "INVALID_EDIT_IMAGE_BASE64", "INVALID_EDIT_IMAGE_PNG");
+  if (imageCheck.error) return imageCheck;
+  if (imageCheck.info.width !== maskCheck.info.width || imageCheck.info.height !== maskCheck.info.height) {
+    return { error: "mask dimensions must match image dimensions", code: "EDIT_MASK_DIMENSION_MISMATCH" };
+  }
+  return { mask: maskCheck.b64, maskBytes: maskCheck.buffer.length };
+}
+
 export function registerEditRoutes(app, ctx) {
   app.post("/api/edit", async (req, res) => {
     const requestId = typeof req.body?.requestId === "string" ? req.body.requestId : req.id;
@@ -26,12 +70,15 @@ export function registerEditRoutes(app, ctx) {
       const {
         prompt,
         image: imageB64,
+        mask: rawMask,
         quality: rawQuality = "medium",
         size = "1024x1024",
         moderation = "low",
         provider = "oauth",
         mode: promptMode = "auto",
         model: rawModel,
+        reasoningEffort: rawReasoningEffort,
+        webSearchEnabled: rawWebSearchEnabled = true,
       } = req.body;
       const { quality, warnings: qualityWarnings } = normalizeOAuthParams({ provider, quality: rawQuality });
       const modelCheck = normalizeImageModel(ctx, rawModel);
@@ -42,6 +89,15 @@ export function registerEditRoutes(app, ctx) {
         return res.status(modelCheck.status).json({ error: modelCheck.error, code: modelCheck.code });
       }
       const imageModel = modelCheck.model;
+      const reasoningCheck = normalizeReasoningEffort(ctx, rawReasoningEffort);
+      if (reasoningCheck.error) {
+        finishStatus = "error";
+        finishHttpStatus = reasoningCheck.status;
+        finishErrorCode = reasoningCheck.code;
+        return res.status(reasoningCheck.status).json({ error: reasoningCheck.error, code: reasoningCheck.code });
+      }
+      const reasoningEffort = reasoningCheck.effort;
+      const webSearchEnabled = rawWebSearchEnabled !== false;
       const sessionId = typeof req.body?.sessionId === "string" ? req.body.sessionId : null;
       const normalizedPromptMode = promptMode === "direct" ? "direct" : "auto";
 
@@ -64,6 +120,13 @@ export function registerEditRoutes(app, ctx) {
         finishErrorCode = "INVALID_EDIT_INPUT";
         return res.status(400).json({ error: "Prompt and image are required" });
       }
+      const maskCheck = validateEditMask(imageB64, rawMask);
+      if (maskCheck.error) {
+        finishStatus = "error";
+        finishHttpStatus = 400;
+        finishErrorCode = maskCheck.code;
+        return res.status(400).json({ error: maskCheck.error, code: maskCheck.code });
+      }
       const moderationCheck = validateModeration(ctx, moderation);
       if (moderationCheck.error) {
         finishStatus = "error";
@@ -89,10 +152,13 @@ export function registerEditRoutes(app, ctx) {
         sessionId,
         promptChars: typeof prompt === "string" ? prompt.length : 0,
         promptMode: normalizedPromptMode,
+        webSearchEnabled,
         inputImageChars: typeof imageB64 === "string" ? imageB64.length : 0,
+        maskPresent: Boolean(maskCheck.mask),
+        maskBytes: maskCheck.maskBytes ?? 0,
       });
       const startTime = Date.now();
-      const { b64: resultB64, usage, revisedPrompt } = await editViaOAuth(
+      const { b64: resultB64, usage, revisedPrompt, webSearchCalls = 0 } = await editViaOAuth(
         prompt,
         imageB64,
         quality,
@@ -101,7 +167,7 @@ export function registerEditRoutes(app, ctx) {
         normalizedPromptMode,
         ctx,
         requestId,
-        { model: imageModel },
+        { model: imageModel, reasoningEffort, webSearchEnabled, mask: maskCheck.mask },
       );
 
       const elapsed = ((Date.now() - startTime) / 1000).toFixed(1);
@@ -122,7 +188,8 @@ export function registerEditRoutes(app, ctx) {
         kind: "edit",
         createdAt: Date.now(),
         usage: usage || null,
-        webSearchCalls: 0,
+        webSearchCalls,
+        webSearchEnabled,
       };
       await writeFile(join(ctx.config.storage.generatedDir, filename + ".json"), JSON.stringify(meta)).catch(() => {});
       finishHttpStatus = 200;
@@ -145,6 +212,8 @@ export function registerEditRoutes(app, ctx) {
         warnings: qualityWarnings,
         revisedPrompt: revisedPrompt || null,
         promptMode: normalizedPromptMode,
+        webSearchCalls,
+        webSearchEnabled,
       });
     } catch (err) {
       const fallbackCode = err.code || classifyUpstreamError(err.message);

package/routes/generate.js

@@ -4,7 +4,7 @@ import { randomBytes } from "crypto";
 import { validateAndNormalizeRefs } from "../lib/refs.js";
 import { classifyUpstreamError } from "../lib/errorClassify.js";
 import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
-import { normalizeImageModel } from "../lib/imageModels.js";
+import { normalizeImageModel, normalizeReasoningEffort } from "../lib/imageModels.js";
 import { generateViaOAuth } from "../lib/oauthProxy.js";
 import { isNonRetryableGenerationError, normalizeGenerationFailure } from "../lib/generationErrors.js";
 import { startJob, finishJob } from "../lib/inflight.js";
@@ -39,6 +39,8 @@ export function registerGenerateRoutes(app, ctx) {
         references = [],
         mode: promptMode = "auto",
         model: rawModel,
+        reasoningEffort: rawReasoningEffort,
+        webSearchEnabled: rawWebSearchEnabled = true,
       } = req.body;
       const { quality, warnings: qualityWarnings } = normalizeOAuthParams({ provider, quality: rawQuality });
       const modelCheck = normalizeImageModel(ctx, rawModel);
@@ -49,6 +51,15 @@ export function registerGenerateRoutes(app, ctx) {
         return res.status(modelCheck.status).json({ error: modelCheck.error, code: modelCheck.code });
       }
       const imageModel = modelCheck.model;
+      const reasoningCheck = normalizeReasoningEffort(ctx, rawReasoningEffort);
+      if (reasoningCheck.error) {
+        finishStatus = "error";
+        finishHttpStatus = reasoningCheck.status;
+        finishErrorCode = reasoningCheck.code;
+        return res.status(reasoningCheck.status).json({ error: reasoningCheck.error, code: reasoningCheck.code });
+      }
+      const reasoningEffort = reasoningCheck.effort;
+      const webSearchEnabled = rawWebSearchEnabled !== false;
       const normalizedPromptMode = promptMode === "direct" ? "direct" : "auto";
 
       if (!prompt) return res.status(400).json({ error: "Prompt is required" });
@@ -106,6 +117,7 @@ export function registerGenerateRoutes(app, ctx) {
         clientNodeId,
         promptChars: typeof prompt === "string" ? prompt.length : 0,
         promptMode: normalizedPromptMode,
+        webSearchEnabled,
       });
       const startTime = Date.now();
 
@@ -127,7 +139,7 @@ export function registerGenerateRoutes(app, ctx) {
               requestId,
               normalizedPromptMode,
               ctx,
-              { model: imageModel },
+              { model: imageModel, reasoningEffort, webSearchEnabled },
             );
             if (r.b64) return r;
             lastErr = new Error("Empty response (safety refusal)");
@@ -170,6 +182,7 @@ export function registerGenerateRoutes(app, ctx) {
             createdAt: Date.now(),
             usage: r.value.usage || null,
             webSearchCalls: r.value.webSearchCalls || 0,
+            webSearchEnabled,
             refsCount: refCheck.refs.length,
           };
           const rawBuffer = Buffer.from(r.value.b64, "base64");
@@ -242,6 +255,7 @@ export function registerGenerateRoutes(app, ctx) {
         warnings: qualityWarnings,
         revisedPrompt: firstRevised,
         promptMode: normalizedPromptMode,
+        webSearchEnabled,
       };
 
       if (count === 1) {

package/routes/index.js

@@ -9,12 +9,19 @@ import { registerStorageRoutes } from "./storage.js";
 import { registerCardNewsRoutes } from "./cardNews.js";
 import { registerMetadataRoutes } from "./metadata.js";
 import { registerPromptRoutes } from "./prompts.js";
+import { registerPromptImportRoutes } from "./promptImport.js";
+import { registerAnnotationRoutes } from "./annotations.js";
+import { registerCanvasVersionRoutes } from "./canvasVersions.js";
+import { registerComfyRoutes } from "./comfy.js";
 
 export function configureRoutes(app, ctx) {
   registerHealthRoutes(app, ctx);
   registerStorageRoutes(app, ctx);
   registerMetadataRoutes(app, ctx);
   registerHistoryRoutes(app, ctx);
+  registerAnnotationRoutes(app, ctx);
+  registerCanvasVersionRoutes(app, ctx);
+  registerComfyRoutes(app, ctx);
   registerSessionRoutes(app, ctx);
   registerEditRoutes(app, ctx);
   registerNodeRoutes(app, ctx);
@@ -22,4 +29,5 @@ export function configureRoutes(app, ctx) {
   registerMultimodeRoutes(app, ctx);
   registerGenerateRoutes(app, ctx);
   registerPromptRoutes(app, ctx);
+  registerPromptImportRoutes(app, ctx);
 }

package/routes/multimode.js

@@ -4,7 +4,7 @@ import { randomBytes } from "crypto";
 import { validateAndNormalizeRefs } from "../lib/refs.js";
 import { classifyUpstreamError } from "../lib/errorClassify.js";
 import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
-import { normalizeImageModel } from "../lib/imageModels.js";
+import { normalizeImageModel, normalizeReasoningEffort } from "../lib/imageModels.js";
 import { generateMultimodeViaOAuth } from "../lib/oauthProxy.js";
 import { startJob, finishJob } from "../lib/inflight.js";
 import { logEvent, logError } from "../lib/logger.js";
@@ -56,6 +56,8 @@ export function registerMultimodeRoutes(app, ctx) {
         references = [],
         mode: promptMode = "auto",
         model: rawModel,
+        reasoningEffort: rawReasoningEffort,
+        webSearchEnabled: rawWebSearchEnabled = true,
       } = req.body;
       const maxImages = normalizeMaxImages(req.body?.maxImages);
       const normalizedPromptMode = promptMode === "direct" ? "direct" : "auto";
@@ -69,6 +71,16 @@ export function registerMultimodeRoutes(app, ctx) {
         return;
       }
       const imageModel = modelCheck.model;
+      const reasoningCheck = normalizeReasoningEffort(ctx, rawReasoningEffort);
+      if (reasoningCheck.error) {
+        finishStatus = "error";
+        finishHttpStatus = reasoningCheck.status;
+        finishErrorCode = reasoningCheck.code;
+        sendSse(res, "error", { error: reasoningCheck.error, code: reasoningCheck.code, status: reasoningCheck.status, requestId });
+        return;
+      }
+      const reasoningEffort = reasoningCheck.effort;
+      const webSearchEnabled = rawWebSearchEnabled !== false;
       if (!prompt) {
         finishStatus = "error";
         finishHttpStatus = 400;
@@ -122,6 +134,7 @@ export function registerMultimodeRoutes(app, ctx) {
         maxImages,
         refs: refCheck.refs.length,
         promptChars: typeof prompt === "string" ? prompt.length : 0,
+        webSearchEnabled,
       });
 
       const startTime = Date.now();
@@ -143,6 +156,8 @@ export function registerMultimodeRoutes(app, ctx) {
         {
           model: imageModel,
           maxImages,
+          reasoningEffort,
+          webSearchEnabled,
           onPartialImage: (partial) =>
             sendSse(res, "partial", {
               image: `data:${mime};base64,${partial.b64}`,
@@ -184,6 +199,7 @@ export function registerMultimodeRoutes(app, ctx) {
           createdAt: Date.now(),
           usage: generated.usage || null,
           webSearchCalls: generated.webSearchCalls || 0,
+          webSearchEnabled,
           refsCount: refCheck.refs.length,
         };
         const rawBuffer = Buffer.from(image.b64, "base64");
@@ -224,6 +240,7 @@ export function registerMultimodeRoutes(app, ctx) {
         model: imageModel,
         usage: generated.usage || null,
         webSearchCalls: generated.webSearchCalls || 0,
+        webSearchEnabled,
         warnings: qualityWarnings,
         extraIgnored: generated.extraIgnored || 0,
         promptMode: normalizedPromptMode,

package/routes/nodes.js

@@ -10,7 +10,7 @@ import { startJob, finishJob } from "../lib/inflight.js";
 import { validateAndNormalizeRefs } from "../lib/refs.js";
 import { classifyUpstreamError } from "../lib/errorClassify.js";
 import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
-import { normalizeImageModel } from "../lib/imageModels.js";
+import { normalizeImageModel, normalizeReasoningEffort } from "../lib/imageModels.js";
 import { generateViaOAuth, editViaOAuth } from "../lib/oauthProxy.js";
 import { isNonRetryableGenerationError, normalizeGenerationFailure } from "../lib/generationErrors.js";
 import { logEvent, logError } from "../lib/logger.js";
@@ -87,6 +87,7 @@ export function registerNodeRoutes(app, ctx) {
         contextMode: rawContextMode = "parent-plus-refs",
         searchMode: rawSearchMode = "on",
         model: rawModel,
+        reasoningEffort: rawReasoningEffort,
       } = body;
       const { provider = "oauth" } = body;
       const { quality, warnings: qualityWarnings } = normalizeOAuthParams({ provider, quality: rawQuality });
@@ -101,11 +102,23 @@ export function registerNodeRoutes(app, ctx) {
         });
       }
       const imageModel = modelCheck.model;
+      const reasoningCheck = normalizeReasoningEffort(ctx, rawReasoningEffort);
+      if (reasoningCheck.error) {
+        finishStatus = "error";
+        finishHttpStatus = reasoningCheck.status;
+        finishErrorCode = reasoningCheck.code;
+        return res.status(reasoningCheck.status).json({
+          error: { code: reasoningCheck.code, message: reasoningCheck.error },
+          parentNodeId,
+        });
+      }
+      const reasoningEffort = reasoningCheck.effort;
       const normalizedPromptMode = promptMode === "direct" ? "direct" : "auto";
       const contextMode = ["parent-plus-refs", "parent-only", "ancestry"].includes(rawContextMode)
         ? rawContextMode
         : "parent-plus-refs";
       const searchMode = ["off", "auto", "on"].includes(rawSearchMode) ? rawSearchMode : "on";
+      const webSearchEnabled = body.webSearchEnabled !== false && searchMode !== "off";
       if (contextMode === "ancestry") {
         finishStatus = "error";
         finishHttpStatus = 400;
@@ -168,7 +181,6 @@ export function registerNodeRoutes(app, ctx) {
       const generateReferenceDiagnostics = operation === "generate" ? referenceDiagnostics : [];
       const referenceMismatchCount = generateReferenceDiagnostics.filter((ref) => ref.warnings?.includes("mime_mismatch")).length;
       const refsForRequest = contextMode === "parent-only" ? [] : (refCheck.refDetails || refCheck.refs);
-      const webSearchEnabled = true;
       const parentImagePresent = !!parentB64;
       const inputImageCount = (parentImagePresent ? 1 : 0) + refsForRequest.length;
       logEvent("node", "request", {
@@ -227,7 +239,13 @@ export function registerNodeRoutes(app, ctx) {
             webSearchEnabled,
           });
           const r = parentB64
-            ? await editViaOAuth(prompt, parentB64, quality, size, moderation, normalizedPromptMode, ctx, requestId, { model: imageModel, references: refsForRequest, searchMode: "on" })
+            ? await editViaOAuth(prompt, parentB64, quality, size, moderation, normalizedPromptMode, ctx, requestId, {
+                model: imageModel,
+                references: refsForRequest,
+                searchMode,
+                reasoningEffort,
+                webSearchEnabled,
+              })
             : await generateViaOAuth(
                 prompt,
                 quality,
@@ -239,6 +257,8 @@ export function registerNodeRoutes(app, ctx) {
                 ctx,
                 {
                   model: imageModel,
+                  reasoningEffort,
+                  webSearchEnabled,
                   partialImages: streamResponse ? 2 : 0,
                   onPartialImage: streamResponse
                     ? (partial) =>
@@ -336,6 +356,7 @@ export function registerNodeRoutes(app, ctx) {
         elapsed,
         usage: usage || null,
         webSearchCalls,
+        webSearchEnabled,
         contextMode,
         searchMode,
         provider: "oauth",
@@ -375,6 +396,7 @@ export function registerNodeRoutes(app, ctx) {
         elapsed,
         usage,
         webSearchCalls,
+        webSearchEnabled,
         provider: "oauth",
         model: imageModel,
         size,