ima2-gen 2.0.0 → 2.0.1

package/routes/keys.js

@@ -0,0 +1,254 @@
+import { readFile, writeFile, rename } from "node:fs/promises";
+import { initVertexAuth, clearVertexAuth } from "../lib/vertexAuth.js";
+// Atomic + 0600 config write: temp file then rename, so a crash or concurrent
+// save can't corrupt config.json (which may hold API keys). Rename also forces
+// 0600 perms even if a looser-perm config pre-existed.
+async function writeConfigAtomic(cfgPath, data) {
+    const tmp = `${cfgPath}.${process.pid}.tmp`;
+    await writeFile(tmp, JSON.stringify(data, null, 2), { mode: 0o600 });
+    await rename(tmp, cfgPath);
+}
+const KEY_PREFIX_MAP = {
+    openai: ["sk-"],
+    xai: ["xai-"],
+    gemini: ["AI"],
+};
+const VALIDATE_URL_MAP = {
+    openai: "https://api.openai.com/v1/models",
+    xai: "https://api.x.ai/v1/models",
+    gemini: "https://generativelanguage.googleapis.com/v1beta/models",
+};
+const CONFIG_KEY_MAP = {
+    openai: "apiKey",
+    xai: "xaiApiKey",
+    gemini: "geminiApiKey",
+};
+function isKeyProvider(v) {
+    return v === "openai" || v === "xai" || v === "gemini";
+}
+function maskKey(key) {
+    if (key.length <= 10)
+        return "***";
+    return `${key.slice(0, 4)}..${key.slice(-2)}`;
+}
+function keySourceForProvider(ctx, provider) {
+    if (provider === "openai")
+        return { key: ctx.apiKey, source: ctx.apiKeySource || "none" };
+    if (provider === "xai")
+        return { key: ctx.xaiApiKey, source: ctx.xaiApiKeySource || "none" };
+    if (provider === "gemini")
+        return { key: ctx.geminiApiKey, source: ctx.geminiApiKeySource || "none" };
+    return { key: undefined, source: "none" };
+}
+export function mountKeyRoutes(app, ctx) {
+    app.get("/api/keys/status", (_req, res) => {
+        const status = {};
+        for (const provider of ["openai", "xai", "gemini"]) {
+            const { key, source } = keySourceForProvider(ctx, provider);
+            status[provider] = {
+                configured: !!key,
+                source,
+                valid: !!key,
+                maskedKey: key ? maskKey(key) : null,
+            };
+        }
+        const vertexJson = ctx.vertexServiceAccountJson;
+        const vertexSource = vertexJson
+            ? (process.env.VERTEX_SERVICE_ACCOUNT_JSON ? "env" : "config")
+            : "none";
+        status.vertex = {
+            configured: !!vertexJson,
+            source: vertexSource,
+            valid: !!vertexJson,
+            maskedKey: ctx.vertexProjectId ? `project: ${ctx.vertexProjectId}` : null,
+        };
+        res.json(status);
+    });
+    // Vertex JSON — dedicated route (before generic :provider)
+    app.put("/api/keys/vertex", async (req, res) => {
+        const { serviceAccountJson } = req.body;
+        if (!serviceAccountJson || typeof serviceAccountJson !== "string") {
+            return res.status(400).json({ ok: false, error: "Missing serviceAccountJson", code: "MISSING_KEY" });
+        }
+        const trimmed = serviceAccountJson.trim();
+        if (trimmed.length > 50 * 1024) {
+            return res.status(400).json({ ok: false, error: "Service account JSON too large (max 50KB)", code: "KEY_TOO_LARGE" });
+        }
+        let parsed;
+        try {
+            parsed = JSON.parse(trimmed);
+        }
+        catch {
+            return res.status(400).json({ ok: false, error: "Invalid JSON", code: "INVALID_JSON" });
+        }
+        if (parsed.type !== "service_account" || !parsed.project_id) {
+            return res.status(400).json({
+                ok: false,
+                error: "JSON must be a Google Cloud service account (type: service_account, project_id required)",
+                code: "INVALID_SERVICE_ACCOUNT",
+            });
+        }
+        // Validate by initializing auth (catches key format issues)
+        try {
+            initVertexAuth(trimmed);
+        }
+        catch {
+            return res.status(400).json({ ok: false, error: "Service account validation failed", code: "KEY_VALIDATION_FAILED" });
+        }
+        // Save to config.json
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* new file */ }
+        existing.vertexServiceAccountJson = trimmed;
+        existing.geminiAuthMode = "vertex";
+        await writeConfigAtomic(cfgPath, existing);
+        // Hot-update runtime
+        ctx.vertexServiceAccountJson = trimmed;
+        ctx.vertexProjectId = parsed.project_id;
+        ctx.hasVertexKey = true;
+        ctx.geminiAuthMode = "vertex";
+        return res.json({ ok: true, provider: "vertex", source: "config", valid: true, projectId: parsed.project_id });
+    });
+    app.delete("/api/keys/vertex", async (_req, res) => {
+        const source = ctx.vertexServiceAccountJson
+            ? (process.env.VERTEX_SERVICE_ACCOUNT_JSON ? "env" : "config")
+            : "none";
+        if (source === "env") {
+            return res.status(400).json({ ok: false, error: "Cannot remove env-sourced key", code: "ENV_KEY_IMMUTABLE" });
+        }
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* ignore */ }
+        delete existing.vertexServiceAccountJson;
+        await writeConfigAtomic(cfgPath, existing);
+        clearVertexAuth();
+        ctx.vertexServiceAccountJson = undefined;
+        ctx.vertexProjectId = undefined;
+        ctx.hasVertexKey = false;
+        return res.json({ ok: true, provider: "vertex", removed: true });
+    });
+    app.put("/api/keys/:provider", async (req, res) => {
+        const { provider } = req.params;
+        if (!isKeyProvider(provider)) {
+            return res.status(400).json({ ok: false, error: "Invalid provider", code: "INVALID_PROVIDER" });
+        }
+        const { apiKey } = req.body;
+        if (!apiKey || typeof apiKey !== "string" || apiKey.trim().length === 0) {
+            return res.status(400).json({ ok: false, error: "Missing apiKey", code: "MISSING_KEY" });
+        }
+        const trimmed = apiKey.trim();
+        if (trimmed.length > 512) {
+            return res.status(400).json({ ok: false, error: "API key too large", code: "KEY_TOO_LARGE" });
+        }
+        // Format check
+        const validPrefix = KEY_PREFIX_MAP[provider].some((p) => trimmed.startsWith(p));
+        if (!validPrefix) {
+            return res.status(400).json({
+                ok: false,
+                error: `Invalid key format for ${provider}: expected prefix ${KEY_PREFIX_MAP[provider].join(" or ")}`,
+                code: "INVALID_KEY_FORMAT",
+            });
+        }
+        // Validate against provider API
+        try {
+            const url = VALIDATE_URL_MAP[provider];
+            const opts = { signal: AbortSignal.timeout(10_000) };
+            if (provider === "gemini") {
+                opts.headers = { "x-goog-api-key": trimmed };
+                const validateRes = await fetch(url, opts);
+                if (!validateRes.ok)
+                    throw new Error(`HTTP ${validateRes.status}`);
+            }
+            else {
+                opts.headers = { Authorization: `Bearer ${trimmed}` };
+                const validateRes = await fetch(url, opts);
+                if (!validateRes.ok)
+                    throw new Error(`HTTP ${validateRes.status}`);
+            }
+        }
+        catch (e) {
+            return res.status(400).json({
+                ok: false,
+                error: `API key validation failed: ${e.message || "unknown"}`,
+                code: "KEY_VALIDATION_FAILED",
+            });
+        }
+        // Save to config.json
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* new file */ }
+        existing[CONFIG_KEY_MAP[provider]] = trimmed;
+        await writeConfigAtomic(cfgPath, existing);
+        // Hot-update runtime context
+        if (provider === "openai") {
+            ctx.apiKey = trimmed;
+            ctx.apiKeySource = "config";
+            ctx.hasApiKey = true;
+            try {
+                const OpenAI = (await import("openai")).default;
+                ctx.openai = new OpenAI({ apiKey: trimmed });
+            }
+            catch { /* ignore */ }
+        }
+        else if (provider === "xai") {
+            ctx.xaiApiKey = trimmed;
+            ctx.xaiApiKeySource = "config";
+            ctx.hasXaiApiKey = true;
+        }
+        else if (provider === "gemini") {
+            ctx.geminiApiKey = trimmed;
+            ctx.geminiApiKeySource = "config";
+            ctx.hasGeminiApiKey = true;
+            ctx.geminiAuthMode = "apikey";
+            existing[CONFIG_KEY_MAP[provider]] = trimmed;
+            existing.geminiAuthMode = "apikey";
+        }
+        return res.json({ ok: true, provider, source: "config", valid: true });
+    });
+    app.delete("/api/keys/:provider", async (req, res) => {
+        const { provider } = req.params;
+        if (!isKeyProvider(provider)) {
+            return res.status(400).json({ ok: false, error: "Invalid provider", code: "INVALID_PROVIDER" });
+        }
+        const { source } = keySourceForProvider(ctx, provider);
+        if (source === "env") {
+            return res.status(400).json({ ok: false, error: "Cannot remove env-sourced key", code: "ENV_KEY_IMMUTABLE" });
+        }
+        // Remove from config.json
+        const cfgPath = ctx.config.storage.configFile;
+        let existing = {};
+        try {
+            existing = JSON.parse(await readFile(cfgPath, "utf-8"));
+        }
+        catch { /* ignore */ }
+        delete existing[CONFIG_KEY_MAP[provider]];
+        await writeConfigAtomic(cfgPath, existing);
+        // Clear runtime
+        if (provider === "openai") {
+            ctx.apiKey = undefined;
+            ctx.apiKeySource = "none";
+            ctx.hasApiKey = false;
+            ctx.openai = null;
+        }
+        else if (provider === "xai") {
+            ctx.xaiApiKey = undefined;
+            ctx.xaiApiKeySource = "none";
+            ctx.hasXaiApiKey = false;
+        }
+        else if (provider === "gemini") {
+            ctx.geminiApiKey = undefined;
+            ctx.geminiApiKeySource = "none";
+            ctx.hasGeminiApiKey = false;
+        }
+        return res.json({ ok: true, provider, removed: true });
+    });
+}

package/routes/multimode.js

@@ -3,11 +3,14 @@ import { safeWriteSidecar } from "../lib/atomicWrite.js";
 import { join } from "path";
 import { randomBytes } from "crypto";
 import { detectImageMimeFromB64, summarizeReferencePayload, validateAndNormalizeRefs } from "../lib/refs.js";
+import { generateImageThumbnailFromBuffer } from "../lib/imageThumb.js";
 import { classifyUpstreamError } from "../lib/errorClassify.js";
 import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
 import { resolveProviderOptions } from "../lib/providerOptions.js";
 import { generateMultimodeViaResponses } from "../lib/responsesImageAdapter.js";
 import { generateMultimodeViaGrok } from "../lib/grokMultimodeAdapter.js";
+import { generateViaAgy } from "../lib/agyImageAdapter.js";
+import { generateViaGeminiApi } from "../lib/geminiApiImageAdapter.js";
 import { startJob, finishJob, registerJobAbortController, isJobCanceled } from "../lib/inflight.js";
 import { isGenerationCanceledError, makeGenerationCanceledError, throwIfJobCanceled, } from "../lib/generationCancel.js";
 import { logEvent, logError } from "../lib/logger.js";
@@ -158,7 +161,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
             });
             const startTime = Date.now();
             const mimeMap = { png: "image/png", jpeg: "image/jpeg", webp: "image/webp" };
-            const mmFormat = activeProvider === "grok" ? "jpeg" : String(format);
+            const mmFormat = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api" ? "jpeg" : String(format);
             const mime = mimeMap[mmFormat] || "image/png";
             const sequenceId = `seq_${Date.now().toString(36)}_${randomBytes(4).toString("hex")}`;
             routeMaxImages = maxImages;
@@ -179,10 +182,10 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 if (persistedIndexes.has(index))
                     return;
                 throwIfJobCanceled(requestId);
-                const resultMime = activeProvider === "grok"
+                const resultMime = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api"
                     ? (image.mime || detectImageMimeFromB64(image.b64) || mime)
                     : mime;
-                const resultFormat = activeProvider === "grok" ? imageFormatFromMime(resultMime) : mmFormat;
+                const resultFormat = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api" ? imageFormatFromMime(resultMime) : mmFormat;
                 const rand = randomBytes(ctx.config.ids.generatedHexBytes).toString("hex");
                 const filename = `${Date.now()}_${rand}_multimode_${index}.${resultFormat}`;
                 const meta = {
@@ -217,8 +220,10 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                 const embedded = await embedImageMetadataBestEffort(rawBuffer, resultFormat, meta, {
                     version: ctx.packageVersion,
                 });
-                await writeFile(join(ctx.config.storage.generatedDir, filename), embedded.buffer);
-                await safeWriteSidecar(join(ctx.config.storage.generatedDir, filename + ".json"), meta);
+                const mmFilePath = join(ctx.config.storage.generatedDir, filename);
+                await writeFile(mmFilePath, embedded.buffer);
+                await safeWriteSidecar(mmFilePath + ".json", meta);
+                generateImageThumbnailFromBuffer(embedded.buffer, mmFilePath).catch(() => { });
                 invalidateHistoryIndex();
                 const item = {
                     image: `data:${resultMime};base64,${image.b64}`,
@@ -236,7 +241,34 @@ export function registerMultimodeRoutes(app, ctxRaw) {
             };
             sendSse(res, "phase", { phase: "streaming", requestId, sequenceId, maxImages });
             let generated;
-            if (activeProvider === "grok") {
+            if (activeProvider === "gemini-api") {
+                const r = await generateViaGeminiApi(prompt, requireRuntimeContext(ctx), {
+                    model: imageModel,
+                    size: effectiveSize,
+                    signal: cancelController.signal,
+                    requestId,
+                    references: refCheck.refDetails,
+                });
+                generated = {
+                    images: [{ b64: r.b64, revisedPrompt: r.revisedPrompt }],
+                    usage: r.usage,
+                    webSearchCalls: r.webSearchCalls,
+                };
+            }
+            else if (activeProvider === "agy") {
+                const r = await generateViaAgy(prompt, {
+                    references: refCheck.refDetails,
+                    signal: cancelController.signal,
+                    requestId,
+                });
+                generated = {
+                    images: [{ b64: r.b64, revisedPrompt: r.revisedPrompt }],
+                    usage: r.usage,
+                    webSearchCalls: r.webSearchCalls,
+                };
+            }
+            else if (activeProvider === "grok" || activeProvider === "grok-api") {
+                const directApiKey = activeProvider === "grok-api" ? ctx.xaiApiKey : undefined;
                 const grokModel = quality === "high" ? "grok-imagine-image-quality" : imageModel;
                 generated = await generateMultimodeViaGrok(prompt, ctx, {
                     model: grokModel,
@@ -245,6 +277,7 @@ export function registerMultimodeRoutes(app, ctxRaw) {
                     signal: cancelController.signal,
                     requestId,
                     references: refCheck.refDetails,
+                    directApiKey,
                     onFinalImage: async (image, index) => {
                         const totalReturned = Math.max(index + 1, images.length + 1);
                         await persistAndSendImage(image, index, totalReturned, sequenceStatus(totalReturned, maxImages));

package/routes/nodes.js

@@ -8,6 +8,8 @@ import { normalizeOAuthParams } from "../lib/oauthNormalize.js";
 import { resolveProviderOptions } from "../lib/providerOptions.js";
 import { generateViaResponses, editViaResponses } from "../lib/responsesImageAdapter.js";
 import { generateViaGrok } from "../lib/grokImageAdapter.js";
+import { generateViaAgy } from "../lib/agyImageAdapter.js";
+import { generateViaGeminiApi } from "../lib/geminiApiImageAdapter.js";
 import { isNonRetryableGenerationError, normalizeGenerationFailure } from "../lib/generationErrors.js";
 import { logEvent, logError } from "../lib/logger.js";
 import { errInfo } from "../lib/errInfo.js";
@@ -135,7 +137,7 @@ export function registerNodeRoutes(app, ctxRaw) {
             const effectiveSize = providerOptions.size;
             const webSearchEnabled = providerOptions.webSearchEnabled;
             const activeProvider = providerOptions.provider;
-            const effectiveImageModel = activeProvider === "grok" && quality === "high"
+            const effectiveImageModel = (activeProvider === "grok" || activeProvider === "grok-api") && quality === "high"
                 ? "grok-imagine-image-quality"
                 : imageModel;
             if (contextMode === "ancestry") {
@@ -193,16 +195,16 @@ export function registerNodeRoutes(app, ctxRaw) {
             const refsForRequest = contextMode === "parent-only" ? [] : (refCheck.refDetails || refCheck.refs);
             const parentImagePresent = !!parentB64;
             const inputImageCount = (parentImagePresent ? 1 : 0) + refsForRequest.length;
-            if (activeProvider === "grok" && inputImageCount > 3) {
+            if ((activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api") && inputImageCount > 3) {
                 finishStatus = "error";
                 finishHttpStatus = 400;
-                finishErrorCode = "GROK_REF_TOO_MANY";
+                const code = activeProvider === "agy" ? "AGY_REF_TOO_MANY" : "GROK_REF_TOO_MANY";
                 return res.status(400).json({
                     error: {
-                        code: "GROK_REF_TOO_MANY",
-                        message: "Grok image editing supports up to 3 reference images.",
+                        code,
+                        message: `${activeProvider === "agy" ? "Agy" : "Grok"} image editing supports up to 3 reference images.`,
                     },
-                    code: "GROK_REF_TOO_MANY",
+                    code,
                     parentNodeId,
                 });
             }
@@ -238,7 +240,8 @@ export function registerNodeRoutes(app, ctxRaw) {
                 writeSse(res, "phase", { requestId, phase: "streaming" });
             }
             let b64, usage, webSearchCalls = 0, revisedPrompt = null;
-            let resultFormat = activeProvider === "grok" ? "jpeg" : format;
+            const grokDirectApiKey = activeProvider === "grok-api" ? ctx.xaiApiKey : undefined;
+            let resultFormat = activeProvider === "grok" || activeProvider === "agy" || activeProvider === "grok-api" || activeProvider === "gemini-api" ? "jpeg" : format;
             const MAX_RETRIES = 1;
             let lastErr = null;
             for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
@@ -261,46 +264,65 @@ export function registerNodeRoutes(app, ctxRaw) {
                         searchMode,
                         webSearchEnabled,
                     });
-                    const r = activeProvider === "grok"
-                        ? await generateViaGrok(prompt, ctx, {
+                    const r = activeProvider === "gemini-api"
+                        ? await generateViaGeminiApi(parentB64 ? `Edit this image: ${prompt}` : prompt, requireRuntimeContext(ctx), {
                             model: effectiveImageModel,
                             size: effectiveSize,
-                            requestId,
                             signal: cancelController.signal,
-                            references: toGrokReferences(parentB64, refsForRequest),
+                            requestId,
+                            references: parentB64
+                                ? [{ b64: parentB64, declaredMime: null, detectedMime: null }, ...(refCheck.refDetails || [])]
+                                : refCheck.refDetails,
                         })
-                        : parentB64
-                            ? await editViaResponses(activeProvider, prompt, parentB64, quality, effectiveSize, moderation, normalizedPromptMode, ctx, requestId, {
-                                model: effectiveImageModel,
-                                references: refsForRequest,
-                                searchMode,
-                                reasoningEffort,
-                                webSearchEnabled,
+                        : activeProvider === "agy"
+                            ? await generateViaAgy(parentB64 ? `Edit this image: ${prompt}` : prompt, {
+                                references: parentB64
+                                    ? [{ b64: parentB64, declaredMime: null, detectedMime: null }]
+                                    : undefined,
                                 signal: cancelController.signal,
+                                requestId,
                             })
-                            : await generateViaResponses(activeProvider, prompt, quality, effectiveSize, moderation, refsForRequest, requestId, normalizedPromptMode, ctx, {
-                                model: effectiveImageModel,
-                                reasoningEffort,
-                                webSearchEnabled,
-                                signal: cancelController.signal,
-                                partialImages: streamResponse ? 2 : 0,
-                                onPartialImage: streamResponse
-                                    ? (partial) => isJobCanceled(requestId)
-                                        ? undefined
-                                        : writeSse(res, "partial", {
-                                            requestId,
-                                            image: dataUrlFromB64(format, partial.b64),
-                                            index: partial.index,
-                                        })
-                                    : null,
-                            });
+                            : activeProvider === "grok" || activeProvider === "grok-api"
+                                ? await generateViaGrok(prompt, ctx, {
+                                    model: effectiveImageModel,
+                                    size: effectiveSize,
+                                    requestId,
+                                    signal: cancelController.signal,
+                                    references: toGrokReferences(parentB64, refsForRequest),
+                                    directApiKey: grokDirectApiKey,
+                                })
+                                : parentB64
+                                    ? await editViaResponses(activeProvider, prompt, parentB64, quality, effectiveSize, moderation, normalizedPromptMode, ctx, requestId, {
+                                        model: effectiveImageModel,
+                                        references: refsForRequest,
+                                        searchMode,
+                                        reasoningEffort,
+                                        webSearchEnabled,
+                                        signal: cancelController.signal,
+                                    })
+                                    : await generateViaResponses(activeProvider, prompt, quality, effectiveSize, moderation, refsForRequest, requestId, normalizedPromptMode, ctx, {
+                                        model: effectiveImageModel,
+                                        reasoningEffort,
+                                        webSearchEnabled,
+                                        signal: cancelController.signal,
+                                        partialImages: streamResponse ? 2 : 0,
+                                        onPartialImage: streamResponse
+                                            ? (partial) => isJobCanceled(requestId)
+                                                ? undefined
+                                                : writeSse(res, "partial", {
+                                                    requestId,
+                                                    image: dataUrlFromB64(format, partial.b64),
+                                                    index: partial.index,
+                                                })
+                                            : null,
+                                    });
                     throwIfJobCanceled(requestId);
                     if (r.b64) {
                         b64 = r.b64;
                         usage = r.usage;
                         webSearchCalls = r.webSearchCalls || 0;
                         revisedPrompt = r.revisedPrompt || null;
-                        if (activeProvider === "grok") {
+                        if (activeProvider === "grok" || activeProvider === "grok-api" || activeProvider === "gemini-api") {
                             resultFormat = imageFormatFromMime(("mime" in r ? r.mime : undefined) || detectImageMimeFromB64(r.b64) || "image/jpeg");
                         }
                         break;

package/routes/quota.js

@@ -1,4 +1,4 @@
-import { readFileSync } from "node:fs";
+import { existsSync, readFileSync } from "node:fs";
 import { homedir } from "node:os";
 import { join } from "node:path";
 function readCodexTokens() {
@@ -53,14 +53,65 @@ async function fetchCodexUsage(tokens) {
         return { provider: "codex", error: true, windows: [] };
     }
 }
+function grokTierFromLimit(val) {
+    if (val >= 150_000)
+        return "SuperGrok Heavy";
+    if (val >= 15_000)
+        return "SuperGrok";
+    return `SuperGrok (${val} val)`;
+}
+async function fetchGrokBilling() {
+    try {
+        const authPath = join(homedir(), ".progrok", "auth.json");
+        if (!existsSync(authPath))
+            return { provider: "grok", authenticated: false, windows: [] };
+        const auth = JSON.parse(readFileSync(authPath, "utf8"));
+        if (!auth.accessToken)
+            return { provider: "grok", authenticated: false, windows: [] };
+        const headers = { Authorization: `Bearer ${auth.accessToken}` };
+        const [billingRes, userRes] = await Promise.allSettled([
+            fetch("https://cli-chat-proxy.grok.com/v1/billing", { headers, signal: AbortSignal.timeout(8000) }),
+            fetch("https://cli-chat-proxy.grok.com/v1/user", { headers, signal: AbortSignal.timeout(5000) }),
+        ]);
+        if (billingRes.status !== "fulfilled" || !billingRes.value.ok) {
+            return { provider: "grok", authenticated: true, windows: [] };
+        }
+        const billing = (await billingRes.value.json()).config;
+        const limit = billing.monthlyLimit.val;
+        const used = billing.used.val;
+        let email = null;
+        if (userRes.status === "fulfilled" && userRes.value.ok) {
+            const user = await userRes.value.json();
+            email = user.email ?? null;
+        }
+        const tier = grokTierFromLimit(limit);
+        return {
+            provider: "grok",
+            account: { email, plan: tier },
+            windows: [{
+                    label: "monthly",
+                    percent: limit > 0 ? Math.round((used / limit) * 100) : 0,
+                    resetsAt: billing.billingPeriodEnd,
+                }],
+            billing: { usedUsd: used / 100, limitUsd: limit / 100 },
+        };
+    }
+    catch {
+        return { provider: "grok", error: true, windows: [] };
+    }
+}
 export function registerQuotaRoutes(app, _ctx) {
     app.get("/api/quota", async (_req, res) => {
-        const tokens = readCodexTokens();
-        if (!tokens) {
-            res.json({ codex: { provider: "codex", authenticated: false, windows: [] } });
-            return;
+        try {
+            const tokens = readCodexTokens();
+            const [codex, grok] = await Promise.all([
+                tokens ? fetchCodexUsage(tokens) : Promise.resolve({ provider: "codex", authenticated: false, windows: [] }),
+                fetchGrokBilling(),
+            ]);
+            res.json({ codex, grok });
+        }
+        catch (e) {
+            res.status(500).json({ error: "Failed to fetch quota" });
         }
-        const codex = await fetchCodexUsage(tokens);
-        res.json({ codex });
     });
 }

package/routes/video.js

@@ -13,6 +13,7 @@ import { extractGeneratedVideoFrameB64 } from "../lib/videoFrameExtract.js";
 import { normalizeGrokVideoModel, normalizeVideoResolution, normalizeVideoAspectRatio, normalizeVideoDuration, deriveVideoMode, clampVideoDuration, MAX_REF2V_REFERENCES, } from "../lib/imageModels.js";
 import { errInfo } from "../lib/errInfo.js";
 import { requireRuntimeContext } from "../lib/runtimeContext.js";
+import { generateVideoThumbnail } from "../lib/videoThumb.js";
 function sendSse(res, event, data) {
     res.write(`event: ${event}\n`);
     res.write(`data: ${JSON.stringify(data)}\n\n`);
@@ -80,8 +81,8 @@ export function registerVideoRoutes(app, ctxRaw) {
             const sessionId = typeof req.body?.sessionId === "string" ? req.body.sessionId : null;
             const clientNodeId = typeof req.body?.clientNodeId === "string" ? req.body.clientNodeId : null;
             const topic = typeof req.body?.topic === "string" ? req.body.topic.trim() : "";
-            if (provider !== "grok")
-                return fail(400, "VIDEO_PROVIDER_UNSUPPORTED", "video generation requires provider 'grok'");
+            if (provider !== "grok" && provider !== "grok-api")
+                return fail(400, provider === "agy" ? "AGY_VIDEO_UNSUPPORTED" : "VIDEO_PROVIDER_UNSUPPORTED", provider === "agy" ? "Gemini (agy) does not support video generation" : "video generation requires provider 'grok' or 'grok-api'");
             const storyboardActive = req.body?.storyboard === true;
             const storyboardPrefix = storyboardActive
                 ? [
@@ -205,6 +206,7 @@ export function registerVideoRoutes(app, ctxRaw) {
                 : activePrompt;
             const effectivePrompt = storyboardPrefix + basePrompt;
             const plannerModel = typeof req.body?.plannerModel === "string" ? req.body.plannerModel.trim() : undefined;
+            const directApiKey = provider === "grok-api" ? ctx.xaiApiKey : undefined;
             const result = await generateVideoViaGrok(effectivePrompt, ctx, {
                 model: modelCheck.model,
                 mode,
@@ -217,6 +219,7 @@ export function registerVideoRoutes(app, ctxRaw) {
                 requestId,
                 continuityLineage: parentLineage,
                 plannerModel: plannerModel || undefined,
+                directApiKey,
                 onEvent,
             });
             const rand = randomBytes(ctx.config.ids.generatedHexBytes).toString("hex");
@@ -237,7 +240,7 @@ export function registerVideoRoutes(app, ctxRaw) {
                 prompt: activePrompt,
                 userPrompt: activePrompt,
                 revisedPrompt: result.revisedPrompt,
-                provider: "grok",
+                provider,
                 model: result.effectiveModel,
                 requestedModel: result.requestedModel,
                 effectiveModel: result.effectiveModel,
@@ -261,6 +264,7 @@ export function registerVideoRoutes(app, ctxRaw) {
                 ...(storyboardActive ? { storyboard: true } : {}),
             };
             await saveGeneratedVideoArtifact(ctx, filename, result.videoBuffer, meta);
+            generateVideoThumbnail(join(ctx.config.storage.generatedDir, filename)).catch(() => { });
             invalidateHistoryIndex();
             finishMeta = { filename, xaiVideoRequestId: result.xaiVideoRequestId };
             logEvent("video", "saved", { requestId, filename, bytes: result.videoBuffer.length, elapsedMs: Date.now() - startTime });