0e4c2ebef4
Squash-merge the cloudflare-migration branch (7 commits by Kai ki) into staging with conflict resolution, feature integration, and bug fixes. Engine: - Paradigm D: single-stream Writer replacing dual-phase Plan/Beats - Delete Architect agent; story bible generated via Writer <plan> tag - Modular prompt architecture (segments/registry/builder) - StreamRouter for tagged stream splitting (<plan>/<story>/<choices>) Infrastructure: - Cloudflare Workers deployment (wrangler.jsonc, OpenNext adapter) - D1 database schema + Drizzle ORM (scaffolded, not yet active) - R2 storage helpers (scaffolded, not yet active) - Story persistence API routes + client-side persistence BYOK (Bring Your Own Key): - /api/llm/user-proxy with SSRF-protected LLM proxy (+ requireUser auth) - CORS-aware fetch in ai-client: auto-detect CORS failure, fallback to server proxy transparently via OpenAI SDK custom fetch - BYO config support added to classify-freeform and vision routes - SettingsModal CORS privacy notice (keys never logged/stored) SSE streaming: - engineClient.ts: fetchSSE helper for progressive scene events - startSession/requestScene accept optional emit callback - Fix SSE error event field name (error → message) in scene/start routes i18n integration: - Wire buildLanguageDirective into paradigm D's prompt builder - Update corsNotice i18n keys (zh-CN/en/ja) with CORS proxy privacy text - Preserve Session.language + LanguageSwitcher from i18n commit Co-authored-by: Kai ki <155355644+zbf1009@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
100 lines
3.2 KiB
TypeScript
100 lines
3.2 KiB
TypeScript
// Bring-your-own LLM API keys — stored CLIENT-SIDE ONLY.
|
|
//
|
|
// When a user supplies their own keys, we persist {provider, baseUrl, apiKey}
|
|
// in localStorage and send them with each /api/start and /api/scene request.
|
|
// Keys never leak to server logs or persistence — they only pass through the
|
|
// request→config construction path.
|
|
|
|
const STORAGE_KEY = "infiplot:llm";
|
|
|
|
/** Provider types matching byoProxy and ProviderProtocol */
|
|
export type LlmProvider = "openai" | "claude" | "gemini";
|
|
|
|
/** Stored BYO LLM config — exactly what we persist. */
|
|
export type StoredLlmConfig = {
|
|
/** Which provider API to use */
|
|
provider: LlmProvider;
|
|
/** User's API key */
|
|
apiKey: string;
|
|
/** Optional custom base URL (empty = use provider default) */
|
|
baseUrl?: string;
|
|
/** Optional model name (empty = use server-side default for this provider/role) */
|
|
model?: string;
|
|
};
|
|
|
|
/** Per-role LLM config the user can independently configure */
|
|
export type ByoLlmSettings = {
|
|
text?: StoredLlmConfig;
|
|
image?: StoredLlmConfig;
|
|
vision?: StoredLlmConfig;
|
|
};
|
|
|
|
/**
|
|
* Read persisted BYO LLM config. Returns null when running on the server,
|
|
* when nothing is stored, on parse failure, or when the stored shape is invalid.
|
|
*/
|
|
export function readStoredLlmConfig(): ByoLlmSettings | null {
|
|
if (typeof window === "undefined") return null;
|
|
try {
|
|
const raw = window.localStorage.getItem(STORAGE_KEY);
|
|
if (!raw) return null;
|
|
const parsed = JSON.parse(raw) as Partial<ByoLlmSettings>;
|
|
|
|
// Validate each role config
|
|
const result: ByoLlmSettings = {};
|
|
for (const role of ["text", "image", "vision"] as const) {
|
|
const cfg = parsed[role];
|
|
if (cfg && typeof cfg === "object") {
|
|
const provider = cfg.provider as string;
|
|
const apiKey = cfg.apiKey as string;
|
|
if (["openai", "claude", "gemini"].includes(provider) && apiKey?.trim()) {
|
|
result[role] = {
|
|
provider: provider as LlmProvider,
|
|
apiKey: apiKey.trim(),
|
|
baseUrl: typeof cfg.baseUrl === "string" ? cfg.baseUrl.trim() : undefined,
|
|
model: typeof cfg.model === "string" ? cfg.model.trim() : undefined,
|
|
};
|
|
}
|
|
}
|
|
}
|
|
|
|
return Object.keys(result).length > 0 ? result : null;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Persist BYO LLM config. Trims keys and baseUrls so trailing whitespace
|
|
* from paste never breaks headers.
|
|
*/
|
|
export function writeStoredLlmConfig(config: ByoLlmSettings): void {
|
|
if (typeof window === "undefined") return;
|
|
try {
|
|
const payload: ByoLlmSettings = {};
|
|
for (const role of ["text", "image", "vision"] as const) {
|
|
const cfg = config[role];
|
|
if (cfg) {
|
|
payload[role] = {
|
|
provider: cfg.provider,
|
|
apiKey: cfg.apiKey.trim(),
|
|
baseUrl: cfg.baseUrl?.trim() || undefined,
|
|
model: cfg.model?.trim() || undefined,
|
|
};
|
|
}
|
|
}
|
|
window.localStorage.setItem(STORAGE_KEY, JSON.stringify(payload));
|
|
} catch {
|
|
// Storage disabled / quota / private mode — BYO simply stays off.
|
|
}
|
|
}
|
|
|
|
export function clearStoredLlmConfig(): void {
|
|
if (typeof window === "undefined") return;
|
|
try {
|
|
window.localStorage.removeItem(STORAGE_KEY);
|
|
} catch {
|
|
// ignore
|
|
}
|
|
}
|