mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-16 08:20:14 +01:00
04a4a2aa44
* refactor: move endpoint initialization methods to typescript * refactor: move agent init to packages/api - Introduced `initialize.ts` for agent initialization, including file processing and tool loading. - Updated `resources.ts` to allow optional appConfig parameter. - Enhanced endpoint configuration handling in various initialization files to support model parameters. - Added new artifacts and prompts for React component generation. - Refactored existing code to improve type safety and maintainability. * refactor: streamline endpoint initialization and enhance type safety - Updated initialization functions across various endpoints to use a consistent request structure, replacing `unknown` types with `ServerResponse`. - Simplified request handling by directly extracting keys from the request body. - Improved type safety by ensuring user IDs are safely accessed with optional chaining. - Removed unnecessary parameters and streamlined model options handling for better clarity and maintainability. * refactor: moved ModelService and extractBaseURL to packages/api - Added comprehensive tests for the models fetching functionality, covering scenarios for OpenAI, Anthropic, Google, and Ollama models. - Updated existing endpoint index to include the new models module. - Enhanced utility functions for URL extraction and model data processing. - Improved type safety and error handling across the models fetching logic. * refactor: consolidate utility functions and remove unused files - Merged `deriveBaseURL` and `extractBaseURL` into the `@librechat/api` module for better organization. - Removed redundant utility files and their associated tests to streamline the codebase. - Updated imports across various client files to utilize the new consolidated functions. - Enhanced overall maintainability by reducing the number of utility modules. * refactor: replace ModelService references with direct imports from @librechat/api and remove ModelService file * refactor: move encrypt/decrypt methods and key db methods to data-schemas, use `getProviderConfig` from `@librechat/api` * chore: remove unused 'res' from options in AgentClient * refactor: file model imports and methods - Updated imports in various controllers and services to use the unified file model from '~/models' instead of '~/models/File'. - Consolidated file-related methods into a new file methods module in the data-schemas package. - Added comprehensive tests for file methods including creation, retrieval, updating, and deletion. - Enhanced the initializeAgent function to accept dependency injection for file-related methods. - Improved error handling and logging in file methods. * refactor: streamline database method references in agent initialization * refactor: enhance file method tests and update type references to IMongoFile * refactor: consolidate database method imports in agent client and initialization * chore: remove redundant import of initializeAgent from @librechat/api * refactor: move checkUserKeyExpiry utility to @librechat/api and update references across endpoints * refactor: move updateUserPlugins logic to user.ts and simplify UserController * refactor: update imports for user key management and remove UserService * refactor: remove unused Anthropics and Bedrock endpoint files and clean up imports * refactor: consolidate and update encryption imports across various files to use @librechat/data-schemas * chore: update file model mock to use unified import from '~/models' * chore: import order * refactor: remove migrated to TS agent.js file and its associated logic from the endpoints * chore: add reusable function to extract imports from source code in unused-packages workflow * chore: enhance unused-packages workflow to include @librechat/api dependencies and improve dependency extraction * chore: improve dependency extraction in unused-packages workflow with enhanced error handling and debugging output * chore: add detailed debugging output to unused-packages workflow for better visibility into unused dependencies and exclusion lists * chore: refine subpath handling in unused-packages workflow to correctly process scoped and non-scoped package imports * chore: clean up unused debug output in unused-packages workflow and reorganize type imports in initialize.ts
175 lines
5.9 KiB
TypeScript
175 lines
5.9 KiB
TypeScript
import 'dotenv/config';
|
|
import jwt from 'jsonwebtoken';
|
|
import crypto from 'node:crypto';
|
|
import { SignPayloadParams } from '~/types';
|
|
|
|
const { webcrypto } = crypto;
|
|
|
|
/** Use hex decoding for both key and IV for legacy methods */
|
|
const key = Buffer.from(process.env.CREDS_KEY ?? '', 'hex');
|
|
const iv = Buffer.from(process.env.CREDS_IV ?? '', 'hex');
|
|
const algorithm = 'AES-CBC';
|
|
|
|
export async function signPayload({
|
|
payload,
|
|
secret,
|
|
expirationTime,
|
|
}: SignPayloadParams): Promise<string> {
|
|
return jwt.sign(payload, secret!, { expiresIn: expirationTime });
|
|
}
|
|
|
|
export async function hashToken(str: string): Promise<string> {
|
|
const data = new TextEncoder().encode(str);
|
|
const hashBuffer = await webcrypto.subtle.digest('SHA-256', data);
|
|
return Buffer.from(hashBuffer).toString('hex');
|
|
}
|
|
|
|
/** --- Legacy v1/v2 Setup: AES-CBC with fixed key and IV --- */
|
|
|
|
/**
|
|
* Encrypts a value using AES-CBC
|
|
* @param value - The plaintext to encrypt
|
|
* @returns The encrypted string in hex format
|
|
*/
|
|
export async function encrypt(value: string): Promise<string> {
|
|
const cryptoKey = await webcrypto.subtle.importKey('raw', key, { name: algorithm }, false, [
|
|
'encrypt',
|
|
]);
|
|
const encoder = new TextEncoder();
|
|
const data = encoder.encode(value);
|
|
const encryptedBuffer = await webcrypto.subtle.encrypt(
|
|
{ name: algorithm, iv: iv },
|
|
cryptoKey,
|
|
data,
|
|
);
|
|
return Buffer.from(encryptedBuffer).toString('hex');
|
|
}
|
|
|
|
/**
|
|
* Decrypts an encrypted value using AES-CBC
|
|
* @param encryptedValue - The encrypted string in hex format
|
|
* @returns The decrypted plaintext
|
|
*/
|
|
export async function decrypt(encryptedValue: string): Promise<string> {
|
|
const cryptoKey = await webcrypto.subtle.importKey('raw', key, { name: algorithm }, false, [
|
|
'decrypt',
|
|
]);
|
|
const encryptedBuffer = Buffer.from(encryptedValue, 'hex');
|
|
const decryptedBuffer = await webcrypto.subtle.decrypt(
|
|
{ name: algorithm, iv: iv },
|
|
cryptoKey,
|
|
encryptedBuffer,
|
|
);
|
|
const decoder = new TextDecoder();
|
|
return decoder.decode(decryptedBuffer);
|
|
}
|
|
|
|
/** --- v2: AES-CBC with a random IV per encryption --- */
|
|
|
|
/**
|
|
* Encrypts a value using AES-CBC with a random IV per encryption
|
|
* @param value - The plaintext to encrypt
|
|
* @returns The encrypted string with IV prepended (iv:ciphertext format)
|
|
*/
|
|
export async function encryptV2(value: string): Promise<string> {
|
|
const gen_iv = webcrypto.getRandomValues(new Uint8Array(16));
|
|
const cryptoKey = await webcrypto.subtle.importKey('raw', key, { name: algorithm }, false, [
|
|
'encrypt',
|
|
]);
|
|
const encoder = new TextEncoder();
|
|
const data = encoder.encode(value);
|
|
const encryptedBuffer = await webcrypto.subtle.encrypt(
|
|
{ name: algorithm, iv: gen_iv },
|
|
cryptoKey,
|
|
data,
|
|
);
|
|
return Buffer.from(gen_iv).toString('hex') + ':' + Buffer.from(encryptedBuffer).toString('hex');
|
|
}
|
|
|
|
/**
|
|
* Decrypts an encrypted value using AES-CBC with random IV
|
|
* @param encryptedValue - The encrypted string in iv:ciphertext format
|
|
* @returns The decrypted plaintext
|
|
*/
|
|
export async function decryptV2(encryptedValue: string): Promise<string> {
|
|
const parts = encryptedValue.split(':');
|
|
if (parts.length === 1) {
|
|
return parts[0];
|
|
}
|
|
const gen_iv = Buffer.from(parts.shift() ?? '', 'hex');
|
|
const encrypted = parts.join(':');
|
|
const cryptoKey = await webcrypto.subtle.importKey('raw', key, { name: algorithm }, false, [
|
|
'decrypt',
|
|
]);
|
|
const encryptedBuffer = Buffer.from(encrypted, 'hex');
|
|
const decryptedBuffer = await webcrypto.subtle.decrypt(
|
|
{ name: algorithm, iv: gen_iv },
|
|
cryptoKey,
|
|
encryptedBuffer,
|
|
);
|
|
const decoder = new TextDecoder();
|
|
return decoder.decode(decryptedBuffer);
|
|
}
|
|
|
|
/** --- v3: AES-256-CTR using Node's crypto functions --- */
|
|
const algorithm_v3 = 'aes-256-ctr';
|
|
|
|
/**
|
|
* Encrypts a value using AES-256-CTR.
|
|
* Note: AES-256 requires a 32-byte key. Ensure that process.env.CREDS_KEY is a 64-character hex string.
|
|
* @param value - The plaintext to encrypt.
|
|
* @returns The encrypted string with a "v3:" prefix.
|
|
*/
|
|
export function encryptV3(value: string): string {
|
|
if (key.length !== 32) {
|
|
throw new Error(`Invalid key length: expected 32 bytes, got ${key.length} bytes`);
|
|
}
|
|
const iv_v3 = crypto.randomBytes(16);
|
|
const cipher = crypto.createCipheriv(algorithm_v3, key, iv_v3);
|
|
const encrypted = Buffer.concat([cipher.update(value, 'utf8'), cipher.final()]);
|
|
return `v3:${iv_v3.toString('hex')}:${encrypted.toString('hex')}`;
|
|
}
|
|
|
|
/**
|
|
* Decrypts an encrypted value using AES-256-CTR.
|
|
* @param encryptedValue - The encrypted string with "v3:" prefix.
|
|
* @returns The decrypted plaintext.
|
|
*/
|
|
export function decryptV3(encryptedValue: string): string {
|
|
const parts = encryptedValue.split(':');
|
|
if (parts[0] !== 'v3') {
|
|
throw new Error('Not a v3 encrypted value');
|
|
}
|
|
const iv_v3 = Buffer.from(parts[1], 'hex');
|
|
const encryptedText = Buffer.from(parts.slice(2).join(':'), 'hex');
|
|
const decipher = crypto.createDecipheriv(algorithm_v3, key, iv_v3);
|
|
const decrypted = Buffer.concat([decipher.update(encryptedText), decipher.final()]);
|
|
return decrypted.toString('utf8');
|
|
}
|
|
|
|
/**
|
|
* Generates random values as a hex string
|
|
* @param length - The number of random bytes to generate
|
|
* @returns The random values as a hex string
|
|
*/
|
|
export async function getRandomValues(length: number): Promise<string> {
|
|
if (!Number.isInteger(length) || length <= 0) {
|
|
throw new Error('Length must be a positive integer');
|
|
}
|
|
const randomValues = new Uint8Array(length);
|
|
webcrypto.getRandomValues(randomValues);
|
|
return Buffer.from(randomValues).toString('hex');
|
|
}
|
|
|
|
/**
|
|
* Computes SHA-256 hash for the given input.
|
|
* @param input - The input to hash.
|
|
* @returns The SHA-256 hash of the input.
|
|
*/
|
|
export async function hashBackupCode(input: string): Promise<string> {
|
|
const encoder = new TextEncoder();
|
|
const data = encoder.encode(input);
|
|
const hashBuffer = await webcrypto.subtle.digest('SHA-256', data);
|
|
const hashArray = Array.from(new Uint8Array(hashBuffer));
|
|
return hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
|
|
}
|