function getSessionSecret() {
return process.env.DASHBOARD_PASSWORD || "kimchi-proxy";
}
function verifyPassword(password) {
return password === getSessionSecret();
}
function generateToken() {
return Buffer.from(`session:${Date.now()}:${Math.random().toString(36)}`).toString("base64");
}
function checkAuth(req) {
const cookie = req.headers.cookie || "";
const match = cookie.match(/dashboard_token=([^;]+)/);
if (!match) return false;
try {
const decoded = Buffer.from(match[1], "base64").toString();
return decoded.startsWith("session:");
} catch {
return false;
}
}
const LOGIN_HTML = `
Kimchi Proxy โ Login
๐ถ๏ธ
Kimchi Proxy
Enter dashboard password
`;
const DASHBOARD_HTML = `
Kimchi Proxy โ Dashboard
Today
This Week
This Month
All Time
Est. Cost
โ
based on Kimchi pricing
๐ด Errors
| # | Req | Model | Key | Status | Error | When |
| No errors yet |
๐ Recent Requests
| # | Model | In / Out | Key | Status | Time | When |
| No requests yet |
`;
module.exports = async function handler(req, res) {
if (req.method === "GET" && (req.url === "/dashboard" || req.url === "/api/dashboard" || req.url === "/api/dashboard?") && !req.url.includes("action=")) {
if (!checkAuth(req)) {
res.setHeader("Content-Type", "text/html");
return res.status(200).end(LOGIN_HTML);
}
res.setHeader("Content-Type", "text/html");
return res.status(200).end(DASHBOARD_HTML);
}
if (req.method === "POST" && req.url === "/api/dashboard") {
let data = req.body;
if (!data || typeof data !== "object") {
let raw = "";
for await (const chunk of req) raw += chunk;
try {
data = JSON.parse(raw);
} catch {
data = {};
}
}
if (verifyPassword(data.password)) {
const token = generateToken();
res.setHeader("Set-Cookie", `dashboard_token=${token}; Path=/; HttpOnly; SameSite=Strict; Max-Age=86400`);
return res.status(200).json({ ok: true });
}
return res.status(401).json({ error: "Invalid password" });
}
if (req.method === "GET" && req.url === "/api/dashboard?action=logout") {
res.setHeader("Set-Cookie", "dashboard_token=; Path=/; Max-Age=0");
res.setHeader("Location", "/dashboard");
return res.status(302).end();
}
if (req.url && req.url.startsWith("/api/dashboard?action=stats")) {
if (!checkAuth(req)) {
return res.status(401).json({ error: "Unauthorized" });
}
const url = new URL(req.url, "http://localhost");
const range = url.searchParams.get("range") || "today";
try {
const statsUrl = `https://${req.headers.host}/api/v1/chat/completions?action=stats&range=${range}`;
const statsRes = await fetch(statsUrl, {
headers: { Cookie: req.headers.cookie || "" },
});
const stats = await statsRes.json();
return res.status(200).json(stats);
} catch (e) {
return res.status(200).json({ totalRequests: 0, totalInputTokens: 0, totalOutputTokens: 0, estimatedCost: "0.00", totalErrors: 0, requests: [], errors: [], keys: { total: 55, active: 55, exhausted: 0, throttled: 0, errors: [] }, recentRequests: [] });
}
}
res.setHeader("Content-Type", "text/html");
res.status(200).end(LOGIN_HTML);
};