Spaces:

NikaMimi
/

Nyan-Proxy

Paused

WasabiDrop Claude commited on Jul 18, 2025

Commit

62be87c

1 Parent(s): fef4051

Refactor: Organize codebase with modular structure

- Move templates to pages/ folder for better organization
- Move core application logic to core/ folder
- Move AI tokenizers to ai/tokenizers/ for future AI service expansion
- Move database files to database/ folder
- Move configuration files to config/ folder
- Add proper HF Space configuration and branding
- Update README with NyanProxy branding and features
- Create root app.py for HF Space compatibility
- Add .env.example for configuration reference
- Add start.bat for Windows development convenience
- Update all import paths to work with new structure
- Maintain backward compatibility for existing deployments

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

This view is limited to 50 files because it contains too many changes. See raw diff

Files changed (50) hide show

.claude/settings.local.json +27 -1
.env +49 -11
.env.example +25 -0
.gitignore +7 -1
AUTHENTICATION.md +334 -0
README.md +5 -5
{tokenizers → ai/tokenizers}/__init__.py +0 -0
{tokenizers → ai/tokenizers}/anthropic_tokenizer.py +0 -0
{tokenizers → ai/tokenizers}/claude.ts +0 -0
{tokenizers → ai/tokenizers}/index.ts +0 -0
{tokenizers → ai/tokenizers}/mistral-tokenizer-js.ts +0 -0
{tokenizers → ai/tokenizers}/mistral.ts +0 -0
{tokenizers → ai/tokenizers}/openai.ts +0 -0
{tokenizers → ai/tokenizers}/openai_tokenizer.py +0 -0
{tokenizers → ai/tokenizers}/tokenizer.ts +0 -0
{tokenizers → ai/tokenizers}/unified_tokenizer.py +0 -0
app.py +24 -895
config/.env.example +51 -0
config/requirements.txt +7 -0
core/app.py +1057 -0
health_checker.py → core/health_checker.py +1 -1
pages/admin/anti_abuse.html +107 -0
pages/admin/base.html +419 -0
pages/admin/bulk_operations.html +128 -0
pages/admin/create_user.html +372 -0
pages/admin/dashboard.html +502 -0
pages/admin/edit_user.html +202 -0
pages/admin/key_manager.html +357 -0
pages/admin/list_users.html +247 -0
pages/admin/login.html +84 -0
pages/admin/model_families.html +402 -0
pages/admin/stats.html +60 -0
pages/admin/view_user.html +265 -0
pages/admin_dashboard.html +587 -0
{templates → pages}/dashboard.html +11 -4
requirements.txt +3 -1
run.py +30 -0
src/__init__.py +1 -0
src/config/__init__.py +1 -0
src/config/auth.py +76 -0
src/middleware/__init__.py +1 -0
src/middleware/auth.py +257 -0
src/routes/__init__.py +1 -0
src/routes/admin.py +379 -0
src/routes/admin_web.py +507 -0
src/routes/model_families_admin.py +249 -0
src/services/__init__.py +1 -0
src/services/event_logger.py +194 -0
src/services/model_families.py +501 -0
src/services/structured_event_logger.py +628 -0

.claude/settings.local.json CHANGED Viewed

@@ -20,7 +20,33 @@
       "Bash(git checkout:*)",
       "Bash(git merge:*)",
       "WebFetch(domain:gitgud.io)",
-      "Bash(git commit:*)"
     ],
     "deny": []
   }

       "Bash(git checkout:*)",
       "Bash(git merge:*)",
       "WebFetch(domain:gitgud.io)",
+      "Bash(git commit:*)",
+      "Bash(git rm:*)",
+      "Bash(git remote set-url:*)",
+      "Bash(mkdir:*)",
+      "WebFetch(domain:code.jquery.com)",
+      "Bash(curl:*)",
+      "Bash(mv:*)",
+      "Bash(\"C:\\Users\\rafae\\AppData\\Local\\Programs\\Python\\Python312\\python.exe\" app.py --port 8080)",
+      "Bash(\"C:\\Users\\rafae\\AppData\\Local\\Programs\\Python\\Python312\\python.exe\" -c \"from src.services.model_families import model_manager; print(''Model manager initialized successfully'')\")",
+      "Bash(timeout:*)",
+      "WebFetch(domain:127.0.0.1)",
+      "Bash(\"C:\\Users\\rafae\\AppData\\Local\\Programs\\Python\\Python312\\python.exe\" debug_keys.py)",
+      "Bash(\"C:\\Users\\rafae\\AppData\\Local\\Programs\\Python\\Python312\\python.exe\" test_all_keys.py)",
+      "Bash(del debug_keys.py test_all_keys.py)",
+      "Bash(\"C:\\Users\\rafae\\AppData\\Local\\Programs\\Python\\Python312\\python.exe\" app.py)",
+      "Bash(tasklist:*)",
+      "Bash(powershell:*)",
+      "Bash(cmd /c:*)",
+      "Bash(true)",
+      "Bash(\"C:\\Users\\rafae\\AppData\\Local\\Programs\\Python\\Python312\\python.exe\" run.py)",
+      "Bash(where py)",
+      "Bash(set PATH)",
+      "Bash(\"C:\\Windows\\py.exe\" app.py)",
+      "Bash(dir:*)",
+      "Bash(ls:*)",
+      "WebFetch(domain:huggingface.co)",
+      "Bash(cp:*)"
     ],
     "deny": []
   }

.env CHANGED Viewed

@@ -1,16 +1,54 @@
-# Dashboard Configuration
-DASHBOARD_TITLE=NyanProxy
-DASHBOARD_SUBTITLE=Purr-fect monitoring for your AI service proxy!
-DASHBOARD_REFRESH_INTERVAL=30
-# Branding
 BRAND_NAME=NyanProxy
 BRAND_EMOJI=🐱
-BRAND_DESCRIPTION=Meow-nificent AI Proxy!
-# API Keys (examples - replace with your actual keys)
-# OPENAI_API_KEYS=sk-your-key1,sk-your-key2
-# ANTHROPIC_API_KEYS=sk-ant-your-key1,sk-ant-your-key2
-# Server Configuration
-PORT=7860

+# === AUTHENTICATION CONFIGURATION ===
+# Choose authentication mode: "none", "proxy_key", or "user_token"
+AUTH_MODE=user_token
+# For proxy_key mode: single shared password
+PROXY_PASSWORD=proxy_pass
+# Admin key for accessing admin endpoints
+ADMIN_KEY=matcha
+# Flask secret key for sessions (change this to a random value in production)
+FLASK_SECRET_KEY=nyan-cat-secret-key-change-in-production-2024
+# === USER TOKEN CONFIGURATION ===
+# Maximum IP addresses per user (default: 3)
+MAX_IPS_PER_USER=6
+# Auto-ban users who exceed IP limit (default: true)
+MAX_IPS_AUTO_BAN=true
+# === RATE LIMITING ===
+# Enable rate limiting (default: true)
+RATE_LIMIT_ENABLED=true
+# Requests per minute per user/IP (default: 60)
+RATE_LIMIT_PER_MINUTE=60
+# === FIREBASE CONFIGURATION ===
+# Firebase Realtime Database URL
+FIREBASE_URL=https://arfy-user-management-default-rtdb.firebaseio.com
+# Firebase service account key (JSON string)
+# You can also use Application Default Credentials instead
+FIREBASE_SERVICE_ACCOUNT_KEY=ewogICJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIsCiAgInByb2plY3RfaWQiOiAiYXJmeS11c2VyLW1hbmFnZW1lbnQiLAogICJwcml2YXRlX2tleV9pZCI6ICI0NWUzZGNkYmNlMTI0NGQ4MjA0ZTlkOTJmMjUzYWNkZmU4ZmFlNDIwIiwKICAicHJpdmF0ZV9rZXkiOiAiLS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tXG5NSUlFdmdJQkFEQU5CZ2txaGtpRzl3MEJBUUVGQUFTQ0JLZ3dnZ1NrQWdFQUFvSUJBUURsWG9FWVRZWkEyYlIwXG5Lc1l6NXJBRXd4aVVsMWtqUUlnd3dKdTA4NVdSRS9LZGxyZStHM0d1aUhGL1VNcGExb0JDU3NCUUN6d015aUVhXG5HWm4wS0hZRWw2NlVlQWxIN2NIa1JQRDRyeklhUVlFOXBaZVAzdkNjTXZzc3F1Y0tONFpiN0NSblozaDJ6am1FXG4vbVJHbUI1Y3p6b1lJVGpMSGdWUGdMdVIwZmF2Y2NtelFISzVJcmsrTEI0N0NZU3JHeEJsWU1sdTBUSis1SG1zXG5XS2g2V0xaRUowRTdUWUVmclpZUHdnVzF2UThPMGNQY0JsQ3NCNS9vVXhUaGxpR0FBSVVMZ0FzVnQra1NxZGIvXG5CMXBLWE5vQjlZQStjR1RuL3JPQzJtUGlGTlh0Q21tRVVEdEFEYlZUQjFlcjZ1QTVnaUpPVkpOUEk0NjI2cTRJXG4yWVRaK2ZEWkFnTUJBQUVDZ2dFQUVKdFVDM2RwZGY2Tk15LzVvNzViRmkwdDlXd3oxdnFRSWIrQVJveXdVbzI0XG5MakxBWVBKSnU5SkRMVzJqQ1Fxb3hLUDI0cFM5cDB0bk5DV1FZUDRnOVZvcUdMUE1NRG9GcE1wZERCUmJNMDEwXG4xd3JMTzI1dnkwOWhvaTFKaHhMWUZvVzFhUXN6eko1SHlkcEZWbHNqTDZNTldMdm5DY1hGcXFqdWE3TmhBZmkvXG5BTHgwWmlOV0E4dDJlVHBQRE40VFdmd1plS3dCMjRCamxtT1dpVW84NnI2Tk05cVk1U0ZPZGVNUjI4VFdpSFB5XG5GQWUyWHN4ZHFHRnhEbkd0bEhEUjR5MExIcFdvRXdCck9lVkNJV1dCMmVGcjlLemJ6b3JGV01pWUpISER6SjVrXG42T0pZcTZkeHJzanIwSWl3cm8zb1kwblRZbmd0VndXLzJ6N3BrSzBseFFLQmdRRDQ1VWcyZjh0V3o4Q3FubTFQXG5WZkFSWEliZ0R3R1hRY3NiWlpPaXlqbGxwKzhqUUVuclcrQXRCdkErV0ptaXlwa3VwTzhLSWRnTm5KZUVqWUMwXG5ndmhwOVB6OC9ONDVnRGhxWTdrZy9NbjBpRWhvQjhZdjRhQzUrWkF3VmpoeVJHNUV5U01QZVBheSt4SjI4QmwwXG4rZGtpYStrR1F6dDRzYU5MRHVPNTdoTUdXd0tCZ1FEcjZvb1BGcW94SE5HNnJyL294QlhqcllwNGFYOFZDS1VaXG5FWkJlbTA4b29oTWI5bUtOb2dTU0lwUmxTZVRnZGw3QWZGSndVeDJVdk1GNWtTdlFkL2N6aHpoc2xoVjdodnFPXG5oblJDSGFGbFg1cFVDbUYwVjZRUVUrOVoyWTVjdTIyM2R0d282eEhCOTVFSkFzcUFZbTFWRURha1pEKzJyWERoXG53MFFJVnl4VDJ3S0JnUURZTVdDZVpqYmJ1eTJoaG1kd2lEYzAvV2Z5YTFaNGFoL2dOa1VkSEFick5BbldWdHRlXG5Zcm5Bb3N3L2UzcElHeThmZ3doWGhycENhSWg4RE9XRTVsYWN3cjZWaVpnRjNrZ2lzV2gzTE56SFdURjdtM1VjXG4xaUZrS1ZDRGpBRVAwRHp2NXI1YmpEak5rcVNoUjBEMWlLaUE2N2JIUjlMNnJXSW5xbEZJaVhGaERRS0JnQkRMXG40QXgyOXFNTWhEb2dXdlY5a0hsblQ2YUhERTg1RUZnYWtnYktVL1oybzVtb0R4ZzZZc3pzdlZnQXpOVFdXS1NuXG50VTdkL0FzczdURjBqb1FISm9oNnBoL0ZCNzZGdTYwT0VaVHJleVEyakV4VGVPREpwSnFzL3l1TWU4QktiK05TXG5DUmE0dGNqemtWWHM1dklCRC91d2JkT0NkNjdQNW11TWRYbUtpMU5sQW9HQkFPUVJneGF0Rzh1dUd0MjRzL29xXG42WS9pb0ZxbUNzV0JkQ2kybWRJT0F5ZE9zWkRuRGNxMEltbVdEOTd3ajFqalZodFA3M2t6VUFrRlZhajFLVmEwXG5hZWlua0tKR0pTV3N4VEZ0U0VubXpQQThxN1UwUWh6RnhJd1pFTUs1SFpuMmtRRzQ0ZFAydCtZY2xlMXZ2OGtKXG5IcG1IbFpldmUzbU5NQjRxc1ArMTZnZm5cbi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS1cbiIsCiAgImNsaWVudF9lbWFpbCI6ICJmaXJlYmFzZS1hZG1pbnNkay10azdnaUBhcmZ5LXVzZXItbWFuYWdlbWVudC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiAgImNsaWVudF9pZCI6ICIxMDc5MzI3MDkyOTk5MzUyMzQ4ODkiLAogICJhdXRoX3VyaSI6ICJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20vby9vYXV0aDIvYXV0aCIsCiAgInRva2VuX3VyaSI6ICJodHRwczovL29hdXRoMi5nb29nbGVhcGlzLmNvbS90b2tlbiIsCiAgImF1dGhfcHJvdmlkZXJfeDUwOV9jZXJ0X3VybCI6ICJodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbS9vYXV0aDIvdjEvY2VydHMiLAogICJjbGllbnRfeDUwOV9jZXJ0X3VybCI6ICJodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbS9yb2JvdC92MS9tZXRhZGF0YS94NTA5L2ZpcmViYXNlLWFkbWluc2RrLXRrN2dpJTQwYXJmeS11c2VyLW1hbmFnZW1lbnQuaWFtLmdzZXJ2aWNlYWNjb3VudC5jb20iLAogICJ1bml2ZXJzZV9kb21haW4iOiAiZ29vZ2xlYXBpcy5jb20iCn0K
+# === API KEYS ===
+# OpenAI API Keys (multiple keys separated by commas or newlines)
+OPENAI_API_KEYS=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,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,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,sk-proj-FU70mLLdl3XOxcE2u3JnT3BlbkFJLyivVh91Dj79p1P2HzRP,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,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,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,
+# Anthropic API Keys
+ANTHROPIC_API_KEYS=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,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,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,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
+# === DASHBOARD CONFIGURATION ===
 BRAND_NAME=NyanProxy
 BRAND_EMOJI=🐱
+DASHBOARD_TITLE=NyanProxy Dashboard
+DASHBOARD_SUBTITLE=Purr-fect monitoring for your AI service proxy!
+DASHBOARD_REFRESH_INTERVAL=30
+# === DEPLOYMENT ===
+PORT=7860
+# Optional: Override automatic URL detection
+# APP_URL=https://your-custom-domain.com

.env.example ADDED Viewed

	@@ -0,0 +1,25 @@

+# API Keys (comma-separated for multiple keys)
+OPENAI_API_KEYS=sk-key1,sk-key2,sk-key3
+ANTHROPIC_API_KEYS=sk-ant-key1,sk-ant-key2
+# Authentication
+AUTH_MODE=none
+PROXY_KEY=your-proxy-key
+ADMIN_KEY=your-admin-key
+# App Configuration
+PORT=7860
+DEBUG=False
+FLASK_SECRET_KEY=your-secret-key-change-in-production
+# Dashboard Customization
+DASHBOARD_TITLE=NyanProxy Dashboard
+BRAND_EMOJI=🐱
+BRAND_NAME=NyanProxy
+BRAND_DESCRIPTION=Meow-nificent AI Proxy!
+DASHBOARD_SUBTITLE=Purr-fect monitoring for your AI service proxy!
+DASHBOARD_REFRESH_INTERVAL=30
+# Firebase (optional)
+FIREBASE_URL=https://your-project.firebaseio.com
+FIREBASE_CREDENTIALS_JSON=path/to/credentials.json

.gitignore CHANGED Viewed

@@ -79,4 +79,10 @@ htmlcov/
 *.tmp
 *.temp
 temp/
-tmp/

 *.tmp
 *.temp
 temp/
+tmp/
+# Database files
+*.db
+*.db-shm
+*.db-wal
+database/

AUTHENTICATION.md ADDED Viewed

	@@ -0,0 +1,334 @@

+# NyanProxy Authentication System
+## Overview
+NyanProxy now includes a comprehensive authentication and user management system with dual authentication modes, usage tracking, and Firebase integration.
+## 🔐 Authentication Modes
+### 1. No Authentication (`AUTH_MODE=none`)
+- No authentication required
+- All requests are allowed
+- No user tracking or quotas
+### 2. Proxy Key Mode (`AUTH_MODE=proxy_key`)
+- Single shared password for all users
+- Set `PROXY_PASSWORD` environment variable
+- IP-based rate limiting
+- No individual user tracking
+### 3. User Token Mode (`AUTH_MODE=user_token`)
+- Individual UUID tokens for each user
+- Complete user management with Firebase storage
+- Per-user quotas and usage tracking
+- IP address monitoring and limits
+- Ban/unban functionality
+## 🚀 Quick Setup
+### 1. Install Dependencies
+```bash
+pip install -r requirements.txt
+```
+### 2. Configure Environment Variables
+Copy `.env.example` to `.env` and configure:
+```bash
+# Basic configuration
+AUTH_MODE=user_token
+ADMIN_KEY=your_admin_key_here
+# Firebase (for user_token mode)
+FIREBASE_URL=https://your-project-default-rtdb.firebaseio.com/
+# API Keys
+OPENAI_API_KEYS=sk-key1,sk-key2
+ANTHROPIC_API_KEYS=sk-ant-key1,sk-ant-key2
+```
+### 3. Start the Server
+```bash
+python app.py
+```
+## 🔑 Authentication Headers
+### For Proxy Key Mode:
+```bash
+curl -H "Authorization: Bearer your_proxy_password" \
+     -H "Content-Type: application/json" \
+     -d '{"model":"gpt-3.5-turbo","messages":[{"role":"user","content":"Hello"}]}' \
+     https://your-proxy.com/v1/chat/completions
+```
+### For User Token Mode:
+```bash
+curl -H "Authorization: Bearer user_token_uuid" \
+     -H "Content-Type: application/json" \
+     -d '{"model":"gpt-3.5-turbo","messages":[{"role":"user","content":"Hello"}]}' \
+     https://your-proxy.com/v1/chat/completions
+```
+### Alternative Headers:
+- `x-api-key: your_token`
+- Query parameter: `?key=your_token`
+## 👨‍💼 Admin Interface
+### Access the Admin Dashboard
+Visit `/admin/dashboard` in your browser and enter your admin key.
+### Admin API Endpoints
+#### User Management
+- `GET /admin/users` - List all users
+- `POST /admin/users` - Create new user
+- `GET /admin/users/{token}` - Get user details
+- `PUT /admin/users/{token}` - Update user
+- `POST /admin/users/{token}/disable` - Ban user
+- `POST /admin/users/{token}/enable` - Unban user
+- `POST /admin/users/{token}/rotate` - Rotate token
+- `DELETE /admin/users/{token}` - Delete user
+#### Statistics
+- `GET /admin/stats` - System statistics
+- `GET /admin/events` - Event logs
+#### Bulk Operations
+- `POST /admin/bulk/refresh-quotas` - Reset all quotas
+### Create User via API
+```bash
+curl -X POST \
+  -H "Authorization: Bearer your_admin_key" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "type": "normal",
+    "nickname": "John Doe",
+    "token_limits": {
+      "openai": 100000,
+      "anthropic": 50000
+    }
+  }' \
+  https://your-proxy.com/admin/users
+```
+## 📊 User Management Features
+### User Types
+- **Normal**: Standard users with default quotas
+- **Special**: Premium users with higher limits and no rate limiting
+- **Temporary**: Time-limited users (expire after 24 hours)
+### User Properties
+- **Token**: UUID-based authentication token
+- **Nickname**: Human-readable identifier
+- **Type**: User privilege level
+- **IP Tracking**: Monitors IP addresses used
+- **Usage Tracking**: Token consumption per model family
+- **Quotas**: Configurable limits per model family
+- **Ban System**: Disable with reasons
+### Automatic Features
+- **IP Limit Enforcement**: Auto-ban users with too many IPs
+- **Quota Tracking**: Real-time token usage monitoring
+- **Event Logging**: Comprehensive audit trail
+- **Temporary User Cleanup**: Automatic expiration handling
+## 🔄 Usage Tracking
+### Token Counting
+- Input tokens (prompt)
+- Output tokens (completion)
+- Total tokens
+- Cost calculation in USD
+### Per-Model Tracking
+- OpenAI models (GPT-3.5, GPT-4, etc.)
+- Anthropic models (Claude)
+- Google AI models
+- Mistral models
+### Event Types
+- `chat_completion`: API request completion
+- `new_ip`: New IP address detected
+- `user_action`: Administrative actions
+## 🔥 Firebase Integration
+### Setup Firebase
+1. Create a Firebase project
+2. Enable Realtime Database
+3. Create service account with database access
+4. Download service account key JSON
+### Configuration
+```bash
+# Firebase URL
+FIREBASE_URL=https://your-project-default-rtdb.firebaseio.com/
+# Service account key (JSON string)
+FIREBASE_SERVICE_ACCOUNT_KEY='{"type":"service_account",...}'
+```
+### Data Structure
+```json
+{
+  "users": {
+    "user_token_uuid": {
+      "token": "uuid",
+      "type": "normal",
+      "created_at": "2024-01-01T00:00:00",
+      "nickname": "John Doe",
+      "ip": ["hashed_ip_1", "hashed_ip_2"],
+      "token_counts": {
+        "openai": {"input": 1000, "output": 500, "total": 1500},
+        "anthropic": {"input": 800, "output": 400, "total": 1200}
+      },
+      "token_limits": {
+        "openai": 100000,
+        "anthropic": 50000
+      },
+      "disabled_at": null,
+      "disabled_reason": null
+    }
+  }
+}
+```
+## 🛡️ Security Features
+### IP Privacy
+- All IP addresses are SHA-256 hashed
+- No raw IP storage
+- Privacy-preserving tracking
+### Token Security
+- UUID-based tokens (unguessable)
+- Token rotation capability
+- Automatic cleanup
+### Rate Limiting
+- Per-user and per-IP limits
+- Sliding window algorithm
+- Configurable limits
+### Admin Security
+- Bearer token authentication
+- Admin key rotation support
+- Audit logging
+## ⚙️ Configuration Reference
+### Authentication
+```bash
+AUTH_MODE=user_token              # none, proxy_key, user_token
+PROXY_PASSWORD=secure_password    # For proxy_key mode
+ADMIN_KEY=admin_key              # Admin access key
+```
+### User Limits
+```bash
+MAX_IPS_PER_USER=3               # IP addresses per user
+MAX_IPS_AUTO_BAN=true            # Auto-ban on IP limit
+RATE_LIMIT_PER_MINUTE=60         # Requests per minute
+```
+### Firebase
+```bash
+FIREBASE_URL=https://...         # Firebase Realtime Database URL
+FIREBASE_SERVICE_ACCOUNT_KEY={}  # Service account JSON
+```
+## 🔍 Monitoring & Analytics
+### Dashboard Features
+- Real-time user statistics
+- Usage analytics
+- Token consumption tracking
+- Cost monitoring
+- Event logging
+### Admin Tools
+- User creation and management
+- Bulk operations
+- Usage reports
+- Event filtering
+## 🚨 Troubleshooting
+### Common Issues
+1. **Firebase Connection Failed**
+   - Check Firebase URL format
+   - Verify service account permissions
+   - Ensure database rules allow read/write
+2. **Authentication Errors**
+   - Verify AUTH_MODE setting
+   - Check token format
+   - Ensure admin key is correct
+3. **Rate Limiting Issues**
+   - Check RATE_LIMIT_PER_MINUTE setting
+   - Verify user quotas
+   - Monitor IP limits
+### Debug Mode
+Set `debug=True` in `app.run()` for detailed error messages.
+## 📈 Performance Considerations
+### Memory Usage
+- In-memory user cache with Firebase sync
+- Automatic cleanup of old data
+- Efficient token counting
+### Database Optimization
+- Batch Firebase operations
+- Background sync thread
+- Minimal data structure
+### Scalability
+- Stateless authentication
+- Horizontal scaling support
+- Firebase handles concurrent access
+## 🎯 Best Practices
+1. **Regular Backups**: Export user data periodically
+2. **Monitor Usage**: Track token consumption and costs
+3. **Rotate Keys**: Regularly rotate admin and user tokens
+4. **Audit Logs**: Review event logs for suspicious activity
+5. **Quota Management**: Set appropriate limits for user types
+## 📝 API Examples
+### Create User
+```python
+import requests
+response = requests.post('https://your-proxy.com/admin/users',
+    headers={'Authorization': 'Bearer admin_key'},
+    json={
+        'type': 'normal',
+        'nickname': 'Test User',
+        'token_limits': {'openai': 50000}
+    })
+```
+### Check Usage
+```python
+response = requests.get('https://your-proxy.com/admin/users/user_token',
+    headers={'Authorization': 'Bearer admin_key'})
+```
+### Disable User
+```python
+response = requests.post('https://your-proxy.com/admin/users/user_token/disable',
+    headers={'Authorization': 'Bearer admin_key'},
+    json={'reason': 'Abuse detected'})
+```
+This authentication system provides enterprise-grade user management with comprehensive tracking, Firebase integration, and powerful admin tools.

README.md CHANGED Viewed

@@ -1,16 +1,16 @@
 ---
-title: AI Reverse Proxy
-emoji: 🔄
-colorFrom: blue
 colorTo: purple
 sdk: docker
 app_file: app.py
 pinned: false
 ---
-# AI Reverse Proxy
-A simple reverse proxy for AI services that can be hosted on Hugging Face Spaces.
 ## Features

 ---
+title: NyanProxy
+emoji: 🐱
+colorFrom: pink
 colorTo: purple
 sdk: docker
 app_file: app.py
 pinned: false
 ---
+# 🐱 NyanProxy - Meow-nificent AI Proxy!
+A sophisticated AI proxy service that provides unified access to multiple AI providers with advanced features like token tracking, rate limiting, and user management.
 ## Features

{tokenizers → ai/tokenizers}/__init__.py RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/anthropic_tokenizer.py RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/claude.ts RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/index.ts RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/mistral-tokenizer-js.ts RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/mistral.ts RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/openai.ts RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/openai_tokenizer.py RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/tokenizer.ts RENAMED Viewed

File without changes

{tokenizers → ai/tokenizers}/unified_tokenizer.py RENAMED Viewed

File without changes

app.py CHANGED Viewed

@@ -1,901 +1,30 @@
-from flask import Flask, request, jsonify, Response, render_template
-import requests
 import os
-import json
-import random
-import time
-import threading
-from typing import Dict, List
-from datetime import datetime, timedelta
-from health_checker import health_manager, HealthResult
-# Import tokenizer libraries
-try:
-    import tiktoken
-    TIKTOKEN_AVAILABLE = True
-except ImportError:
-    TIKTOKEN_AVAILABLE = False
-    print("Warning: tiktoken not available, token counting will be approximate")
-# Load environment variables from .env file
-try:
-    from dotenv import load_dotenv
-    load_dotenv()
-except ImportError:
-    # If python-dotenv is not installed, continue without it
-    pass
-from tokenizers.unified_tokenizer import unified_tokenizer
-class MetricsTracker:
-    def __init__(self):
-        self.start_time = time.time()
-        self.request_counts = {
-            'chat_completions': 0,
-            'models': 0,
-            'health': 0,
-            'key_status': 0
-        }
-        self.error_counts = {
-            'chat_completions': 0,
-            'models': 0,
-            'key_errors': 0
-        }
-        self.total_requests = 0
-        self.last_request_time = None
-        self.response_times = []
-        # Token tracking
-        self.total_tokens = 0
-        self.prompt_tokens = 0
-        self.completion_tokens = 0
-        # Per-service token tracking
-        self.service_tokens = {
-            'openai': {'prompt_tokens': 0, 'completion_tokens': 0, 'total_tokens': 0, 'response_times': []},
-            'anthropic': {'prompt_tokens': 0, 'completion_tokens': 0, 'total_tokens': 0, 'response_times': []}
-        }
-        self.lock = threading.Lock()
-    def track_request(self, endpoint: str, response_time: float = None, error: bool = False, tokens: dict = None, service: str = None):
-        with self.lock:
-            self.total_requests += 1
-            self.last_request_time = datetime.now()
-            if endpoint in self.request_counts:
-                self.request_counts[endpoint] += 1
-            if error and endpoint in self.error_counts:
-                self.error_counts[endpoint] += 1
-            if response_time is not None:
-                self.response_times.append(response_time)
-                # Keep only last 100 response times
-                if len(self.response_times) > 100:
-                    self.response_times.pop(0)
-            # Track tokens
-            if tokens and service:
-                prompt_tokens = tokens.get('prompt_tokens', 0)
-                completion_tokens = tokens.get('completion_tokens', 0)
-                total_tokens = tokens.get('total_tokens', 0)
-                # Update global counters
-                self.prompt_tokens += prompt_tokens
-                self.completion_tokens += completion_tokens
-                self.total_tokens += total_tokens
-                # Update per-service counters
-                if service in self.service_tokens:
-                    self.service_tokens[service]['prompt_tokens'] += prompt_tokens
-                    self.service_tokens[service]['completion_tokens'] += completion_tokens
-                    self.service_tokens[service]['total_tokens'] += total_tokens
-                    # Track response times per service
-                    if response_time is not None:
-                        self.service_tokens[service]['response_times'].append(response_time)
-                        # Keep only last 100 response times per service
-                        if len(self.service_tokens[service]['response_times']) > 100:
-                            self.service_tokens[service]['response_times'].pop(0)
-    def get_uptime(self):
-        return time.time() - self.start_time
-    def get_average_response_time(self):
-        if not self.response_times:
-            return 0
-        return sum(self.response_times) / len(self.response_times)
-    def get_metrics(self):
-        with self.lock:
-            return {
-                'uptime_seconds': self.get_uptime(),
-                'total_requests': self.total_requests,
-                'request_counts': self.request_counts.copy(),
-                'error_counts': self.error_counts.copy(),
-                'last_request': self.last_request_time.isoformat() if self.last_request_time else None,
-                'average_response_time': self.get_average_response_time(),
-                'total_tokens': self.total_tokens,
-                'prompt_tokens': self.prompt_tokens,
-                'completion_tokens': self.completion_tokens,
-                'service_tokens': self.service_tokens.copy()
-            }
-metrics = MetricsTracker()
-app = Flask(__name__)
-class APIKeyManager:
-    def __init__(self):
-        self.api_keys = self._load_api_keys()
-        self.key_usage = {}  # Track usage per key for rate limiting
-        self.failed_keys = set()  # Track temporarily failed keys
-        self.key_health = {}  # Track detailed health status for each key
-        self.lock = threading.Lock()  # Thread safety for key health updates
-        self._initialize_key_health()
-    def _parse_keys(self, key_string: str) -> List[str]:
-        """Parse comma and line-separated keys"""
-        if not key_string:
-            return []
-        keys = []
-        # Split by both commas and newlines
-        for line in key_string.replace(',', '\n').split('\n'):
-            key = line.strip()
-            if key and key not in keys:
-                keys.append(key)
-        return keys
-    def _load_api_keys(self) -> Dict[str, List[str]]:
-        """Load API keys from environment variables or config"""
-        keys = {}
-        # OpenAI keys - support multiple formats
-        openai_keys = []
-        # Try comma/line separated format first
-        bulk_key = os.getenv('OPENAI_API_KEYS')
-        if bulk_key:
-            parsed_keys = self._parse_keys(bulk_key)
-            print(f"DEBUG: Found {len(parsed_keys)} OpenAI keys from OPENAI_API_KEYS")
-            openai_keys.extend(parsed_keys)
-        # Try numbered format
-        i = 1
-        while True:
-            key = os.getenv(f'OPENAI_API_KEY_{i}')
-            if key:
-                openai_keys.extend(self._parse_keys(key))
-                i += 1
-            else:
-                break
-        # Fallback to single key
-        if not openai_keys:
-            single_key = os.getenv('OPENAI_API_KEY')
-            if single_key:
-                openai_keys.extend(self._parse_keys(single_key))
-        keys['openai'] = list(set(openai_keys))  # Remove duplicates
-        # Anthropic keys
-        anthropic_keys = []
-        bulk_key = os.getenv('ANTHROPIC_API_KEYS')
-        if bulk_key:
-            anthropic_keys.extend(self._parse_keys(bulk_key))
-        single_key = os.getenv('ANTHROPIC_API_KEY')
-        if single_key:
-            anthropic_keys.extend(self._parse_keys(single_key))
-        keys['anthropic'] = list(set(anthropic_keys))
-        return keys
-    def _initialize_key_health(self):
-        """Initialize health tracking for all keys"""
-        with self.lock:
-            for service, keys in self.api_keys.items():
-                for key in keys:
-                    if key and key not in self.key_health:
-                        self.key_health[key] = {
-                            'status': 'unknown',
-                            'service': service,
-                            'last_error': None,
-                            'last_success': None,
-                            'last_failure': None,
-                            'failure_count': 0,
-                            'consecutive_failures': 0,
-                            'error_type': None
-                        }
-    def perform_proactive_health_check(self, service: str, api_key: str):
-        """Perform proactive health check using the health checker system"""
-        try:
-            result = health_manager.check_service_health(service, api_key)
-            # Update key health based on result
-            if result.status == 'healthy':
-                self.update_key_health(api_key, True)
-            else:
-                self.update_key_health(
-                    api_key,
-                    False,
-                    result.status_code,
-                    result.error_message
-                )
-        except Exception as e:
-            # If health check fails, mark as network error
-            self.update_key_health(api_key, False, None, f"Health check failed: {str(e)}")
-    def run_initial_health_checks(self):
-        """Run initial health checks for all keys in background"""
-        def check_all_keys():
-            print("Starting initial health checks for all API keys...")
-            for service, keys in self.api_keys.items():
-                for key in keys:
-                    if key:
-                        print(f"Checking {service} key: {key[:8]}...")
-                        self.perform_proactive_health_check(service, key)
-                        time.sleep(0.5)  # Small delay to avoid overwhelming APIs
-            print("Initial health checks completed.")
-        # Run in background thread
-        thread = threading.Thread(target=check_all_keys, daemon=True)
-        thread.start()
-    def _classify_error(self, status_code: int, error_message: str) -> tuple:
-        """Classify error type and return (error_type, is_retryable)"""
-        error_msg_lower = error_message.lower()
-        # Authentication errors (not retryable with same key)
-        if status_code in [401, 403]:
-            return 'invalid_key', False
-        # Rate limiting (retryable)
-        if status_code == 429:
-            return 'rate_limited', True
-        # Quota/billing issues
-        quota_indicators = ['quota exceeded', 'billing', 'insufficient_quota', 'usage limit']
-        if any(indicator in error_msg_lower for indicator in quota_indicators):
-            return 'quota_exceeded', False
-        # Rate limit indicators in message
-        rate_limit_indicators = [
-            'rate limit', 'too many requests', 'rate_limit_exceeded',
-            'requests per minute', 'rpm', 'tpm'
-        ]
-        if any(indicator in error_msg_lower for indicator in rate_limit_indicators):
-            return 'rate_limited', True
-        # Server errors (potentially retryable)
-        if status_code >= 500:
-            return 'server_error', True
-        # Other client errors
-        if status_code >= 400:
-            return 'client_error', False
-        return 'unknown_error', False
-    def get_api_key(self, service: str, exclude_failed: bool = True) -> str:
-        """Get next available API key for the service with rate limit handling"""
-        if service not in self.api_keys or not self.api_keys[service]:
-            return None
-        available_keys = [key for key in self.api_keys[service] if key]
-        # Remove failed keys if requested
-        if exclude_failed:
-            available_keys = [key for key in available_keys if key not in self.failed_keys]
-        if not available_keys:
-            # If all keys failed, try again with failed keys (maybe they recovered)
-            if exclude_failed:
-                return self.get_api_key(service, exclude_failed=False)
-            return None
-        # Simple round-robin selection
-        if service not in self.key_usage:
-            self.key_usage[service] = 0
-        key_index = self.key_usage[service] % len(available_keys)
-        self.key_usage[service] += 1
-        return available_keys[key_index]
-    def update_key_health(self, key: str, success: bool, status_code: int = None, error_message: str = None):
-        """Update key health status based on API response"""
-        with self.lock:
-            if key not in self.key_health:
-                # Initialize if not exists
-                service = next((svc for svc, keys in self.api_keys.items() if key in keys), 'unknown')
-                self.key_health[key] = {
-                    'status': 'unknown',
-                    'service': service,
-                    'last_error': None,
-                    'last_success': None,
-                    'last_failure': None,
-                    'failure_count': 0,
-                    'consecutive_failures': 0,
-                    'error_type': None
-                }
-            health = self.key_health[key]
-            now = datetime.now()
-            if success:
-                health['status'] = 'healthy'
-                health['last_success'] = now
-                health['consecutive_failures'] = 0
-                health['error_type'] = None
-                health['last_error'] = None
-            else:
-                health['last_failure'] = now
-                health['failure_count'] += 1
-                health['consecutive_failures'] += 1
-                if status_code and error_message:
-                    error_type, is_retryable = self._classify_error(status_code, error_message)
-                    health['error_type'] = error_type
-                    health['status'] = error_type
-                    health['last_error'] = error_message
-                    # Only mark as failed for retryable errors
-                    if is_retryable:
-                        self.failed_keys.add(key)
-                        # Auto-recovery after some time
-                        threading.Timer(300, lambda: self.failed_keys.discard(key)).start()
-                else:
-                    health['status'] = 'failed'
-                    health['error_type'] = 'unknown_error'
-    def mark_key_failed(self, service: str, key: str):
-        """Mark a key as temporarily failed (legacy method)"""
-        self.failed_keys.add(key)
-        # Auto-recovery after some time (simplified)
-        threading.Timer(300, lambda: self.failed_keys.discard(key)).start()
-    def handle_api_error(self, service: str, key: str, error_message: str, status_code: int = None) -> bool:
-        """Handle API error and return True if should retry with different key"""
-        # Update key health with failure
-        self.update_key_health(key, False, status_code, error_message)
-        # Check if error is retryable
-        if status_code and error_message:
-            error_type, is_retryable = self._classify_error(status_code, error_message)
-            return is_retryable
-        # Legacy fallback for rate limiting
-        rate_limit_indicators = [
-            'rate limit', 'too many requests', 'quota exceeded',
-            'rate_limit_exceeded', 'requests per minute', 'rpm', 'tpm'
-        ]
-        if any(indicator in error_message.lower() for indicator in rate_limit_indicators):
-            self.mark_key_failed(service, key)
-            return True
-        return False
-key_manager = APIKeyManager()
-metrics = MetricsTracker()
-app = Flask(__name__)
-# Run initial health checks in background
-key_manager.run_initial_health_checks()
-@app.route('/health', methods=['GET'])
-def health_check():
-    start_time = time.time()
-    result = jsonify({"status": "healthy", "service": "AI Proxy"})
-    metrics.track_request('health', time.time() - start_time)
-    return result
-@app.route('/openai/v1/chat/completions', methods=['POST'])
-@app.route('/v1/chat/completions', methods=['POST'])  # Legacy support
-def openai_chat_completions():
-    """Proxy OpenAI chat completions with rate limit handling"""
-    start_time = time.time()
-    max_retries = 3
-    for attempt in range(max_retries):
-        api_key = key_manager.get_api_key('openai')
-        if not api_key:
-            metrics.track_request('chat_completions', time.time() - start_time, error=True)
-            return jsonify({"error": "No OpenAI API key configured"}), 500
-        headers = {
-            'Authorization': f'Bearer {api_key}',
-            'Content-Type': 'application/json'
-        }
-        try:
-            response = requests.post(
-                'https://api.openai.com/v1/chat/completions',
-                headers=headers,
-                json=request.json,
-                stream=request.json.get('stream', False)
-            )
-            response_time = time.time() - start_time
-            # Handle different response codes
-            if response.status_code >= 400:
-                error_text = response.text
-                if key_manager.handle_api_error('openai', api_key, error_text, response.status_code):
-                    if attempt < max_retries - 1:
-                        time.sleep(1)  # Brief pause before retry
-                        continue
-            else:
-                # Success - update key health
-                key_manager.update_key_health(api_key, True)
-            # Extract token information from response
-            tokens = None
-            response_content = response.content
-            request_json = request.get_json() if request else {}
-            is_streaming = request_json.get('stream', False) if request_json else False
-            if response.status_code == 200:
-                model = request_json.get('model', 'gpt-3.5-turbo')
-                # For streaming requests, count prompt tokens only
-                if is_streaming:
-                    try:
-                        token_result = unified_tokenizer.count_tokens(
-                            request_data=request_json,
-                            service="openai",
-                            model=model
-                        )
-                        tokens = {
-                            'prompt_tokens': token_result['prompt_tokens'],
-                            'completion_tokens': 0,  # Can't count completion tokens for streaming
-                            'total_tokens': token_result['prompt_tokens']
-                        }
-                    except Exception:
-                        pass
-                else:
-                    # Non-streaming request - try to get full token counts
-                    try:
-                        response_data = json.loads(response_content)
-                        if 'usage' in response_data:
-                            tokens = response_data['usage']
-                        else:
-                            # Fallback: estimate tokens using advanced tokenizer
-                            response_text = ""
-                            if 'choices' in response_data:
-                                for choice in response_data['choices']:
-                                    if 'message' in choice and 'content' in choice['message']:
-                                        response_text += choice['message']['content'] + " "
-                            token_result = unified_tokenizer.count_tokens(
-                                request_data=request_json,
-                                service="openai",
-                                model=model,
-                                response_text=response_text.strip()
-                            )
-                            tokens = {
-                                'prompt_tokens': token_result['prompt_tokens'],
-                                'completion_tokens': token_result['completion_tokens'],
-                                'total_tokens': token_result['total_tokens']
-                            }
-                    except (json.JSONDecodeError, Exception):
-                        # Still try to count tokens from request at least
-                        try:
-                            token_result = unified_tokenizer.count_tokens(
-                                request_data=request_json,
-                                service="openai",
-                                model=model
-                            )
-                            tokens = {
-                                'prompt_tokens': token_result['prompt_tokens'],
-                                'completion_tokens': 0,
-                                'total_tokens': token_result['prompt_tokens']
-                            }
-                        except Exception:
-                            pass
-            metrics.track_request('chat_completions', response_time, error=response.status_code >= 400, tokens=tokens, service='openai')
-            if is_streaming:
-                return Response(
-                    response.iter_content(chunk_size=1024),
-                    content_type=response.headers.get('content-type'),
-                    status=response.status_code
-                )
-            else:
-                return Response(
-                    response_content,
-                    content_type=response.headers.get('content-type'),
-                    status=response.status_code
-                )
-        except Exception as e:
-            error_msg = str(e)
-            if key_manager.handle_api_error('openai', api_key, error_msg):
-                if attempt < max_retries - 1:
-                    time.sleep(1)
-                    continue
-            metrics.track_request('chat_completions', time.time() - start_time, error=True)
-            return jsonify({"error": error_msg}), 500
-    # If we get here, all retries failed
-    metrics.track_request('chat_completions', time.time() - start_time, error=True)
-    return jsonify({"error": "All API keys rate limited or failed"}), 429
-@app.route('/openai/v1/models', methods=['GET'])
-@app.route('/v1/models', methods=['GET'])  # Legacy support
-def openai_models():
-    """Proxy OpenAI models endpoint with rate limit handling"""
-    start_time = time.time()
-    max_retries = 3
-    for attempt in range(max_retries):
-        api_key = key_manager.get_api_key('openai')
-        if not api_key:
-            metrics.track_request('models', time.time() - start_time, error=True)
-            return jsonify({"error": "No OpenAI API key configured"}), 500
-        headers = {
-            'Authorization': f'Bearer {api_key}',
-            'Content-Type': 'application/json'
-        }
-        try:
-            response = requests.get(
-                'https://api.openai.com/v1/models',
-                headers=headers
-            )
-            response_time = time.time() - start_time
-            # Handle different response codes
-            if response.status_code >= 400:
-                error_text = response.text
-                if key_manager.handle_api_error('openai', api_key, error_text, response.status_code):
-                    if attempt < max_retries - 1:
-                        time.sleep(1)
-                        continue
-            else:
-                # Success - update key health
-                key_manager.update_key_health(api_key, True)
-            metrics.track_request('models', response_time, error=response.status_code >= 400)
-            return Response(
-                response.content,
-                content_type=response.headers.get('content-type'),
-                status=response.status_code
-            )
-        except Exception as e:
-            error_msg = str(e)
-            if key_manager.handle_api_error('openai', api_key, error_msg):
-                if attempt < max_retries - 1:
-                    time.sleep(1)
-                    continue
-            metrics.track_request('models', time.time() - start_time, error=True)
-            return jsonify({"error": error_msg}), 500
-    # If we get here, all retries failed
-    metrics.track_request('models', time.time() - start_time, error=True)
-    return jsonify({"error": "All API keys rate limited or failed"}), 429
-@app.route('/api/keys/status', methods=['GET'])
-def key_status():
-    """Check which API keys are configured"""
-    start_time = time.time()
-    status = {}
-    for service, keys in key_manager.api_keys.items():
-        status[service] = {
-            'configured': len([k for k in keys if k]) > 0,
-            'count': len([k for k in keys if k])
-        }
-    metrics.track_request('key_status', time.time() - start_time)
-    return jsonify(status)
-@app.route('/api/keys/health', methods=['GET'])
-def key_health():
-    """Get detailed health status for all keys"""
-    start_time = time.time()
-    # Get health data with safe serialization
-    health_data = {}
-    with key_manager.lock:
-        for key, health in key_manager.key_health.items():
-            # Mask the key for security (show only first 8 chars)
-            masked_key = key[:8] + '...' if len(key) > 8 else key
-            health_data[masked_key] = {
-                'status': health['status'],
-                'service': health['service'],
-                'last_success': health['last_success'].isoformat() if health['last_success'] else None,
-                'last_failure': health['last_failure'].isoformat() if health['last_failure'] else None,
-                'failure_count': health['failure_count'],
-                'consecutive_failures': health['consecutive_failures'],
-                'error_type': health['error_type'],
-                'last_error': health['last_error'][:100] if health['last_error'] else None  # Truncate error message
-            }
-    metrics.track_request('key_health', time.time() - start_time)
-    return jsonify(health_data)
-@app.route('/api/debug/keys', methods=['GET'])
-def debug_keys():
-    """Debug endpoint to check key loading"""
-    debug_info = {}
-    for service, keys in key_manager.api_keys.items():
-        debug_info[service] = {
-            'total_keys': len(keys),
-            'valid_keys': len([k for k in keys if k]),
-            'first_few_chars': [k[:8] + '...' if len(k) > 8 else k for k in keys[:3] if k]  # Show first 3 for debugging
-        }
-    return jsonify(debug_info)
-@app.route('/api/metrics', methods=['GET'])
-def get_metrics():
-    """Get proxy metrics"""
-    return jsonify(metrics.get_metrics())
-@app.route('/', methods=['GET'])
-def dashboard():
-    """Dashboard webpage"""
-    metrics_data = metrics.get_metrics()
-    key_status_data = {}
-    key_health_data = {}
-    for service, keys in key_manager.api_keys.items():
-        key_status_data[service] = {
-            'configured': len([k for k in keys if k]) > 0,
-            'count': len([k for k in keys if k])
-        }
-        # Get health status for this service
-        service_health = {
-            'healthy': 0,
-            'rate_limited': 0,
-            'invalid_key': 0,
-            'quota_exceeded': 0,
-            'unknown': 0,
-            'failed': 0,
-            'key_details': [],
-            'prompt_tokens': 0,
-            'total_tokens': 0,
-            'avg_response_time': '0.00'
-        }
-        # Get token data for this service
-        if service in metrics_data['service_tokens']:
-            service_metrics = metrics_data['service_tokens'][service]
-            service_health['prompt_tokens'] = service_metrics['prompt_tokens']
-            service_health['total_tokens'] = service_metrics['total_tokens']
-            # Calculate average response time for this service
-            if service_metrics['response_times']:
-                avg_time = sum(service_metrics['response_times']) / len(service_metrics['response_times'])
-                service_health['avg_response_time'] = f"{avg_time:.2f}"
-        with key_manager.lock:
-            for key in keys:
-                if key and key in key_manager.key_health:
-                    health = key_manager.key_health[key]
-                    status = health['status']
-                    # Count by status
-                    if status in service_health:
-                        service_health[status] += 1
-                    else:
-                        service_health['failed'] += 1
-                    # Add key details (masked for security)
-                    masked_key = key[:8] + '...' if len(key) > 8 else key
-                    service_health['key_details'].append({
-                        'key': masked_key,
-                        'status': status,
-                        'last_success': health['last_success'].strftime('%Y-%m-%d %H:%M:%S') if health['last_success'] else 'Never',
-                        'last_failure': health['last_failure'].strftime('%Y-%m-%d %H:%M:%S') if health['last_failure'] else 'Never',
-                        'consecutive_failures': health['consecutive_failures'],
-                        'error_type': health['error_type']
-                    })
-                else:
-                    service_health['unknown'] += 1
-        key_health_data[service] = service_health
-    uptime_hours = metrics_data['uptime_seconds'] / 3600
-    uptime_display = f"{uptime_hours:.1f} hours" if uptime_hours >= 1 else f"{metrics_data['uptime_seconds']:.0f} seconds"
-    # Get current deployment URL
-    base_url = get_base_url()
-    # Get configurable dashboard variables from environment
-    dashboard_config = {
-        'title': f"{os.getenv('BRAND_EMOJI', '🐱')} {os.getenv('DASHBOARD_TITLE', 'NyanProxy Dashboard')}",
-        'subtitle': os.getenv('DASHBOARD_SUBTITLE', 'Purr-fect monitoring for your AI service proxy!'),
-        'refresh_interval': int(os.getenv('DASHBOARD_REFRESH_INTERVAL', 30)),
-        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
-        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
-        'brand_description': os.getenv('BRAND_DESCRIPTION', 'Meow-nificent AI Proxy!')
-    }
-    return render_template('dashboard.html',
-                         base_url=base_url,
-                         uptime_display=uptime_display,
-                         total_requests=metrics_data['total_requests'],
-                         total_prompts=metrics_data['request_counts']['chat_completions'],
-                         total_tokens=metrics_data['total_tokens'],
-                         average_response_time=f"{metrics_data['average_response_time']:.2f}s",
-                         key_status_data=key_status_data,
-                         key_health_data=key_health_data,
-                         request_counts=metrics_data['request_counts'],
-                         error_counts=metrics_data['error_counts'],
-                         last_request=metrics_data['last_request'],
-                         config=dashboard_config)
-def get_base_url():
-    """Get the base URL of the current deployment"""
-    # Try to detect HF Space URL
-    space_id = os.getenv('SPACE_ID')
-    if space_id:
-        # Convert username/space-name to username-space-name format
-        space_url = space_id.replace('/', '-')
-        return f'https://{space_url}.hf.space'
-    # Try other common deployment patterns
-    render_url = os.getenv('RENDER_EXTERNAL_URL')
-    if render_url:
-        return render_url
-    railway_url = os.getenv('RAILWAY_STATIC_URL')
-    if railway_url:
-        return railway_url
-    # Fallback to localhost for development
-    port = os.getenv('PORT', 7860)
-    return f'http://localhost:{port}'
-# Add Anthropic endpoints
-@app.route('/anthropic/v1/messages', methods=['POST'])
-def anthropic_messages():
-    """Proxy Anthropic messages with token tracking"""
-    start_time = time.time()
-    max_retries = 3
-    for attempt in range(max_retries):
-        api_key = key_manager.get_api_key('anthropic')
-        if not api_key:
-            metrics.track_request('chat_completions', time.time() - start_time, error=True)
-            return jsonify({"error": "No Anthropic API key configured"}), 500
-        headers = {
-            'x-api-key': api_key,
-            'Content-Type': 'application/json',
-            'anthropic-version': '2023-06-01'
-        }
-        try:
-            response = requests.post(
-                'https://api.anthropic.com/v1/messages',
-                headers=headers,
-                json=request.json,
-                stream=request.json.get('stream', False)
-            )
-            response_time = time.time() - start_time
-            # Handle different response codes
-            if response.status_code >= 400:
-                error_text = response.text
-                if key_manager.handle_api_error('anthropic', api_key, error_text, response.status_code):
-                    if attempt < max_retries - 1:
-                        time.sleep(1)  # Brief pause before retry
-                        continue
-            else:
-                # Success - update key health
-                key_manager.update_key_health(api_key, True)
-            # Extract token information from response
-            tokens = None
-            response_content = response.content
-            request_json = request.get_json() if request else {}
-            is_streaming = request_json.get('stream', False) if request_json else False
-            if response.status_code == 200:
-                if is_streaming:
-                    # For streaming requests, count prompt tokens only
-                    try:
-                        token_result = unified_tokenizer.count_tokens(
-                            request_data=request_json,
-                            service="anthropic"
-                        )
-                        tokens = {
-                            'prompt_tokens': token_result['prompt_tokens'],
-                            'completion_tokens': 0,  # Can't count completion tokens for streaming
-                            'total_tokens': token_result['prompt_tokens']
-                        }
-                    except Exception:
-                        pass
-                else:
-                    # Non-streaming request - try to get full token counts
-                    try:
-                        response_data = json.loads(response_content)
-                        if 'usage' in response_data:
-                            usage = response_data['usage']
-                            tokens = {
-                                'prompt_tokens': usage.get('input_tokens', 0),
-                                'completion_tokens': usage.get('output_tokens', 0),
-                                'total_tokens': usage.get('input_tokens', 0) + usage.get('output_tokens', 0)
-                            }
-                        else:
-                            # Fallback: estimate tokens using advanced tokenizer
-                            response_text = ""
-                            if 'content' in response_data:
-                                for content in response_data['content']:
-                                    if content.get('type') == 'text':
-                                        response_text += content.get('text', '') + " "
-                            token_result = unified_tokenizer.count_tokens(
-                                request_data=request_json,
-                                service="anthropic",
-                                response_text=response_text.strip()
-                            )
-                            tokens = {
-                                'prompt_tokens': token_result['prompt_tokens'],
-                                'completion_tokens': token_result['completion_tokens'],
-                                'total_tokens': token_result['total_tokens']
-                            }
-                    except (json.JSONDecodeError, Exception):
-                        # Still try to count tokens from request at least
-                        try:
-                            token_result = unified_tokenizer.count_tokens(
-                                request_data=request_json,
-                                service="anthropic"
-                            )
-                            tokens = {
-                                'prompt_tokens': token_result['prompt_tokens'],
-                                'completion_tokens': 0,
-                                'total_tokens': token_result['prompt_tokens']
-                            }
-                        except Exception:
-                            pass
-            metrics.track_request('chat_completions', response_time, error=response.status_code >= 400, tokens=tokens, service='anthropic')
-            if is_streaming:
-                return Response(
-                    response.iter_content(chunk_size=1024),
-                    content_type=response.headers.get('content-type'),
-                    status=response.status_code
-                )
-            else:
-                return Response(
-                    response_content,
-                    content_type=response.headers.get('content-type'),
-                    status=response.status_code
-                )
-        except Exception as e:
-            error_msg = str(e)
-            if key_manager.handle_api_error('anthropic', api_key, error_msg):
-                if attempt < max_retries - 1:
-                    time.sleep(1)
-                    continue
-            metrics.track_request('chat_completions', time.time() - start_time, error=True)
-            return jsonify({"error": error_msg}), 500
-    # If we get here, all retries failed
-    metrics.track_request('chat_completions', time.time() - start_time, error=True)
-    return jsonify({"error": "All API keys rate limited or failed"}), 429
-@app.route('/anthropic/v1/models', methods=['GET'])
-def anthropic_models():
-    """Anthropic models endpoint (placeholder)"""
-    return jsonify({"error": "Anthropic models endpoint not implemented yet"}), 501
 if __name__ == '__main__':
     port = int(os.getenv('PORT', 7860))
-    app.run(host='0.0.0.0', port=port, debug=True)

+#!/usr/bin/env python3
+"""
+Main application entry point for Hugging Face compatibility
+"""
+import sys
 import os
+# Add the project root to Python path so imports work correctly
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+# Import the Flask app from the core module
+from core.app import app
 if __name__ == '__main__':
     port = int(os.getenv('PORT', 7860))
+    debug_mode = os.getenv('DEBUG', 'False').lower() == 'true'
+    if debug_mode:
+        # Development mode with debugging
+        app.run(host='0.0.0.0', port=port, debug=True, threaded=True)
+    else:
+        # Production mode with threading and better performance
+        app.run(
+            host='0.0.0.0',
+            port=port,
+            debug=False,
+            threaded=True,
+            processes=1,
+            use_reloader=False
+        )

config/.env.example ADDED Viewed

	@@ -0,0 +1,51 @@

+# === AUTHENTICATION CONFIGURATION ===
+# Choose authentication mode: "none", "proxy_key", or "user_token"
+AUTH_MODE=none
+# For proxy_key mode: single shared password
+PROXY_PASSWORD=proxy_pass
+# Admin key for accessing admin endpoints
+ADMIN_KEY=your_admin_key_here
+# === USER TOKEN CONFIGURATION ===
+# Maximum IP addresses per user (default: 3)
+MAX_IPS_PER_USER=3
+# Auto-ban users who exceed IP limit (default: true)
+MAX_IPS_AUTO_BAN=true
+# === RATE LIMITING ===
+# Enable rate limiting (default: true)
+RATE_LIMIT_ENABLED=true
+# Requests per minute per user/IP (default: 60)
+RATE_LIMIT_PER_MINUTE=60
+# === FIREBASE CONFIGURATION ===
+# Firebase Realtime Database URL
+FIREBASE_URL=https://your-project-default-rtdb.firebaseio.com/
+# Firebase service account key (JSON string)
+# You can also use Application Default Credentials instead
+FIREBASE_SERVICE_ACCOUNT_KEY={"type":"service_account","project_id":"your-project",...}
+# === API KEYS ===
+# OpenAI API Keys (multiple keys separated by commas or newlines)
+OPENAI_API_KEYS=sk-key1,sk-key2,sk-key3
+# Anthropic API Keys
+ANTHROPIC_API_KEYS=sk-ant-key1,sk-ant-key2
+# === DASHBOARD CONFIGURATION ===
+BRAND_NAME=NyanProxy
+BRAND_EMOJI=🐱
+DASHBOARD_TITLE=NyanProxy Dashboard
+DASHBOARD_SUBTITLE=Purr-fect monitoring for your AI service proxy!
+DASHBOARD_REFRESH_INTERVAL=30
+# === DEPLOYMENT ===
+PORT=7860
+# Optional: Override automatic URL detection
+# APP_URL=https://your-custom-domain.com

config/requirements.txt ADDED Viewed

	@@ -0,0 +1,7 @@

+Flask==2.3.3
+requests==2.31.0
+gunicorn==21.2.0
+python-dotenv==1.0.0
+tiktoken==0.5.2
+firebase-admin==6.3.0
+Flask-WTF==1.1.1

core/app.py ADDED Viewed

	@@ -0,0 +1,1057 @@

+from flask import Flask, request, jsonify, Response, render_template, g, session
+import requests
+import os
+import json
+import random
+import time
+import threading
+from typing import Dict, List
+from datetime import datetime, timedelta
+from .health_checker import health_manager, HealthResult
+# Import tokenizer libraries
+try:
+    import tiktoken
+    TIKTOKEN_AVAILABLE = True
+except ImportError:
+    TIKTOKEN_AVAILABLE = False
+    print("Warning: tiktoken not available, token counting will be approximate")
+# Load environment variables from .env file
+try:
+    from dotenv import load_dotenv
+    load_dotenv()
+except ImportError:
+    # If python-dotenv is not installed, continue without it
+    pass
+from ai.tokenizers.unified_tokenizer import unified_tokenizer
+# Import authentication system
+from src.config.auth import auth_config
+from src.middleware.auth import require_auth, check_quota, track_token_usage
+from src.services.event_logger import event_logger
+from src.services.structured_event_logger import structured_logger
+from src.services.user_store import user_store
+from src.routes.admin import admin_bp
+from src.routes.admin_web import admin_web_bp
+from src.routes.model_families_admin import model_families_bp
+from src.middleware.auth import generate_csrf_token
+from src.services.model_families import model_manager, AIProvider
+class MetricsTracker:
+    def __init__(self):
+        self.start_time = time.time()
+        self.request_counts = {
+            'chat_completions': 0,
+            'models': 0,
+            'health': 0,
+            'key_status': 0
+        }
+        self.error_counts = {
+            'chat_completions': 0,
+            'models': 0,
+            'key_errors': 0
+        }
+        self.total_requests = 0
+        self.last_request_time = None
+        self.response_times = []
+        # Token tracking
+        self.total_tokens = 0
+        self.prompt_tokens = 0
+        self.completion_tokens = 0
+        # Per-service tracking (dynamically populated as services are used)
+        self.service_tokens = {}
+        self.lock = threading.Lock()
+    def track_request(self, endpoint: str, response_time: float = None, error: bool = False, tokens: dict = None, service: str = None):
+        with self.lock:
+            self.total_requests += 1
+            self.last_request_time = datetime.now()
+            if endpoint in self.request_counts:
+                self.request_counts[endpoint] += 1
+            if error and endpoint in self.error_counts:
+                self.error_counts[endpoint] += 1
+            if response_time is not None:
+                self.response_times.append(response_time)
+                # Keep only last 100 response times
+                if len(self.response_times) > 100:
+                    self.response_times.pop(0)
+            # Always track requests, even if tokens is None
+            if service:
+                # Initialize service if not exists
+                if service not in self.service_tokens:
+                    self.service_tokens[service] = {
+                        'successful_requests': 0,
+                        'total_tokens': 0,
+                        'response_times': []
+                    }
+                    print(f"DEBUG: Initialized tracking for new service: {service}")
+                # Track successful requests (only count if not an error)
+                if not error:
+                    self.service_tokens[service]['successful_requests'] += 1
+                    print(f"DEBUG: Incremented successful_requests for {service} to {self.service_tokens[service]['successful_requests']}")
+                # Track response times per service
+                if response_time is not None:
+                    self.service_tokens[service]['response_times'].append(response_time)
+                    # Keep only last 100 response times per service
+                    if len(self.service_tokens[service]['response_times']) > 100:
+                        self.service_tokens[service]['response_times'].pop(0)
+            # Track tokens if available
+            if tokens and service:
+                prompt_tokens = tokens.get('prompt_tokens', 0)
+                completion_tokens = tokens.get('completion_tokens', 0)
+                total_tokens = tokens.get('total_tokens', 0)
+                print(f"DEBUG: MetricsTracker - Service: {service}, Tokens: {tokens}, Error: {error}")
+                # Update global counters
+                self.prompt_tokens += prompt_tokens
+                self.completion_tokens += completion_tokens
+                self.total_tokens += total_tokens
+                # Track total tokens (input + output)
+                self.service_tokens[service]['total_tokens'] += total_tokens
+                print(f"DEBUG: Added {total_tokens} tokens to {service}, total now: {self.service_tokens[service]['total_tokens']}")
+            else:
+                print(f"DEBUG: NOT tracking tokens - tokens={tokens}, service={service}")
+    def get_uptime(self):
+        return time.time() - self.start_time
+    def get_average_response_time(self):
+        if not self.response_times:
+            return 0
+        return sum(self.response_times) / len(self.response_times)
+    def get_metrics(self):
+        with self.lock:
+            return {
+                'uptime_seconds': self.get_uptime(),
+                'total_requests': self.total_requests,
+                'request_counts': self.request_counts.copy(),
+                'error_counts': self.error_counts.copy(),
+                'last_request': self.last_request_time.isoformat() if self.last_request_time else None,
+                'average_response_time': self.get_average_response_time(),
+                'total_tokens': self.total_tokens,
+                'prompt_tokens': self.prompt_tokens,
+                'completion_tokens': self.completion_tokens,
+                'service_tokens': self.service_tokens.copy()
+            }
+class APIKeyManager:
+    def __init__(self):
+        self.api_keys = self._load_api_keys()
+        self.key_usage = {}  # Track usage per key for rate limiting
+        self.failed_keys = set()  # Track temporarily failed keys
+        self.key_health = {}  # Track detailed health status for each key
+        self.lock = threading.Lock()  # Thread safety for key health updates
+        self._initialize_key_health()
+    def _parse_keys(self, key_string: str) -> List[str]:
+        """Parse comma and line-separated keys"""
+        if not key_string:
+            return []
+        keys = []
+        # Split by both commas and newlines
+        for line in key_string.replace(',', '\n').split('\n'):
+            key = line.strip()
+            if key and key not in keys:
+                keys.append(key)
+        return keys
+    def _load_api_keys(self) -> Dict[str, List[str]]:
+        """Load API keys from environment variables or config"""
+        keys = {}
+        # OpenAI keys - support comma/line separated format
+        openai_keys = []
+        # Try comma/line separated format first
+        bulk_key = os.getenv('OPENAI_API_KEYS')
+        if bulk_key:
+            parsed_keys = self._parse_keys(bulk_key)
+            print(f"DEBUG: Found {len(parsed_keys)} OpenAI keys from OPENAI_API_KEYS")
+            openai_keys.extend(parsed_keys)
+        # Fallback to single key
+        if not openai_keys:
+            single_key = os.getenv('OPENAI_API_KEY')
+            if single_key:
+                openai_keys.extend(self._parse_keys(single_key))
+        keys['openai'] = list(set(openai_keys))  # Remove duplicates
+        # Anthropic keys
+        anthropic_keys = []
+        bulk_key = os.getenv('ANTHROPIC_API_KEYS')
+        if bulk_key:
+            anthropic_keys.extend(self._parse_keys(bulk_key))
+        single_key = os.getenv('ANTHROPIC_API_KEY')
+        if single_key:
+            anthropic_keys.extend(self._parse_keys(single_key))
+        keys['anthropic'] = list(set(anthropic_keys))
+        return keys
+    def _initialize_key_health(self):
+        """Initialize health tracking for all keys"""
+        with self.lock:
+            for service, keys in self.api_keys.items():
+                for key in keys:
+                    if key and key not in self.key_health:
+                        self.key_health[key] = {
+                            'status': 'unknown',
+                            'service': service,
+                            'last_error': None,
+                            'last_success': None,
+                            'last_failure': None,
+                            'failure_count': 0,
+                            'consecutive_failures': 0,
+                            'error_type': None
+                        }
+    def perform_proactive_health_check(self, service: str, api_key: str):
+        """Perform proactive health check using the health checker system"""
+        try:
+            result = health_manager.check_service_health(service, api_key)
+            # Update key health based on result
+            if result.status == 'healthy':
+                self.update_key_health(api_key, True)
+            else:
+                self.update_key_health(
+                    api_key,
+                    False,
+                    result.status_code,
+                    result.error_message
+                )
+        except Exception as e:
+            # If health check fails, mark as network error
+            self.update_key_health(api_key, False, None, f"Health check failed: {str(e)}")
+    def run_initial_health_checks(self):
+        """Run initial health checks for all keys in background"""
+        def check_all_keys():
+            print("Starting initial health checks for all API keys...")
+            for service, keys in self.api_keys.items():
+                for key in keys:
+                    if key:
+                        print(f"Checking {service} key: {key[:8]}...")
+                        self.perform_proactive_health_check(service, key)
+                        time.sleep(0.5)  # Small delay to avoid overwhelming APIs
+            print("Initial health checks completed.")
+        # Run in background thread
+        thread = threading.Thread(target=check_all_keys, daemon=True)
+        thread.start()
+    def _classify_error(self, status_code: int, error_message: str) -> tuple:
+        """Classify error type and return (error_type, is_retryable)"""
+        error_msg_lower = error_message.lower()
+        # Authentication errors (not retryable with same key)
+        if status_code in [401, 403]:
+            return 'invalid_key', False
+        # Rate limiting (retryable)
+        if status_code == 429:
+            return 'rate_limited', True
+        # Quota/billing issues
+        quota_indicators = ['quota exceeded', 'billing', 'insufficient_quota', 'usage limit']
+        if any(indicator in error_msg_lower for indicator in quota_indicators):
+            return 'quota_exceeded', False
+        # Rate limit indicators in message
+        rate_limit_indicators = [
+            'rate limit', 'too many requests', 'rate_limit_exceeded',
+            'requests per minute', 'rpm', 'tpm'
+        ]
+        if any(indicator in error_msg_lower for indicator in rate_limit_indicators):
+            return 'rate_limited', True
+        # Server errors (potentially retryable)
+        if status_code >= 500:
+            return 'server_error', True
+        # Other client errors
+        if status_code >= 400:
+            return 'client_error', False
+        return 'unknown_error', False
+    def get_api_key(self, service: str, exclude_failed: bool = True) -> str:
+        """Get next available API key for the service with rate limit handling"""
+        if service not in self.api_keys or not self.api_keys[service]:
+            return None
+        available_keys = [key for key in self.api_keys[service] if key]
+        # Remove failed keys if requested
+        if exclude_failed:
+            available_keys = [key for key in available_keys if key not in self.failed_keys]
+        if not available_keys:
+            # If all keys failed, try again with failed keys (maybe they recovered)
+            if exclude_failed:
+                return self.get_api_key(service, exclude_failed=False)
+            return None
+        # Simple round-robin selection
+        if service not in self.key_usage:
+            self.key_usage[service] = 0
+        key_index = self.key_usage[service] % len(available_keys)
+        self.key_usage[service] += 1
+        return available_keys[key_index]
+    def update_key_health(self, key: str, success: bool, status_code: int = None, error_message: str = None):
+        """Update key health status based on API response"""
+        with self.lock:
+            if key not in self.key_health:
+                # Initialize if not exists
+                service = next((svc for svc, keys in self.api_keys.items() if key in keys), 'unknown')
+                self.key_health[key] = {
+                    'status': 'unknown',
+                    'service': service,
+                    'last_error': None,
+                    'last_success': None,
+                    'last_failure': None,
+                    'failure_count': 0,
+                    'consecutive_failures': 0,
+                    'error_type': None
+                }
+            health = self.key_health[key]
+            now = datetime.now()
+            if success:
+                health['status'] = 'healthy'
+                health['last_success'] = now
+                health['consecutive_failures'] = 0
+                health['error_type'] = None
+                health['last_error'] = None
+            else:
+                health['last_failure'] = now
+                health['failure_count'] += 1
+                health['consecutive_failures'] += 1
+                if status_code and error_message:
+                    error_type, is_retryable = self._classify_error(status_code, error_message)
+                    health['error_type'] = error_type
+                    health['status'] = error_type
+                    health['last_error'] = error_message
+                    # Only mark as failed for retryable errors
+                    if is_retryable:
+                        self.failed_keys.add(key)
+                        # Auto-recovery after some time
+                        threading.Timer(300, lambda: self.failed_keys.discard(key)).start()
+                else:
+                    health['status'] = 'failed'
+                    health['error_type'] = 'unknown_error'
+    def mark_key_failed(self, service: str, key: str):
+        """Mark a key as temporarily failed (legacy method)"""
+        self.failed_keys.add(key)
+        # Auto-recovery after some time (simplified)
+        threading.Timer(300, lambda: self.failed_keys.discard(key)).start()
+    def handle_api_error(self, service: str, key: str, error_message: str, status_code: int = None) -> bool:
+        """Handle API error and return True if should retry with different key"""
+        # Update key health with failure
+        self.update_key_health(key, False, status_code, error_message)
+        # Check if error is retryable
+        if status_code and error_message:
+            error_type, is_retryable = self._classify_error(status_code, error_message)
+            return is_retryable
+        # Legacy fallback for rate limiting
+        rate_limit_indicators = [
+            'rate limit', 'too many requests', 'quota exceeded',
+            'rate_limit_exceeded', 'requests per minute', 'rpm', 'tpm'
+        ]
+        if any(indicator in error_message.lower() for indicator in rate_limit_indicators):
+            self.mark_key_failed(service, key)
+            return True
+        return False
+key_manager = APIKeyManager()
+metrics = MetricsTracker()
+app = Flask(__name__, template_folder='../pages', static_folder='../static')
+# Configure Flask
+app.secret_key = os.getenv('FLASK_SECRET_KEY', 'default-secret-key-change-in-production')
+app.permanent_session_lifetime = timedelta(hours=24)  # Sessions last 24 hours
+# Register admin blueprints
+app.register_blueprint(admin_bp)
+app.register_blueprint(admin_web_bp)
+app.register_blueprint(model_families_bp)
+# Add CSRF token to template context
+@app.context_processor
+def inject_csrf_token():
+    return dict(csrf_token=generate_csrf_token)
+# Run initial health checks in background
+key_manager.run_initial_health_checks()
+# Add request logging middleware
+@app.before_request
+def log_request():
+    print(f"DEBUG: Request to {request.method} {request.path} from {request.remote_addr}")
+    print(f"DEBUG: Headers: {dict(request.headers)}")
+    if request.method == 'POST':
+        print(f"DEBUG: Content-Type: {request.content_type}")
+        if request.is_json:
+            print(f"DEBUG: JSON Body keys: {list(request.json.keys()) if request.json else 'None'}")
+    print(f"DEBUG: Full URL: {request.url}")
+@app.route('/health', methods=['GET'])
+def health_check():
+    start_time = time.time()
+    result = jsonify({"status": "healthy", "service": "AI Proxy"})
+    metrics.track_request('health', time.time() - start_time)
+    return result
+@app.route('/openai/v1/chat/completions', methods=['POST'])
+@app.route('/v1/chat/completions', methods=['POST'])  # Legacy support
+@require_auth
+def openai_chat_completions():
+    """Proxy OpenAI chat completions with rate limit handling"""
+    start_time = time.time()
+    max_retries = 3
+    # Check quota for OpenAI models
+    has_quota, quota_error = check_quota('openai')
+    if not has_quota:
+        return jsonify({"error": quota_error}), 429
+    # Validate model is whitelisted
+    request_json = request.get_json() if request else {}
+    model = request_json.get('model', 'gpt-3.5-turbo')
+    if not model_manager.is_model_whitelisted(AIProvider.OPENAI, model):
+        metrics.track_request('chat_completions', time.time() - start_time, error=True)
+        return jsonify({"error": {"message": f"Model '{model}' is not whitelisted for use", "type": "model_not_allowed"}}), 403
+    for attempt in range(max_retries):
+        api_key = key_manager.get_api_key('openai')
+        if not api_key:
+            metrics.track_request('chat_completions', time.time() - start_time, error=True)
+            return jsonify({"error": "No OpenAI API key configured"}), 500
+        headers = {
+            'Authorization': f'Bearer {api_key}',
+            'Content-Type': 'application/json'
+        }
+        try:
+            response = requests.post(
+                'https://api.openai.com/v1/chat/completions',
+                headers=headers,
+                json=request.json,
+                stream=request.json.get('stream', False)
+            )
+            response_time = time.time() - start_time
+            # Handle different response codes
+            if response.status_code >= 400:
+                error_text = response.text
+                if key_manager.handle_api_error('openai', api_key, error_text, response.status_code):
+                    if attempt < max_retries - 1:
+                        time.sleep(1)  # Brief pause before retry
+                        continue
+            else:
+                # Success - update key health
+                key_manager.update_key_health(api_key, True)
+            # Extract token information from response
+            tokens = None
+            response_content = response.content
+            request_json = request.get_json() if request else {}
+            is_streaming = request_json.get('stream', False) if request_json else False
+            if response.status_code == 200:
+                model = request_json.get('model', 'gpt-3.5-turbo')
+                # For streaming requests, count prompt tokens only
+                if is_streaming:
+                    try:
+                        token_result = unified_tokenizer.count_tokens(
+                            request_data=request_json,
+                            service="openai",
+                            model=model
+                        )
+                        tokens = {
+                            'prompt_tokens': token_result['prompt_tokens'],
+                            'completion_tokens': 0,  # Can't count completion tokens for streaming
+                            'total_tokens': token_result['prompt_tokens']
+                        }
+                    except Exception:
+                        pass
+                else:
+                    # Non-streaming request - try to get full token counts
+                    try:
+                        response_data = json.loads(response_content)
+                        if 'usage' in response_data:
+                            tokens = response_data['usage']
+                        else:
+                            # Fallback: estimate tokens using advanced tokenizer
+                            response_text = ""
+                            if 'choices' in response_data:
+                                for choice in response_data['choices']:
+                                    if 'message' in choice and 'content' in choice['message']:
+                                        response_text += choice['message']['content'] + " "
+                            token_result = unified_tokenizer.count_tokens(
+                                request_data=request_json,
+                                service="openai",
+                                model=model,
+                                response_text=response_text.strip()
+                            )
+                            tokens = {
+                                'prompt_tokens': token_result['prompt_tokens'],
+                                'completion_tokens': token_result['completion_tokens'],
+                                'total_tokens': token_result['total_tokens']
+                            }
+                    except (json.JSONDecodeError, Exception):
+                        # Still try to count tokens from request at least
+                        try:
+                            token_result = unified_tokenizer.count_tokens(
+                                request_data=request_json,
+                                service="openai",
+                                model=model
+                            )
+                            tokens = {
+                                'prompt_tokens': token_result['prompt_tokens'],
+                                'completion_tokens': 0,
+                                'total_tokens': token_result['prompt_tokens']
+                            }
+                        except Exception:
+                            pass
+            metrics.track_request('chat_completions', response_time, error=response.status_code >= 400, tokens=tokens, service='openai')
+            # Track token usage for authenticated users
+            if tokens and hasattr(g, 'auth_data') and g.auth_data.get('type') == 'user_token':
+                track_token_usage('openai', tokens.get('prompt_tokens', 0), tokens.get('completion_tokens', 0))
+                # Track model usage and get cost
+                model_cost = model_manager.track_model_usage(
+                    user_token=g.auth_data['token'],
+                    model_id=model,
+                    input_tokens=tokens.get('prompt_tokens', 0),
+                    output_tokens=tokens.get('completion_tokens', 0),
+                    success=response.status_code == 200
+                )
+                # Log completion event
+                event_logger.log_chat_completion(
+                    token=g.auth_data['token'],
+                    model_family='openai',
+                    input_tokens=tokens.get('prompt_tokens', 0),
+                    output_tokens=tokens.get('completion_tokens', 0),
+                    ip_hash=g.auth_data.get('ip', '')
+                )
+                # Log structured completion event with model details
+                structured_logger.log_chat_completion(
+                    user_token=g.auth_data['token'],
+                    model_family='openai',
+                    model_name=model,
+                    input_tokens=tokens.get('prompt_tokens', 0),
+                    output_tokens=tokens.get('completion_tokens', 0),
+                    cost_usd=model_cost or 0.0,
+                    response_time_ms=response_time * 1000,
+                    success=response.status_code == 200,
+                    ip_hash=g.auth_data.get('ip', ''),
+                    user_agent=request.headers.get('User-Agent')
+                )
+            if is_streaming:
+                return Response(
+                    response.iter_content(chunk_size=1024),
+                    content_type=response.headers.get('content-type'),
+                    status=response.status_code
+                )
+            else:
+                return Response(
+                    response_content,
+                    content_type=response.headers.get('content-type'),
+                    status=response.status_code
+                )
+        except Exception as e:
+            error_msg = str(e)
+            if key_manager.handle_api_error('openai', api_key, error_msg):
+                if attempt < max_retries - 1:
+                    time.sleep(1)
+                    continue
+            metrics.track_request('chat_completions', time.time() - start_time, error=True)
+            return jsonify({"error": error_msg}), 500
+    # If we get here, all retries failed
+    metrics.track_request('chat_completions', time.time() - start_time, error=True)
+    return jsonify({"error": "All API keys rate limited or failed"}), 429
+@app.route('/openai/v1/models', methods=['GET'])
+@app.route('/v1/models', methods=['GET'])  # Legacy support
+def openai_models():
+    """Return whitelisted OpenAI models instead of proxying to API"""
+    start_time = time.time()
+    try:
+        # Get whitelisted OpenAI models
+        whitelisted_models = model_manager.get_whitelisted_models(AIProvider.OPENAI)
+        # Convert to OpenAI API format
+        models_data = []
+        for model_info in whitelisted_models:
+            models_data.append({
+                "id": model_info.model_id,
+                "object": "model",
+                "created": int(datetime.now().timestamp()),
+                "owned_by": "openai",
+                "permission": [
+                    {
+                        "id": f"modelperm-{model_info.model_id}",
+                        "object": "model_permission",
+                        "created": int(datetime.now().timestamp()),
+                        "allow_create_engine": False,
+                        "allow_sampling": True,
+                        "allow_logprobs": True,
+                        "allow_search_indices": False,
+                        "allow_view": True,
+                        "allow_fine_tuning": False,
+                        "organization": "*",
+                        "group": None,
+                        "is_blocking": False
+                    }
+                ],
+                "root": model_info.model_id,
+                "parent": None
+            })
+        response_data = {
+            "object": "list",
+            "data": models_data
+        }
+        metrics.track_request('models', time.time() - start_time)
+        return jsonify(response_data)
+    except Exception as e:
+        metrics.track_request('models', time.time() - start_time, error=True)
+        return jsonify({"error": str(e)}), 500
+@app.route('/api/keys/status', methods=['GET'])
+def key_status():
+    """Check which API keys are configured"""
+    start_time = time.time()
+    status = {}
+    for service, keys in key_manager.api_keys.items():
+        status[service] = {
+            'configured': len([k for k in keys if k]) > 0,
+            'count': len([k for k in keys if k])
+        }
+    metrics.track_request('key_status', time.time() - start_time)
+    return jsonify(status)
+@app.route('/api/keys/health', methods=['GET'])
+def key_health():
+    """Get detailed health status for all keys"""
+    start_time = time.time()
+    # Get health data with safe serialization
+    health_data = {}
+    with key_manager.lock:
+        for key, health in key_manager.key_health.items():
+            # Mask the key for security (show only first 8 chars)
+            masked_key = key[:8] + '...' if len(key) > 8 else key
+            health_data[masked_key] = {
+                'status': health['status'],
+                'service': health['service'],
+                'last_success': health['last_success'].isoformat() if health['last_success'] else None,
+                'last_failure': health['last_failure'].isoformat() if health['last_failure'] else None,
+                'failure_count': health['failure_count'],
+                'consecutive_failures': health['consecutive_failures'],
+                'error_type': health['error_type'],
+                'last_error': health['last_error'][:100] if health['last_error'] else None  # Truncate error message
+            }
+    metrics.track_request('key_health', time.time() - start_time)
+    return jsonify(health_data)
+@app.route('/api/debug/keys', methods=['GET'])
+def debug_keys():
+    """Debug endpoint to check key loading"""
+    debug_info = {}
+    for service, keys in key_manager.api_keys.items():
+        debug_info[service] = {
+            'total_keys': len(keys),
+            'valid_keys': len([k for k in keys if k]),
+            'first_few_chars': [k[:8] + '...' if len(k) > 8 else k for k in keys[:3] if k]  # Show first 3 for debugging
+        }
+    return jsonify(debug_info)
+@app.route('/api/metrics', methods=['GET'])
+def get_metrics():
+    """Get proxy metrics"""
+    return jsonify(metrics.get_metrics())
+# Old admin dashboard route removed - now handled by admin_web_bp
+@app.route('/', methods=['GET'])
+def dashboard():
+    """Dashboard webpage"""
+    metrics_data = metrics.get_metrics()
+    key_status_data = {}
+    key_health_data = {}
+    for service, keys in key_manager.api_keys.items():
+        key_status_data[service] = {
+            'configured': len([k for k in keys if k]) > 0,
+            'count': len([k for k in keys if k])
+        }
+        # Get health status for this service
+        service_health = {
+            'healthy': 0,
+            'rate_limited': 0,
+            'invalid_key': 0,
+            'quota_exceeded': 0,
+            'unknown': 0,
+            'failed': 0,
+            'key_details': [],
+            'successful_requests': 0,
+            'total_tokens': 0,
+            'avg_response_time': '0.00'
+        }
+        # Get metrics data for this service
+        if service in metrics_data['service_tokens']:
+            service_metrics = metrics_data['service_tokens'][service]
+            service_health['successful_requests'] = service_metrics['successful_requests']
+            service_health['total_tokens'] = service_metrics['total_tokens']
+            # Calculate average response time for this service
+            if service_metrics['response_times']:
+                avg_time = sum(service_metrics['response_times']) / len(service_metrics['response_times'])
+                service_health['avg_response_time'] = f"{avg_time:.2f}"
+        with key_manager.lock:
+            for key in keys:
+                if key and key in key_manager.key_health:
+                    health = key_manager.key_health[key]
+                    status = health['status']
+                    # Count by status
+                    if status in service_health:
+                        service_health[status] += 1
+                    else:
+                        service_health['failed'] += 1
+                    # Add key details (masked for security)
+                    masked_key = key[:8] + '...' if len(key) > 8 else key
+                    service_health['key_details'].append({
+                        'key': masked_key,
+                        'status': status,
+                        'last_success': health['last_success'].strftime('%Y-%m-%d %H:%M:%S') if health['last_success'] else 'Never',
+                        'last_failure': health['last_failure'].strftime('%Y-%m-%d %H:%M:%S') if health['last_failure'] else 'Never',
+                        'consecutive_failures': health['consecutive_failures'],
+                        'error_type': health['error_type']
+                    })
+                else:
+                    service_health['unknown'] += 1
+        key_health_data[service] = service_health
+    uptime_hours = metrics_data['uptime_seconds'] / 3600
+    uptime_display = f"{uptime_hours:.1f} hours" if uptime_hours >= 1 else f"{metrics_data['uptime_seconds']:.0f} seconds"
+    # Get current deployment URL
+    base_url = get_base_url()
+    # Get configurable dashboard variables from environment
+    dashboard_config = {
+        'title': f"{os.getenv('BRAND_EMOJI', '🐱')} {os.getenv('DASHBOARD_TITLE', 'NyanProxy Dashboard')}",
+        'subtitle': os.getenv('DASHBOARD_SUBTITLE', 'Purr-fect monitoring for your AI service proxy!'),
+        'refresh_interval': int(os.getenv('DASHBOARD_REFRESH_INTERVAL', 30)),
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+        'brand_description': os.getenv('BRAND_DESCRIPTION', 'Meow-nificent AI Proxy!'),
+        'auth_mode': auth_config.mode,
+        'auth_display': {
+            'none': 'No Authentication',
+            'proxy_key': 'Proxy Key (Shared Password)',
+            'user_token': 'User Token (Individual Authentication)'
+        }.get(auth_config.mode, 'Unknown')
+    }
+    return render_template('dashboard.html',
+                         base_url=base_url,
+                         uptime_display=uptime_display,
+                         total_requests=metrics_data['total_requests'],
+                         total_prompts=metrics_data['request_counts']['chat_completions'],
+                         total_tokens=metrics_data['total_tokens'],
+                         average_response_time=f"{metrics_data['average_response_time']:.2f}s",
+                         key_status_data=key_status_data,
+                         key_health_data=key_health_data,
+                         request_counts=metrics_data['request_counts'],
+                         error_counts=metrics_data['error_counts'],
+                         last_request=metrics_data['last_request'],
+                         config=dashboard_config)
+def get_base_url():
+    """Get the base URL of the current deployment"""
+    # Try to detect various deployment platforms automatically
+    # Hugging Face Spaces - check for HF_SPACE_ID or detect from hostname
+    if os.getenv('HF_SPACE_ID'):
+        space_id = os.getenv('HF_SPACE_ID')
+        space_url = space_id.replace('/', '-')
+        return f'https://{space_url}.hf.space'
+    # Render.com
+    render_url = os.getenv('RENDER_EXTERNAL_URL')
+    if render_url:
+        return render_url
+    # Railway
+    railway_url = os.getenv('RAILWAY_STATIC_URL')
+    if railway_url:
+        return railway_url
+    # Heroku
+    heroku_app = os.getenv('HEROKU_APP_NAME')
+    if heroku_app:
+        return f'https://{heroku_app}.herokuapp.com'
+    # Vercel
+    vercel_url = os.getenv('VERCEL_URL')
+    if vercel_url:
+        return f'https://{vercel_url}'
+    # Netlify
+    netlify_url = os.getenv('NETLIFY_URL')
+    if netlify_url:
+        return netlify_url
+    # Generic detection from common environment variables
+    app_url = os.getenv('APP_URL')
+    if app_url:
+        return app_url
+    # Try to detect from request headers (if available)
+    try:
+        if request and request.headers:
+            host = request.headers.get('Host')
+            proto = 'https' if request.headers.get('X-Forwarded-Proto') == 'https' else 'http'
+            if host and 'localhost' not in host:
+                return f'{proto}://{host}'
+    except:
+        pass
+    # Fallback to localhost for development
+    port = os.getenv('PORT', 7860)
+    return f'http://localhost:{port}'
+# Add Anthropic endpoints
+@app.route('/anthropic/v1/messages', methods=['POST'])
+@app.route('/v1/messages', methods=['POST'])  # Legacy support
+@app.route('/anthropic/v1', methods=['POST'])  # User-friendly endpoint
+@require_auth
+def anthropic_messages():
+    """Proxy Anthropic messages with token tracking"""
+    print("DEBUG: Anthropic endpoint called!")
+    start_time = time.time()
+    max_retries = 3
+    # Check quota for Anthropic models
+    has_quota, quota_error = check_quota('anthropic')
+    if not has_quota:
+        return jsonify({"error": quota_error}), 429
+    for attempt in range(max_retries):
+        api_key = key_manager.get_api_key('anthropic')
+        if not api_key:
+            metrics.track_request('chat_completions', time.time() - start_time, error=True)
+            return jsonify({"error": "No Anthropic API key configured"}), 500
+        headers = {
+            'x-api-key': api_key,
+            'Content-Type': 'application/json',
+            'anthropic-version': '2023-06-01'
+        }
+        try:
+            response = requests.post(
+                'https://api.anthropic.com/v1/messages',
+                headers=headers,
+                json=request.json,
+                stream=request.json.get('stream', False)
+            )
+            response_time = time.time() - start_time
+            # Handle different response codes
+            if response.status_code >= 400:
+                error_text = response.text
+                if key_manager.handle_api_error('anthropic', api_key, error_text, response.status_code):
+                    if attempt < max_retries - 1:
+                        time.sleep(1)  # Brief pause before retry
+                        continue
+            else:
+                # Success - update key health
+                key_manager.update_key_health(api_key, True)
+            # Extract token information from response
+            tokens = None
+            response_content = response.content
+            request_json = request.get_json() if request else {}
+            is_streaming = request_json.get('stream', False) if request_json else False
+            print(f"DEBUG: Anthropic response status: {response.status_code}, streaming: {is_streaming}")
+            # Debug: Print raw response to see structure
+            if response.status_code == 200:
+                try:
+                    debug_response = json.loads(response_content)
+                    print(f"DEBUG: Anthropic response structure: {debug_response}")
+                except:
+                    print(f"DEBUG: Could not parse response as JSON")
+            if response.status_code == 200:
+                # Always try to count tokens, regardless of streaming
+                try:
+                    response_data = json.loads(response_content)
+                    # First try to get tokens from API response
+                    if 'usage' in response_data:
+                        usage = response_data['usage']
+                        tokens = {
+                            'prompt_tokens': usage.get('input_tokens', 0),
+                            'completion_tokens': usage.get('output_tokens', 0),
+                            'total_tokens': usage.get('input_tokens', 0) + usage.get('output_tokens', 0)
+                        }
+                    else:
+                        # Fallback: use tokenizer to estimate
+                        response_text = ""
+                        if 'content' in response_data:
+                            for content in response_data['content']:
+                                if content.get('type') == 'text':
+                                    response_text += content.get('text', '') + " "
+                        # Use tokenizer to count tokens
+                        token_result = unified_tokenizer.count_tokens(
+                            request_data=request_json,
+                            service="anthropic",
+                            response_text=response_text.strip() if response_text else None
+                        )
+                        tokens = {
+                            'prompt_tokens': token_result['prompt_tokens'],
+                            'completion_tokens': token_result['completion_tokens'],
+                            'total_tokens': token_result['total_tokens']
+                        }
+                except Exception as e:
+                    # Fallback: count request tokens at minimum
+                    try:
+                        # Extract text from request for token counting
+                        request_text = ""
+                        if 'messages' in request_json:
+                            for msg in request_json['messages']:
+                                if 'content' in msg:
+                                    request_text += str(msg['content']) + " "
+                        if 'system' in request_json:
+                            request_text += str(request_json['system']) + " "
+                        # Use simple character-based estimation if tokenizer fails
+                        estimated_prompt_tokens = max(len(request_text) // 4, 100)  # ~4 chars per token
+                        estimated_completion_tokens = 50  # Default completion estimate
+                        tokens = {
+                            'prompt_tokens': estimated_prompt_tokens,
+                            'completion_tokens': estimated_completion_tokens,
+                            'total_tokens': estimated_prompt_tokens + estimated_completion_tokens
+                        }
+                    except Exception:
+                        # Absolute fallback
+                        tokens = {
+                            'prompt_tokens': 1000,  # Higher default for large requests
+                            'completion_tokens': 100,
+                            'total_tokens': 1100
+                        }
+            print(f"DEBUG: Anthropic - About to track request with tokens={tokens}, error={response.status_code >= 400}, service=anthropic")
+            metrics.track_request('chat_completions', response_time, error=response.status_code >= 400, tokens=tokens, service='anthropic')
+            # Track token usage for authenticated users
+            if tokens and hasattr(g, 'auth_data') and g.auth_data.get('type') == 'user_token':
+                track_token_usage('anthropic', tokens.get('prompt_tokens', 0), tokens.get('completion_tokens', 0))
+                # Log completion event
+                event_logger.log_chat_completion(
+                    token=g.auth_data['token'],
+                    model_family='anthropic',
+                    input_tokens=tokens.get('prompt_tokens', 0),
+                    output_tokens=tokens.get('completion_tokens', 0),
+                    ip_hash=g.auth_data.get('ip', '')
+                )
+            if is_streaming:
+                return Response(
+                    response.iter_content(chunk_size=1024),
+                    content_type=response.headers.get('content-type'),
+                    status=response.status_code
+                )
+            else:
+                return Response(
+                    response_content,
+                    content_type=response.headers.get('content-type'),
+                    status=response.status_code
+                )
+        except Exception as e:
+            error_msg = str(e)
+            if key_manager.handle_api_error('anthropic', api_key, error_msg):
+                if attempt < max_retries - 1:
+                    time.sleep(1)
+                    continue
+            metrics.track_request('chat_completions', time.time() - start_time, error=True)
+            return jsonify({"error": error_msg}), 500
+    # If we get here, all retries failed
+    metrics.track_request('chat_completions', time.time() - start_time, error=True)
+    return jsonify({"error": "All API keys rate limited or failed"}), 429
+@app.route('/anthropic/v1/models', methods=['GET'])
+def anthropic_models():
+    """Anthropic models endpoint (placeholder)"""
+    return jsonify({"error": "Anthropic models endpoint not implemented yet"}), 501

health_checker.py → core/health_checker.py RENAMED Viewed

@@ -146,7 +146,7 @@ class AnthropicHealthChecker(BaseHealthChecker):
             response = requests.post(
                 self.messages_url,
                 headers={
-                    'Authorization': f'Bearer {api_key}',
                     'Content-Type': 'application/json',
                     'anthropic-version': '2023-06-01'
                 },

             response = requests.post(
                 self.messages_url,
                 headers={
+                    'x-api-key': api_key,
                     'Content-Type': 'application/json',
                     'anthropic-version': '2023-06-01'
                 },

pages/admin/anti_abuse.html ADDED Viewed

	@@ -0,0 +1,107 @@

+{% extends "admin/base.html" %}
+{% block title %}Anti-Abuse Settings{% endblock %}
+{% block content %}
+<div class="anti-abuse">
+    <h1>Anti-Abuse Configuration</h1>
+    <div class="settings-section">
+        <h2>Rate Limiting</h2>
+        <form method="POST" action="{{ url_for('admin.anti_abuse') }}">
+            <input type="hidden" name="_csrf" value="{{ csrf_token() }}">
+            <div class="form-group">
+                <label>
+                    <input type="checkbox" name="rate_limit_enabled" checked>
+                    Enable Rate Limiting
+                </label>
+            </div>
+            <div class="form-group">
+                <label for="rate_limit_per_minute">Requests per minute per user:</label>
+                <input type="number" id="rate_limit_per_minute" name="rate_limit_per_minute"
+                       value="60" min="1" max="1000">
+            </div>
+            <div class="form-group">
+                <label for="max_ips_per_user">Maximum IP addresses per user:</label>
+                <input type="number" id="max_ips_per_user" name="max_ips_per_user"
+                       value="3" min="1" max="20">
+            </div>
+            <div class="form-group">
+                <label>
+                    <input type="checkbox" name="max_ips_auto_ban" checked>
+                    Auto-ban users who exceed IP limit
+                </label>
+            </div>
+            <button type="submit" class="btn btn-primary">Save Settings</button>
+        </form>
+    </div>
+    <div class="settings-section">
+        <h2>Current Statistics</h2>
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>Rate Limited Requests</h3>
+                <p class="stat-number">0</p>
+            </div>
+            <div class="stat-card">
+                <h3>Auto-banned Users</h3>
+                <p class="stat-number">0</p>
+            </div>
+            <div class="stat-card">
+                <h3>Blocked IPs</h3>
+                <p class="stat-number">0</p>
+            </div>
+        </div>
+    </div>
+</div>
+<style>
+    .settings-section {
+        margin-bottom: 40px;
+        padding: 20px;
+        background: #f8f9fa;
+        border-radius: 5px;
+    }
+    .form-group {
+        margin-bottom: 15px;
+    }
+    .form-group label {
+        display: block;
+        margin-bottom: 5px;
+        font-weight: bold;
+    }
+    .form-group input[type="number"] {
+        width: 200px;
+        padding: 8px;
+        border: 1px solid #ddd;
+        border-radius: 3px;
+    }
+    .form-group input[type="checkbox"] {
+        margin-right: 10px;
+    }
+    .stats-grid {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+        gap: 20px;
+        margin-top: 20px;
+    }
+    .stat-card {
+        background: white;
+        padding: 20px;
+        border-radius: 5px;
+        text-align: center;
+        border: 1px solid #dee2e6;
+    }
+    .stat-number {
+        font-size: 2em;
+        font-weight: bold;
+        color: #007bff;
+        margin: 10px 0;
+    }
+</style>
+{% endblock %}

pages/admin/base.html ADDED Viewed

	@@ -0,0 +1,419 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>{% block title %}Admin Dashboard{% endblock %} - {{ config.brand_name }}</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='css/nyancat.css') }}">
+    <meta name="csrf-token" content="{{ csrf_token() }}">
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Quicksand:wght@300;400;500;600;700&display=swap');
+        /* Beautiful animated background from main dashboard */
+        body {
+            font-family: 'Quicksand', sans-serif;
+            margin: 0;
+            padding: 20px;
+            background: linear-gradient(135deg, #ffd3e1 0%, #c8e6c9 25%, #bbdefb 50%, #f8bbd9 75%, #ffcccb 100%);
+            background-size: 400% 400%;
+            min-height: 100vh;
+            animation: pastelGradient 15s ease-in-out infinite;
+            position: relative;
+            overflow-x: hidden;
+            max-width: none !important;
+            width: 100% !important;
+        }
+        @keyframes pastelGradient {
+            0% { background-position: 0% 50%; }
+            25% { background-position: 100% 50%; }
+            50% { background-position: 50% 100%; }
+            75% { background-position: 50% 0%; }
+            100% { background-position: 0% 50%; }
+        }
+        /* Container to center everything */
+        .admin-container {
+            max-width: 1600px;
+            width: 95%;
+            margin: 0 auto;
+            position: relative;
+            display: flex;
+            flex-direction: column;
+            align-items: center;
+            min-height: 100vh;
+            justify-content: flex-start;
+            padding: 0 20px;
+        }
+        /* Beautiful header with glassmorphism */
+        .nyan-header {
+            background: rgba(255, 255, 255, 0.95) !important;
+            backdrop-filter: blur(10px) !important;
+            color: #333 !important;
+            padding: 30px !important;
+            border-radius: 20px !important;
+            margin-bottom: 30px !important;
+            text-align: center !important;
+            box-shadow: 0 8px 32px rgba(0,0,0,0.1) !important;
+            border: 1px solid rgba(255, 255, 255, 0.2) !important;
+            position: relative !important;
+            overflow: visible !important;
+            text-shadow: none !important;
+            width: 100% !important;
+            max-width: 100% !important;
+            box-sizing: border-box !important;
+        }
+        .nyan-header::before {
+            content: '';
+            position: absolute;
+            top: -50%;
+            left: -50%;
+            width: 200%;
+            height: 200%;
+            background: repeating-linear-gradient(
+                45deg,
+                transparent,
+                transparent 10px,
+                rgba(255, 182, 193, 0.1) 10px,
+                rgba(255, 182, 193, 0.1) 20px
+            );
+            animation: rainbow 3s linear infinite;
+            z-index: -1;
+        }
+        @keyframes rainbow {
+            0% { transform: translateX(-100%) translateY(-100%) rotate(0deg); }
+            100% { transform: translateX(-100%) translateY(-100%) rotate(360deg); }
+        }
+        .nyan-header h1 {
+            font-size: 2em !important;
+            margin: 0 0 20px 0 !important;
+            background: linear-gradient(45deg, #ff6b6b, #4ecdc4, #45b7d1, #f9ca24) !important;
+            -webkit-background-clip: text !important;
+            -webkit-text-fill-color: transparent !important;
+            background-clip: text !important;
+            animation: bounce 2s ease-in-out infinite !important;
+            font-weight: 600 !important;
+        }
+        @keyframes bounce {
+            0%, 20%, 50%, 80%, 100% { transform: translateY(0); }
+            40% { transform: translateY(-10px); }
+            60% { transform: translateY(-5px); }
+        }
+        .nyan-header ul {
+            list-style: none !important;
+            padding: 0 !important;
+            margin: 0 !important;
+            display: flex !important;
+            flex-wrap: wrap !important;
+            gap: 10px !important;
+            justify-content: center !important;
+            align-items: center !important;
+            width: 100% !important;
+        }
+        .nyan-header li {
+            margin: 0 !important;
+            flex-shrink: 0 !important;
+        }
+        .nyan-header a {
+            color: #333 !important;
+            text-decoration: none !important;
+            padding: 10px 16px !important;
+            border-radius: 25px !important;
+            font-size: 0.9em !important;
+            font-weight: 500 !important;
+            transition: all 0.3s ease !important;
+            background: rgba(255, 255, 255, 0.7) !important;
+            border: 1px solid rgba(255, 255, 255, 0.5) !important;
+            display: inline-block !important;
+            white-space: nowrap !important;
+            min-width: max-content !important;
+        }
+        .nyan-header a:hover {
+            background: rgba(255, 255, 255, 0.95) !important;
+            transform: translateY(-3px) !important;
+            box-shadow: 0 6px 20px rgba(0,0,0,0.15) !important;
+            color: #007bff !important;
+        }
+        /* Main content area with glassmorphism */
+        main {
+            width: 100% !important;
+            max-width: 100% !important;
+            margin: 0 !important;
+            padding: 40px !important;
+            background: rgba(255, 255, 255, 0.9) !important;
+            backdrop-filter: blur(10px) !important;
+            border-radius: 20px !important;
+            box-shadow: 0 8px 32px rgba(0,0,0,0.1) !important;
+            border: 1px solid rgba(255, 255, 255, 0.2) !important;
+            position: relative !important;
+            overflow: hidden !important;
+            min-height: calc(100vh - 300px) !important;
+            box-sizing: border-box !important;
+            display: flex !important;
+            flex-direction: column !important;
+            align-items: center !important;
+        }
+        main::before {
+            content: '';
+            position: absolute;
+            top: -2px;
+            left: -2px;
+            right: -2px;
+            bottom: -2px;
+            background: linear-gradient(45deg, #ff6b6b, #4ecdc4, #45b7d1, #f9ca24);
+            border-radius: 22px;
+            z-index: -1;
+            opacity: 0.1;
+        }
+        footer {
+            text-align: center !important;
+            padding: 20px !important;
+            color: rgba(255, 255, 255, 0.8) !important;
+            font-size: 0.9em !important;
+            background: rgba(255, 255, 255, 0.1) !important;
+            margin-top: 20px !important;
+            border-radius: 15px !important;
+            backdrop-filter: blur(5px) !important;
+        }
+        /* Flash messages with beautiful styling */
+        .flash {
+            padding: 15px 20px !important;
+            margin-bottom: 20px !important;
+            border-radius: 15px !important;
+            font-size: 0.9em !important;
+            backdrop-filter: blur(5px) !important;
+            border: 1px solid rgba(255, 255, 255, 0.2) !important;
+        }
+        .flash-success {
+            background: rgba(166, 230, 207, 0.9) !important;
+            color: #155724 !important;
+        }
+        .flash-error {
+            background: rgba(255, 205, 210, 0.9) !important;
+            color: #721c24 !important;
+        }
+        .flash-info {
+            background: rgba(209, 236, 241, 0.9) !important;
+            color: #0c5460 !important;
+        }
+        .flash-warning {
+            background: rgba(255, 243, 205, 0.9) !important;
+            color: #856404 !important;
+        }
+        /* Floating paws animations */
+        .paw-print {
+            position: absolute;
+            color: rgba(255, 182, 193, 0.3);
+            font-size: 1.2em;
+            animation: float 3s ease-in-out infinite;
+        }
+        @keyframes float {
+            0%, 100% { transform: translateY(0px); }
+            50% { transform: translateY(-10px); }
+        }
+        /* Cat paw falling animations */
+        #catpaws {
+            position: fixed;
+            top: -50px;
+            width: 100%;
+            text-align: right;
+            z-index: 10000;
+            pointer-events: none;
+        }
+        #catpaws i {
+            display: inline-block;
+            width: 40px;
+            height: 40px;
+            font-size: 2em;
+            z-index: 10000;
+            -webkit-animation: falling 5s 0s infinite;
+            animation: falling 5s 0s infinite;
+        }
+        #catpaws i:nth-of-type(2n) {
+            -webkit-animation: falling2 5s 0s infinite;
+            animation: falling2 5s 0s infinite;
+        }
+        #catpaws i:nth-of-type(3n) {
+            -webkit-animation: falling3 5s 0s infinite;
+            animation: falling3 5s 0s infinite;
+        }
+        #catpaws i:nth-of-type(n)    { height: 23px; width: 30px; font-size: 1.5em; }
+        #catpaws i:nth-of-type(2n+1) { height: 18px; width: 24px; font-size: 1.2em; }
+        #catpaws i:nth-of-type(3n+2) { height: 28px; width: 35px; font-size: 1.8em; }
+        #catpaws i:nth-of-type(n)   { -webkit-animation-delay: 1.9s; animation-delay: 1.9s; }
+        #catpaws i:nth-of-type(2n)  { -webkit-animation-delay: 3.9s; animation-delay: 3.9s; }
+        #catpaws i:nth-of-type(3n)  { -webkit-animation-delay: 2.3s; animation-delay: 2.3s; }
+        #catpaws i:nth-of-type(4n)  { -webkit-animation-delay: 4.4s; animation-delay: 4.4s; }
+        #catpaws i:nth-of-type(5n)  { -webkit-animation-delay: 5s; animation-delay: 5s; }
+        #catpaws i:nth-of-type(6n)  { -webkit-animation-delay: 3.5s; animation-delay: 3.5s; }
+        #catpaws i:nth-of-type(7n)  { -webkit-animation-delay: 2.8s; animation-delay: 2.8s; }
+        #catpaws i:nth-of-type(8n)  { -webkit-animation-delay: 1.5s; animation-delay: 1.5s; }
+        #catpaws i:nth-of-type(9n)  { -webkit-animation-delay: 3.3s; animation-delay: 3.3s; }
+        #catpaws i:nth-of-type(10n) { -webkit-animation-delay: 2.5s; animation-delay: 2.5s; }
+        #catpaws i:nth-of-type(11n) { -webkit-animation-delay: 1.2s; animation-delay: 1.2s; }
+        #catpaws i:nth-of-type(12n) { -webkit-animation-delay: 4.1s; animation-delay: 4.1s; }
+        #catpaws i:nth-of-type(13n) { -webkit-animation-delay: 1s; animation-delay: 1s; }
+        #catpaws i:nth-of-type(14n) { -webkit-animation-delay: 4.7s; animation-delay: 4.7s; }
+        #catpaws i:nth-of-type(15n) { -webkit-animation-delay: 3s; animation-delay: 3s; }
+        #catpaws i:nth-of-type(n)    { opacity: 0.7; color: rgba(255, 182, 193, 0.8); }
+        #catpaws i:nth-of-type(3n+1) { opacity: 0.5; color: rgba(255, 192, 203, 0.9); }
+        #catpaws i:nth-of-type(3n+2) { opacity: 0.3; color: rgba(255, 160, 180, 0.7); }
+        #catpaws i:nth-of-type(n) { transform: rotate(180deg); }
+        #catpaws i:nth-of-type(n) { -webkit-animation-timing-function: ease-in-out; animation-timing-function: ease-in-out; }
+        @-webkit-keyframes falling {
+            0% { -webkit-transform: translate3d(300px, 0, 0) rotate(0deg); }
+            100% { -webkit-transform: translate3d(-350px, 700px, 0) rotate(90deg); opacity: 0; }
+        }
+        @keyframes falling {
+            0% { transform: translate3d(300px, 0, 0) rotate(0deg); }
+            100% { transform: translate3d(-350px, 700px, 0) rotate(90deg); opacity: 0; }
+        }
+        @-webkit-keyframes falling3 {
+            0% { -webkit-transform: translate3d(0, 0, 0) rotate(-20deg); }
+            100% { -webkit-transform: translate3d(-230px, 640px, 0) rotate(-70deg); opacity: 0; }
+        }
+        @keyframes falling3 {
+            0% { transform: translate3d(0, 0, 0) rotate(-20deg); }
+            100% { transform: translate3d(-230px, 640px, 0) rotate(-70deg); opacity: 0; }
+        }
+        @-webkit-keyframes falling2 {
+            0% { -webkit-transform: translate3d(0, 0, 0) rotate(90deg); }
+            100% { -webkit-transform: translate3d(-400px, 680px, 0) rotate(0deg); opacity: 0; }
+        }
+        @keyframes falling2 {
+            0% { transform: translate3d(0, 0, 0) rotate(90deg); }
+            100% { transform: translate3d(-400px, 680px, 0) rotate(0deg); opacity: 0; }
+        }
+        /* Responsive design */
+        @media (max-width: 768px) {
+            body { padding: 10px; }
+            .admin-container {
+                width: 95%;
+                margin: 0 auto;
+            }
+            .nyan-header { padding: 20px !important; }
+            .nyan-header h1 { font-size: 1.5em !important; margin-bottom: 15px !important; }
+            .nyan-header ul {
+                flex-direction: column !important;
+                gap: 8px !important;
+                align-items: center !important;
+            }
+            .nyan-header a {
+                display: block !important;
+                text-align: center !important;
+                width: 200px !important;
+            }
+            main { padding: 20px !important; }
+        }
+        @media (max-width: 1650px) {
+            .admin-container {
+                width: 95%;
+                margin: 0 auto;
+            }
+        }
+        @media (min-width: 1651px) {
+            .admin-container {
+                width: 90%;
+            }
+        }
+    </style>
+    {% block head %}{% endblock %}
+</head>
+<body>
+    <!-- Falling cat paws animation -->
+    <div id="catpaws">
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+        <i>🐾</i>
+    </div>
+    <div class="admin-container">
+        <header>
+            <nav class="nyan-header">
+                <h1>{{ config.brand_emoji }} {{ config.brand_name }} Admin Purr-nel</h1>
+                <ul>
+                    <li><a href="{{ url_for('admin.dashboard') }}">🐾 Kitty Dashboard</a></li>
+                    <li><a href="{{ url_for('admin.list_users') }}">🐱 Manage Cats</a></li>
+                    <li><a href="{{ url_for('admin.key_manager') }}">🔑 Key Treats</a></li>
+                    <li><a href="{{ url_for('model_families.model_families_dashboard') }}">🧬 Model Families</a></li>
+                    <li><a href="{{ url_for('admin.anti_abuse') }}">🛡️ Anti-Hairball</a></li>
+                    <li><a href="{{ url_for('admin.stats') }}">📊 Paw-lytics</a></li>
+                    <li><a href="{{ url_for('admin.logout') }}">😴 Cat Nap</a></li>
+                </ul>
+            </nav>
+        </header>
+        <main>
+        {% with messages = get_flashed_messages(with_categories=true) %}
+            {% if messages %}
+                {% for category, message in messages %}
+                    <div class="flash flash-{{ category }}">
+                        {{ message }}
+                    </div>
+                {% endfor %}
+            {% endif %}
+        {% endwith %}
+            {% block content %}{% endblock %}
+        </main>
+        <footer>
+            <p>&copy; {{ config.brand_name }} Admin Panel</p>
+        </footer>
+    </div>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
+    <script src="{{ url_for('static', filename='js/admin.js') }}"></script>
+    {% block scripts %}{% endblock %}
+</body>
+</html>

pages/admin/bulk_operations.html ADDED Viewed

	@@ -0,0 +1,128 @@

+{% extends "admin/base.html" %}
+{% block title %}Bulk Operations{% endblock %}
+{% block content %}
+<div class="bulk-operations">
+    <h1>Bulk Operations</h1>
+    <div class="operation-section">
+        <h2>Quota Management</h2>
+        <div class="operation-card">
+            <h3>Refresh All User Quotas</h3>
+            <p>Reset token usage counters for all users</p>
+            <button class="btn btn-warning" onclick="bulkRefreshQuotas()">Refresh All Quotas</button>
+        </div>
+    </div>
+    <div class="operation-section">
+        <h2>User Management</h2>
+        <div class="operation-card">
+            <h3>Bulk User Import</h3>
+            <p>Import multiple users from JSON file</p>
+            <input type="file" id="import-file" accept=".json">
+            <button class="btn btn-primary" onclick="importUsers()">Import Users</button>
+        </div>
+        <div class="operation-card">
+            <h3>Export All Users</h3>
+            <p>Export all user data to JSON file</p>
+            <button class="btn btn-info" onclick="exportUsers()">Export Users</button>
+        </div>
+    </div>
+    <div class="operation-section">
+        <h2>Cleanup Operations</h2>
+        <div class="operation-card">
+            <h3>Clean Expired Temporary Users</h3>
+            <p>Remove all expired temporary users</p>
+            <button class="btn btn-danger" onclick="cleanupExpiredUsers()">Cleanup Expired</button>
+        </div>
+    </div>
+</div>
+<style>
+    .operation-section {
+        margin-bottom: 40px;
+    }
+    .operation-card {
+        background: #f8f9fa;
+        padding: 20px;
+        border-radius: 5px;
+        margin-bottom: 20px;
+        border: 1px solid #dee2e6;
+    }
+    .operation-card h3 {
+        margin-top: 0;
+        margin-bottom: 10px;
+        color: #495057;
+    }
+    .operation-card p {
+        margin-bottom: 15px;
+        color: #6c757d;
+    }
+    .operation-card input[type="file"] {
+        margin-right: 10px;
+        margin-bottom: 10px;
+    }
+</style>
+<script>
+function importUsers() {
+    const fileInput = document.getElementById('import-file');
+    const file = fileInput.files[0];
+    if (!file) {
+        alert('Please select a file to import');
+        return;
+    }
+    const formData = new FormData();
+    formData.append('file', file);
+    fetch('/admin/bulk/import-users', {
+        method: 'POST',
+        headers: {
+            'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+        },
+        body: formData
+    })
+    .then(response => response.json())
+    .then(data => {
+        if (data.success) {
+            alert(`Successfully imported ${data.imported} users`);
+            fileInput.value = '';
+        } else {
+            alert('Error: ' + data.error);
+        }
+    })
+    .catch(error => {
+        console.error('Error importing users:', error);
+        alert('Error importing users');
+    });
+}
+function cleanupExpiredUsers() {
+    if (confirm('Are you sure you want to remove all expired temporary users?')) {
+        fetch('/admin/bulk/cleanup-expired', {
+            method: 'POST',
+            headers: {
+                'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+            }
+        })
+        .then(response => response.json())
+        .then(data => {
+            if (data.success) {
+                alert(`Successfully removed ${data.removed} expired users`);
+            } else {
+                alert('Error: ' + data.error);
+            }
+        })
+        .catch(error => {
+            console.error('Error cleaning up users:', error);
+            alert('Error cleaning up users');
+        });
+    }
+}
+</script>
+{% endblock %}

pages/admin/create_user.html ADDED Viewed

	@@ -0,0 +1,372 @@

+{% extends "admin/base.html" %}
+{% block title %}Create User{% endblock %}
+{% block content %}
+<div class="create-user">
+    <h1>Create User Token</h1>
+    {% if new_user_created %}
+    <div class="success-message">
+        <h3>User Created Successfully!</h3>
+        <p>A new user token has been created and is now ready to use. Check the recent users list below to see the new user.</p>
+    </div>
+    {% endif %}
+    <div class="user-types-info">
+        <h3>User Token Types:</h3>
+        <ul>
+            <li><strong>Normal</strong> - Standard users with default quotas and rate limits.</li>
+            <li><strong>Special</strong> - Exempt from token quotas and rate limiting. Higher privileges.</li>
+            <li><strong>Temporary</strong> - Time-limited users with custom prompt limits. Auto-disabled when limits are reached.</li>
+        </ul>
+    </div>
+    <form method="POST" action="{{ url_for('admin.create_user') }}" onsubmit="return validateUserForm()">
+        <input type="hidden" name="_csrf" value="{{ csrf_token() }}">
+        <div class="form-group">
+            <label for="type">User Type:</label>
+            <select id="type" name="type">
+                <option value="normal">Normal</option>
+                <option value="special">Special</option>
+                <option value="temporary">Temporary</option>
+            </select>
+        </div>
+        <div class="form-group">
+            <label for="nickname">Nickname (Optional):</label>
+            <input type="text" id="nickname" name="nickname" placeholder="Enter a memorable name">
+            <small>A human-readable identifier for this user</small>
+        </div>
+        <div class="form-group">
+            <label for="openai_limit">OpenAI Token Limit:</label>
+            <input type="number" id="openai_limit" name="openai_limit" min="0" placeholder="100000">
+            <small>Maximum tokens this user can consume for OpenAI models (leave empty for unlimited)</small>
+        </div>
+        <div class="form-group">
+            <label for="anthropic_limit">Anthropic Token Limit:</label>
+            <input type="number" id="anthropic_limit" name="anthropic_limit" min="0" placeholder="50000">
+            <small>Maximum tokens this user can consume for Anthropic models (leave empty for unlimited)</small>
+        </div>
+        <!-- Temporary User Options -->
+        <fieldset id="temporaryUserOptions" style="display: none;">
+            <legend>Temporary User Options</legend>
+            <div class="temp-user-grid">
+                <p class="full-width">
+                    Temporary users will be disabled after the specified number of prompts.
+                    These options apply only to new temporary users.
+                </p>
+                <div class="form-group">
+                    <label for="prompt_limits">Maximum Prompts:</label>
+                    <input type="number" id="prompt_limits" name="prompt_limits" min="1" value="10" placeholder="10">
+                    <small>Number of prompts before user is automatically disabled</small>
+                </div>
+                <div class="form-group">
+                    <label for="max_ips">Maximum IPs:</label>
+                    <input type="number" id="max_ips" name="max_ips" min="1" value="2" placeholder="2">
+                    <small>Maximum number of IP addresses this user can use</small>
+                </div>
+            </div>
+        </fieldset>
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary">Create User</button>
+            <a href="{{ url_for('admin.list_users') }}" class="btn btn-secondary">Cancel</a>
+        </div>
+    </form>
+    {% if recent_users %}
+    <div class="recent-users">
+        <h3>Recent Users</h3>
+        <ul>
+            {% for user in recent_users %}
+            <li>
+                <a href="{{ url_for('admin.view_user', token=user.token) }}">
+                    {{ user.token[:8] }}...
+                    {% if user.nickname %}<span class="nickname">({{ user.nickname }})</span>{% endif %}
+                    <span class="user-type badge-{{ user.type.value }}">{{ user.type.value }}</span>
+                </a>
+            </li>
+            {% endfor %}
+        </ul>
+    </div>
+    {% endif %}
+</div>
+<style>
+    .create-user {
+        max-width: 700px;
+        margin: 0 auto;
+    }
+    .success-message {
+        background: #d4edda;
+        color: #155724;
+        border: 1px solid #c3e6cb;
+        border-radius: 8px;
+        padding: 20px;
+        margin-bottom: 30px;
+        text-align: center;
+    }
+    .success-message h3 {
+        margin-top: 0;
+        color: #155724;
+    }
+    .user-types-info {
+        background: #f8f9fa;
+        border: 1px solid #e9ecef;
+        border-radius: 8px;
+        padding: 20px;
+        margin-bottom: 30px;
+    }
+    .user-types-info h3 {
+        margin-top: 0;
+        color: #495057;
+    }
+    .user-types-info ul {
+        margin-bottom: 0;
+    }
+    .user-types-info li {
+        margin-bottom: 8px;
+    }
+    .form-group {
+        margin-bottom: 20px;
+    }
+    .form-group label {
+        display: block;
+        margin-bottom: 5px;
+        font-weight: bold;
+        color: #495057;
+    }
+    .form-group input,
+    .form-group select {
+        width: 100%;
+        padding: 10px;
+        border: 1px solid #ddd;
+        border-radius: 4px;
+        font-size: 14px;
+        box-sizing: border-box;
+    }
+    .form-group small {
+        display: block;
+        margin-top: 5px;
+        color: #666;
+        font-size: 12px;
+    }
+    /* Temporary User Options */
+    #temporaryUserOptions {
+        border: 2px solid #ffc107;
+        border-radius: 8px;
+        padding: 20px;
+        margin: 20px 0;
+        background: #fff9c4;
+    }
+    #temporaryUserOptions legend {
+        font-weight: bold;
+        color: #856404;
+        padding: 0 10px;
+    }
+    .temp-user-grid {
+        display: grid;
+        grid-template-columns: 1fr 1fr;
+        gap: 15px;
+        margin-top: 10px;
+    }
+    .temp-user-grid .full-width {
+        grid-column: 1 / -1;
+        margin-bottom: 10px;
+        font-size: 14px;
+        color: #856404;
+    }
+    .form-actions {
+        display: flex;
+        gap: 10px;
+        margin-top: 30px;
+    }
+    .btn {
+        padding: 12px 24px;
+        border: none;
+        border-radius: 4px;
+        cursor: pointer;
+        text-decoration: none;
+        display: inline-block;
+        text-align: center;
+        font-size: 14px;
+        font-weight: 500;
+        transition: all 0.3s ease;
+    }
+    .btn-primary {
+        background-color: #007bff;
+        color: white;
+    }
+    .btn-primary:hover {
+        background-color: #0056b3;
+    }
+    .btn-secondary {
+        background-color: #6c757d;
+        color: white;
+    }
+    .btn-secondary:hover {
+        background-color: #545b62;
+    }
+    /* Recent Users */
+    .recent-users {
+        margin-top: 40px;
+        padding: 20px;
+        background: #f8f9fa;
+        border-radius: 8px;
+    }
+    .recent-users h3 {
+        margin-top: 0;
+        color: #495057;
+    }
+    .recent-users ul {
+        list-style: none;
+        padding: 0;
+    }
+    .recent-users li {
+        margin-bottom: 8px;
+    }
+    .recent-users a {
+        text-decoration: none;
+        color: #007bff;
+        font-family: monospace;
+        display: flex;
+        align-items: center;
+        gap: 10px;
+    }
+    .recent-users a:hover {
+        text-decoration: underline;
+    }
+    .nickname {
+        color: #6c757d;
+        font-family: inherit;
+        font-style: italic;
+    }
+    .user-type {
+        font-size: 11px;
+        padding: 2px 6px;
+        border-radius: 3px;
+        font-weight: bold;
+    }
+    .badge-normal { background-color: #007bff; color: white; }
+    .badge-special { background-color: #28a745; color: white; }
+    .badge-temporary { background-color: #ffc107; color: black; }
+    /* Responsive design */
+    @media (max-width: 768px) {
+        .temp-user-grid {
+            grid-template-columns: 1fr;
+        }
+        .form-actions {
+            flex-direction: column;
+        }
+        .btn {
+            width: 100%;
+            text-align: center;
+        }
+    }
+</style>
+<script>
+    const typeInput = document.querySelector("select[name=type]");
+    const temporaryUserOptions = document.querySelector("#temporaryUserOptions");
+    const nicknameInput = document.querySelector("input[name=nickname]");
+    // Handle user type changes
+    typeInput.addEventListener("change", function() {
+        localStorage.setItem("admin__create-user__type", typeInput.value);
+        if (typeInput.value === "temporary") {
+            temporaryUserOptions.style.display = "block";
+            nicknameInput.required = false;
+        } else {
+            temporaryUserOptions.style.display = "none";
+            nicknameInput.required = false;
+        }
+    });
+    // Load saved preferences
+    function loadDefaults() {
+        const defaultType = localStorage.getItem("admin__create-user__type");
+        if (defaultType) {
+            typeInput.value = defaultType;
+            typeInput.dispatchEvent(new Event("change"));
+        }
+    }
+    // Enhanced form validation
+    function validateUserForm() {
+        const nickname = document.getElementById('nickname').value.trim();
+        const type = document.getElementById('type').value;
+        const openaiLimit = document.getElementById('openai_limit').value;
+        const anthropicLimit = document.getElementById('anthropic_limit').value;
+        // Validate token limits
+        if (openaiLimit && (isNaN(openaiLimit) || parseInt(openaiLimit) < 0)) {
+            alert('OpenAI token limit must be a positive number');
+            return false;
+        }
+        if (anthropicLimit && (isNaN(anthropicLimit) || parseInt(anthropicLimit) < 0)) {
+            alert('Anthropic token limit must be a positive number');
+            return false;
+        }
+        // Validate temporary user options
+        if (type === 'temporary') {
+            const promptLimits = document.getElementById('prompt_limits').value;
+            const maxIps = document.getElementById('max_ips').value;
+            if (!promptLimits || parseInt(promptLimits) < 1) {
+                alert('Prompt limits must be at least 1 for temporary users');
+                return false;
+            }
+            if (!maxIps || parseInt(maxIps) < 1) {
+                alert('Maximum IPs must be at least 1 for temporary users');
+                return false;
+            }
+        }
+        return true;
+    }
+    // Load defaults on page load
+    loadDefaults();
+</script>
+{% endblock %}

pages/admin/dashboard.html ADDED Viewed

	@@ -0,0 +1,502 @@

+{% extends "admin/base.html" %}
+{% block title %}Admin Dashboard{% endblock %}
+{% block content %}
+<div class="dashboard-container">
+    <div class="dashboard-header">
+        <h1>{{ config.brand_emoji }} Admin Dashboard</h1>
+    </div>
+    <!-- Authentication Configuration Section -->
+    <div class="config-section">
+        <h2>Authentication Configuration</h2>
+        <div class="config-content">
+            <div class="config-item">
+                <strong>Mode:</strong> {{ auth_config.mode }}
+            </div>
+            <div class="config-item">
+                <strong>User Token Mode:</strong> {{ 'Enabled' if auth_config.mode == 'user_token' else 'Disabled' }}
+            </div>
+            <div class="config-item">
+                <strong>Proxy Key Mode:</strong> {{ 'Enabled' if auth_config.mode == 'proxy_key' else 'Disabled' }}
+            </div>
+            <div class="config-item">
+                <strong>Rate Limiting:</strong> {{ 'Enabled' if auth_config.rate_limit_enabled else 'Disabled' }}
+            </div>
+            <div class="config-item">
+                <strong>Firebase Connected:</strong> {{ 'Yes' if firebase_connected else 'No' }}
+            </div>
+        </div>
+    </div>
+    <!-- Statistics Grid -->
+    <div class="stats-grid">
+        <div class="stat-box">
+            <div class="stat-label">Total Users</div>
+            <div class="stat-value">{{ stats.total_users }}</div>
+        </div>
+        <div class="stat-box">
+            <div class="stat-label">Active Users</div>
+            <div class="stat-value">{{ stats.active_users }}</div>
+        </div>
+        <div class="stat-box">
+            <div class="stat-label">Disabled Users</div>
+            <div class="stat-value">{{ stats.disabled_users }}</div>
+        </div>
+        <div class="stat-box">
+            <div class="stat-label">Total Requests</div>
+            <div class="stat-value">{{ stats.usage_stats.total_requests or 0 }}</div>
+        </div>
+        <div class="stat-box">
+            <div class="stat-label">Total Tokens</div>
+            <div class="stat-value">{{ stats.usage_stats.total_tokens or 0 }}</div>
+        </div>
+        <div class="stat-box">
+            <div class="stat-label">Total Cost</div>
+            <div class="stat-value">${{ "%.2f"|format(stats.usage_stats.total_cost or 0) }}</div>
+        </div>
+    </div>
+    <!-- Action Buttons -->
+    <div class="action-section">
+        <button class="action-btn primary" onclick="window.location.href='{{ url_for('admin.create_user') }}'">Create User</button>
+        <button class="action-btn secondary" onclick="refreshQuotas()">Refresh All Quotas</button>
+        <button class="action-btn secondary" onclick="refreshUsers()">Refresh Users</button>
+        <button class="action-btn warning" onclick="exportUsers()">Export Users</button>
+    </div>
+    <!-- Users Table -->
+    <div class="users-section">
+        <h2>Users</h2>
+        <div class="table-container">
+            <table class="users-table">
+                <thead>
+                    <tr>
+                        <th>API Token</th>
+                        <th>Type</th>
+                        <th>Nickname</th>
+                        <th>Status</th>
+                        <th>IPs</th>
+                        <th>Requests</th>
+                        <th>Token Usage</th>
+                        <th>Actions</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% if stats.total_users == 0 %}
+                    <tr>
+                        <td colspan="8" style="text-align: center; color: #666; padding: 20px;">
+                            No users found. <a href="{{ url_for('admin.create_user') }}">Create your first user</a>
+                        </td>
+                    </tr>
+                    {% else %}
+                        {% for user_data in users_data %}
+                        {% set user = user_data.user %}
+                        {% set stats = user_data.stats %}
+                        <tr class="{{ 'disabled' if user.disabled_at else '' }}">
+                            <td>
+                                <code>{{ user.token[:8] }}...</code>
+                            </td>
+                            <td>
+                                <span class="badge badge-{{ user.type.value }}">{{ user.type.value }}</span>
+                            </td>
+                            <td>{{ user.nickname or 'N/A' }}</td>
+                            <td>
+                                {% if user.disabled_at %}
+                                    <span class="status-disabled">Disabled</span>
+                                {% else %}
+                                    <span class="status-active">Active</span>
+                                {% endif %}
+                            </td>
+                            <td>{{ stats.ip_count }}</td>
+                            <td>{{ stats.total_requests }}</td>
+                            <td>{{ stats.total_tokens }}</td>
+                            <td>
+                                <div class="action-buttons">
+                                    <a href="{{ url_for('admin.view_user', token=user.token) }}" class="btn btn-sm btn-info">View</a>
+                                    <a href="{{ url_for('admin.edit_user', token=user.token) }}" class="btn btn-sm btn-secondary">Edit</a>
+                                    {% if user.disabled_at %}
+                                        <button class="btn btn-sm btn-success" onclick="enableUser('{{ user.token }}')">Enable</button>
+                                    {% else %}
+                                        <button class="btn btn-sm btn-warning" onclick="disableUser('{{ user.token }}')">Disable</button>
+                                    {% endif %}
+                                    <button class="btn btn-sm btn-danger" onclick="deleteUser('{{ user.token }}')">Delete</button>
+                                </div>
+                            </td>
+                        </tr>
+                        {% endfor %}
+                        {% if users_data|length < stats.total_users %}
+                        <tr>
+                            <td colspan="8" style="text-align: center; color: #666; padding: 20px;">
+                                <a href="{{ url_for('admin.list_users') }}">View all {{ stats.total_users }} users →</a>
+                            </td>
+                        </tr>
+                        {% endif %}
+                    {% endif %}
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+<style>
+    .dashboard-container {
+        max-width: 1400px;
+        width: 100%;
+        margin: 0 auto;
+        padding: 0;
+        font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+        display: flex;
+        flex-direction: column;
+        align-items: center;
+    }
+    .dashboard-header {
+        text-align: center;
+        margin-bottom: 30px;
+    }
+    .dashboard-header h1 {
+        color: #333;
+        font-size: 2em;
+        margin: 0;
+        font-weight: 500;
+    }
+    /* Authentication Configuration Section */
+    .config-section {
+        background: #f8f9fa;
+        border: 1px solid #e9ecef;
+        border-radius: 8px;
+        padding: 20px;
+        margin-bottom: 25px;
+        width: 100%;
+        max-width: 1200px;
+    }
+    .config-section h2 {
+        color: #495057;
+        font-size: 1.2em;
+        margin: 0 0 15px 0;
+        font-weight: 600;
+    }
+    .config-content {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+        gap: 10px;
+    }
+    .config-item {
+        font-size: 0.9em;
+        color: #495057;
+    }
+    .config-item strong {
+        color: #212529;
+    }
+    /* Statistics Grid */
+    .stats-grid {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(180px, 1fr));
+        gap: 15px;
+        margin-bottom: 25px;
+        border: 2px solid #dc3545;
+        border-radius: 8px;
+        padding: 20px;
+        background: white;
+        width: 100%;
+        max-width: 1200px;
+    }
+    .stat-box {
+        text-align: center;
+        padding: 15px;
+        background: #f8f9fa;
+        border-radius: 6px;
+        border: 1px solid #e9ecef;
+    }
+    .stat-label {
+        font-size: 0.9em;
+        color: #6c757d;
+        margin-bottom: 8px;
+        font-weight: 500;
+    }
+    .stat-value {
+        font-size: 1.8em;
+        font-weight: bold;
+        color: #007bff;
+        margin: 0;
+    }
+    /* Action Buttons */
+    .action-section {
+        display: flex;
+        gap: 10px;
+        margin-bottom: 25px;
+        flex-wrap: wrap;
+        width: 100%;
+        max-width: 1200px;
+        justify-content: center;
+    }
+    .action-btn {
+        padding: 8px 16px;
+        border: none;
+        border-radius: 4px;
+        font-size: 0.9em;
+        cursor: pointer;
+        transition: background-color 0.2s;
+        text-decoration: none;
+        display: inline-block;
+    }
+    .action-btn.primary {
+        background-color: #007bff;
+        color: white;
+    }
+    .action-btn.primary:hover {
+        background-color: #0056b3;
+    }
+    .action-btn.secondary {
+        background-color: #6c757d;
+        color: white;
+    }
+    .action-btn.secondary:hover {
+        background-color: #545b62;
+    }
+    .action-btn.warning {
+        background-color: #ffc107;
+        color: #212529;
+    }
+    .action-btn.warning:hover {
+        background-color: #e0a800;
+    }
+    /* Users Section */
+    .users-section {
+        background: white;
+        border: 1px solid #e9ecef;
+        border-radius: 8px;
+        overflow: hidden;
+        width: 100%;
+        max-width: 1200px;
+    }
+    .users-section h2 {
+        background: #f8f9fa;
+        padding: 15px 20px;
+        margin: 0;
+        font-size: 1.1em;
+        font-weight: 600;
+        color: #495057;
+        border-bottom: 1px solid #e9ecef;
+    }
+    .table-container {
+        overflow-x: auto;
+    }
+    .users-table {
+        width: 100%;
+        border-collapse: collapse;
+        font-size: 0.9em;
+    }
+    .users-table th {
+        background: #f8f9fa;
+        padding: 12px 15px;
+        text-align: left;
+        font-weight: 600;
+        color: #495057;
+        border-bottom: 1px solid #e9ecef;
+    }
+    .users-table td {
+        padding: 12px 15px;
+        border-bottom: 1px solid #f8f9fa;
+        color: #495057;
+    }
+    .users-table tr:hover {
+        background-color: #f8f9fa;
+    }
+    .users-table a {
+        color: #007bff;
+        text-decoration: none;
+    }
+    .users-table a:hover {
+        text-decoration: underline;
+    }
+    /* User badges and status */
+    .badge {
+        padding: 3px 8px;
+        border-radius: 3px;
+        font-size: 0.8em;
+        font-weight: bold;
+    }
+    .badge-normal { background-color: #007bff; color: white; }
+    .badge-special { background-color: #28a745; color: white; }
+    .badge-temporary { background-color: #ffc107; color: black; }
+    .status-active {
+        color: #28a745;
+        font-weight: bold;
+    }
+    .status-disabled {
+        color: #dc3545;
+        font-weight: bold;
+    }
+    /* Action buttons */
+    .action-buttons {
+        display: flex;
+        gap: 5px;
+        flex-wrap: wrap;
+    }
+    .btn {
+        padding: 6px 12px;
+        border: none;
+        border-radius: 4px;
+        font-size: 0.9em;
+        cursor: pointer;
+        transition: background-color 0.2s;
+        text-decoration: none;
+        display: inline-block;
+    }
+    .btn-sm {
+        padding: 4px 8px;
+        font-size: 0.8em;
+    }
+    .btn-info { background-color: #17a2b8; color: white; }
+    .btn-info:hover { background-color: #138496; }
+    .btn-secondary { background-color: #6c757d; color: white; }
+    .btn-secondary:hover { background-color: #545b62; }
+    .btn-warning { background-color: #ffc107; color: black; }
+    .btn-warning:hover { background-color: #e0a800; }
+    .btn-danger { background-color: #dc3545; color: white; }
+    .btn-danger:hover { background-color: #c82333; }
+    .btn-success { background-color: #28a745; color: white; }
+    .btn-success:hover { background-color: #218838; }
+    /* Disabled row styling */
+    .users-table tr.disabled {
+        opacity: 0.6;
+        background-color: #f8f9fa;
+    }
+    /* Responsive Design */
+    @media (max-width: 768px) {
+        .dashboard-container {
+            padding: 15px;
+        }
+        .config-content {
+            grid-template-columns: 1fr;
+        }
+        .stats-grid {
+            grid-template-columns: repeat(2, 1fr);
+        }
+        .action-section {
+            flex-direction: column;
+        }
+        .action-btn {
+            width: 100%;
+            text-align: center;
+        }
+    }
+    @media (max-width: 480px) {
+        .stats-grid {
+            grid-template-columns: 1fr;
+        }
+    }
+</style>
+<script>
+function refreshQuotas() {
+    alert('Refresh All Quotas functionality - to be implemented');
+}
+function refreshUsers() {
+    window.location.reload();
+}
+function exportUsers() {
+    alert('Export Users functionality - to be implemented');
+}
+// User management functions
+function enableUser(token) {
+    if (confirm('Are you sure you want to enable this user?')) {
+        $.post(`/admin/users/${token}/enable`, {})
+        .done(function(data) {
+            if (data.success) {
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        })
+        .fail(function() {
+            alert('Error: Failed to enable user');
+        });
+    }
+}
+function disableUser(token) {
+    const reason = prompt('Reason for disabling user:');
+    if (reason) {
+        $.post(`/admin/users/${token}/disable`, {
+            reason: reason
+        })
+        .done(function(data) {
+            if (data.success) {
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        })
+        .fail(function() {
+            alert('Error: Failed to disable user');
+        });
+    }
+}
+function deleteUser(token) {
+    if (confirm('Are you sure you want to delete this user? This action cannot be undone.')) {
+        $.ajax({
+            url: `/admin/users/${token}`,
+            type: 'DELETE'
+        })
+        .done(function(data) {
+            if (data.success) {
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        })
+        .fail(function() {
+            alert('Error: Failed to delete user');
+        });
+    }
+}
+</script>
+{% endblock %}

pages/admin/edit_user.html ADDED Viewed

	@@ -0,0 +1,202 @@

+{% extends "admin/base.html" %}
+{% block title %}Edit User{% endblock %}
+{% block content %}
+<div class="edit-user">
+    <h1>Edit User</h1>
+    <div class="user-summary">
+        <p><strong>Token:</strong> <code>{{ user.token }}</code></p>
+        <p><strong>Created:</strong> {{ user.created_at.strftime('%Y-%m-%d %H:%M:%S') }}</p>
+        <p><strong>Status:</strong>
+            {% if user.disabled_at %}
+                <span class="status-disabled">Disabled</span>
+            {% else %}
+                <span class="status-active">Active</span>
+            {% endif %}
+        </p>
+    </div>
+    <form method="POST" action="{{ url_for('admin.edit_user', token=user.token) }}" onsubmit="return validateUserForm()">
+        <input type="hidden" name="_csrf" value="{{ csrf_token() }}">
+        <div class="form-group">
+            <label for="nickname">Nickname:</label>
+            <input type="text" id="nickname" name="nickname" value="{{ user.nickname or '' }}" required>
+            <small>A human-readable identifier for this user</small>
+        </div>
+        <div class="form-group">
+            <label for="type">User Type:</label>
+            <select id="type" name="type">
+                <option value="normal" {{ 'selected' if user.type == 'normal' }}>Normal</option>
+                <option value="special" {{ 'selected' if user.type == 'special' }}>Special</option>
+                <option value="temporary" {{ 'selected' if user.type == 'temporary' }}>Temporary</option>
+            </select>
+            <small>
+                <strong>Normal:</strong> Standard user with default quotas<br>
+                <strong>Special:</strong> Premium user with higher limits and no rate limiting<br>
+                <strong>Temporary:</strong> Time-limited user (expires after 24 hours)
+            </small>
+        </div>
+        <div class="form-group">
+            <label for="openai_limit">OpenAI Token Limit:</label>
+            <input type="number" id="openai_limit" name="openai_limit" min="0"
+                   value="{{ user.token_limits.get('openai', '') }}" placeholder="Leave empty for unlimited">
+            <small>Maximum tokens this user can consume for OpenAI models</small>
+        </div>
+        <div class="form-group">
+            <label for="anthropic_limit">Anthropic Token Limit:</label>
+            <input type="number" id="anthropic_limit" name="anthropic_limit" min="0"
+                   value="{{ user.token_limits.get('anthropic', '') }}" placeholder="Leave empty for unlimited">
+            <small>Maximum tokens this user can consume for Anthropic models</small>
+        </div>
+        <div class="current-usage">
+            <h3>Current Usage</h3>
+            <table class="usage-table">
+                <thead>
+                    <tr>
+                        <th>Model Family</th>
+                        <th>Input Tokens</th>
+                        <th>Output Tokens</th>
+                        <th>Total Tokens</th>
+                        <th>Current Limit</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for family, count in user.token_counts.items() %}
+                    <tr>
+                        <td>{{ family }}</td>
+                        <td>{{ count.input }}</td>
+                        <td>{{ count.output }}</td>
+                        <td>{{ count.total }}</td>
+                        <td>{{ user.token_limits.get(family, 'Unlimited') }}</td>
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary">Save Changes</button>
+            <a href="{{ url_for('admin.view_user', token=user.token) }}" class="btn btn-secondary">Cancel</a>
+            <button type="button" class="btn btn-warning" onclick="resetUserUsage()">Reset Usage</button>
+        </div>
+    </form>
+</div>
+<style>
+    .edit-user {
+        max-width: 800px;
+        margin: 0 auto;
+    }
+    .user-summary {
+        background: #f8f9fa;
+        padding: 15px;
+        border-radius: 5px;
+        margin-bottom: 30px;
+    }
+    .user-summary p {
+        margin: 5px 0;
+    }
+    .form-group {
+        margin-bottom: 20px;
+    }
+    .form-group label {
+        display: block;
+        margin-bottom: 5px;
+        font-weight: bold;
+    }
+    .form-group input,
+    .form-group select {
+        width: 100%;
+        padding: 8px;
+        border: 1px solid #ddd;
+        border-radius: 3px;
+        font-size: 14px;
+    }
+    .form-group small {
+        display: block;
+        margin-top: 5px;
+        color: #666;
+        font-size: 12px;
+    }
+    .current-usage {
+        margin: 30px 0;
+        padding: 20px;
+        background: #f8f9fa;
+        border-radius: 5px;
+    }
+    .current-usage h3 {
+        margin-top: 0;
+        margin-bottom: 15px;
+    }
+    .usage-table {
+        width: 100%;
+        border-collapse: collapse;
+    }
+    .usage-table th,
+    .usage-table td {
+        padding: 8px;
+        border: 1px solid #dee2e6;
+        text-align: left;
+    }
+    .usage-table th {
+        background-color: #e9ecef;
+    }
+    .form-actions {
+        display: flex;
+        gap: 10px;
+        margin-top: 30px;
+    }
+    .btn {
+        padding: 10px 20px;
+        border: none;
+        border-radius: 3px;
+        cursor: pointer;
+        text-decoration: none;
+        display: inline-block;
+        text-align: center;
+    }
+    .btn-primary {
+        background-color: #007bff;
+        color: white;
+    }
+    .btn-secondary {
+        background-color: #6c757d;
+        color: white;
+    }
+    .btn-warning {
+        background-color: #ffc107;
+        color: black;
+    }
+    .btn:hover {
+        opacity: 0.9;
+    }
+    .status-active { color: #28a745; }
+    .status-disabled { color: #dc3545; }
+</style>
+<script>
+function resetUserUsage() {
+    if (confirm('Are you sure you want to reset this user\'s token usage? This action cannot be undone.')) {
+        $.post(`/admin/users/{{ user.token }}/reset-usage`, {})
+        .done(function(data) {
+            if (data.success) {
+                alert('User usage reset successfully');
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        })
+        .fail(function() {
+            alert('Error: Failed to reset user usage');
+        });
+    }
+}
+</script>
+{% endblock %}

pages/admin/key_manager.html ADDED Viewed

	@@ -0,0 +1,357 @@

+{% extends "admin/base.html" %}
+{% block title %}Key Manager{% endblock %}
+{% block content %}
+<div class="key-manager">
+    <h1>API Key Management</h1>
+    <div class="key-tabs">
+        <button class="tab-button active" onclick="showTab('openai')">OpenAI</button>
+        <button class="tab-button" onclick="showTab('anthropic')">Anthropic</button>
+        <button class="tab-button" onclick="showTab('google')">Google</button>
+        <button class="tab-button" onclick="showTab('mistral')">Mistral</button>
+    </div>
+    <div class="tab-content">
+        <div id="openai-tab" class="tab-panel active">
+            <h2>OpenAI API Keys</h2>
+            <div class="key-section">
+                <div class="add-key">
+                    <h3>Add New OpenAI Key</h3>
+                    <form id="add-openai-key" onsubmit="addKey(event, 'openai')">
+                        <input type="text" id="openai-key" placeholder="sk-..." required>
+                        <button type="submit">Add Key</button>
+                    </form>
+                </div>
+                <div class="keys-list" id="openai-keys">
+                    <!-- Keys will be loaded here -->
+                </div>
+            </div>
+        </div>
+        <div id="anthropic-tab" class="tab-panel">
+            <h2>Anthropic API Keys</h2>
+            <div class="key-section">
+                <div class="add-key">
+                    <h3>Add New Anthropic Key</h3>
+                    <form id="add-anthropic-key" onsubmit="addKey(event, 'anthropic')">
+                        <input type="text" id="anthropic-key" placeholder="sk-ant-..." required>
+                        <button type="submit">Add Key</button>
+                    </form>
+                </div>
+                <div class="keys-list" id="anthropic-keys">
+                    <!-- Keys will be loaded here -->
+                </div>
+            </div>
+        </div>
+        <div id="google-tab" class="tab-panel">
+            <h2>Google AI API Keys</h2>
+            <div class="key-section">
+                <div class="add-key">
+                    <h3>Add New Google AI Key</h3>
+                    <form id="add-google-key" onsubmit="addKey(event, 'google')">
+                        <input type="text" id="google-key" placeholder="AI..." required>
+                        <button type="submit">Add Key</button>
+                    </form>
+                </div>
+                <div class="keys-list" id="google-keys">
+                    <!-- Keys will be loaded here -->
+                </div>
+            </div>
+        </div>
+        <div id="mistral-tab" class="tab-panel">
+            <h2>Mistral API Keys</h2>
+            <div class="key-section">
+                <div class="add-key">
+                    <h3>Add New Mistral Key</h3>
+                    <form id="add-mistral-key" onsubmit="addKey(event, 'mistral')">
+                        <input type="text" id="mistral-key" placeholder="..." required>
+                        <button type="submit">Add Key</button>
+                    </form>
+                </div>
+                <div class="keys-list" id="mistral-keys">
+                    <!-- Keys will be loaded here -->
+                </div>
+            </div>
+        </div>
+    </div>
+    <div class="key-stats">
+        <h2>Key Statistics</h2>
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>Total Keys</h3>
+                <p class="stat-number" id="total-keys">-</p>
+            </div>
+            <div class="stat-card">
+                <h3>Active Keys</h3>
+                <p class="stat-number" id="active-keys">-</p>
+            </div>
+            <div class="stat-card">
+                <h3>Failed Keys</h3>
+                <p class="stat-number" id="failed-keys">-</p>
+            </div>
+            <div class="stat-card">
+                <h3>Total Requests</h3>
+                <p class="stat-number" id="total-requests">-</p>
+            </div>
+        </div>
+    </div>
+</div>
+<style>
+    .key-tabs {
+        display: flex;
+        border-bottom: 1px solid #ddd;
+        margin-bottom: 20px;
+    }
+    .tab-button {
+        padding: 10px 20px;
+        border: none;
+        background: none;
+        cursor: pointer;
+        border-bottom: 2px solid transparent;
+    }
+    .tab-button.active {
+        border-bottom-color: #007bff;
+        color: #007bff;
+    }
+    .tab-panel {
+        display: none;
+    }
+    .tab-panel.active {
+        display: block;
+    }
+    .key-section {
+        margin-bottom: 30px;
+    }
+    .add-key {
+        background: #f8f9fa;
+        padding: 20px;
+        border-radius: 5px;
+        margin-bottom: 20px;
+    }
+    .add-key h3 {
+        margin-top: 0;
+        margin-bottom: 15px;
+    }
+    .add-key form {
+        display: flex;
+        gap: 10px;
+    }
+    .add-key input {
+        flex: 1;
+        padding: 8px;
+        border: 1px solid #ddd;
+        border-radius: 3px;
+    }
+    .add-key button {
+        padding: 8px 16px;
+        background-color: #007bff;
+        color: white;
+        border: none;
+        border-radius: 3px;
+        cursor: pointer;
+    }
+    .key-item {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        padding: 15px;
+        border: 1px solid #ddd;
+        border-radius: 5px;
+        margin-bottom: 10px;
+    }
+    .key-info {
+        flex: 1;
+    }
+    .key-hash {
+        font-family: monospace;
+        font-size: 0.9em;
+        color: #666;
+    }
+    .key-status {
+        margin-top: 5px;
+    }
+    .status-active { color: #28a745; }
+    .status-failed { color: #dc3545; }
+    .status-unknown { color: #6c757d; }
+    .key-actions {
+        display: flex;
+        gap: 10px;
+    }
+    .btn-test {
+        background-color: #17a2b8;
+        color: white;
+    }
+    .btn-remove {
+        background-color: #dc3545;
+        color: white;
+    }
+    .stats-grid {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+        gap: 20px;
+        margin-top: 20px;
+    }
+    .stat-card {
+        background: #f8f9fa;
+        padding: 20px;
+        border-radius: 5px;
+        text-align: center;
+        border: 1px solid #dee2e6;
+    }
+    .stat-card h3 {
+        margin: 0 0 10px 0;
+        color: #495057;
+    }
+    .stat-number {
+        font-size: 2em;
+        font-weight: bold;
+        color: #007bff;
+        margin: 0;
+    }
+</style>
+<script>
+function showTab(service) {
+    // Hide all tab panels
+    document.querySelectorAll('.tab-panel').forEach(panel => {
+        panel.classList.remove('active');
+    });
+    // Remove active class from all buttons
+    document.querySelectorAll('.tab-button').forEach(button => {
+        button.classList.remove('active');
+    });
+    // Show selected tab panel
+    document.getElementById(service + '-tab').classList.add('active');
+    // Add active class to clicked button
+    event.target.classList.add('active');
+    // Load keys for this service
+    loadKeys(service);
+}
+function loadKeys(service) {
+    // This would load keys from the backend
+    // For now, show placeholder
+    const container = document.getElementById(service + '-keys');
+    container.innerHTML = '<p><em>Key management functionality to be implemented</em></p>';
+}
+function addKey(event, service) {
+    event.preventDefault();
+    const input = document.getElementById(service + '-key');
+    const key = input.value.trim();
+    if (!key) {
+        alert('Please enter a valid API key');
+        return;
+    }
+    // Add key via API
+    fetch('/admin/keys', {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+        },
+        body: JSON.stringify({
+            service: service,
+            key: key
+        })
+    })
+    .then(response => response.json())
+    .then(data => {
+        if (data.success) {
+            input.value = '';
+            loadKeys(service);
+            updateStats();
+        } else {
+            alert('Error: ' + data.error);
+        }
+    })
+    .catch(error => {
+        console.error('Error adding key:', error);
+        alert('Error adding key');
+    });
+}
+function removeKey(service, keyHash) {
+    if (confirm('Are you sure you want to remove this API key?')) {
+        fetch(`/admin/keys/${service}/${keyHash}`, {
+            method: 'DELETE',
+            headers: {
+                'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+            }
+        })
+        .then(response => response.json())
+        .then(data => {
+            if (data.success) {
+                loadKeys(service);
+                updateStats();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        })
+        .catch(error => {
+            console.error('Error removing key:', error);
+            alert('Error removing key');
+        });
+    }
+}
+function testKey(service, keyHash) {
+    fetch(`/admin/keys/${service}/${keyHash}/test`, {
+        method: 'POST',
+        headers: {
+            'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+        }
+    })
+    .then(response => response.json())
+    .then(data => {
+        if (data.success) {
+            alert('Key test successful');
+        } else {
+            alert('Key test failed: ' + data.error);
+        }
+        loadKeys(service);
+    })
+    .catch(error => {
+        console.error('Error testing key:', error);
+        alert('Error testing key');
+    });
+}
+function updateStats() {
+    // Update key statistics
+    fetch('/admin/keys/stats')
+    .then(response => response.json())
+    .then(data => {
+        document.getElementById('total-keys').textContent = data.total || 0;
+        document.getElementById('active-keys').textContent = data.active || 0;
+        document.getElementById('failed-keys').textContent = data.failed || 0;
+        document.getElementById('total-requests').textContent = data.requests || 0;
+    })
+    .catch(error => {
+        console.error('Error updating stats:', error);
+    });
+}
+// Load initial data
+document.addEventListener('DOMContentLoaded', function() {
+    loadKeys('openai');
+    updateStats();
+});
+</script>
+{% endblock %}

pages/admin/list_users.html ADDED Viewed

	@@ -0,0 +1,247 @@

+{% extends "admin/base.html" %}
+{% block title %}Manage Users{% endblock %}
+{% block content %}
+<div class="user-management">
+    <div class="header-actions">
+        <h1>User Management</h1>
+        <a href="{{ url_for('admin.create_user') }}" class="btn btn-primary">Create New User</a>
+    </div>
+    <div class="filters">
+        <form method="GET" action="{{ url_for('admin.list_users') }}">
+            <div class="filter-row">
+                <input type="text" name="search" placeholder="Search users..." value="{{ request.args.get('search', '') }}">
+                <select name="type">
+                    <option value="">All Types</option>
+                    <option value="normal" {{ 'selected' if request.args.get('type') == 'normal' }}>Normal</option>
+                    <option value="special" {{ 'selected' if request.args.get('type') == 'special' }}>Special</option>
+                    <option value="temporary" {{ 'selected' if request.args.get('type') == 'temporary' }}>Temporary</option>
+                </select>
+                <select name="limit">
+                    <option value="25" {{ 'selected' if request.args.get('limit') == '25' }}>25 per page</option>
+                    <option value="50" {{ 'selected' if request.args.get('limit') == '50' }}>50 per page</option>
+                    <option value="100" {{ 'selected' if request.args.get('limit') == '100' }}>100 per page</option>
+                </select>
+                <button type="submit">Filter</button>
+            </div>
+        </form>
+    </div>
+    <div class="users-table">
+        <table>
+            <thead>
+                <tr>
+                    <th>Token</th>
+                    <th>Nickname</th>
+                    <th>Type</th>
+                    <th>Created</th>
+                    <th>Status</th>
+                    <th>Usage</th>
+                    <th>Actions</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for user_data in users %}
+                {% set user = user_data.user %}
+                {% set stats = user_data.stats %}
+                <tr class="{{ 'disabled' if user.disabled_at else '' }}">
+                    <td>
+                        <code>{{ user.token[:8] }}...</code>
+                    </td>
+                    <td>{{ user.nickname or 'N/A' }}</td>
+                    <td>
+                        <span class="badge badge-{{ user.type.value }}">{{ user.type.value }}</span>
+                    </td>
+                    <td>{{ user.created_at.strftime('%Y-%m-%d') }}</td>
+                    <td>
+                        {% if user.disabled_at %}
+                            <span class="status-disabled">Disabled</span>
+                        {% else %}
+                            <span class="status-active">Active</span>
+                        {% endif %}
+                    </td>
+                    <td>
+                        <div class="usage-info">
+                            <div>{{ stats.total_tokens }} tokens</div>
+                            <div>{{ stats.total_requests }} requests</div>
+                            <div>{{ stats.ip_count }} IPs</div>
+                        </div>
+                    </td>
+                    <td>
+                        <div class="action-buttons">
+                            <a href="{{ url_for('admin.view_user', token=user.token) }}" class="btn btn-sm btn-info">View</a>
+                            <a href="{{ url_for('admin.edit_user', token=user.token) }}" class="btn btn-sm btn-secondary">Edit</a>
+                            {% if user.disabled_at %}
+                                <button class="btn btn-sm btn-success" onclick="enableUser('{{ user.token }}')">Enable</button>
+                            {% else %}
+                                <button class="btn btn-sm btn-warning" onclick="disableUser('{{ user.token }}')">Disable</button>
+                            {% endif %}
+                            <button class="btn btn-sm btn-danger" onclick="deleteUser('{{ user.token }}')">Delete</button>
+                        </div>
+                    </td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+    <div class="pagination">
+        {% if pagination.page > 1 %}
+            <a href="{{ url_for('admin.list_users', page=pagination.page-1, **request.args) }}" class="btn btn-sm">Previous</a>
+        {% endif %}
+        <span class="page-info">
+            Page {{ pagination.page }} of {{ (pagination.total + pagination.limit - 1) // pagination.limit }}
+            ({{ pagination.total }} total users)
+        </span>
+        {% if pagination.has_next %}
+            <a href="{{ url_for('admin.list_users', page=pagination.page+1, **request.args) }}" class="btn btn-sm">Next</a>
+        {% endif %}
+    </div>
+</div>
+<style>
+    .header-actions {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        margin-bottom: 20px;
+    }
+    .filters {
+        margin-bottom: 20px;
+        padding: 15px;
+        background: #f8f9fa;
+        border-radius: 5px;
+    }
+    .filter-row {
+        display: flex;
+        gap: 10px;
+        align-items: center;
+    }
+    .filter-row input, .filter-row select {
+        padding: 5px;
+        border: 1px solid #ddd;
+        border-radius: 3px;
+    }
+    .users-table table {
+        width: 100%;
+        border-collapse: collapse;
+    }
+    .users-table th, .users-table td {
+        padding: 10px;
+        border: 1px solid #dee2e6;
+        text-align: left;
+    }
+    .users-table th {
+        background-color: #f8f9fa;
+    }
+    .users-table tr.disabled {
+        opacity: 0.6;
+        background-color: #f8f8f8;
+    }
+    .badge {
+        padding: 3px 8px;
+        border-radius: 3px;
+        font-size: 0.8em;
+    }
+    .badge-normal { background-color: #007bff; color: white; }
+    .badge-special { background-color: #28a745; color: white; }
+    .badge-temporary { background-color: #ffc107; color: black; }
+    .status-active { color: #28a745; }
+    .status-disabled { color: #dc3545; }
+    .usage-info {
+        font-size: 0.9em;
+    }
+    .action-buttons {
+        display: flex;
+        gap: 5px;
+        flex-wrap: wrap;
+    }
+    .btn-sm {
+        padding: 5px 10px;
+        font-size: 0.8em;
+    }
+    .btn-info { background-color: #17a2b8; color: white; }
+    .btn-warning { background-color: #ffc107; color: black; }
+    .btn-danger { background-color: #dc3545; color: white; }
+    .btn-success { background-color: #28a745; color: white; }
+    .pagination {
+        display: flex;
+        justify-content: center;
+        align-items: center;
+        gap: 20px;
+        margin-top: 20px;
+    }
+    .page-info {
+        font-size: 0.9em;
+        color: #666;
+    }
+</style>
+<script>
+function enableUser(token) {
+    if (confirm('Are you sure you want to enable this user?')) {
+        fetch(`/admin/users/${token}/enable`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+            }
+        })
+        .then(response => response.json())
+        .then(data => {
+            if (data.success) {
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        });
+    }
+}
+function disableUser(token) {
+    const reason = prompt('Reason for disabling user:');
+    if (reason) {
+        fetch(`/admin/users/${token}/disable`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+            },
+            body: JSON.stringify({ reason: reason })
+        })
+        .then(response => response.json())
+        .then(data => {
+            if (data.success) {
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        });
+    }
+}
+function deleteUser(token) {
+    if (confirm('Are you sure you want to delete this user? This action cannot be undone.')) {
+        fetch(`/admin/users/${token}`, {
+            method: 'DELETE',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+            }
+        })
+        .then(response => response.json())
+        .then(data => {
+            if (data.success) {
+                location.reload();
+            } else {
+                alert('Error: ' + data.error);
+            }
+        });
+    }
+}
+</script>
+{% endblock %}

pages/admin/login.html ADDED Viewed

	@@ -0,0 +1,84 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Login - {{ config.brand_name }}</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='css/nyancat.css') }}">
+</head>
+<body>
+    <main>
+        <div class="login-container purr-card">
+            <h1>{{ config.brand_emoji }} {{ config.brand_name }} Admin Purr-nel</h1>
+            <p>🐾 Welcome back, hooman! Please enter your secret cat code to access the admin purr-nel.</p>
+            {% with messages = get_flashed_messages(with_categories=true) %}
+                {% if messages %}
+                    {% for category, message in messages %}
+                        <div class="flash flash-{{ category }}">
+                            {{ message }}
+                        </div>
+                    {% endfor %}
+                {% endif %}
+            {% endwith %}
+            <form method="POST" action="{{ url_for('admin.login') }}">
+                {{ csrf_token() }}
+                <div class="form-group">
+                    <label for="admin_key">Admin Key:</label>
+                    <input type="password" id="admin_key" name="admin_key" required>
+                </div>
+                <button type="submit">Login</button>
+            </form>
+        </div>
+    </main>
+    <style>
+        .login-container {
+            max-width: 400px;
+            margin: 50px auto;
+            padding: 20px;
+            border: 1px solid #ddd;
+            border-radius: 5px;
+        }
+        .form-group {
+            margin-bottom: 15px;
+        }
+        .form-group label {
+            display: block;
+            margin-bottom: 5px;
+        }
+        .form-group input {
+            width: 100%;
+            padding: 8px;
+            border: 1px solid #ddd;
+            border-radius: 3px;
+        }
+        .flash {
+            padding: 10px;
+            margin-bottom: 15px;
+            border-radius: 3px;
+        }
+        .flash-error {
+            background-color: #f8d7da;
+            color: #721c24;
+            border: 1px solid #f5c6cb;
+        }
+        .flash-success {
+            background-color: #d4edda;
+            color: #155724;
+            border: 1px solid #c3e6cb;
+        }
+        .flash-info {
+            background-color: #d1ecf1;
+            color: #0c5460;
+            border: 1px solid #bee5eb;
+        }
+        .flash-warning {
+            background-color: #fff3cd;
+            color: #856404;
+            border: 1px solid #ffeaa7;
+        }
+    </style>
+</body>
+</html>

pages/admin/model_families.html ADDED Viewed

	@@ -0,0 +1,402 @@

+{% extends "admin/base.html" %}
+{% block title %}Model Families Management{% endblock %}
+{% block head %}
+<style>
+    .model-grid {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
+        gap: 20px;
+        margin: 20px 0;
+    }
+    .provider-card {
+        background: white;
+        border-radius: 10px;
+        padding: 20px;
+        box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+        border-left: 4px solid var(--cat-primary);
+    }
+    .provider-header {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        margin-bottom: 15px;
+    }
+    .provider-name {
+        font-size: 1.2em;
+        font-weight: bold;
+        color: var(--cat-primary);
+    }
+    .provider-stats {
+        font-size: 0.9em;
+        color: #666;
+    }
+    .model-list {
+        max-height: 300px;
+        overflow-y: auto;
+    }
+    .model-item {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        padding: 8px 0;
+        border-bottom: 1px solid #eee;
+    }
+    .model-info {
+        flex: 1;
+    }
+    .model-name {
+        font-weight: bold;
+        color: #333;
+    }
+    .model-description {
+        font-size: 0.8em;
+        color: #666;
+        margin-top: 2px;
+    }
+    .model-cost {
+        font-size: 0.8em;
+        color: #888;
+        margin-top: 2px;
+    }
+    .model-toggle {
+        margin-left: 10px;
+    }
+    .toggle-switch {
+        position: relative;
+        display: inline-block;
+        width: 40px;
+        height: 20px;
+    }
+    .toggle-switch input {
+        opacity: 0;
+        width: 0;
+        height: 0;
+    }
+    .toggle-slider {
+        position: absolute;
+        cursor: pointer;
+        top: 0;
+        left: 0;
+        right: 0;
+        bottom: 0;
+        background-color: #ccc;
+        transition: .4s;
+        border-radius: 20px;
+    }
+    .toggle-slider:before {
+        position: absolute;
+        content: "";
+        height: 16px;
+        width: 16px;
+        left: 2px;
+        bottom: 2px;
+        background-color: white;
+        transition: .4s;
+        border-radius: 50%;
+    }
+    input:checked + .toggle-slider {
+        background-color: var(--cat-primary);
+    }
+    input:checked + .toggle-slider:before {
+        transform: translateX(20px);
+    }
+    .stats-overview {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(150px, 1fr));
+        gap: 15px;
+        margin-bottom: 30px;
+    }
+    .stat-card {
+        background: white;
+        padding: 15px;
+        border-radius: 8px;
+        text-align: center;
+        box-shadow: 0 2px 8px rgba(0,0,0,0.1);
+    }
+    .stat-value {
+        font-size: 1.8em;
+        font-weight: bold;
+        color: var(--cat-primary);
+    }
+    .stat-label {
+        font-size: 0.9em;
+        color: #666;
+        margin-top: 5px;
+    }
+    .premium-badge {
+        background: linear-gradient(45deg, #ffd700, #ff8c00);
+        color: white;
+        font-size: 0.7em;
+        padding: 2px 6px;
+        border-radius: 10px;
+        margin-left: 5px;
+    }
+    .cat-personality {
+        font-size: 1.2em;
+        margin-right: 5px;
+    }
+</style>
+{% endblock %}
+{% block content %}
+<div class="container">
+    <h2>🐾 Model Families Management</h2>
+    <p>Manage which AI models are available for your cats to use!</p>
+    <!-- Stats Overview -->
+    <div class="stats-overview">
+        <div class="stat-card">
+            <div class="stat-value">{{ total_models }}</div>
+            <div class="stat-label">Total Models</div>
+        </div>
+        <div class="stat-card">
+            <div class="stat-value">{{ total_whitelisted }}</div>
+            <div class="stat-label">Whitelisted</div>
+        </div>
+        <div class="stat-card">
+            <div class="stat-value">${{ "%.2f"|format(cost_analysis.total_cost) }}</div>
+            <div class="stat-label">Total Cost</div>
+        </div>
+        <div class="stat-card">
+            <div class="stat-value">{{ providers|length }}</div>
+            <div class="stat-label">AI Providers</div>
+        </div>
+    </div>
+    <!-- Action Buttons -->
+    <div style="margin-bottom: 20px;">
+        <button onclick="enableAllModels()" class="btn btn-success">🐱 Enable All Models</button>
+        <button onclick="disableAllModels()" class="btn btn-warning">😾 Disable All Models</button>
+        <a href="{{ url_for('model_families.usage_analytics') }}" class="btn btn-info">📊 Usage Analytics</a>
+    </div>
+    <!-- Provider Cards -->
+    <div class="model-grid">
+        {% for provider_key, provider_data in providers.items() %}
+        <div class="provider-card">
+            <div class="provider-header">
+                <div class="provider-name">{{ provider_data.name }}</div>
+                <div class="provider-stats">
+                    {{ provider_data.whitelisted_count }}/{{ provider_data.total_count }} enabled
+                </div>
+            </div>
+            <div class="model-list">
+                {% for model in provider_data.all_models %}
+                <div class="model-item">
+                    <div class="model-info">
+                        <div class="model-name">
+                            <span class="cat-personality">{{ model.cat_emoji }}</span>
+                            {{ model.display_name }}
+                            {% if model.is_premium %}
+                            <span class="premium-badge">PREMIUM</span>
+                            {% endif %}
+                        </div>
+                        <div class="model-description">{{ model.description }}</div>
+                        <div class="model-cost">
+                            Input: ${{ "%.3f"|format(model.input_cost) }}/1K |
+                            Output: ${{ "%.3f"|format(model.output_cost) }}/1K |
+                            Context: {{ "{:,}".format(model.context_length) }}
+                        </div>
+                    </div>
+                    <div class="model-toggle">
+                        <label class="toggle-switch">
+                            <input type="checkbox"
+                                   {% if model.is_whitelisted %}checked{% endif %}
+                                   onchange="toggleModel('{{ provider_key }}', '{{ model.id }}', this)"
+                                   data-model-id="{{ model.id }}"
+                                   data-provider="{{ provider_key }}">
+                            <span class="toggle-slider"></span>
+                        </label>
+                    </div>
+                </div>
+                {% endfor %}
+            </div>
+            <div style="margin-top: 15px;">
+                <button onclick="toggleAllProviderModels('{{ provider_key }}', true)"
+                        class="btn btn-sm btn-success">Enable All</button>
+                <button onclick="toggleAllProviderModels('{{ provider_key }}', false)"
+                        class="btn btn-sm btn-secondary">Disable All</button>
+                <a href="{{ url_for('model_families.provider_details', provider_name=provider_key) }}"
+                   class="btn btn-sm btn-info">Details</a>
+            </div>
+        </div>
+        {% endfor %}
+    </div>
+</div>
+<script>
+function toggleModel(provider, modelId, checkbox) {
+    fetch(`/admin/model-families/api/model/${modelId}/toggle`, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+        }
+    })
+    .then(response => response.json())
+    .then(data => {
+        if (data.success) {
+            showNotification(data.message, 'success');
+            updateProviderStats(provider);
+        } else {
+            showNotification(data.error || 'Failed to update model', 'error');
+            checkbox.checked = !checkbox.checked; // Revert checkbox
+        }
+    })
+    .catch(error => {
+        console.error('Error:', error);
+        showNotification('Network error occurred', 'error');
+        checkbox.checked = !checkbox.checked; // Revert checkbox
+    });
+}
+function toggleAllProviderModels(provider, enable) {
+    const checkboxes = document.querySelectorAll(`input[data-provider="${provider}"]`);
+    const modelIds = [];
+    checkboxes.forEach(checkbox => {
+        if (enable !== checkbox.checked) {
+            checkbox.checked = enable;
+            modelIds.push(checkbox.getAttribute('data-model-id'));
+        }
+    });
+    if (modelIds.length === 0) {
+        showNotification('No changes needed', 'info');
+        return;
+    }
+    // Get all models for this provider
+    const allModels = Array.from(checkboxes).map(cb => cb.getAttribute('data-model-id'));
+    const enabledModels = enable ? allModels : allModels.filter(id => !modelIds.includes(id));
+    updateProviderWhitelist(provider, enabledModels);
+}
+function enableAllModels() {
+    const allCheckboxes = document.querySelectorAll('input[data-model-id]');
+    allCheckboxes.forEach(checkbox => {
+        if (!checkbox.checked) {
+            checkbox.checked = true;
+        }
+    });
+    // Update all providers
+    {% for provider_key in providers.keys() %}
+    const {{ provider_key }}Models = Array.from(document.querySelectorAll(`input[data-provider="{{ provider_key }}"]`))
+        .map(cb => cb.getAttribute('data-model-id'));
+    updateProviderWhitelist('{{ provider_key }}', {{ provider_key }}Models);
+    {% endfor %}
+}
+function disableAllModels() {
+    if (!confirm('Are you sure you want to disable ALL models? This will prevent any API calls from working!')) {
+        return;
+    }
+    const allCheckboxes = document.querySelectorAll('input[data-model-id]');
+    allCheckboxes.forEach(checkbox => {
+        checkbox.checked = false;
+    });
+    // Update all providers
+    {% for provider_key in providers.keys() %}
+    updateProviderWhitelist('{{ provider_key }}', []);
+    {% endfor %}
+}
+function updateProviderWhitelist(provider, modelIds) {
+    fetch('/admin/model-families/api/whitelist', {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+        },
+        body: JSON.stringify({
+            provider: provider,
+            models: modelIds
+        })
+    })
+    .then(response => response.json())
+    .then(data => {
+        if (data.success) {
+            showNotification(data.message, 'success');
+            updateProviderStats(provider);
+        } else {
+            showNotification(data.error || 'Failed to update whitelist', 'error');
+            location.reload(); // Reload to reset checkboxes
+        }
+    })
+    .catch(error => {
+        console.error('Error:', error);
+        showNotification('Network error occurred', 'error');
+        location.reload(); // Reload to reset checkboxes
+    });
+}
+function updateProviderStats(provider) {
+    const enabledCount = document.querySelectorAll(`input[data-provider="${provider}"]:checked`).length;
+    const totalCount = document.querySelectorAll(`input[data-provider="${provider}"]`).length;
+    const statsElement = document.querySelector(`.provider-card:has(input[data-provider="${provider}"]) .provider-stats`);
+    if (statsElement) {
+        statsElement.textContent = `${enabledCount}/${totalCount} enabled`;
+    }
+}
+function showNotification(message, type) {
+    const notification = document.createElement('div');
+    notification.className = `flash flash-${type}`;
+    notification.textContent = message;
+    notification.style.position = 'fixed';
+    notification.style.top = '20px';
+    notification.style.right = '20px';
+    notification.style.zIndex = '9999';
+    notification.style.padding = '10px 20px';
+    notification.style.borderRadius = '5px';
+    notification.style.color = 'white';
+    notification.style.fontSize = '14px';
+    if (type === 'success') {
+        notification.style.backgroundColor = '#28a745';
+    } else if (type === 'error') {
+        notification.style.backgroundColor = '#dc3545';
+    } else if (type === 'info') {
+        notification.style.backgroundColor = '#17a2b8';
+    }
+    document.body.appendChild(notification);
+    setTimeout(() => {
+        notification.remove();
+    }, 3000);
+}
+</script>
+{% endblock %}

pages/admin/stats.html ADDED Viewed

	@@ -0,0 +1,60 @@

+{% extends "admin/base.html" %}
+{% block title %}Statistics{% endblock %}
+{% block content %}
+<div class="stats-page">
+    <h1>System Statistics</h1>
+    <div class="stats-overview">
+        <div class="stat-card">
+            <h3>Total Users</h3>
+            <p class="stat-number">{{ stats.total_users }}</p>
+        </div>
+        <div class="stat-card">
+            <h3>Active Users</h3>
+            <p class="stat-number">{{ stats.active_users }}</p>
+        </div>
+        <div class="stat-card">
+            <h3>Total Requests</h3>
+            <p class="stat-number">{{ stats.usage_stats.total_requests or 0 }}</p>
+        </div>
+        <div class="stat-card">
+            <h3>Total Tokens</h3>
+            <p class="stat-number">{{ stats.usage_stats.total_tokens or 0 }}</p>
+        </div>
+    </div>
+    <div class="charts-section">
+        <h2>Usage Analytics</h2>
+        <p><em>Advanced analytics and charts coming soon...</em></p>
+    </div>
+</div>
+<style>
+    .stats-overview {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+        gap: 20px;
+        margin-bottom: 40px;
+    }
+    .stat-card {
+        background: #f8f9fa;
+        padding: 20px;
+        border-radius: 5px;
+        text-align: center;
+        border: 1px solid #dee2e6;
+    }
+    .stat-number {
+        font-size: 2em;
+        font-weight: bold;
+        color: #007bff;
+        margin: 10px 0;
+    }
+    .charts-section {
+        background: #f8f9fa;
+        padding: 20px;
+        border-radius: 5px;
+    }
+</style>
+{% endblock %}

pages/admin/view_user.html ADDED Viewed

	@@ -0,0 +1,265 @@

+{% extends "admin/base.html" %}
+{% block title %}View User{% endblock %}
+{% block content %}
+{% set user = user_data.user %}
+<div class="view-user">
+    <div class="user-header">
+        <h1>User Details</h1>
+        <div class="user-actions">
+            <a href="{{ url_for('admin.edit_user', token=user.token) }}" class="btn btn-primary">Edit User</a>
+            {% if user.disabled_at %}
+                <button class="btn btn-success" onclick="enableUser('{{ user.token }}')">Enable User</button>
+            {% else %}
+                <button class="btn btn-warning" onclick="disableUser('{{ user.token }}')">Disable User</button>
+            {% endif %}
+            <button class="btn btn-info" onclick="rotateUserToken('{{ user.token }}')">Rotate Token</button>
+            <button class="btn btn-danger" onclick="deleteUser('{{ user.token }}')">Delete User</button>
+        </div>
+    </div>
+    <div class="user-info">
+        <div class="info-section">
+            <h2>Basic Information</h2>
+            <table class="info-table">
+                <tr>
+                    <td><strong>Token:</strong></td>
+                    <td>
+                        <code>{{ user.token }}</code>
+                        <button class="btn btn-sm btn-copy" onclick="copyToClipboard('{{ user.token }}')">Copy</button>
+                    </td>
+                </tr>
+                <tr>
+                    <td><strong>Nickname:</strong></td>
+                    <td>{{ user.nickname or 'N/A' }}</td>
+                </tr>
+                <tr>
+                    <td><strong>Type:</strong></td>
+                    <td><span class="badge badge-{{ user.type }}">{{ user.type }}</span></td>
+                </tr>
+                <tr>
+                    <td><strong>Created:</strong></td>
+                    <td>{{ user.created_at.strftime('%Y-%m-%d %H:%M:%S') }}</td>
+                </tr>
+                <tr>
+                    <td><strong>Last Used:</strong></td>
+                    <td>{{ user.last_used.strftime('%Y-%m-%d %H:%M:%S') if user.last_used else 'Never' }}</td>
+                </tr>
+                <tr>
+                    <td><strong>Status:</strong></td>
+                    <td>
+                        {% if user.disabled_at %}
+                            <span class="status-disabled">Disabled</span>
+                            <small>({{ user.disabled_reason or 'No reason provided' }})</small>
+                        {% else %}
+                            <span class="status-active">Active</span>
+                        {% endif %}
+                    </td>
+                </tr>
+            </table>
+        </div>
+        <div class="info-section">
+            <h2>IP Addresses</h2>
+            {% if user.ip %}
+                <ul class="ip-list">
+                    {% for ip in user.ip %}
+                        <li>{{ ip[:16] }}... (hashed)</li>
+                    {% endfor %}
+                </ul>
+                <p><small>{{ user.ip|length }} IP address(es) registered</small></p>
+            {% else %}
+                <p><em>No IP addresses registered</em></p>
+            {% endif %}
+        </div>
+        <div class="info-section">
+            <h2>Token Usage</h2>
+            <table class="usage-table">
+                <thead>
+                    <tr>
+                        <th>Model Family</th>
+                        <th>Input Tokens</th>
+                        <th>Output Tokens</th>
+                        <th>Total Tokens</th>
+                        <th>Limit</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for family, count in user.token_counts.items() %}
+                    <tr>
+                        <td>{{ family }}</td>
+                        <td>{{ count.input }}</td>
+                        <td>{{ count.output }}</td>
+                        <td>{{ count.total }}</td>
+                        <td>{{ user.token_limits.get(family, 'Unlimited') }}</td>
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+        <div class="info-section">
+            <h2>Usage Statistics</h2>
+            {% if user_data.usage_stats %}
+                <div class="usage-stats">
+                    <div class="stat-item">
+                        <strong>Total Requests:</strong> {{ user_data.usage_stats.total_requests }}
+                    </div>
+                    <div class="stat-item">
+                        <strong>Total Tokens:</strong> {{ user_data.usage_stats.total_tokens }}
+                    </div>
+                    <div class="stat-item">
+                        <strong>Total Cost:</strong> ${{ "%.4f"|format(user_data.usage_stats.total_cost) }}
+                    </div>
+                </div>
+            {% else %}
+                <p><em>No usage statistics available</em></p>
+            {% endif %}
+        </div>
+        <div class="info-section">
+            <h2>Recent Activity</h2>
+            {% if user_data.recent_events %}
+                <table class="events-table">
+                    <thead>
+                        <tr>
+                            <th>Time</th>
+                            <th>Event</th>
+                            <th>Details</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {% for event in user_data.recent_events %}
+                        <tr>
+                            <td>{{ event.timestamp or 'N/A' }}</td>
+                            <td>{{ event.event_type }}</td>
+                            <td>
+                                {% if event.payload.action %}
+                                    {{ event.payload.action }}
+                                {% elif event.payload.model_family %}
+                                    {{ event.payload.model_family }} - {{ event.payload.total_tokens }} tokens
+                                {% else %}
+                                    {{ event.payload | truncate(50) }}
+                                {% endif %}
+                            </td>
+                        </tr>
+                        {% endfor %}
+                    </tbody>
+                </table>
+            {% else %}
+                <p><em>No recent activity</em></p>
+            {% endif %}
+        </div>
+    </div>
+</div>
+<style>
+    .user-header {
+        display: flex;
+        justify-content: space-between;
+        align-items: center;
+        margin-bottom: 30px;
+        padding-bottom: 15px;
+        border-bottom: 1px solid #ddd;
+    }
+    .user-actions {
+        display: flex;
+        gap: 10px;
+    }
+    .info-section {
+        margin-bottom: 30px;
+        padding: 20px;
+        background: #f8f9fa;
+        border-radius: 5px;
+    }
+    .info-section h2 {
+        margin-top: 0;
+        margin-bottom: 15px;
+        color: #495057;
+    }
+    .info-table {
+        width: 100%;
+        border-collapse: collapse;
+    }
+    .info-table td {
+        padding: 8px;
+        border-bottom: 1px solid #dee2e6;
+    }
+    .info-table td:first-child {
+        width: 150px;
+        vertical-align: top;
+    }
+    .badge {
+        padding: 3px 8px;
+        border-radius: 3px;
+        font-size: 0.8em;
+    }
+    .badge-normal { background-color: #007bff; color: white; }
+    .badge-special { background-color: #28a745; color: white; }
+    .badge-temporary { background-color: #ffc107; color: black; }
+    .status-active { color: #28a745; }
+    .status-disabled { color: #dc3545; }
+    .ip-list {
+        list-style: none;
+        padding: 0;
+    }
+    .ip-list li {
+        padding: 5px 0;
+        border-bottom: 1px solid #eee;
+    }
+    .usage-table,
+    .events-table {
+        width: 100%;
+        border-collapse: collapse;
+        margin-top: 10px;
+    }
+    .usage-table th,
+    .usage-table td,
+    .events-table th,
+    .events-table td {
+        padding: 8px;
+        border: 1px solid #dee2e6;
+        text-align: left;
+    }
+    .usage-table th,
+    .events-table th {
+        background-color: #f8f9fa;
+    }
+    .usage-stats {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+        gap: 15px;
+    }
+    .stat-item {
+        padding: 10px;
+        background: white;
+        border-radius: 3px;
+        border: 1px solid #dee2e6;
+    }
+    .btn-copy {
+        margin-left: 10px;
+        padding: 2px 8px;
+        font-size: 0.8em;
+        background-color: #6c757d;
+        color: white;
+        border: none;
+        border-radius: 2px;
+        cursor: pointer;
+    }
+    .btn-copy:hover {
+        background-color: #5a6268;
+    }
+    .copy-success {
+        position: fixed;
+        top: 20px;
+        right: 20px;
+        padding: 10px 20px;
+        background-color: #28a745;
+        color: white;
+        border-radius: 5px;
+        z-index: 1000;
+    }
+</style>
+{% endblock %}

pages/admin_dashboard.html ADDED Viewed

	@@ -0,0 +1,587 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Dashboard - {{ config.brand_name }}</title>
+    <style>
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            margin: 0;
+            padding: 20px;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            color: #333;
+            max-width: none !important;
+            width: 100% !important;
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+            background: white;
+            border-radius: 15px;
+            box-shadow: 0 10px 30px rgba(0,0,0,0.3);
+            padding: 40px;
+        }
+        h1 {
+            text-align: center;
+            color: #4a5568;
+            margin-bottom: 30px;
+            font-size: 2.5em;
+        }
+        .stats-grid {
+            display: grid;
+            grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+            gap: 20px;
+            margin-bottom: 30px;
+        }
+        .stat-card {
+            background: #f8f9fa;
+            padding: 20px;
+            border-radius: 10px;
+            border-left: 4px solid #667eea;
+            text-align: center;
+        }
+        .stat-card h3 {
+            margin: 0 0 10px 0;
+            color: #4a5568;
+            font-size: 1.2em;
+        }
+        .stat-card .value {
+            font-size: 2em;
+            font-weight: bold;
+            color: #667eea;
+        }
+        .actions {
+            display: flex;
+            gap: 15px;
+            margin-bottom: 30px;
+            flex-wrap: wrap;
+        }
+        .btn {
+            padding: 12px 24px;
+            border: none;
+            border-radius: 6px;
+            cursor: pointer;
+            font-size: 14px;
+            font-weight: 500;
+            text-decoration: none;
+            display: inline-block;
+            transition: all 0.3s ease;
+        }
+        .btn-primary {
+            background: #667eea;
+            color: white;
+        }
+        .btn-primary:hover {
+            background: #5a6fd8;
+        }
+        .btn-success {
+            background: #28a745;
+            color: white;
+        }
+        .btn-success:hover {
+            background: #218838;
+        }
+        .btn-danger {
+            background: #dc3545;
+            color: white;
+        }
+        .btn-danger:hover {
+            background: #c82333;
+        }
+        .user-table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 20px;
+        }
+        .user-table th,
+        .user-table td {
+            padding: 12px;
+            text-align: left;
+            border-bottom: 1px solid #ddd;
+        }
+        .user-table th {
+            background: #f8f9fa;
+            font-weight: 600;
+            color: #4a5568;
+        }
+        .user-table tr:hover {
+            background: #f8f9fa;
+        }
+        .status {
+            padding: 4px 8px;
+            border-radius: 4px;
+            font-size: 12px;
+            font-weight: bold;
+        }
+        .status.active {
+            background: #d4edda;
+            color: #155724;
+        }
+        .status.disabled {
+            background: #f8d7da;
+            color: #721c24;
+        }
+        .token-display {
+            font-family: monospace;
+            background: #f8f9fa;
+            padding: 2px 6px;
+            border-radius: 3px;
+            font-size: 12px;
+        }
+        .modal {
+            display: none;
+            position: fixed;
+            z-index: 1000;
+            left: 0;
+            top: 0;
+            width: 100%;
+            height: 100%;
+            background: rgba(0,0,0,0.5);
+        }
+        .modal-content {
+            background: white;
+            margin: 15% auto;
+            padding: 20px;
+            border-radius: 10px;
+            width: 80%;
+            max-width: 500px;
+        }
+        .close {
+            color: #aaa;
+            float: right;
+            font-size: 28px;
+            font-weight: bold;
+            cursor: pointer;
+        }
+        .close:hover {
+            color: black;
+        }
+        .form-group {
+            margin-bottom: 15px;
+        }
+        .form-group label {
+            display: block;
+            margin-bottom: 5px;
+            font-weight: 500;
+        }
+        .form-group input,
+        .form-group select,
+        .form-group textarea {
+            width: 100%;
+            padding: 8px;
+            border: 1px solid #ddd;
+            border-radius: 4px;
+            font-size: 14px;
+        }
+        .auth-config {
+            background: #e3f2fd;
+            padding: 15px;
+            border-radius: 8px;
+            margin-bottom: 20px;
+            border-left: 4px solid #2196f3;
+        }
+        .auth-config h3 {
+            margin-top: 0;
+            color: #1976d2;
+        }
+        .loading {
+            text-align: center;
+            padding: 20px;
+            color: #666;
+        }
+        .error {
+            background: #f8d7da;
+            color: #721c24;
+            padding: 10px;
+            border-radius: 4px;
+            margin-bottom: 15px;
+        }
+        .success {
+            background: #d4edda;
+            color: #155724;
+            padding: 10px;
+            border-radius: 4px;
+            margin-bottom: 15px;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>{{ config.brand_emoji }} Admin Dashboard</h1>
+        <div class="auth-config">
+            <h3>Authentication Configuration</h3>
+            <p><strong>Mode:</strong> {{ auth_mode }}</p>
+            <p><strong>User Token Mode:</strong> {{ 'Enabled' if auth_config.is_user_token_mode() else 'Disabled' }}</p>
+            <p><strong>Proxy Key Mode:</strong> {{ 'Enabled' if auth_config.is_proxy_key_mode() else 'Disabled' }}</p>
+            <p><strong>Rate Limiting:</strong> {{ 'Enabled' if auth_config.rate_limit_enabled else 'Disabled' }}</p>
+            <p><strong>Firebase Connected:</strong> {{ 'Yes' if firebase_connected else 'No' }}</p>
+        </div>
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>Total Users</h3>
+                <div class="value" id="total-users">Loading...</div>
+            </div>
+            <div class="stat-card">
+                <h3>Active Users</h3>
+                <div class="value" id="active-users">Loading...</div>
+            </div>
+            <div class="stat-card">
+                <h3>Disabled Users</h3>
+                <div class="value" id="disabled-users">Loading...</div>
+            </div>
+            <div class="stat-card">
+                <h3>Total Requests</h3>
+                <div class="value" id="total-requests">Loading...</div>
+            </div>
+            <div class="stat-card">
+                <h3>Total Tokens</h3>
+                <div class="value" id="total-tokens">Loading...</div>
+            </div>
+            <div class="stat-card">
+                <h3>Total Cost</h3>
+                <div class="value" id="total-cost">Loading...</div>
+            </div>
+        </div>
+        <div class="actions">
+            <button class="btn btn-primary" onclick="showCreateUserModal()">Create User</button>
+            <button class="btn btn-success" onclick="refreshQuotas()">Refresh All Quotas</button>
+            <button class="btn btn-primary" onclick="loadUsers()">Refresh Users</button>
+            <button class="btn btn-danger" onclick="exportUsers()">Export Users</button>
+        </div>
+        <div id="user-list">
+            <h3>Users</h3>
+            <div class="loading">Loading users...</div>
+        </div>
+    </div>
+    <!-- Create User Modal -->
+    <div id="createUserModal" class="modal">
+        <div class="modal-content">
+            <span class="close" onclick="closeModal('createUserModal')">&times;</span>
+            <h2>Create New User</h2>
+            <form id="createUserForm">
+                <div class="form-group">
+                    <label for="userType">User Type:</label>
+                    <select id="userType" name="type">
+                        <option value="normal">Normal</option>
+                        <option value="special">Special</option>
+                        <option value="temporary">Temporary</option>
+                    </select>
+                </div>
+                <div class="form-group">
+                    <label for="nickname">Nickname (Optional):</label>
+                    <input type="text" id="nickname" name="nickname" placeholder="Enter nickname">
+                </div>
+                <div class="form-group">
+                    <label for="openaiLimit">OpenAI Token Limit:</label>
+                    <input type="number" id="openaiLimit" name="openai_limit" value="100000">
+                </div>
+                <div class="form-group">
+                    <label for="anthropicLimit">Anthropic Token Limit:</label>
+                    <input type="number" id="anthropicLimit" name="anthropic_limit" value="100000">
+                </div>
+                <button type="submit" class="btn btn-primary">Create User</button>
+            </form>
+        </div>
+    </div>
+    <!-- Action Modal -->
+    <div id="actionModal" class="modal">
+        <div class="modal-content">
+            <span class="close" onclick="closeModal('actionModal')">&times;</span>
+            <h2 id="actionModalTitle">Action</h2>
+            <div id="actionModalContent"></div>
+        </div>
+    </div>
+    <script>
+        const API_BASE = '/admin';
+        let currentUsers = [];
+        // Load initial data
+        document.addEventListener('DOMContentLoaded', function() {
+            loadStats();
+            loadUsers();
+        });
+        async function apiCall(endpoint, options = {}) {
+            const adminKey = localStorage.getItem('admin_key');
+            if (!adminKey) {
+                const key = prompt('Enter admin key:');
+                if (!key) return null;
+                localStorage.setItem('admin_key', key);
+            }
+            const response = await fetch(API_BASE + endpoint, {
+                ...options,
+                headers: {
+                    'Authorization': `Bearer ${localStorage.getItem('admin_key')}`,
+                    'Content-Type': 'application/json',
+                    ...options.headers
+                }
+            });
+            if (response.status === 401) {
+                localStorage.removeItem('admin_key');
+                location.reload();
+                return null;
+            }
+            return response.json();
+        }
+        async function loadStats() {
+            try {
+                const stats = await apiCall('/stats');
+                if (stats) {
+                    document.getElementById('total-users').textContent = stats.total_users;
+                    document.getElementById('active-users').textContent = stats.active_users;
+                    document.getElementById('disabled-users').textContent = stats.disabled_users;
+                    document.getElementById('total-requests').textContent = stats.usage_stats.total_requests || 0;
+                    document.getElementById('total-tokens').textContent = stats.usage_stats.total_tokens || 0;
+                    document.getElementById('total-cost').textContent = '$' + (stats.usage_stats.total_cost || 0).toFixed(2);
+                }
+            } catch (error) {
+                console.error('Failed to load stats:', error);
+            }
+        }
+        async function loadUsers() {
+            try {
+                const response = await apiCall('/users?limit=100');
+                if (response) {
+                    currentUsers = response.users;
+                    renderUserTable();
+                }
+            } catch (error) {
+                console.error('Failed to load users:', error);
+                document.getElementById('user-list').innerHTML = '<div class="error">Failed to load users</div>';
+            }
+        }
+        function renderUserTable() {
+            const userList = document.getElementById('user-list');
+            let html = '<h3>Users</h3>';
+            html += '<table class="user-table">';
+            html += '<thead><tr>';
+            html += '<th>Token</th>';
+            html += '<th>Type</th>';
+            html += '<th>Nickname</th>';
+            html += '<th>Status</th>';
+            html += '<th>IPs</th>';
+            html += '<th>Requests</th>';
+            html += '<th>Tokens</th>';
+            html += '<th>Actions</th>';
+            html += '</tr></thead>';
+            html += '<tbody>';
+            currentUsers.forEach(user => {
+                const isDisabled = user.disabled_at !== null;
+                html += '<tr>';
+                html += `<td><span class="token-display">${user.token.substring(0, 8)}...</span></td>`;
+                html += `<td>${user.type}</td>`;
+                html += `<td>${user.nickname || '-'}</td>`;
+                html += `<td><span class="status ${isDisabled ? 'disabled' : 'active'}">${isDisabled ? 'Disabled' : 'Active'}</span></td>`;
+                html += `<td>${user.stats.ip_count}</td>`;
+                html += `<td>${user.stats.total_requests}</td>`;
+                html += `<td>${user.stats.total_tokens}</td>`;
+                html += '<td>';
+                if (isDisabled) {
+                    html += `<button class="btn btn-success" onclick="enableUser('${user.token}')">Enable</button> `;
+                    html += `<button class="btn btn-danger" onclick="deleteUser('${user.token}')">Delete</button>`;
+                } else {
+                    html += `<button class="btn btn-danger" onclick="disableUser('${user.token}')">Disable</button> `;
+                }
+                html += `<button class="btn btn-primary" onclick="rotateToken('${user.token}')">Rotate</button>`;
+                html += '</td>';
+                html += '</tr>';
+            });
+            html += '</tbody></table>';
+            userList.innerHTML = html;
+        }
+        function showCreateUserModal() {
+            document.getElementById('createUserModal').style.display = 'block';
+        }
+        function closeModal(modalId) {
+            document.getElementById(modalId).style.display = 'none';
+        }
+        document.getElementById('createUserForm').addEventListener('submit', async function(e) {
+            e.preventDefault();
+            const formData = new FormData(e.target);
+            const data = {
+                type: formData.get('type'),
+                nickname: formData.get('nickname'),
+                token_limits: {
+                    openai: parseInt(formData.get('openai_limit')),
+                    anthropic: parseInt(formData.get('anthropic_limit'))
+                }
+            };
+            try {
+                const response = await apiCall('/users', {
+                    method: 'POST',
+                    body: JSON.stringify(data)
+                });
+                if (response && response.success) {
+                    alert('User created successfully! Token: ' + response.token);
+                    closeModal('createUserModal');
+                    loadUsers();
+                    loadStats();
+                } else {
+                    alert('Error: ' + (response.error || 'Unknown error'));
+                }
+            } catch (error) {
+                alert('Error creating user: ' + error.message);
+            }
+        });
+        async function disableUser(token) {
+            const reason = prompt('Enter reason for disabling user:');
+            if (!reason) return;
+            try {
+                const response = await apiCall(`/users/${token}/disable`, {
+                    method: 'POST',
+                    body: JSON.stringify({ reason })
+                });
+                if (response && response.success) {
+                    alert('User disabled successfully');
+                    loadUsers();
+                    loadStats();
+                } else {
+                    alert('Error: ' + (response.error || 'Unknown error'));
+                }
+            } catch (error) {
+                alert('Error disabling user: ' + error.message);
+            }
+        }
+        async function enableUser(token) {
+            try {
+                const response = await apiCall(`/users/${token}/enable`, {
+                    method: 'POST'
+                });
+                if (response && response.success) {
+                    alert('User enabled successfully');
+                    loadUsers();
+                    loadStats();
+                } else {
+                    alert('Error: ' + (response.error || 'Unknown error'));
+                }
+            } catch (error) {
+                alert('Error enabling user: ' + error.message);
+            }
+        }
+        async function deleteUser(token) {
+            if (!confirm('Are you sure you want to permanently delete this user? This action cannot be undone.')) {
+                return;
+            }
+            try {
+                const response = await apiCall(`/users/${token}`, {
+                    method: 'DELETE'
+                });
+                if (response && response.success) {
+                    alert('User deleted successfully');
+                    loadUsers();
+                    loadStats();
+                } else {
+                    alert('Error: ' + (response.error || 'Unknown error'));
+                }
+            } catch (error) {
+                alert('Error deleting user: ' + error.message);
+            }
+        }
+        async function rotateToken(token) {
+            if (!confirm('Are you sure you want to rotate this user\'s token?')) {
+                return;
+            }
+            try {
+                const response = await apiCall(`/users/${token}/rotate`, {
+                    method: 'POST'
+                });
+                if (response && response.success) {
+                    alert('Token rotated successfully! New token: ' + response.new_token);
+                    loadUsers();
+                } else {
+                    alert('Error: ' + (response.error || 'Unknown error'));
+                }
+            } catch (error) {
+                alert('Error rotating token: ' + error.message);
+            }
+        }
+        async function refreshQuotas() {
+            if (!confirm('Are you sure you want to refresh quotas for all users?')) {
+                return;
+            }
+            try {
+                const response = await apiCall('/bulk/refresh-quotas', {
+                    method: 'POST'
+                });
+                if (response && response.success) {
+                    alert(`Quotas refreshed for ${response.affected_users} users`);
+                    loadUsers();
+                    loadStats();
+                } else {
+                    alert('Error: ' + (response.error || 'Unknown error'));
+                }
+            } catch (error) {
+                alert('Error refreshing quotas: ' + error.message);
+            }
+        }
+        async function exportUsers() {
+            try {
+                const response = await apiCall('/users?limit=1000');
+                if (response && response.users) {
+                    const dataStr = JSON.stringify(response.users, null, 2);
+                    const dataUri = 'data:application/json;charset=utf-8,'+ encodeURIComponent(dataStr);
+                    const exportFileDefaultName = 'users_export.json';
+                    const linkElement = document.createElement('a');
+                    linkElement.setAttribute('href', dataUri);
+                    linkElement.setAttribute('download', exportFileDefaultName);
+                    linkElement.click();
+                }
+            } catch (error) {
+                alert('Error exporting users: ' + error.message);
+            }
+        }
+        // Close modal when clicking outside
+        window.onclick = function(event) {
+            const modals = document.getElementsByClassName('modal');
+            for (let i = 0; i < modals.length; i++) {
+                if (event.target === modals[i]) {
+                    modals[i].style.display = 'none';
+                }
+            }
+        }
+    </script>
+</body>
+</html>

{templates → pages}/dashboard.html RENAMED Viewed

@@ -443,7 +443,14 @@
                 <div style="background: rgba(255, 255, 255, 0.3); padding: 15px; border-radius: 10px; margin-top: 15px;">
                     <h4>🔑 API Key Configuration:</h4>
-                    <p><strong>Passcode:</strong> Use any value (For now)</p>
                 </div>
             </div>
             <div class="card">
@@ -492,12 +499,12 @@
                     <!-- Token counters for each service -->
                     <div style="display: flex; gap: 15px; margin-bottom: 10px; flex-wrap: wrap;">
                         <div class="metric status-good" style="padding: 10px; margin: 0; display: inline-block; min-width: 80px;">
-                            <div class="metric-value" style="font-size: 1.2em;">{{health.prompt_tokens|default(0)}}</div>
-                            <div class="metric-label" style="font-size: 0.8em;">Prompt Tokens</div>
                         </div>
                         <div class="metric status-good" style="padding: 10px; margin: 0; display: inline-block; min-width: 80px;">
                             <div class="metric-value" style="font-size: 1.2em;">{{health.total_tokens|default(0)}}</div>
-                            <div class="metric-label" style="font-size: 0.8em;">Total Tokens</div>
                         </div>
                     </div>

                 <div style="background: rgba(255, 255, 255, 0.3); padding: 15px; border-radius: 10px; margin-top: 15px;">
                     <h4>🔑 API Key Configuration:</h4>
+                    <p><strong>Authentication Mode:</strong> {{ config.auth_display }}</p>
+                    {% if config.auth_mode == 'proxy_key' %}
+                    <p><strong>Usage:</strong> Use the configured proxy password as your API key</p>
+                    {% elif config.auth_mode == 'user_token' %}
+                    <p><strong>Usage:</strong> Each user has a unique token (contact admin for your token)</p>
+                    {% elif config.auth_mode == 'none' %}
+                    <p><strong>Usage:</strong> No authentication required - use any value</p>
+                    {% endif %}
                 </div>
             </div>
             <div class="card">
                     <!-- Token counters for each service -->
                     <div style="display: flex; gap: 15px; margin-bottom: 10px; flex-wrap: wrap;">
                         <div class="metric status-good" style="padding: 10px; margin: 0; display: inline-block; min-width: 80px;">
+                            <div class="metric-value" style="font-size: 1.2em;">{{health.successful_requests|default(0)}}</div>
+                            <div class="metric-label" style="font-size: 0.8em;">Prompts</div>
                         </div>
                         <div class="metric status-good" style="padding: 10px; margin: 0; display: inline-block; min-width: 80px;">
                             <div class="metric-value" style="font-size: 1.2em;">{{health.total_tokens|default(0)}}</div>
+                            <div class="metric-label" style="font-size: 0.8em;">Tokens</div>
                         </div>
                     </div>

requirements.txt CHANGED Viewed

@@ -2,4 +2,6 @@ Flask==2.3.3
 requests==2.31.0
 gunicorn==21.2.0
 python-dotenv==1.0.0
-tiktoken==0.5.2

 requests==2.31.0
 gunicorn==21.2.0
 python-dotenv==1.0.0
+tiktoken==0.5.2
+firebase-admin==6.3.0
+Flask-WTF==1.1.1

run.py ADDED Viewed

	@@ -0,0 +1,30 @@

+#!/usr/bin/env python3
+"""
+Startup script for NyanProxy
+"""
+import sys
+import os
+# Add the project root to Python path so imports work correctly
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+# Run the application
+if __name__ == '__main__':
+    from core.app import app
+    port = int(os.getenv('PORT', 7860))
+    debug_mode = os.getenv('DEBUG', 'False').lower() == 'true'
+    if debug_mode:
+        # Development mode with debugging
+        app.run(host='0.0.0.0', port=port, debug=True, threaded=True)
+    else:
+        # Production mode with threading and better performance
+        app.run(
+            host='0.0.0.0',
+            port=port,
+            debug=False,
+            threaded=True,
+            processes=1,
+            use_reloader=False
+        )

src/__init__.py ADDED Viewed

	@@ -0,0 +1 @@


1	+ # NyanProxy authentication and user management system

src/config/__init__.py ADDED Viewed

	@@ -0,0 +1 @@


1	+ # Configuration module

src/config/auth.py ADDED Viewed

	@@ -0,0 +1,76 @@

+import os
+import base64
+from typing import Optional, Literal
+AuthMode = Literal["none", "proxy_key", "user_token"]
+class AuthConfig:
+    """Authentication configuration with environment variable support"""
+    def __init__(self):
+        self.mode: AuthMode = os.getenv('AUTH_MODE', 'user_token').lower()
+        self.proxy_password: Optional[str] = os.getenv('PROXY_PASSWORD')
+        self.admin_key: Optional[str] = os.getenv('ADMIN_KEY')
+        # User token settings
+        self.max_ips_per_user: int = int(os.getenv('MAX_IPS_PER_USER', '3'))
+        self.max_ips_auto_ban: bool = os.getenv('MAX_IPS_AUTO_BAN', 'true').lower() == 'true'
+        # Rate limiting
+        self.rate_limit_per_minute: int = int(os.getenv('RATE_LIMIT_PER_MINUTE', '60'))
+        self.rate_limit_enabled: bool = os.getenv('RATE_LIMIT_ENABLED', 'true').lower() == 'true'
+        # Firebase configuration
+        self.firebase_url: Optional[str] = os.getenv('FIREBASE_URL')
+        self.firebase_service_account_key: Optional[str] = self._get_firebase_service_account_key()
+        # Validate configuration
+        self._validate_config()
+    def _get_firebase_service_account_key(self) -> Optional[str]:
+        """Get Firebase service account key, supporting both JSON and Base64 formats"""
+        key = os.getenv('FIREBASE_SERVICE_ACCOUNT_KEY')
+        if not key:
+            return None
+        # Check if it's base64 encoded (try to decode)
+        try:
+            # Try to decode as base64 first
+            decoded = base64.b64decode(key).decode('utf-8')
+            # If successful and looks like JSON, return it
+            if decoded.strip().startswith('{'):
+                print(f"Decoding Base64 key (first 50 chars): {key[:50]}...")
+                print(f"Decoded successfully (first 100 chars): {decoded[:100]}...")
+                return decoded
+        except Exception as e:
+            print(f"Base64 decode error: {e}")
+        # Return as-is (assume it's already JSON)
+        print(f"Using key as-is (first 50 chars): {key[:50]}...")
+        return key
+    def _validate_config(self):
+        """Validate authentication configuration"""
+        if self.mode not in ["none", "proxy_key", "user_token"]:
+            raise ValueError(f"Invalid AUTH_MODE: {self.mode}. Must be 'none', 'proxy_key', or 'user_token'")
+        if self.mode == "proxy_key" and not self.proxy_password:
+            raise ValueError("PROXY_PASSWORD is required when AUTH_MODE is 'proxy_key'")
+        if self.mode == "user_token" and not self.firebase_url:
+            print("Warning: Firebase URL not configured. User tokens will be stored in memory only.")
+    def is_auth_required(self) -> bool:
+        """Check if authentication is required"""
+        return self.mode in ["proxy_key", "user_token"]
+    def is_user_token_mode(self) -> bool:
+        """Check if user token mode is enabled"""
+        return self.mode == "user_token"
+    def is_proxy_key_mode(self) -> bool:
+        """Check if proxy key mode is enabled"""
+        return self.mode == "proxy_key"
+# Global config instance
+auth_config = AuthConfig()

src/middleware/__init__.py ADDED Viewed

	@@ -0,0 +1 @@


1	+ # Middleware module

src/middleware/auth.py ADDED Viewed

	@@ -0,0 +1,257 @@

+from flask import request, jsonify, g, session, redirect, url_for
+from functools import wraps
+from typing import Optional, Tuple
+import time
+import hashlib
+from collections import defaultdict
+import secrets
+from ..config.auth import auth_config
+from ..services.user_store import user_store, AuthResult
+# Rate limiting storage
+rate_limit_store = defaultdict(list)
+def extract_token_from_request() -> Optional[str]:
+    """Extract authentication token from request headers"""
+    # Check Authorization header (Bearer token)
+    auth_header = request.headers.get('Authorization')
+    if auth_header and auth_header.startswith('Bearer '):
+        return auth_header[7:]  # Remove "Bearer " prefix
+    # Check x-api-key header
+    api_key = request.headers.get('x-api-key')
+    if api_key:
+        return api_key
+    # Check key query parameter
+    key_param = request.args.get('key')
+    if key_param:
+        return key_param
+    return None
+def get_client_ip() -> str:
+    """Get client IP address from request"""
+    # Check X-Forwarded-For header (for proxies)
+    forwarded_for = request.headers.get('X-Forwarded-For')
+    if forwarded_for:
+        return forwarded_for.split(',')[0].strip()
+    # Check X-Real-IP header (for nginx)
+    real_ip = request.headers.get('X-Real-IP')
+    if real_ip:
+        return real_ip
+    # Fallback to remote_addr
+    return request.remote_addr or '127.0.0.1'
+def check_rate_limit(identifier: str, limit_per_minute: int = None) -> Tuple[bool, int]:
+    """Check if identifier is within rate limit. Returns (allowed, remaining)"""
+    if not auth_config.rate_limit_enabled:
+        return True, limit_per_minute or auth_config.rate_limit_per_minute
+    if limit_per_minute is None:
+        limit_per_minute = auth_config.rate_limit_per_minute
+    current_time = time.time()
+    minute_ago = current_time - 60
+    # Clean old entries
+    rate_limit_store[identifier] = [
+        timestamp for timestamp in rate_limit_store[identifier]
+        if timestamp > minute_ago
+    ]
+    # Check if under limit
+    current_count = len(rate_limit_store[identifier])
+    if current_count >= limit_per_minute:
+        return False, 0
+    # Add current request
+    rate_limit_store[identifier].append(current_time)
+    return True, limit_per_minute - current_count - 1
+def authenticate_request() -> Tuple[bool, Optional[str], Optional[dict]]:
+    """
+    Authenticate request based on auth mode.
+    Returns (success, error_message, user_data)
+    """
+    client_ip = get_client_ip()
+    # Check authentication mode
+    if auth_config.mode == "none":
+        # No authentication required
+        return True, None, {"type": "none", "ip": client_ip}
+    elif auth_config.mode == "proxy_key":
+        # Single proxy password authentication
+        token = extract_token_from_request()
+        if not token:
+            return False, "Authentication required: provide API key", None
+        if token != auth_config.proxy_password:
+            return False, "Invalid API key", None
+        # Check rate limit by IP for proxy key mode
+        allowed, remaining = check_rate_limit(client_ip)
+        if not allowed:
+            return False, "Rate limit exceeded", None
+        return True, None, {
+            "type": "proxy_key",
+            "ip": client_ip,
+            "rate_limit_remaining": remaining
+        }
+    elif auth_config.mode == "user_token":
+        # Individual user token authentication
+        token = extract_token_from_request()
+        if not token:
+            return False, "Authentication required: provide user token", None
+        # Authenticate with user store
+        auth_result, user = user_store.authenticate(token, client_ip)
+        if auth_result == AuthResult.NOT_FOUND:
+            return False, "Invalid user token", None
+        elif auth_result == AuthResult.DISABLED:
+            reason = user.disabled_reason or "Account disabled"
+            return False, f"Account disabled: {reason}", None
+        elif auth_result == AuthResult.LIMITED:
+            return False, "IP address limit exceeded", None
+        elif auth_result == AuthResult.SUCCESS:
+            # Check rate limit by user token
+            allowed, remaining = check_rate_limit(token)
+            if not allowed:
+                return False, "Rate limit exceeded", None
+            return True, None, {
+                "type": "user_token",
+                "token": token,
+                "user": user,
+                "ip": client_ip,
+                "rate_limit_remaining": remaining
+            }
+    return False, "Invalid authentication mode", None
+def require_auth(f):
+    """Decorator to require authentication for endpoints"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        success, error_message, user_data = authenticate_request()
+        if not success:
+            return jsonify({"error": error_message}), 401
+        # Store auth data in Flask g object for use in endpoint
+        g.auth_data = user_data
+        return f(*args, **kwargs)
+    return decorated_function
+def require_admin_auth(f):
+    """Decorator to require admin authentication"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        # Check for admin key in Authorization header
+        auth_header = request.headers.get('Authorization')
+        if not auth_header or not auth_header.startswith('Bearer '):
+            return jsonify({"error": "Admin authentication required"}), 401
+        admin_key = auth_header[7:]  # Remove "Bearer " prefix
+        if admin_key != auth_config.admin_key:
+            return jsonify({"error": "Invalid admin key"}), 401
+        return f(*args, **kwargs)
+    return decorated_function
+def check_quota(model_family: str) -> Tuple[bool, Optional[str]]:
+    """Check if current user has quota for model family"""
+    if not hasattr(g, 'auth_data') or g.auth_data["type"] != "user_token":
+        return True, None  # No quota limits for non-user-token auth
+    token = g.auth_data["token"]
+    has_quota, used, limit = user_store.check_quota(token, model_family)
+    if not has_quota:
+        return False, f"Quota exceeded for {model_family}: {used}/{limit} tokens used"
+    return True, None
+def track_token_usage(model_family: str, input_tokens: int, output_tokens: int, cost: float = 0.0, response_time_ms: float = 0.0):
+    """Track token usage for current user with enhanced tracking"""
+    if not hasattr(g, 'auth_data') or g.auth_data["type"] != "user_token":
+        return  # No tracking for non-user-token auth
+    token = g.auth_data["token"]
+    user = g.auth_data["user"]
+    ip_hash = hashlib.sha256(g.auth_data["ip"].encode()).hexdigest()
+    user_agent = request.headers.get('User-Agent', '')
+    # Use the enhanced tracking method
+    user.add_request_tracking(
+        model_family=model_family,
+        input_tokens=input_tokens,
+        output_tokens=output_tokens,
+        cost=cost,
+        ip_hash=ip_hash,
+        user_agent=user_agent
+    )
+    # Also use the new structured event logger
+    from ..services.structured_event_logger import structured_logger
+    structured_logger.log_chat_completion(
+        user_token=token,
+        model_family=model_family,
+        model_name=f"{model_family}-model",
+        input_tokens=input_tokens,
+        output_tokens=output_tokens,
+        cost_usd=cost,
+        response_time_ms=response_time_ms,
+        success=True,
+        ip_hash=ip_hash,
+        user_agent=user_agent
+    )
+    # Mark user for Firebase sync
+    user_store.flush_queue.add(token)
+def require_admin_session(f):
+    """Decorator to require admin session authentication for web interface"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if not session.get('admin_authenticated'):
+            return redirect(url_for('admin.login'))
+        return f(*args, **kwargs)
+    return decorated_function
+def generate_csrf_token():
+    """Generate a CSRF token"""
+    if 'csrf_token' not in session:
+        session['csrf_token'] = secrets.token_urlsafe(32)
+    return session['csrf_token']
+def validate_csrf_token(token):
+    """Validate CSRF token"""
+    return token and token == session.get('csrf_token')
+def csrf_protect(f):
+    """Decorator to protect against CSRF attacks"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if request.method == 'POST':
+            token = request.form.get('_csrf') or request.headers.get('X-CSRFToken')
+            if not validate_csrf_token(token):
+                return jsonify({'error': 'CSRF token validation failed'}), 403
+        return f(*args, **kwargs)
+    return decorated_function

src/routes/__init__.py ADDED Viewed

	@@ -0,0 +1 @@


1	+ # Routes module

src/routes/admin.py ADDED Viewed

	@@ -0,0 +1,379 @@

+from flask import Blueprint, request, jsonify
+from typing import Dict, Any, List
+from datetime import datetime
+from ..middleware.auth import require_admin_auth
+from ..services.user_store import user_store, UserType
+from ..services.event_logger import event_logger
+admin_bp = Blueprint('admin_api', __name__, url_prefix='/admin/api')
+@admin_bp.route('/users', methods=['GET'])
+@require_admin_auth
+def list_users():
+    """List all users with pagination and filtering"""
+    page = int(request.args.get('page', 1))
+    limit = int(request.args.get('limit', 50))
+    user_type = request.args.get('type')
+    search = request.args.get('search', '').lower()
+    all_users = user_store.get_all_users()
+    # Apply filters
+    filtered_users = []
+    for user in all_users:
+        if user_type and user.type.value != user_type:
+            continue
+        if search:
+            if (search in user.token.lower() or
+                (user.nickname and search in user.nickname.lower()) or
+                (user.disabled_reason and search in user.disabled_reason.lower())):
+                filtered_users.append(user)
+        else:
+            filtered_users.append(user)
+    # Pagination
+    start = (page - 1) * limit
+    end = start + limit
+    paginated_users = filtered_users[start:end]
+    # Convert to dict with additional stats
+    users_data = []
+    for user in paginated_users:
+        user_dict = user.to_dict()
+        # Add usage statistics
+        total_tokens = sum(count.total for count in user.token_counts.values())
+        total_requests = sum(usage.prompt_count for usage in user.ip_usage)
+        user_dict['stats'] = {
+            'total_tokens': total_tokens,
+            'total_requests': total_requests,
+            'ip_count': len(user.ip),
+            'days_since_created': (datetime.now() - user.created_at).days
+        }
+        users_data.append(user_dict)
+    return jsonify({
+        'users': users_data,
+        'pagination': {
+            'page': page,
+            'limit': limit,
+            'total': len(filtered_users),
+            'has_next': end < len(filtered_users)
+        }
+    })
+@admin_bp.route('/users', methods=['POST'])
+@require_admin_auth
+def create_user():
+    """Create a new user"""
+    data = request.get_json()
+    user_type = UserType(data.get('type', 'normal'))
+    nickname = data.get('nickname')
+    token_limits = data.get('token_limits', {})
+    try:
+        token = user_store.create_user(
+            user_type=user_type,
+            token_limits=token_limits,
+            nickname=nickname
+        )
+        # Log admin action
+        event_logger.log_user_action(
+            token=token,
+            action='user_created',
+            details={
+                'created_by': 'admin',
+                'type': user_type.value,
+                'nickname': nickname
+            }
+        )
+        return jsonify({
+            'success': True,
+            'token': token,
+            'message': 'User created successfully'
+        })
+    except Exception as e:
+        return jsonify({
+            'success': False,
+            'error': str(e)
+        }), 500
+@admin_bp.route('/users/<token>', methods=['GET'])
+@require_admin_auth
+def get_user(token: str):
+    """Get detailed user information"""
+    user = user_store.get_user(token)
+    if not user:
+        return jsonify({'error': 'User not found'}), 404
+    user_dict = user.to_dict()
+    # Add detailed statistics
+    usage_stats = event_logger.get_usage_stats(token)
+    user_dict['usage_stats'] = usage_stats
+    # Add recent events
+    recent_events = event_logger.get_events(token=token, limit=10)
+    user_dict['recent_events'] = recent_events
+    return jsonify(user_dict)
+@admin_bp.route('/users/<token>', methods=['PUT'])
+@require_admin_auth
+def update_user(token: str):
+    """Update user properties"""
+    user = user_store.get_user(token)
+    if not user:
+        return jsonify({'error': 'User not found'}), 404
+    data = request.get_json()
+    # Update nickname
+    if 'nickname' in data:
+        user.nickname = data['nickname']
+    # Update token limits
+    if 'token_limits' in data:
+        user.token_limits.update(data['token_limits'])
+    # Update user type
+    if 'type' in data:
+        user.type = UserType(data['type'])
+    # Add to flush queue
+    user_store.flush_queue.add(token)
+    # Log admin action
+    event_logger.log_user_action(
+        token=token,
+        action='user_updated',
+        details={
+            'updated_by': 'admin',
+            'changes': data
+        }
+    )
+    return jsonify({
+        'success': True,
+        'message': 'User updated successfully'
+    })
+@admin_bp.route('/users/<token>/disable', methods=['POST'])
+@require_admin_auth
+def disable_user(token: str):
+    """Disable/ban a user"""
+    data = request.get_json() or {}
+    reason = data.get('reason', 'Disabled by admin')
+    success = user_store.disable_user(token, reason)
+    if not success:
+        return jsonify({'error': 'User not found'}), 404
+    # Log admin action
+    event_logger.log_user_action(
+        token=token,
+        action='user_disabled',
+        details={
+            'disabled_by': 'admin',
+            'reason': reason
+        }
+    )
+    return jsonify({
+        'success': True,
+        'message': 'User disabled successfully'
+    })
+@admin_bp.route('/users/<token>/enable', methods=['POST'])
+@require_admin_auth
+def enable_user(token: str):
+    """Enable/unban a user"""
+    success = user_store.reactivate_user(token)
+    if not success:
+        return jsonify({'error': 'User not found'}), 404
+    # Log admin action
+    event_logger.log_user_action(
+        token=token,
+        action='user_enabled',
+        details={
+            'enabled_by': 'admin'
+        }
+    )
+    return jsonify({
+        'success': True,
+        'message': 'User enabled successfully'
+    })
+@admin_bp.route('/users/<token>/rotate', methods=['POST'])
+@require_admin_auth
+def rotate_user_token(token: str):
+    """Rotate user token"""
+    new_token = user_store.rotate_user_token(token)
+    if not new_token:
+        return jsonify({'error': 'User not found'}), 404
+    # Log admin action
+    event_logger.log_user_action(
+        token=new_token,
+        action='token_rotated',
+        details={
+            'rotated_by': 'admin',
+            'old_token': token[:8] + '...'
+        }
+    )
+    return jsonify({
+        'success': True,
+        'new_token': new_token,
+        'message': 'Token rotated successfully'
+    })
+@admin_bp.route('/users/<token>', methods=['DELETE'])
+@require_admin_auth
+def delete_user(token: str):
+    """Delete a user (automatically disables first if needed)"""
+    try:
+        user = user_store.get_user(token)
+        if not user:
+            return jsonify({'error': 'User not found'}), 404
+        # If user is not disabled, disable them first
+        if not user.is_disabled():
+            user_store.disable_user(token, "Disabled before deletion by admin")
+            # Log disable action
+            event_logger.log_user_action(
+                token=token,
+                action='user_disabled',
+                details={
+                    'disabled_by': 'admin',
+                    'reason': 'Disabled before deletion by admin'
+                }
+            )
+        # Now delete the user
+        success = user_store.delete_user(token)
+        if not success:
+            return jsonify({'error': 'Failed to delete user'}), 500
+        # Log admin action
+        event_logger.log_user_action(
+            token=token,
+            action='user_deleted',
+            details={
+                'deleted_by': 'admin'
+            }
+        )
+        return jsonify({
+            'success': True,
+            'message': 'User deleted successfully'
+        })
+    except Exception as e:
+        return jsonify({
+            'success': False,
+            'error': f'Failed to delete user: {str(e)}'
+        }), 500
+@admin_bp.route('/stats', methods=['GET'])
+@require_admin_auth
+def get_admin_stats():
+    """Get overall system statistics"""
+    all_users = user_store.get_all_users()
+    stats = {
+        'total_users': len(all_users),
+        'active_users': len([u for u in all_users if not u.is_disabled()]),
+        'disabled_users': len([u for u in all_users if u.is_disabled()]),
+        'users_by_type': {
+            'normal': len([u for u in all_users if u.type == UserType.NORMAL]),
+            'special': len([u for u in all_users if u.type == UserType.SPECIAL]),
+            'temporary': len([u for u in all_users if u.type == UserType.TEMPORARY])
+        },
+        'usage_stats': event_logger.get_usage_stats(),
+        'event_counts': event_logger.get_event_counts()
+    }
+    return jsonify(stats)
+@admin_bp.route('/events', methods=['GET'])
+@require_admin_auth
+def get_events():
+    """Get system events with filtering"""
+    token = request.args.get('token')
+    event_type = request.args.get('type')
+    limit = int(request.args.get('limit', 100))
+    offset = int(request.args.get('offset', 0))
+    events = event_logger.get_events(
+        token=token,
+        event_type=event_type,
+        limit=limit,
+        offset=offset
+    )
+    return jsonify({
+        'events': events,
+        'pagination': {
+            'limit': limit,
+            'offset': offset,
+            'has_more': len(events) == limit
+        }
+    })
+@admin_bp.route('/bulk/refresh-quotas', methods=['POST'])
+@require_admin_auth
+def bulk_refresh_quotas():
+    """Refresh quotas for all users"""
+    data = request.get_json() or {}
+    model_family = data.get('model_family', 'all')
+    affected_users = 0
+    for user in user_store.get_all_users():
+        if user.is_disabled():
+            continue
+        # Reset token counts
+        if model_family == 'all':
+            for family in user.token_counts:
+                user.token_counts[family] = type(user.token_counts[family])()
+        elif model_family in user.token_counts:
+            user.token_counts[model_family] = type(user.token_counts[model_family])()
+        user_store.flush_queue.add(user.token)
+        affected_users += 1
+    # Log admin action
+    event_logger.log_user_action(
+        token='admin',
+        action='bulk_refresh_quotas',
+        details={
+            'performed_by': 'admin',
+            'model_family': model_family,
+            'affected_users': affected_users
+        }
+    )
+    return jsonify({
+        'success': True,
+        'affected_users': affected_users,
+        'message': f'Refreshed quotas for {affected_users} users'
+    })

src/routes/admin_web.py ADDED Viewed

	@@ -0,0 +1,507 @@

+from flask import Blueprint, request, jsonify, render_template, redirect, url_for, session, flash
+from typing import Dict, Any, List
+from datetime import datetime
+import os
+from ..middleware.auth import require_admin_auth, require_admin_session
+from ..services.user_store import user_store, UserType
+from ..services.event_logger import event_logger
+from ..services.structured_event_logger import structured_logger
+from ..config.auth import auth_config
+admin_web_bp = Blueprint('admin', __name__, url_prefix='/admin')
+@admin_web_bp.route('/login', methods=['GET', 'POST'])
+def login():
+    """Admin login page"""
+    if request.method == 'POST':
+        admin_key = request.form.get('admin_key')
+        if admin_key == auth_config.admin_key:
+            session['admin_authenticated'] = True
+            session.permanent = True
+            flash('Successfully logged in', 'success')
+            return redirect(url_for('admin.dashboard'))
+        else:
+            flash('Invalid admin key', 'error')
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/login.html', config=dashboard_config)
+@admin_web_bp.route('/logout')
+def logout():
+    """Admin logout"""
+    session.pop('admin_authenticated', None)
+    flash('Successfully logged out', 'info')
+    return redirect(url_for('admin.login'))
+@admin_web_bp.route('/')
+@require_admin_session
+def dashboard():
+    """Admin dashboard"""
+    # Get system statistics
+    all_users = user_store.get_all_users()
+    stats = {
+        'total_users': len(all_users),
+        'active_users': len([u for u in all_users if not u.is_disabled()]),
+        'disabled_users': len([u for u in all_users if u.is_disabled()]),
+        'users_by_type': {
+            'normal': len([u for u in all_users if u.type == UserType.NORMAL]),
+            'special': len([u for u in all_users if u.type == UserType.SPECIAL]),
+            'temporary': len([u for u in all_users if u.type == UserType.TEMPORARY])
+        },
+        'usage_stats': event_logger.get_usage_stats(),
+        'event_counts': event_logger.get_event_counts()
+    }
+    # Get recent events
+    recent_events = event_logger.get_events(limit=10)
+    # Get first 10 users for dashboard display
+    recent_users = all_users[:10]
+    users_data = []
+    for user in recent_users:
+        total_tokens = sum(count.total for count in user.token_counts.values())
+        total_requests = sum(usage.prompt_count for usage in user.ip_usage)
+        user_data = {
+            'user': user,
+            'stats': {
+                'total_tokens': total_tokens,
+                'total_requests': total_requests,
+                'ip_count': len(user.ip),
+                'days_since_created': (datetime.now() - user.created_at).days
+            }
+        }
+        users_data.append(user_data)
+    dashboard_config = {
+        'title': f"{os.getenv('BRAND_EMOJI', '🐱')} {os.getenv('DASHBOARD_TITLE', 'NyanProxy Admin')}",
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/dashboard.html',
+                         config=dashboard_config,
+                         stats=stats,
+                         recent_events=recent_events,
+                         users_data=users_data,
+                         auth_config=auth_config,
+                         firebase_connected=hasattr(user_store, 'firebase_db') and user_store.firebase_db is not None)
+@admin_web_bp.route('/users')
+@require_admin_session
+def list_users():
+    """List all users with pagination and filtering"""
+    page = int(request.args.get('page', 1))
+    limit = int(request.args.get('limit', 25))
+    user_type = request.args.get('type')
+    search = request.args.get('search', '').lower()
+    all_users = user_store.get_all_users()
+    # Apply filters
+    filtered_users = []
+    for user in all_users:
+        if user_type and user.type.value != user_type:
+            continue
+        if search:
+            if (search in user.token.lower() or
+                (user.nickname and search in user.nickname.lower()) or
+                (user.disabled_reason and search in user.disabled_reason.lower())):
+                filtered_users.append(user)
+        else:
+            filtered_users.append(user)
+    # Pagination
+    start = (page - 1) * limit
+    end = start + limit
+    paginated_users = filtered_users[start:end]
+    # Add usage statistics to user objects
+    users_data = []
+    for user in paginated_users:
+        # Add usage statistics
+        total_tokens = sum(count.total for count in user.token_counts.values())
+        total_requests = sum(usage.prompt_count for usage in user.ip_usage)
+        # Create a user data object that preserves datetime objects
+        user_data = {
+            'user': user,  # Keep the original user object with datetime fields
+            'stats': {
+                'total_tokens': total_tokens,
+                'total_requests': total_requests,
+                'ip_count': len(user.ip),
+                'days_since_created': (datetime.now() - user.created_at).days
+            }
+        }
+        users_data.append(user_data)
+    pagination = {
+        'page': page,
+        'limit': limit,
+        'total': len(filtered_users),
+        'has_next': end < len(filtered_users)
+    }
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/list_users.html',
+                         config=dashboard_config,
+                         users=users_data,
+                         pagination=pagination)
+@admin_web_bp.route('/users/create', methods=['GET', 'POST'])
+@require_admin_session
+def create_user():
+    """Create a new user"""
+    if request.method == 'POST':
+        user_type = UserType(request.form.get('type', 'normal'))
+        nickname = request.form.get('nickname') or None
+        # Parse token limits
+        token_limits = {}
+        if request.form.get('openai_limit'):
+            token_limits['openai'] = int(request.form.get('openai_limit'))
+        if request.form.get('anthropic_limit'):
+            token_limits['anthropic'] = int(request.form.get('anthropic_limit'))
+        # Parse temporary user options
+        prompt_limits = None
+        max_ips = None
+        if user_type == UserType.TEMPORARY:
+            if request.form.get('prompt_limits'):
+                prompt_limits = int(request.form.get('prompt_limits'))
+            if request.form.get('max_ips'):
+                max_ips = int(request.form.get('max_ips'))
+        try:
+            token = user_store.create_user(
+                user_type=user_type,
+                token_limits=token_limits,
+                nickname=nickname,
+                prompt_limits=prompt_limits,
+                max_ips=max_ips
+            )
+            # Log admin action (both old and new loggers)
+            event_logger.log_user_action(
+                token=token,
+                action='user_created',
+                details={
+                    'created_by': 'admin',
+                    'type': user_type.value,
+                    'nickname': nickname,
+                    'prompt_limits': prompt_limits,
+                    'max_ips': max_ips
+                }
+            )
+            # Also log with structured logger
+            structured_logger.log_user_action(
+                user_token=token,
+                action='user_created',
+                details={
+                    'created_by': 'admin',
+                    'type': user_type.value,
+                    'nickname': nickname,
+                    'token_limits': token_limits,
+                    'prompt_limits': prompt_limits,
+                    'max_ips': max_ips
+                },
+                admin_user='admin'
+            )
+            flash(f'User created successfully! Token: {token}', 'success')
+            return redirect(url_for('admin.create_user') + '?created=true')
+        except Exception as e:
+            flash(f'Error creating user: {str(e)}', 'error')
+    # Get recent users for display
+    all_users = user_store.get_all_users()
+    recent_users = sorted(all_users, key=lambda u: u.created_at, reverse=True)[:5]
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/create_user.html',
+                         config=dashboard_config,
+                         recent_users=recent_users,
+                         new_user_created=request.args.get('created') == 'true')
+@admin_web_bp.route('/users/<token>')
+@require_admin_session
+def view_user(token: str):
+    """View detailed user information"""
+    user = user_store.get_user(token)
+    if not user:
+        flash('User not found', 'error')
+        return redirect(url_for('admin.list_users'))
+    # Add detailed statistics
+    usage_stats = event_logger.get_usage_stats(token)
+    # Add recent events
+    recent_events = event_logger.get_events(token=token, limit=20)
+    # Create user data object that preserves datetime objects
+    user_data = {
+        'user': user,
+        'usage_stats': usage_stats,
+        'recent_events': recent_events
+    }
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/view_user.html',
+                         config=dashboard_config,
+                         user_data=user_data)
+@admin_web_bp.route('/users/<token>/edit', methods=['GET', 'POST'])
+@require_admin_session
+def edit_user(token: str):
+    """Edit user properties"""
+    user = user_store.get_user(token)
+    if not user:
+        flash('User not found', 'error')
+        return redirect(url_for('admin.list_users'))
+    if request.method == 'POST':
+        # Update nickname
+        if 'nickname' in request.form:
+            user.nickname = request.form['nickname']
+        # Update token limits
+        token_limits = {}
+        if request.form.get('openai_limit'):
+            token_limits['openai'] = int(request.form.get('openai_limit'))
+        if request.form.get('anthropic_limit'):
+            token_limits['anthropic'] = int(request.form.get('anthropic_limit'))
+        if token_limits:
+            user.token_limits.update(token_limits)
+        # Update user type
+        if 'type' in request.form:
+            user.type = UserType(request.form['type'])
+        # Add to flush queue
+        user_store.flush_queue.add(token)
+        # Log admin action
+        event_logger.log_user_action(
+            token=token,
+            action='user_updated',
+            details={
+                'updated_by': 'admin',
+                'changes': dict(request.form)
+            }
+        )
+        flash('User updated successfully', 'success')
+        return redirect(url_for('admin.view_user', token=token))
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/edit_user.html',
+                         config=dashboard_config,
+                         user=user)
+@admin_web_bp.route('/key-manager')
+@require_admin_session
+def key_manager():
+    """API key management interface"""
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/key_manager.html', config=dashboard_config)
+@admin_web_bp.route('/anti-abuse')
+@require_admin_session
+def anti_abuse():
+    """Anti-abuse settings interface"""
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/anti_abuse.html', config=dashboard_config)
+@admin_web_bp.route('/stats')
+@require_admin_session
+def stats():
+    """Statistics and analytics interface"""
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/stats.html', config=dashboard_config)
+@admin_web_bp.route('/bulk-operations')
+@require_admin_session
+def bulk_operations():
+    """Bulk operations interface"""
+    dashboard_config = {
+        'brand_name': os.getenv('BRAND_NAME', 'NyanProxy'),
+        'brand_emoji': os.getenv('BRAND_EMOJI', '🐱'),
+    }
+    return render_template('admin/bulk_operations.html', config=dashboard_config)
+# Add AJAX routes for frontend user management operations
+@admin_web_bp.route('/users/<token>', methods=['DELETE'])
+@require_admin_session
+def delete_user_web(token: str):
+    """Delete a user via AJAX (automatically disables first if needed)"""
+    try:
+        user = user_store.get_user(token)
+        if not user:
+            return jsonify({'error': 'User not found'}), 404
+        # If user is not disabled, disable them first
+        if not user.is_disabled():
+            user_store.disable_user(token, "Disabled before deletion by admin")
+            # Log disable action
+            event_logger.log_user_action(
+                token=token,
+                action='user_disabled',
+                details={
+                    'disabled_by': 'admin',
+                    'reason': 'Disabled before deletion by admin'
+                }
+            )
+        # Now delete the user
+        success = user_store.delete_user(token)
+        if not success:
+            return jsonify({'error': 'Failed to delete user'}), 500
+        # Log admin action
+        event_logger.log_user_action(
+            token=token,
+            action='user_deleted',
+            details={
+                'deleted_by': 'admin'
+            }
+        )
+        return jsonify({
+            'success': True,
+            'message': 'User deleted successfully'
+        })
+    except Exception as e:
+        return jsonify({
+            'success': False,
+            'error': f'Failed to delete user: {str(e)}'
+        }), 500
+@admin_web_bp.route('/users/<token>/disable', methods=['POST'])
+@require_admin_session
+def disable_user_web(token: str):
+    """Disable a user via AJAX"""
+    try:
+        # Handle both JSON and form data
+        if request.is_json:
+            data = request.get_json() or {}
+            reason = data.get('reason', 'Disabled by admin')
+        else:
+            reason = request.form.get('reason', 'Disabled by admin')
+        print(f"DEBUG: Attempting to disable user {token} with reason: {reason}")
+        # Check if user exists first
+        user = user_store.get_user(token)
+        if not user:
+            print(f"DEBUG: User {token} not found")
+            return jsonify({'error': 'User not found'}), 404
+        print(f"DEBUG: User found, current disabled status: {user.is_disabled()}")
+        success = user_store.disable_user(token, reason)
+        print(f"DEBUG: Disable operation result: {success}")
+        if not success:
+            return jsonify({'error': 'Failed to disable user'}), 500
+        # Log admin action
+        event_logger.log_user_action(
+            token=token,
+            action='user_disabled',
+            details={
+                'disabled_by': 'admin',
+                'reason': reason
+            }
+        )
+        return jsonify({
+            'success': True,
+            'message': 'User disabled successfully'
+        })
+    except Exception as e:
+        print(f"DEBUG: Exception occurred: {str(e)}")
+        return jsonify({
+            'success': False,
+            'error': f'Failed to disable user: {str(e)}'
+        }), 500
+@admin_web_bp.route('/users/<token>/enable', methods=['POST'])
+@require_admin_session
+def enable_user_web(token: str):
+    """Enable a user via AJAX"""
+    try:
+        success = user_store.reactivate_user(token)
+        if not success:
+            return jsonify({'error': 'User not found'}), 404
+        # Log admin action
+        event_logger.log_user_action(
+            token=token,
+            action='user_enabled',
+            details={
+                'enabled_by': 'admin'
+            }
+        )
+        return jsonify({
+            'success': True,
+            'message': 'User enabled successfully'
+        })
+    except Exception as e:
+        return jsonify({
+            'success': False,
+            'error': f'Failed to enable user: {str(e)}'
+        }), 500
+# Include the existing API routes for AJAX calls
+from .admin import admin_bp as admin_api_bp

src/routes/model_families_admin.py ADDED Viewed

	@@ -0,0 +1,249 @@

+"""
+🐱 Model Families Admin Interface
+================================
+Flask routes for managing model families through the admin interface.
+"""
+from flask import Blueprint, request, jsonify, render_template, redirect, url_for, flash
+from typing import Dict, Any, List
+import json
+from ..middleware.auth import require_admin_session
+from ..services.model_families import model_manager, AIProvider
+from ..services.structured_event_logger import structured_logger
+model_families_bp = Blueprint('model_families', __name__, url_prefix='/admin/model-families')
+@model_families_bp.route('/')
+@require_admin_session
+def model_families_dashboard():
+    """Model families management dashboard"""
+    # Get all providers and their whitelisted models
+    providers_data = {}
+    total_models = 0
+    total_whitelisted = 0
+    for provider in AIProvider:
+        all_models = model_manager.get_all_models(provider)
+        whitelisted_models = model_manager.get_whitelisted_models(provider)
+        providers_data[provider.value] = {
+            'name': provider.value.title(),
+            'all_models': [
+                {
+                    'id': model.model_id,
+                    'display_name': model.display_name,
+                    'description': model.description,
+                    'is_whitelisted': model in whitelisted_models,
+                    'input_cost': model.input_cost_per_1k,
+                    'output_cost': model.output_cost_per_1k,
+                    'context_length': model.context_length,
+                    'is_premium': model.is_premium,
+                    'cat_emoji': model.get_cat_emoji(),
+                    'cat_personality': model.cat_personality
+                }
+                for model in all_models
+            ],
+            'whitelisted_count': len(whitelisted_models),
+            'total_count': len(all_models)
+        }
+        total_models += len(all_models)
+        total_whitelisted += len(whitelisted_models)
+    # Get usage statistics
+    global_usage = model_manager.get_usage_stats()
+    cost_analysis = model_manager.get_cost_analysis()
+    dashboard_config = {
+        'brand_name': 'NyanProxy',
+        'brand_emoji': '🐱',
+    }
+    return render_template('admin/model_families.html',
+                         config=dashboard_config,
+                         providers=providers_data,
+                         total_models=total_models,
+                         total_whitelisted=total_whitelisted,
+                         usage_stats=global_usage,
+                         cost_analysis=cost_analysis)
+@model_families_bp.route('/provider/<provider_name>')
+@require_admin_session
+def provider_details(provider_name: str):
+    """Detailed view for a specific provider"""
+    try:
+        provider = AIProvider(provider_name.lower())
+    except ValueError:
+        flash(f'Unknown provider: {provider_name}', 'error')
+        return redirect(url_for('model_families.model_families_dashboard'))
+    all_models = model_manager.get_all_models(provider)
+    whitelisted_models = model_manager.get_whitelisted_models(provider)
+    models_data = []
+    for model in all_models:
+        usage_stats = model_manager.get_usage_stats(model_id=model.model_id)
+        models_data.append({
+            'info': model,
+            'is_whitelisted': model in whitelisted_models,
+            'usage_stats': usage_stats,
+            'cost_per_request': usage_stats.get('total_cost', 0) / max(usage_stats.get('total_requests', 1), 1)
+        })
+    dashboard_config = {
+        'brand_name': 'NyanProxy',
+        'brand_emoji': '🐱',
+    }
+    return render_template('admin/provider_models.html',
+                         config=dashboard_config,
+                         provider=provider,
+                         provider_name=provider_name.title(),
+                         models=models_data)
+@model_families_bp.route('/api/whitelist', methods=['POST'])
+@require_admin_session
+def update_whitelist():
+    """Update model whitelist for a provider"""
+    data = request.get_json()
+    if not data or 'provider' not in data or 'models' not in data:
+        return jsonify({'error': 'Invalid request data'}), 400
+    try:
+        provider = AIProvider(data['provider'].lower())
+        model_ids = data['models']
+        success = model_manager.set_provider_whitelist(provider, model_ids)
+        if success:
+            # Log admin action
+            structured_logger.log_user_action(
+                user_token='admin',
+                action='model_whitelist_updated',
+                details={
+                    'provider': provider.value,
+                    'models': model_ids,
+                    'count': len(model_ids)
+                },
+                admin_user='admin'
+            )
+            return jsonify({
+                'success': True,
+                'message': f'Updated whitelist for {provider.value}',
+                'whitelisted_count': len(model_ids)
+            })
+        else:
+            return jsonify({'error': 'Some models were invalid'}), 400
+    except ValueError as e:
+        return jsonify({'error': f'Invalid provider: {data["provider"]}'}), 400
+    except Exception as e:
+        return jsonify({'error': str(e)}), 500
+@model_families_bp.route('/api/model/<model_id>/toggle', methods=['POST'])
+@require_admin_session
+def toggle_model_whitelist(model_id: str):
+    """Toggle a single model's whitelist status"""
+    # Find which provider this model belongs to
+    model_info = model_manager.get_model_info(model_id)
+    if not model_info:
+        return jsonify({'error': 'Model not found'}), 404
+    provider = model_info.provider
+    is_whitelisted = model_manager.is_model_whitelisted(provider, model_id)
+    if is_whitelisted:
+        success = model_manager.remove_model_from_whitelist(provider, model_id)
+        action = 'removed from'
+    else:
+        success = model_manager.add_model_to_whitelist(provider, model_id)
+        action = 'added to'
+    if success:
+        # Log admin action
+        structured_logger.log_user_action(
+            user_token='admin',
+            action='model_whitelist_toggled',
+            details={
+                'model_id': model_id,
+                'provider': provider.value,
+                'action': action,
+                'display_name': model_info.display_name
+            },
+            admin_user='admin'
+        )
+        return jsonify({
+            'success': True,
+            'message': f'Model {action} whitelist',
+            'is_whitelisted': not is_whitelisted
+        })
+    else:
+        return jsonify({'error': 'Failed to update whitelist'}), 500
+@model_families_bp.route('/api/usage-stats')
+@require_admin_session
+def get_usage_stats():
+    """Get usage statistics for all models"""
+    user_token = request.args.get('user_token')
+    model_id = request.args.get('model_id')
+    stats = model_manager.get_usage_stats(user_token=user_token, model_id=model_id)
+    cost_analysis = model_manager.get_cost_analysis(user_token=user_token)
+    return jsonify({
+        'usage_stats': stats,
+        'cost_analysis': cost_analysis
+    })
+@model_families_bp.route('/api/cost-analysis')
+@require_admin_session
+def get_cost_analysis():
+    """Get detailed cost analysis"""
+    user_token = request.args.get('user_token')
+    analysis = model_manager.get_cost_analysis(user_token=user_token)
+    return jsonify(analysis)
+@model_families_bp.route('/usage')
+@require_admin_session
+def usage_analytics():
+    """Usage analytics page"""
+    # Get top models by usage
+    global_stats = model_manager.get_usage_stats()
+    cost_analysis = model_manager.get_cost_analysis()
+    # Sort models by total cost
+    top_models_by_cost = sorted(
+        cost_analysis.get('by_model', {}).items(),
+        key=lambda x: x[1]['cost'],
+        reverse=True
+    )[:10]
+    # Sort models by requests
+    top_models_by_requests = sorted(
+        global_stats.items(),
+        key=lambda x: x[1].get('total_requests', 0) if isinstance(x[1], dict) else 0,
+        reverse=True
+    )[:10]
+    dashboard_config = {
+        'brand_name': 'NyanProxy',
+        'brand_emoji': '🐱',
+    }
+    return render_template('admin/model_usage.html',
+                         config=dashboard_config,
+                         cost_analysis=cost_analysis,
+                         top_models_by_cost=top_models_by_cost,
+                         top_models_by_requests=top_models_by_requests,
+                         global_stats=global_stats)

src/services/__init__.py ADDED Viewed

	@@ -0,0 +1 @@


1	+ # Services module

src/services/event_logger.py ADDED Viewed

	@@ -0,0 +1,194 @@

+import json
+import sqlite3
+import threading
+from datetime import datetime
+from typing import Optional, Dict, Any, List
+from dataclasses import dataclass
+@dataclass
+class Event:
+    token: str
+    event_type: str
+    payload: Dict[str, Any]
+    timestamp: datetime = None
+    def __post_init__(self):
+        if self.timestamp is None:
+            self.timestamp = datetime.now()
+class EventLogger:
+    def __init__(self, db_path: str = "events.db"):
+        self.db_path = db_path
+        self.lock = threading.Lock()
+        self._initialize_db()
+    def _initialize_db(self):
+        """Initialize SQLite database for event logging"""
+        with sqlite3.connect(self.db_path) as conn:
+            conn.execute('''
+                CREATE TABLE IF NOT EXISTS events (
+                    id INTEGER PRIMARY KEY AUTOINCREMENT,
+                    token TEXT NOT NULL,
+                    event_type TEXT NOT NULL,
+                    payload TEXT NOT NULL,
+                    timestamp DATETIME DEFAULT CURRENT_TIMESTAMP,
+                    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+                )
+            ''')
+            # Create indexes for better performance
+            conn.execute('CREATE INDEX IF NOT EXISTS idx_token ON events(token)')
+            conn.execute('CREATE INDEX IF NOT EXISTS idx_event_type ON events(event_type)')
+            conn.execute('CREATE INDEX IF NOT EXISTS idx_timestamp ON events(timestamp)')
+    def log_event(self, token: str, event_type: str, payload: Dict[str, Any]):
+        """Log an event to the database"""
+        with self.lock:
+            try:
+                with sqlite3.connect(self.db_path) as conn:
+                    conn.execute('''
+                        INSERT INTO events (token, event_type, payload, timestamp)
+                        VALUES (?, ?, ?, ?)
+                    ''', (token, event_type, json.dumps(payload), datetime.now().isoformat()))
+            except Exception as e:
+                print(f"Failed to log event: {e}")
+    def log_chat_completion(self, token: str, model_family: str,
+                           input_tokens: int, output_tokens: int,
+                           cost_usd: float = 0.0, ip_hash: str = None):
+        """Log a chat completion event"""
+        payload = {
+            'model_family': model_family,
+            'input_tokens': input_tokens,
+            'output_tokens': output_tokens,
+            'total_tokens': input_tokens + output_tokens,
+            'cost_usd': cost_usd,
+            'ip_hash': ip_hash
+        }
+        self.log_event(token, 'chat_completion', payload)
+    def log_new_ip(self, token: str, ip_hash: str):
+        """Log a new IP address for a user"""
+        payload = {
+            'ip_hash': ip_hash,
+            'action': 'new_ip_detected'
+        }
+        self.log_event(token, 'new_ip', payload)
+    def log_user_action(self, token: str, action: str, details: Dict[str, Any] = None):
+        """Log a user action"""
+        payload = {
+            'action': action,
+            'details': details or {}
+        }
+        self.log_event(token, 'user_action', payload)
+    def get_events(self, token: str = None, event_type: str = None,
+                   limit: int = 100, offset: int = 0) -> List[Dict[str, Any]]:
+        """Get events from database with optional filtering"""
+        with self.lock:
+            try:
+                with sqlite3.connect(self.db_path) as conn:
+                    conn.row_factory = sqlite3.Row
+                    query = "SELECT * FROM events WHERE 1=1"
+                    params = []
+                    if token:
+                        query += " AND token = ?"
+                        params.append(token)
+                    if event_type:
+                        query += " AND event_type = ?"
+                        params.append(event_type)
+                    query += " ORDER BY timestamp DESC LIMIT ? OFFSET ?"
+                    params.extend([limit, offset])
+                    cursor = conn.execute(query, params)
+                    events = []
+                    for row in cursor.fetchall():
+                        event_dict = dict(row)
+                        event_dict['payload'] = json.loads(event_dict['payload'])
+                        events.append(event_dict)
+                    return events
+            except Exception as e:
+                print(f"Failed to get events: {e}")
+                return []
+    def get_event_counts(self, token: str = None) -> Dict[str, int]:
+        """Get event counts by type"""
+        with self.lock:
+            try:
+                with sqlite3.connect(self.db_path) as conn:
+                    query = "SELECT event_type, COUNT(*) as count FROM events"
+                    params = []
+                    if token:
+                        query += " WHERE token = ?"
+                        params.append(token)
+                    query += " GROUP BY event_type"
+                    cursor = conn.execute(query, params)
+                    return {row[0]: row[1] for row in cursor.fetchall()}
+            except Exception as e:
+                print(f"Failed to get event counts: {e}")
+                return {}
+    def get_usage_stats(self, token: str = None) -> Dict[str, Any]:
+        """Get usage statistics from events"""
+        with self.lock:
+            try:
+                with sqlite3.connect(self.db_path) as conn:
+                    # Get token usage by model family
+                    query = '''
+                        SELECT
+                            json_extract(payload, '$.model_family') as model_family,
+                            SUM(json_extract(payload, '$.input_tokens')) as input_tokens,
+                            SUM(json_extract(payload, '$.output_tokens')) as output_tokens,
+                            SUM(json_extract(payload, '$.total_tokens')) as total_tokens,
+                            SUM(json_extract(payload, '$.cost_usd')) as cost_usd,
+                            COUNT(*) as requests
+                        FROM events
+                        WHERE event_type = 'chat_completion'
+                    '''
+                    params = []
+                    if token:
+                        query += " AND token = ?"
+                        params.append(token)
+                    query += " GROUP BY model_family"
+                    cursor = conn.execute(query, params)
+                    usage_by_model = {}
+                    for row in cursor.fetchall():
+                        model_family = row[0]
+                        usage_by_model[model_family] = {
+                            'input_tokens': row[1] or 0,
+                            'output_tokens': row[2] or 0,
+                            'total_tokens': row[3] or 0,
+                            'cost_usd': row[4] or 0.0,
+                            'requests': row[5] or 0
+                        }
+                    return {
+                        'usage_by_model': usage_by_model,
+                        'total_requests': sum(stats['requests'] for stats in usage_by_model.values()),
+                        'total_tokens': sum(stats['total_tokens'] for stats in usage_by_model.values()),
+                        'total_cost': sum(stats['cost_usd'] for stats in usage_by_model.values())
+                    }
+            except Exception as e:
+                print(f"Failed to get usage stats: {e}")
+                return {}
+# Global event logger instance
+event_logger = EventLogger()

src/services/model_families.py ADDED Viewed

	@@ -0,0 +1,501 @@

+"""
+🐱 Model Families System for NyanProxy
+=====================================
+This module provides comprehensive model management with:
+- Whitelisting specific models for each AI service
+- Individual model usage tracking
+- Cost calculation per model
+- Cat-themed model categorization
+"""
+import json
+import threading
+from typing import Dict, List, Optional, Set, Any
+from dataclasses import dataclass, asdict
+from enum import Enum
+from datetime import datetime
+import os
+try:
+    import firebase_admin
+    from firebase_admin import credentials, db
+    FIREBASE_AVAILABLE = True
+except ImportError:
+    FIREBASE_AVAILABLE = False
+from ..config.auth import auth_config
+class AIProvider(Enum):
+    OPENAI = "openai"
+    ANTHROPIC = "anthropic"
+    GOOGLE = "google"
+    MISTRAL = "mistral"
+    GROQ = "groq"
+    COHERE = "cohere"
+@dataclass
+class ModelInfo:
+    """Information about a specific AI model"""
+    model_id: str
+    provider: AIProvider
+    display_name: str
+    description: str
+    input_cost_per_1k: float  # Cost per 1000 input tokens
+    output_cost_per_1k: float  # Cost per 1000 output tokens
+    context_length: int
+    supports_streaming: bool = True
+    supports_function_calling: bool = False
+    is_premium: bool = False
+    cat_personality: str = "curious"  # curious, playful, sleepy, grumpy
+    def calculate_cost(self, input_tokens: int, output_tokens: int) -> float:
+        """Calculate cost for token usage"""
+        input_cost = (input_tokens / 1000) * self.input_cost_per_1k
+        output_cost = (output_tokens / 1000) * self.output_cost_per_1k
+        return input_cost + output_cost
+    def get_cat_emoji(self) -> str:
+        """Get cat emoji based on personality"""
+        personalities = {
+            "curious": "🙀",
+            "playful": "😸",
+            "sleepy": "😴",
+            "grumpy": "😾",
+            "smart": "🤓",
+            "fast": "💨"
+        }
+        return personalities.get(self.cat_personality, "😺")
+@dataclass
+class ModelUsageStats:
+    """Usage statistics for a specific model"""
+    model_id: str
+    total_requests: int = 0
+    total_input_tokens: int = 0
+    total_output_tokens: int = 0
+    total_cost: float = 0.0
+    first_used: Optional[datetime] = None
+    last_used: Optional[datetime] = None
+    error_count: int = 0
+    success_rate: float = 100.0
+    def add_usage(self, input_tokens: int, output_tokens: int, cost: float, success: bool = True):
+        """Add usage data"""
+        self.total_requests += 1
+        self.total_input_tokens += input_tokens
+        self.total_output_tokens += output_tokens
+        self.total_cost += cost
+        now = datetime.now()
+        if self.first_used is None:
+            self.first_used = now
+        self.last_used = now
+        if not success:
+            self.error_count += 1
+        # Update success rate
+        self.success_rate = ((self.total_requests - self.error_count) / self.total_requests) * 100
+    def to_dict(self) -> dict:
+        return {
+            'model_id': self.model_id,
+            'total_requests': self.total_requests,
+            'total_input_tokens': self.total_input_tokens,
+            'total_output_tokens': self.total_output_tokens,
+            'total_cost': self.total_cost,
+            'first_used': self.first_used.isoformat() if self.first_used else None,
+            'last_used': self.last_used.isoformat() if self.last_used else None,
+            'error_count': self.error_count,
+            'success_rate': self.success_rate
+        }
+    @classmethod
+    def from_dict(cls, data: dict):
+        return cls(
+            model_id=data['model_id'],
+            total_requests=data.get('total_requests', 0),
+            total_input_tokens=data.get('total_input_tokens', 0),
+            total_output_tokens=data.get('total_output_tokens', 0),
+            total_cost=data.get('total_cost', 0.0),
+            first_used=datetime.fromisoformat(data['first_used']) if data.get('first_used') else None,
+            last_used=datetime.fromisoformat(data['last_used']) if data.get('last_used') else None,
+            error_count=data.get('error_count', 0),
+            success_rate=data.get('success_rate', 100.0)
+        )
+class ModelFamilyManager:
+    """
+    🐾 Model Family Management System
+    Manages whitelisted models for each AI service and tracks individual usage.
+    """
+    def __init__(self):
+        self.lock = threading.Lock()
+        self.models: Dict[str, ModelInfo] = {}
+        self.whitelisted_models: Dict[AIProvider, Set[str]] = {}
+        self.global_usage_stats: Dict[str, ModelUsageStats] = {}
+        self.user_usage_stats: Dict[str, Dict[str, ModelUsageStats]] = {}  # user_token -> model_id -> stats
+        self.firebase_db = None
+        # Initialize with default models
+        self._initialize_default_models()
+        # Initialize Firebase if available
+        if FIREBASE_AVAILABLE and auth_config.firebase_url:
+            self._initialize_firebase()
+        # Load configuration
+        self._load_configuration()
+    def _initialize_default_models(self):
+        """Initialize with default model configurations"""
+        default_models = [
+            # OpenAI Models
+            ModelInfo(
+                model_id="gpt-4o",
+                provider=AIProvider.OPENAI,
+                display_name="GPT-4o",
+                description="Most advanced GPT-4 model with vision capabilities",
+                input_cost_per_1k=5.0,
+                output_cost_per_1k=15.0,
+                context_length=128000,
+                supports_function_calling=True,
+                is_premium=True,
+                cat_personality="smart"
+            ),
+            ModelInfo(
+                model_id="gpt-4o-mini",
+                provider=AIProvider.OPENAI,
+                display_name="GPT-4o Mini",
+                description="Smaller, faster GPT-4o model",
+                input_cost_per_1k=0.15,
+                output_cost_per_1k=0.6,
+                context_length=128000,
+                supports_function_calling=True,
+                cat_personality="fast"
+            ),
+            ModelInfo(
+                model_id="gpt-3.5-turbo",
+                provider=AIProvider.OPENAI,
+                display_name="GPT-3.5 Turbo",
+                description="Fast and efficient model for most tasks",
+                input_cost_per_1k=0.5,
+                output_cost_per_1k=1.5,
+                context_length=16385,
+                supports_function_calling=True,
+                cat_personality="playful"
+            ),
+            # Anthropic Models
+            ModelInfo(
+                model_id="claude-3-5-sonnet-20241022",
+                provider=AIProvider.ANTHROPIC,
+                display_name="Claude 3.5 Sonnet",
+                description="Most intelligent Claude model",
+                input_cost_per_1k=3.0,
+                output_cost_per_1k=15.0,
+                context_length=200000,
+                is_premium=True,
+                cat_personality="smart"
+            ),
+            ModelInfo(
+                model_id="claude-3-haiku-20240307",
+                provider=AIProvider.ANTHROPIC,
+                display_name="Claude 3 Haiku",
+                description="Fastest Claude model for simple tasks",
+                input_cost_per_1k=0.25,
+                output_cost_per_1k=1.25,
+                context_length=200000,
+                cat_personality="fast"
+            ),
+            # Google Models
+            ModelInfo(
+                model_id="gemini-1.5-pro",
+                provider=AIProvider.GOOGLE,
+                display_name="Gemini 1.5 Pro",
+                description="Google's most capable model",
+                input_cost_per_1k=3.5,
+                output_cost_per_1k=10.5,
+                context_length=2000000,
+                is_premium=True,
+                cat_personality="curious"
+            ),
+            ModelInfo(
+                model_id="gemini-1.5-flash",
+                provider=AIProvider.GOOGLE,
+                display_name="Gemini 1.5 Flash",
+                description="Fast and efficient Gemini model",
+                input_cost_per_1k=0.075,
+                output_cost_per_1k=0.3,
+                context_length=1000000,
+                cat_personality="fast"
+            ),
+        ]
+        for model in default_models:
+            self.models[model.model_id] = model
+        # Initialize default whitelists (all models enabled by default)
+        for provider in AIProvider:
+            self.whitelisted_models[provider] = set()
+            provider_models = [m.model_id for m in default_models if m.provider == provider]
+            self.whitelisted_models[provider].update(provider_models)
+    def _initialize_firebase(self):
+        """Initialize Firebase connection for persistent storage"""
+        try:
+            # Firebase is already initialized in user_store, just get reference
+            self.firebase_db = db.reference()
+            print("Model families connected to Firebase")
+            # Load existing configuration
+            self._load_from_firebase()
+        except Exception as e:
+            print(f"Failed to connect model families to Firebase: {e}")
+            self.firebase_db = None
+    def _load_configuration(self):
+        """Load configuration from local file if Firebase not available"""
+        if self.firebase_db:
+            return  # Firebase handles persistence
+        config_file = "model_families_config.json"
+        if os.path.exists(config_file):
+            try:
+                with open(config_file, 'r') as f:
+                    config = json.load(f)
+                # Load whitelisted models
+                for provider_str, model_list in config.get('whitelisted_models', {}).items():
+                    try:
+                        provider = AIProvider(provider_str)
+                        self.whitelisted_models[provider] = set(model_list)
+                    except ValueError:
+                        print(f"Unknown provider in config: {provider_str}")
+                print(f"Loaded model families configuration from {config_file}")
+            except Exception as e:
+                print(f"Failed to load model families config: {e}")
+    def _load_from_firebase(self):
+        """Load configuration from Firebase"""
+        try:
+            if not self.firebase_db:
+                return
+            config_ref = self.firebase_db.child('model_families_config')
+            config = config_ref.get()
+            if config:
+                # Load whitelisted models
+                for provider_str, model_list in config.get('whitelisted_models', {}).items():
+                    try:
+                        provider = AIProvider(provider_str)
+                        self.whitelisted_models[provider] = set(model_list)
+                    except ValueError:
+                        print(f"Unknown provider in Firebase config: {provider_str}")
+                print("Loaded model families configuration from Firebase")
+        except Exception as e:
+            print(f"Failed to load model families from Firebase: {e}")
+    def _save_configuration(self):
+        """Save configuration to persistent storage"""
+        config = {
+            'whitelisted_models': {
+                provider.value: list(models)
+                for provider, models in self.whitelisted_models.items()
+            },
+            'last_updated': datetime.now().isoformat()
+        }
+        if self.firebase_db:
+            try:
+                config_ref = self.firebase_db.child('model_families_config')
+                config_ref.set(config)
+            except Exception as e:
+                print(f"Failed to save model families to Firebase: {e}")
+        else:
+            try:
+                with open("model_families_config.json", 'w') as f:
+                    json.dump(config, f, indent=2)
+            except Exception as e:
+                print(f"Failed to save model families to file: {e}")
+    def is_model_whitelisted(self, provider: AIProvider, model_id: str) -> bool:
+        """Check if a model is whitelisted for use"""
+        with self.lock:
+            return model_id in self.whitelisted_models.get(provider, set())
+    def get_whitelisted_models(self, provider: AIProvider) -> List[ModelInfo]:
+        """Get all whitelisted models for a provider"""
+        with self.lock:
+            whitelisted_ids = self.whitelisted_models.get(provider, set())
+            return [
+                self.models[model_id]
+                for model_id in whitelisted_ids
+                if model_id in self.models
+            ]
+    def get_all_models(self, provider: Optional[AIProvider] = None) -> List[ModelInfo]:
+        """Get all available models, optionally filtered by provider"""
+        with self.lock:
+            if provider:
+                return [model for model in self.models.values() if model.provider == provider]
+            return list(self.models.values())
+    def add_model_to_whitelist(self, provider: AIProvider, model_id: str) -> bool:
+        """Add a model to the whitelist"""
+        with self.lock:
+            if model_id not in self.models:
+                return False
+            if provider not in self.whitelisted_models:
+                self.whitelisted_models[provider] = set()
+            self.whitelisted_models[provider].add(model_id)
+            self._save_configuration()
+            return True
+    def remove_model_from_whitelist(self, provider: AIProvider, model_id: str) -> bool:
+        """Remove a model from the whitelist"""
+        with self.lock:
+            if provider not in self.whitelisted_models:
+                return False
+            if model_id in self.whitelisted_models[provider]:
+                self.whitelisted_models[provider].remove(model_id)
+                self._save_configuration()
+                return True
+            return False
+    def set_provider_whitelist(self, provider: AIProvider, model_ids: List[str]) -> bool:
+        """Set the complete whitelist for a provider"""
+        with self.lock:
+            # Validate all model IDs exist
+            valid_ids = [mid for mid in model_ids if mid in self.models]
+            self.whitelisted_models[provider] = set(valid_ids)
+            self._save_configuration()
+            return len(valid_ids) == len(model_ids)
+    def track_model_usage(self, user_token: str, model_id: str, input_tokens: int,
+                         output_tokens: int, success: bool = True) -> Optional[float]:
+        """Track usage for a specific model and return cost"""
+        with self.lock:
+            if model_id not in self.models:
+                return None
+            model_info = self.models[model_id]
+            cost = model_info.calculate_cost(input_tokens, output_tokens)
+            # Update global stats
+            if model_id not in self.global_usage_stats:
+                self.global_usage_stats[model_id] = ModelUsageStats(model_id=model_id)
+            self.global_usage_stats[model_id].add_usage(input_tokens, output_tokens, cost, success)
+            # Update user-specific stats
+            if user_token not in self.user_usage_stats:
+                self.user_usage_stats[user_token] = {}
+            if model_id not in self.user_usage_stats[user_token]:
+                self.user_usage_stats[user_token][model_id] = ModelUsageStats(model_id=model_id)
+            self.user_usage_stats[user_token][model_id].add_usage(input_tokens, output_tokens, cost, success)
+            return cost
+    def get_model_info(self, model_id: str) -> Optional[ModelInfo]:
+        """Get information about a specific model"""
+        with self.lock:
+            return self.models.get(model_id)
+    def get_usage_stats(self, user_token: Optional[str] = None, model_id: Optional[str] = None) -> Dict[str, Any]:
+        """Get usage statistics"""
+        with self.lock:
+            if user_token and model_id:
+                # Specific user and model
+                if user_token in self.user_usage_stats and model_id in self.user_usage_stats[user_token]:
+                    return self.user_usage_stats[user_token][model_id].to_dict()
+                return {}
+            elif user_token:
+                # All models for a specific user
+                if user_token in self.user_usage_stats:
+                    return {
+                        model_id: stats.to_dict()
+                        for model_id, stats in self.user_usage_stats[user_token].items()
+                    }
+                return {}
+            elif model_id:
+                # Specific model across all users
+                if model_id in self.global_usage_stats:
+                    return self.global_usage_stats[model_id].to_dict()
+                return {}
+            else:
+                # Global stats for all models
+                return {
+                    model_id: stats.to_dict()
+                    for model_id, stats in self.global_usage_stats.items()
+                }
+    def get_cost_analysis(self, user_token: Optional[str] = None) -> Dict[str, Any]:
+        """Get detailed cost analysis"""
+        with self.lock:
+            if user_token:
+                # User-specific analysis
+                if user_token not in self.user_usage_stats:
+                    return {'total_cost': 0, 'by_model': {}, 'by_provider': {}}
+                user_stats = self.user_usage_stats[user_token]
+            else:
+                # Global analysis
+                user_stats = self.global_usage_stats
+            total_cost = 0.0
+            by_model = {}
+            by_provider = {}
+            for model_id, stats in user_stats.items():
+                model_info = self.models.get(model_id)
+                if not model_info:
+                    continue
+                provider = model_info.provider.value
+                model_cost = stats.total_cost
+                total_cost += model_cost
+                by_model[model_id] = {
+                    'cost': model_cost,
+                    'requests': stats.total_requests,
+                    'display_name': model_info.display_name,
+                    'provider': provider
+                }
+                if provider not in by_provider:
+                    by_provider[provider] = {'cost': 0, 'requests': 0, 'models': []}
+                by_provider[provider]['cost'] += model_cost
+                by_provider[provider]['requests'] += stats.total_requests
+                by_provider[provider]['models'].append(model_id)
+            return {
+                'total_cost': total_cost,
+                'by_model': by_model,
+                'by_provider': by_provider,
+                'currency': 'USD'
+            }
+# Global instance
+model_manager = ModelFamilyManager()

src/services/structured_event_logger.py ADDED Viewed

	@@ -0,0 +1,628 @@

+"""
+🐱 Structured Event Logging System for NyanProxy
+===============================================
+This module provides a comprehensive event logging system with proper schema,
+indexing, and cat-themed event types for our purr-fect proxy service!
+"""
+import json
+import sqlite3
+import threading
+from datetime import datetime, timedelta
+from typing import Optional, Dict, Any, List, Union, Literal
+from dataclasses import dataclass, asdict
+from enum import Enum
+import uuid
+import hashlib
+import queue
+from contextlib import contextmanager
+# Cat-themed event types 🐾
+class EventType(Enum):
+    # Request events
+    CHAT_COMPLETION = "chat_completion"
+    STREAMING_REQUEST = "streaming_request"
+    MODEL_LIST_REQUEST = "model_list_request"
+    # Authentication events
+    LOGIN_SUCCESS = "login_success"
+    LOGIN_FAILURE = "login_failure"
+    TOKEN_CREATED = "token_created"
+    TOKEN_ROTATED = "token_rotated"
+    # User management events
+    USER_CREATED = "user_created"
+    USER_UPDATED = "user_updated"
+    USER_DISABLED = "user_disabled"
+    USER_ENABLED = "user_enabled"
+    USER_DELETED = "user_deleted"
+    # IP and security events
+    NEW_IP_DETECTED = "new_ip_detected"
+    SUSPICIOUS_ACTIVITY = "suspicious_activity"
+    RATE_LIMIT_HIT = "rate_limit_hit"
+    IP_BANNED = "ip_banned"
+    # System events
+    SYSTEM_STARTUP = "system_startup"
+    SYSTEM_SHUTDOWN = "system_shutdown"
+    KEY_HEALTH_CHECK = "key_health_check"
+    # Cat-themed events 🐱
+    MEOW_SUCCESSFUL = "meow_successful"  # Successful API call
+    HISS_ERROR = "hiss_error"           # Error occurred
+    PURR_HAPPY = "purr_happy"           # User satisfied
+    SCRATCH_ABUSE = "scratch_abuse"      # Abuse detected
+class EventSeverity(Enum):
+    DEBUG = "debug"
+    INFO = "info"
+    WARNING = "warning"
+    ERROR = "error"
+    CRITICAL = "critical"
+@dataclass
+class BaseEvent:
+    """Base event structure"""
+    event_id: str = ""
+    event_type: EventType = EventType.SYSTEM_STARTUP
+    timestamp: datetime = None
+    severity: EventSeverity = EventSeverity.INFO
+    user_token: Optional[str] = None
+    ip_hash: Optional[str] = None
+    user_agent: Optional[str] = None
+    def __post_init__(self):
+        if not self.event_id:
+            self.event_id = str(uuid.uuid4())
+        if not self.timestamp:
+            self.timestamp = datetime.now()
+@dataclass
+class ChatCompletionEvent(BaseEvent):
+    """Chat completion request event"""
+    model_family: str = ""
+    model_name: str = ""
+    input_tokens: int = 0
+    output_tokens: int = 0
+    total_tokens: int = 0
+    cost_usd: float = 0.0
+    response_time_ms: float = 0.0
+    success: bool = False
+    error_message: Optional[str] = None
+    def __post_init__(self):
+        super().__post_init__()
+        self.event_type = EventType.CHAT_COMPLETION
+@dataclass
+class UserManagementEvent(BaseEvent):
+    """User management event"""
+    target_user_token: str = ""
+    action: str = ""
+    details: Dict[str, Any] = None
+    admin_user: Optional[str] = None
+    def __post_init__(self):
+        super().__post_init__()
+        if self.details is None:
+            self.details = {}
+        self.event_type = EventType.USER_UPDATED
+@dataclass
+class SecurityEvent(BaseEvent):
+    """Security-related event"""
+    threat_type: str = ""
+    details: Dict[str, Any] = None
+    auto_resolved: bool = False
+    def __post_init__(self):
+        super().__post_init__()
+        if self.details is None:
+            self.details = {}
+        self.event_type = EventType.SUSPICIOUS_ACTIVITY
+@dataclass
+class SystemEvent(BaseEvent):
+    """System-level event"""
+    component: str = ""
+    message: str = ""
+    details: Dict[str, Any] = None
+    def __post_init__(self):
+        super().__post_init__()
+        if self.details is None:
+            self.details = {}
+        self.event_type = EventType.SYSTEM_STARTUP
+class DatabaseConnectionPool:
+    """Thread-safe database connection pool"""
+    def __init__(self, db_path: str, max_connections: int = 10):
+        self.db_path = db_path
+        self.max_connections = max_connections
+        self.pool = queue.Queue(maxsize=max_connections)
+        self.lock = threading.Lock()
+        self._initialize_pool()
+    def _initialize_pool(self):
+        """Initialize the connection pool"""
+        for _ in range(self.max_connections):
+            conn = sqlite3.connect(self.db_path, check_same_thread=False)
+            conn.execute("PRAGMA journal_mode=WAL")  # Enable WAL mode for better concurrency
+            conn.execute("PRAGMA synchronous=NORMAL")  # Faster writes
+            conn.execute("PRAGMA cache_size=10000")  # Increase cache
+            conn.execute("PRAGMA temp_store=memory")  # Use memory for temp tables
+            self.pool.put(conn)
+    @contextmanager
+    def get_connection(self):
+        """Get a connection from the pool"""
+        conn = self.pool.get()
+        try:
+            yield conn
+        finally:
+            self.pool.put(conn)
+    def close_all(self):
+        """Close all connections in the pool"""
+        with self.lock:
+            while not self.pool.empty():
+                conn = self.pool.get()
+                conn.close()
+class StructuredEventLogger:
+    """
+    🐾 Structured Event Logger with Cat-themed Features
+    This logger provides comprehensive event tracking with:
+    - Proper event schemas and types
+    - Fast querying with indexes
+    - Cat-themed event categorization
+    - Automatic data retention
+    - Performance metrics
+    - Database connection pooling
+    """
+    def __init__(self, db_path: str = "nyan_events.db"):
+        self.db_path = db_path
+        self.lock = threading.Lock()
+        self.db_pool = DatabaseConnectionPool(db_path)
+        self._initialize_db()
+        # Performance tracking
+        self.events_logged_today = 0
+        self.last_cleanup = datetime.now()
+        self.performance_metrics = {
+            'total_events': 0,
+            'events_per_minute': 0,
+            'avg_log_time_ms': 0,
+            'storage_size_mb': 0
+        }
+    def _initialize_db(self):
+        """Initialize the SQLite database with proper schema"""
+        with self.db_pool.get_connection() as conn:
+            # Main events table
+            conn.execute('''
+                CREATE TABLE IF NOT EXISTS events (
+                    id INTEGER PRIMARY KEY AUTOINCREMENT,
+                    event_id TEXT UNIQUE NOT NULL,
+                    event_type TEXT NOT NULL,
+                    severity TEXT NOT NULL,
+                    timestamp DATETIME NOT NULL,
+                    user_token TEXT,
+                    ip_hash TEXT,
+                    user_agent TEXT,
+                    event_data TEXT NOT NULL,
+                    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+                )
+            ''')
+            # Chat completion events (optimized for common queries)
+            conn.execute('''
+                CREATE TABLE IF NOT EXISTS chat_completions (
+                    id INTEGER PRIMARY KEY AUTOINCREMENT,
+                    event_id TEXT NOT NULL,
+                    user_token TEXT,
+                    model_family TEXT NOT NULL,
+                    model_name TEXT NOT NULL,
+                    input_tokens INTEGER NOT NULL,
+                    output_tokens INTEGER NOT NULL,
+                    total_tokens INTEGER NOT NULL,
+                    cost_usd REAL NOT NULL,
+                    response_time_ms REAL NOT NULL,
+                    success BOOLEAN NOT NULL,
+                    timestamp DATETIME NOT NULL,
+                    FOREIGN KEY(event_id) REFERENCES events(event_id)
+                )
+            ''')
+            # User activity tracking
+            conn.execute('''
+                CREATE TABLE IF NOT EXISTS user_activities (
+                    id INTEGER PRIMARY KEY AUTOINCREMENT,
+                    event_id TEXT NOT NULL,
+                    user_token TEXT NOT NULL,
+                    action TEXT NOT NULL,
+                    details TEXT,
+                    timestamp DATETIME NOT NULL,
+                    FOREIGN KEY(event_id) REFERENCES events(event_id)
+                )
+            ''')
+            # Security events
+            conn.execute('''
+                CREATE TABLE IF NOT EXISTS security_events (
+                    id INTEGER PRIMARY KEY AUTOINCREMENT,
+                    event_id TEXT NOT NULL,
+                    threat_type TEXT NOT NULL,
+                    ip_hash TEXT,
+                    user_token TEXT,
+                    details TEXT NOT NULL,
+                    auto_resolved BOOLEAN DEFAULT FALSE,
+                    timestamp DATETIME NOT NULL,
+                    FOREIGN KEY(event_id) REFERENCES events(event_id)
+                )
+            ''')
+            # Create indexes for performance
+            self._create_indexes(conn)
+    def _create_indexes(self, conn):
+        """Create database indexes for optimal query performance"""
+        indexes = [
+            'CREATE INDEX IF NOT EXISTS idx_events_timestamp ON events(timestamp)',
+            'CREATE INDEX IF NOT EXISTS idx_events_user_token ON events(user_token)',
+            'CREATE INDEX IF NOT EXISTS idx_events_type ON events(event_type)',
+            'CREATE INDEX IF NOT EXISTS idx_events_severity ON events(severity)',
+            'CREATE INDEX IF NOT EXISTS idx_events_ip_hash ON events(ip_hash)',
+            'CREATE INDEX IF NOT EXISTS idx_chat_user_token ON chat_completions(user_token)',
+            'CREATE INDEX IF NOT EXISTS idx_chat_model_family ON chat_completions(model_family)',
+            'CREATE INDEX IF NOT EXISTS idx_chat_timestamp ON chat_completions(timestamp)',
+            'CREATE INDEX IF NOT EXISTS idx_chat_success ON chat_completions(success)',
+            'CREATE INDEX IF NOT EXISTS idx_user_activities_token ON user_activities(user_token)',
+            'CREATE INDEX IF NOT EXISTS idx_user_activities_action ON user_activities(action)',
+            'CREATE INDEX IF NOT EXISTS idx_user_activities_timestamp ON user_activities(timestamp)',
+            'CREATE INDEX IF NOT EXISTS idx_security_threat_type ON security_events(threat_type)',
+            'CREATE INDEX IF NOT EXISTS idx_security_ip_hash ON security_events(ip_hash)',
+            'CREATE INDEX IF NOT EXISTS idx_security_timestamp ON security_events(timestamp)',
+        ]
+        for index_sql in indexes:
+            conn.execute(index_sql)
+    def log_chat_completion(self, user_token: str, model_family: str, model_name: str,
+                          input_tokens: int, output_tokens: int, cost_usd: float,
+                          response_time_ms: float, success: bool, ip_hash: str = None,
+                          user_agent: str = None, error_message: str = None):
+        """Log a chat completion event with full details"""
+        event = ChatCompletionEvent(
+            event_id=str(uuid.uuid4()),
+            event_type=EventType.CHAT_COMPLETION,
+            timestamp=datetime.now(),
+            severity=EventSeverity.INFO if success else EventSeverity.WARNING,
+            user_token=user_token,
+            ip_hash=ip_hash,
+            user_agent=user_agent,
+            model_family=model_family,
+            model_name=model_name,
+            input_tokens=input_tokens,
+            output_tokens=output_tokens,
+            total_tokens=input_tokens + output_tokens,
+            cost_usd=cost_usd,
+            response_time_ms=response_time_ms,
+            success=success,
+            error_message=error_message
+        )
+        self._log_event(event)
+        # Also log to specialized chat_completions table
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    conn.execute('''
+                        INSERT INTO chat_completions (
+                            event_id, user_token, model_family, model_name,
+                            input_tokens, output_tokens, total_tokens, cost_usd,
+                            response_time_ms, success, timestamp
+                        ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+                    ''', (
+                        event.event_id, user_token, model_family, model_name,
+                        input_tokens, output_tokens, input_tokens + output_tokens,
+                        cost_usd, response_time_ms, success, event.timestamp
+                    ))
+            except Exception as e:
+                print(f"ERROR: Failed to log chat completion: {e}")
+    def log_user_action(self, user_token: str, action: str, details: Dict[str, Any] = None,
+                       admin_user: str = None, ip_hash: str = None):
+        """Log user management action"""
+        event = UserManagementEvent(
+            event_id=str(uuid.uuid4()),
+            event_type=EventType.USER_UPDATED,
+            timestamp=datetime.now(),
+            severity=EventSeverity.INFO,
+            user_token=user_token,
+            ip_hash=ip_hash,
+            target_user_token=user_token,
+            action=action,
+            details=details or {},
+            admin_user=admin_user
+        )
+        self._log_event(event)
+        # Also log to user_activities table
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    conn.execute('''
+                        INSERT INTO user_activities (
+                            event_id, user_token, action, details, timestamp
+                        ) VALUES (?, ?, ?, ?, ?)
+                    ''', (
+                        event.event_id, user_token, action,
+                        json.dumps(details) if details else None,
+                        event.timestamp
+                    ))
+            except Exception as e:
+                print(f"ERROR: Failed to log user action: {e}")
+    def log_security_event(self, threat_type: str, ip_hash: str = None, user_token: str = None,
+                         details: Dict[str, Any] = None, auto_resolved: bool = False):
+        """Log security-related event"""
+        event = SecurityEvent(
+            event_id=str(uuid.uuid4()),
+            event_type=EventType.SUSPICIOUS_ACTIVITY,
+            timestamp=datetime.now(),
+            severity=EventSeverity.WARNING if not auto_resolved else EventSeverity.INFO,
+            user_token=user_token,
+            ip_hash=ip_hash,
+            threat_type=threat_type,
+            details=details or {},
+            auto_resolved=auto_resolved
+        )
+        self._log_event(event)
+        # Also log to security_events table
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    conn.execute('''
+                        INSERT INTO security_events (
+                            event_id, threat_type, ip_hash, user_token,
+                            details, auto_resolved, timestamp
+                        ) VALUES (?, ?, ?, ?, ?, ?, ?)
+                    ''', (
+                        event.event_id, threat_type, ip_hash, user_token,
+                        json.dumps(details) if details else None,
+                        auto_resolved, event.timestamp
+                    ))
+            except Exception as e:
+                print(f"ERROR: Failed to log security event: {e}")
+    def log_system_event(self, component: str, message: str, details: Dict[str, Any] = None,
+                        severity: EventSeverity = EventSeverity.INFO):
+        """Log system-level event"""
+        event = SystemEvent(
+            event_id=str(uuid.uuid4()),
+            event_type=EventType.SYSTEM_STARTUP,
+            timestamp=datetime.now(),
+            severity=severity,
+            component=component,
+            message=message,
+            details=details or {}
+        )
+        self._log_event(event)
+    def _log_event(self, event: BaseEvent):
+        """Internal method to log an event to the database"""
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    conn.execute('''
+                        INSERT INTO events (
+                            event_id, event_type, severity, timestamp,
+                            user_token, ip_hash, user_agent, event_data
+                        ) VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+                    ''', (
+                        event.event_id,
+                        event.event_type.value,
+                        event.severity.value,
+                        event.timestamp,
+                        event.user_token,
+                        event.ip_hash,
+                        event.user_agent,
+                        json.dumps(asdict(event))
+                    ))
+                self.events_logged_today += 1
+                self.performance_metrics['total_events'] += 1
+            except Exception as e:
+                print(f"ERROR: Failed to log event: {e}")
+    def get_usage_stats(self, user_token: str = None) -> Dict[str, Any]:
+        """Get comprehensive usage statistics"""
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    if user_token:
+                        # User-specific stats
+                        cursor = conn.execute('''
+                            SELECT
+                                model_family,
+                                SUM(input_tokens) as input_tokens,
+                                SUM(output_tokens) as output_tokens,
+                                SUM(total_tokens) as total_tokens,
+                                SUM(cost_usd) as cost_usd,
+                                COUNT(*) as requests,
+                                AVG(response_time_ms) as avg_response_time,
+                                SUM(CASE WHEN success = 1 THEN 1 ELSE 0 END) as successful_requests
+                            FROM chat_completions
+                            WHERE user_token = ?
+                            GROUP BY model_family
+                        ''', (user_token,))
+                    else:
+                        # System-wide stats
+                        cursor = conn.execute('''
+                            SELECT
+                                model_family,
+                                SUM(input_tokens) as input_tokens,
+                                SUM(output_tokens) as output_tokens,
+                                SUM(total_tokens) as total_tokens,
+                                SUM(cost_usd) as cost_usd,
+                                COUNT(*) as requests,
+                                AVG(response_time_ms) as avg_response_time,
+                                SUM(CASE WHEN success = 1 THEN 1 ELSE 0 END) as successful_requests
+                            FROM chat_completions
+                            GROUP BY model_family
+                        ''')
+                    usage_by_model = {}
+                    total_requests = 0
+                    total_tokens = 0
+                    total_cost = 0.0
+                    for row in cursor.fetchall():
+                        model_family = row[0]
+                        usage_by_model[model_family] = {
+                            'input_tokens': row[1] or 0,
+                            'output_tokens': row[2] or 0,
+                            'total_tokens': row[3] or 0,
+                            'cost_usd': row[4] or 0.0,
+                            'requests': row[5] or 0,
+                            'avg_response_time': row[6] or 0.0,
+                            'successful_requests': row[7] or 0,
+                            'success_rate': (row[7] or 0) / (row[5] or 1) * 100
+                        }
+                        total_requests += row[5] or 0
+                        total_tokens += row[3] or 0
+                        total_cost += row[4] or 0.0
+                    return {
+                        'usage_by_model': usage_by_model,
+                        'total_requests': total_requests,
+                        'total_tokens': total_tokens,
+                        'total_cost': total_cost,
+                        'avg_cost_per_request': total_cost / total_requests if total_requests > 0 else 0
+                    }
+            except Exception as e:
+                print(f"ERROR: Failed to get usage stats: {e}")
+                return {}
+    def get_events(self, event_type: str = None, user_token: str = None,
+                   severity: str = None, limit: int = 100, offset: int = 0,
+                   start_date: datetime = None, end_date: datetime = None) -> List[Dict[str, Any]]:
+        """Get events with advanced filtering options"""
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    conn.row_factory = sqlite3.Row
+                    query = "SELECT * FROM events WHERE 1=1"
+                    params = []
+                    if event_type:
+                        query += " AND event_type = ?"
+                        params.append(event_type)
+                    if user_token:
+                        query += " AND user_token = ?"
+                        params.append(user_token)
+                    if severity:
+                        query += " AND severity = ?"
+                        params.append(severity)
+                    if start_date:
+                        query += " AND timestamp >= ?"
+                        params.append(start_date.isoformat())
+                    if end_date:
+                        query += " AND timestamp <= ?"
+                        params.append(end_date.isoformat())
+                    query += " ORDER BY timestamp DESC LIMIT ? OFFSET ?"
+                    params.extend([limit, offset])
+                    cursor = conn.execute(query, params)
+                    events = []
+                    for row in cursor.fetchall():
+                        event_dict = dict(row)
+                        try:
+                            event_dict['payload'] = json.loads(event_dict['event_data'])
+                        except:
+                            event_dict['payload'] = {}
+                        # Convert timestamp to datetime object
+                        event_dict['timestamp'] = datetime.fromisoformat(event_dict['timestamp'])
+                        events.append(event_dict)
+                    return events
+            except Exception as e:
+                print(f"ERROR: Failed to get events: {e}")
+                return []
+    def get_event_counts(self, user_token: str = None) -> Dict[str, int]:
+        """Get event counts by type"""
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    query = "SELECT event_type, COUNT(*) as count FROM events"
+                    params = []
+                    if user_token:
+                        query += " WHERE user_token = ?"
+                        params.append(user_token)
+                    query += " GROUP BY event_type"
+                    cursor = conn.execute(query, params)
+                    return {row[0]: row[1] for row in cursor.fetchall()}
+            except Exception as e:
+                print(f"ERROR: Failed to get event counts: {e}")
+                return {}
+    def cleanup_old_events(self, days_to_keep: int = 30):
+        """Clean up old events to manage database size"""
+        cutoff_date = datetime.now() - timedelta(days=days_to_keep)
+        with self.lock:
+            try:
+                with self.db_pool.get_connection() as conn:
+                    # Delete old events
+                    cursor = conn.execute('''
+                        DELETE FROM events WHERE timestamp < ?
+                    ''', (cutoff_date,))
+                    deleted_count = cursor.rowcount
+                    # Vacuum database to reclaim space
+                    conn.execute('VACUUM')
+                    print(f"Cleaned up {deleted_count} old events from database")
+            except Exception as e:
+                print(f"ERROR: Failed to cleanup old events: {e}")
+# Global instance
+structured_logger = StructuredEventLogger()