Upload 7 files

app/auth.py

@@ -0,0 +1,74 @@
+import os
+from datetime import datetime, timedelta, timezone
+from typing import Optional
+
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer
+from jose import JWTError, jwt
+from passlib.context import CryptContext
+from cryptography.fernet import Fernet
+from sqlalchemy.orm import Session
+
+from .database import get_db
+from . import models
+
+SECRET_KEY = os.getenv("SECRET_KEY", "CHANGE_ME_super_secret_key_32bytes!")
+ALGORITHM  = "HS256"
+ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("ACCESS_TOKEN_EXPIRE_MINUTES", 60 * 24 * 7))
+
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+_raw_fernet_key = os.getenv("FERNET_KEY", "")
+if not _raw_fernet_key:
+    _raw_fernet_key = Fernet.generate_key().decode()
+    print(f"[WARN] FERNET_KEY not set. Generated key (add to .env): {_raw_fernet_key}")
+
+fernet = Fernet(_raw_fernet_key.encode() if isinstance(_raw_fernet_key, str) else _raw_fernet_key)
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/auth/login")
+
+
+def verify_password(plain: str, hashed: str) -> bool:
+    return pwd_context.verify(plain, hashed)
+
+
+def hash_password(plain: str) -> str:
+    return pwd_context.hash(plain)
+
+
+def encrypt_api_key(api_key: str) -> str:
+    return fernet.encrypt(api_key.encode()).decode()
+
+
+def decrypt_api_key(encrypted: str) -> str:
+    return fernet.decrypt(encrypted.encode()).decode()
+
+
+def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str:
+    to_encode = data.copy()
+    expire = datetime.now(timezone.utc) + (expires_delta or timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES))
+    to_encode["exp"] = expire
+    return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+
+
+def get_current_user(
+    token: str = Depends(oauth2_scheme),
+    db: Session = Depends(get_db),
+) -> models.User:
+    exc = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        username: str = payload.get("sub")
+        if not username:
+            raise exc
+    except JWTError:
+        raise exc
+
+    user = db.query(models.User).filter(models.User.username == username).first()
+    if not user:
+        raise exc
+    return user

app/database.py

@@ -0,0 +1,21 @@
+from sqlalchemy import create_engine
+from sqlalchemy.orm import declarative_base, sessionmaker
+import os
+
+DATABASE_URL = os.getenv("DATABASE_URL", "sqlite:///./proxy.db")
+
+engine = create_engine(
+    DATABASE_URL,
+    connect_args={"check_same_thread": False} if "sqlite" in DATABASE_URL else {},
+)
+
+SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
+Base = declarative_base()
+
+
+def get_db():
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()

app/main.py

@@ -0,0 +1,49 @@
+import os
+from contextlib import asynccontextmanager
+
+from fastapi import FastAPI
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.staticfiles import StaticFiles
+from fastapi.responses import FileResponse
+
+from .database import engine, Base
+from .routers import auth_router, proxy_config_router, proxy_endpoint_router
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    Base.metadata.create_all(bind=engine)
+    yield
+
+
+app = FastAPI(
+    title="Anthropic ↔ OpenAI Proxy",
+    description="Converts Anthropic API calls to OpenAI-compatible backend calls via LiteLLM",
+    version="1.0.0",
+    lifespan=lifespan,
+)
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+app.include_router(auth_router.router)
+app.include_router(proxy_config_router.router)
+app.include_router(proxy_endpoint_router.router)
+
+_static_dir = os.path.join(os.path.dirname(__file__), "static")
+app.mount("/static", StaticFiles(directory=_static_dir), name="static")
+
+
+@app.get("/", include_in_schema=False)
+def serve_ui():
+    return FileResponse(os.path.join(_static_dir, "index.html"))
+
+
+@app.get("/health")
+def health():
+    return {"status": "ok"}

app/models.py

@@ -0,0 +1,31 @@
+from sqlalchemy import Column, Integer, String, ForeignKey, DateTime, Text
+from sqlalchemy.orm import relationship
+from datetime import datetime, timezone
+from .database import Base
+
+
+class User(Base):
+    __tablename__ = "users"
+
+    id               = Column(Integer, primary_key=True, index=True)
+    username         = Column(String(64),  unique=True, index=True, nullable=False)
+    email            = Column(String(255), unique=True, index=True, nullable=False)
+    hashed_password  = Column(String(255), nullable=False)
+    created_at       = Column(DateTime, default=lambda: datetime.now(timezone.utc))
+
+    proxies = relationship("ProxyConfig", back_populates="owner", cascade="all, delete-orphan")
+
+
+class ProxyConfig(Base):
+    __tablename__ = "proxy_configs"
+
+    id                = Column(Integer, primary_key=True, index=True)
+    user_id           = Column(Integer, ForeignKey("users.id"), nullable=False)
+    proxy_token       = Column(String(64), unique=True, index=True, nullable=False)
+    name              = Column(String(128), nullable=False)
+    openai_base_url   = Column(String(512), nullable=False)
+    encrypted_api_key = Column(Text, nullable=False)
+    model_mapping     = Column(Text, default="{}")
+    created_at        = Column(DateTime, default=lambda: datetime.now(timezone.utc))
+
+    owner = relationship("User", back_populates="proxies")

app/proxy_handler.py

@@ -0,0 +1,180 @@
+import json
+import uuid
+from typing import AsyncIterator
+
+import litellm
+from fastapi.responses import StreamingResponse
+
+litellm.set_verbose = False
+
+
+def anthropic_to_openai_messages(messages: list, system: str | None) -> list:
+    openai_msgs = []
+
+    if system:
+        openai_msgs.append({"role": "system", "content": system})
+
+    for msg in messages:
+        role    = msg["role"]
+        content = msg["content"]
+
+        if isinstance(content, str):
+            openai_msgs.append({"role": role, "content": content})
+
+        elif isinstance(content, list):
+            parts = []
+            for block in content:
+                btype = block.get("type")
+                if btype == "text":
+                    parts.append({"type": "text", "text": block["text"]})
+                elif btype == "image":
+                    src = block.get("source", {})
+                    if src.get("type") == "base64":
+                        url = f"data:{src['media_type']};base64,{src['data']}"
+                    else:
+                        url = src.get("url", "")
+                    parts.append({"type": "image_url", "image_url": {"url": url}})
+                elif btype in ("tool_use", "tool_result"):
+                    parts.append({"type": "text", "text": json.dumps(block)})
+
+            openai_msgs.append({
+                "role": role,
+                "content": parts if len(parts) > 1 else (parts[0]["text"] if parts else ""),
+            })
+
+    return openai_msgs
+
+
+_STOP_REASON_MAP = {
+    "stop":           "end_turn",
+    "length":         "max_tokens",
+    "content_filter": "stop_sequence",
+    "tool_calls":     "tool_use",
+}
+
+
+def openai_response_to_anthropic(oai_resp, original_model: str) -> dict:
+    choice = oai_resp.choices[0]
+    usage  = oai_resp.usage
+
+    return {
+        "id":      f"msg_{uuid.uuid4().hex[:24]}",
+        "type":    "message",
+        "role":    "assistant",
+        "content": [{"type": "text", "text": choice.message.content or ""}],
+        "model":   original_model,
+        "stop_reason":   _STOP_REASON_MAP.get(choice.finish_reason or "stop", "end_turn"),
+        "stop_sequence": None,
+        "usage": {
+            "input_tokens":  getattr(usage, "prompt_tokens",     0) if usage else 0,
+            "output_tokens": getattr(usage, "completion_tokens", 0) if usage else 0,
+        },
+    }
+
+
+async def stream_anthropic_sse(params: dict, original_model: str) -> AsyncIterator[str]:
+    msg_id = f"msg_{uuid.uuid4().hex[:24]}"
+
+    def _sse(event: str, data: dict) -> str:
+        return f"event: {event}\ndata: {json.dumps(data)}\n\n"
+
+    yield _sse("message_start", {
+        "type": "message_start",
+        "message": {
+            "id": msg_id, "type": "message", "role": "assistant",
+            "content": [], "model": original_model,
+            "stop_reason": None, "stop_sequence": None,
+            "usage": {"input_tokens": 0, "output_tokens": 0},
+        },
+    })
+
+    yield _sse("content_block_start", {
+        "type": "content_block_start", "index": 0,
+        "content_block": {"type": "text", "text": ""},
+    })
+
+    yield _sse("ping", {"type": "ping"})
+
+    output_tokens = 0
+    stop_reason   = "end_turn"
+    input_tokens  = 0
+
+    try:
+        response = await litellm.acompletion(**params)
+        async for chunk in response:
+            delta_content = None
+            if chunk.choices:
+                delta_content = chunk.choices[0].delta.content
+                finish        = chunk.choices[0].finish_reason
+                if finish:
+                    stop_reason = _STOP_REASON_MAP.get(finish, "end_turn")
+
+            if delta_content:
+                output_tokens += 1
+                yield _sse("content_block_delta", {
+                    "type": "content_block_delta", "index": 0,
+                    "delta": {"type": "text_delta", "text": delta_content},
+                })
+
+            if hasattr(chunk, "usage") and chunk.usage:
+                input_tokens  = getattr(chunk.usage, "prompt_tokens",     input_tokens)
+                output_tokens = getattr(chunk.usage, "completion_tokens", output_tokens)
+
+    except Exception as exc:
+        yield _sse("error", {"type": "error", "error": {"type": "api_error", "message": str(exc)}})
+        return
+
+    yield _sse("content_block_stop", {"type": "content_block_stop", "index": 0})
+    yield _sse("message_delta", {
+        "type": "message_delta",
+        "delta": {"stop_reason": stop_reason, "stop_sequence": None},
+        "usage": {"output_tokens": output_tokens},
+    })
+    yield _sse("message_stop", {"type": "message_stop"})
+
+
+async def handle_messages_request(body: dict, proxy_config):
+    from .auth import decrypt_api_key
+
+    anthropic_model = body.get("model", "claude-3-opus-20240229")
+    messages        = body.get("messages", [])
+    system          = body.get("system")
+    max_tokens      = body.get("max_tokens", 1024)
+    temperature     = body.get("temperature", 1.0)
+    stream          = body.get("stream", False)
+    top_p           = body.get("top_p")
+    stop_seqs       = body.get("stop_sequences")
+
+    try:
+        model_mapping = json.loads(proxy_config.model_mapping or "{}")
+    except Exception:
+        model_mapping = {}
+
+    openai_model = model_mapping.get(anthropic_model, anthropic_model)
+    openai_msgs  = anthropic_to_openai_messages(messages, system)
+    api_key      = decrypt_api_key(proxy_config.encrypted_api_key)
+
+    params: dict = {
+        "model":       f"openai/{openai_model}",
+        "messages":    openai_msgs,
+        "max_tokens":  max_tokens,
+        "temperature": temperature,
+        "stream":      stream,
+        "api_key":     api_key,
+        "api_base":    proxy_config.openai_base_url.rstrip("/"),
+    }
+
+    if top_p is not None:
+        params["top_p"] = top_p
+    if stop_seqs:
+        params["stop"] = stop_seqs
+
+    if stream:
+        return StreamingResponse(
+            stream_anthropic_sse(params, anthropic_model),
+            media_type="text/event-stream",
+            headers={"Cache-Control": "no-cache", "X-Accel-Buffering": "no"},
+        )
+
+    response = await litellm.acompletion(**params)
+    return openai_response_to_anthropic(response, anthropic_model)

app/schemas.py

@@ -0,0 +1,70 @@
+from pydantic import BaseModel, EmailStr, field_validator
+from typing import Optional, Dict
+from datetime import datetime
+
+
+class UserCreate(BaseModel):
+    username: str
+    email: EmailStr
+    password: str
+
+    @field_validator("username")
+    @classmethod
+    def username_alphanumeric(cls, v: str) -> str:
+        if not v.replace("_", "").replace("-", "").isalnum():
+            raise ValueError("Username must be alphanumeric (underscores/hyphens allowed)")
+        if len(v) < 3:
+            raise ValueError("Username must be at least 3 characters")
+        return v
+
+    @field_validator("password")
+    @classmethod
+    def password_strength(cls, v: str) -> str:
+        if len(v) < 6:
+            raise ValueError("Password must be at least 6 characters")
+        return v
+
+
+class UserOut(BaseModel):
+    id: int
+    username: str
+    email: str
+    created_at: datetime
+
+    model_config = {"from_attributes": True}
+
+
+class Token(BaseModel):
+    access_token: str
+    token_type: str = "bearer"
+    user: UserOut
+
+
+class LoginRequest(BaseModel):
+    username: str
+    password: str
+
+
+class ProxyCreate(BaseModel):
+    name: str
+    openai_base_url: str
+    openai_api_key: str
+    model_mapping: Optional[Dict[str, str]] = {}
+
+
+class ProxyUpdate(BaseModel):
+    name: Optional[str] = None
+    openai_base_url: Optional[str] = None
+    openai_api_key: Optional[str] = None
+    model_mapping: Optional[Dict[str, str]] = None
+
+
+class ProxyOut(BaseModel):
+    id: int
+    name: str
+    proxy_token: str
+    openai_base_url: str
+    model_mapping: str
+    created_at: datetime
+
+    model_config = {"from_attributes": True}