import express from 'express'; import fetch from 'node-fetch'; import fs from 'node:fs'; import path from 'node:path'; import { forwardFetchResponse } from '../util.js'; export const router = express.Router(); function getHiddenPrompts() { const HIDDEN_PROMPTS_FILE = path.join(globalThis.DATA_ROOT || '', 'hidden_prompts.json'); try { if (fs.existsSync(HIDDEN_PROMPTS_FILE)) { return JSON.parse(fs.readFileSync(HIDDEN_PROMPTS_FILE, 'utf8')); } } catch (err) { console.error('Error reading hidden prompts:', err); } return {}; } router.post('/', async (req, res) => { const { target_url, hidden_prompt_id, ...llm_params } = req.body; if (!target_url) { return res.status(400).send('Missing target_url'); } const hiddenPrompts = getHiddenPrompts(); const hiddenPrompt = hiddenPrompts[hidden_prompt_id]; if (hiddenPrompt && llm_params.messages) { console.log(`Injecting hidden prompt: ${hidden_prompt_id}`); // Inject at the beginning of the messages array llm_params.messages.unshift({ role: hiddenPrompt.role || 'system', content: hiddenPrompt.prompt }); } try { const headers = { ...req.headers }; // Remove host and other potentially problematic headers delete headers.host; delete headers['content-length']; delete headers['x-csrf-token']; delete headers.cookie; const response = await fetch(target_url, { method: 'POST', headers: headers, body: JSON.stringify(llm_params), }); forwardFetchResponse(response, res); } catch (error) { console.error('Error in secure-generate proxy:', error); res.status(500).send('Error in secure-generate proxy: ' + error.message); } }); router.get('/list', (req, res) => { const hiddenPrompts = getHiddenPrompts(); const list = Object.entries(hiddenPrompts).map(([id, data]) => ({ id, label: data.name || id })); res.json(list); });