refactor: simplify manager to Tavily-only, harden registrars

- Remove multi-service (Firecrawl/Exa) UI from manager dashboard, drop edit-key endpoint
- Update README to Tavily-focused docs
- Exa registrar: robust API key extraction with fallback pages and debug logging
- Firecrawl registrar: better error detection, submit button check, debug screenshots
- Feishu notifications: add 3-attempt retry logic
- Disable tavily job in daily workflow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

README.md

@@ -1,5 +1,5 @@
 ---
-title: Search Key Manager
+title: Tavily Key Manager
 emoji: 🔑
 colorFrom: blue
 colorTo: green
@@ -9,39 +9,50 @@ pinned: false
 license: mit
 ---
 
-**Multi-Service Search Proxy & Key Pool Manager**
+```
+████████╗ █████╗ ██╗   ██╗██╗██╗  ██╗   ██╗
+╚══██╔══╝██╔══██╗██║   ██║██║██║  ╚██╗ ██╔╝
+   ██║   ███████║██║   ██║██║██║   ╚████╔╝
+   ██║   ██╔══██║╚██╗ ██╔╝██║██║    ╚██╔╝
+   ██║   ██║  ██║ ╚████╔╝ ██║███████╗██║
+   ╚═╝   ╚═╝  ╚═╝  ╚═══╝  ╚═╝╚══════╝╚═╝
+```
+
+**Tavily Search Proxy & Key Pool Manager**
 
-Unified API proxy for **Tavily**, **Firecrawl**, and **Exa** with automatic key pool rotation, health checking, and per-user quota management.
+A managed Tavily API key pool with automatic round-robin selection, health checking, and access token quota system. Drop-in replacement for `api.tavily.com`.
 
 ---
 
 ## Quick Start
 
-### Tavily Search
+Set your base URL to this Space's address:
 
 ```bash
-curl -X POST https://ohmyapi-tavily.hf.space/search \
-  -H "Content-Type: application/json" \
-  -H "Authorization: Bearer sk-your-token" \
-  -d '{"query": "latest AI news", "max_results": 5}'
+export TAVILY_BASE_URL=https://ohmyapi-tavily.hf.space
+export TAVILY_API_KEY=sk-your-access-token
 ```
 
-### Firecrawl Scrape
+### Search
 
 ```bash
-curl -X POST https://ohmyapi-tavily.hf.space/firecrawl/v1/scrape \
+curl -X POST https://ohmyapi-tavily.hf.space/v1/search \
   -H "Content-Type: application/json" \
-  -H "Authorization: Bearer sk-your-token" \
-  -d '{"url": "https://example.com"}'
+  -H "Authorization: Bearer sk-your-access-token" \
+  -d '{"query": "latest AI news", "max_results": 5}'
 ```
 
-### Exa Search
+### Python
 
-```bash
-curl -X POST https://ohmyapi-tavily.hf.space/exa/search \
-  -H "Content-Type: application/json" \
-  -H "Authorization: Bearer sk-your-token" \
-  -d '{"query": "machine learning", "numResults": 5}'
+```python
+import requests
+
+resp = requests.post(
+    "https://ohmyapi-tavily.hf.space/v1/search",
+    headers={"Authorization": "Bearer sk-your-access-token"},
+    json={"query": "hello world", "max_results": 3}
+)
+print(resp.json())
 ```
 
 ---
@@ -50,11 +61,12 @@ curl -X POST https://ohmyapi-tavily.hf.space/exa/search \
 
 | Feature | Description |
 |---------|-------------|
-| Multi-Service | Tavily + Firecrawl + Exa unified proxy |
-| Key Pool | Round-robin key selection with per-service health checking |
+| Key Pool | Automatic round-robin key selection with health checking |
 | Access Tokens | Per-user tokens with monthly quota management |
-| Admin Dashboard | Manage keys, tokens, and configuration via web UI |
 | Free Mode | Optional open access without token |
+| Admin Dashboard | Manage keys, tokens, and configuration via web UI |
+| Search Proxy | `/v1/search` and `/v1/extract` compatible with Tavily API |
+| MCP Support | Works with Tavily MCP server for AI agents |
 
 ---
 
@@ -64,9 +76,9 @@ curl -X POST https://ohmyapi-tavily.hf.space/exa/search \
 |----------|----------|-------------|
 | `ADMIN_PASSWORD` | Yes | Dashboard login password |
 | `DATABASE_URL` | Yes | PostgreSQL connection string |
-| `ADMIN_TOKEN` | No | Default admin API token |
+| `ADMIN_TOKEN` | No | Default admin API token (default: `REDACTED_TOKEN`) |
 | `FREE_MODE` | No | Enable open access (default: `false`) |
 
 ---
 
-Built with FastAPI + PostgreSQL
+Built with FastAPI + PostgreSQL · Powered by [Tavily](https://tavily.com)

manager/db.py

@@ -204,7 +204,7 @@ def _seed_defaults():
     """Seed default config values and admin token if not present."""
     defaults = {
         "admin_password": os.getenv("ADMIN_PASSWORD", ""),
-        "admin_token": os.getenv("ADMIN_TOKEN", "REDACTED_TOKEN"),
+        "admin_token": os.getenv("ADMIN_TOKEN", ""),
         "free_mode": os.getenv("FREE_MODE", "false"),
         "default_quota": os.getenv("DEFAULT_QUOTA", "1000"),
     }
@@ -342,20 +342,6 @@ def update_status(key_id: int, status: str, quota_remaining: int | None = None):
             ), (status, now, key_id))
 
 
-def update_key(key_id: int, **kwargs) -> bool:
-    """Update key fields (email, password, api_key, service, status)."""
-    allowed = {"email", "password", "api_key", "service", "status"}
-    updates = {k: v for k, v in kwargs.items() if k in allowed and v is not None}
-    if not updates:
-        return False
-    placeholder = "%s" if _use_pg else "?"
-    set_clause = ", ".join(f"{k} = {placeholder}" for k in updates)
-    sql = f"UPDATE api_keys SET {set_clause} WHERE id = {placeholder}"
-    with get_db() as conn:
-        cur = _execute(conn, sql, (*updates.values(), key_id))
-        return cur.rowcount > 0
-
-
 def update_status_batch(key_ids: list[int], status: str) -> int:
     if not key_ids:
         return 0

manager/models.py

@@ -14,14 +14,6 @@ class ApiKeyCreate(BaseModel):
     created_at: str = ""
 
 
-class ApiKeyUpdate(BaseModel):
-    email: str | None = None
-    password: str | None = None
-    api_key: str | None = None
-    service: str | None = None
-    status: str | None = None
-
-
 class ApiKeyImport(BaseModel):
     keys: list[ApiKeyCreate]
 

manager/routes.py

@@ -12,7 +12,7 @@ from fastapi.responses import JSONResponse
 
 from . import db
 from .models import (
-    ApiKeyCreate, ApiKeyUpdate, ApiKeyImport, ApiKeyResponse, ApiKeyListResponse,
+    ApiKeyCreate, ApiKeyImport, ApiKeyResponse, ApiKeyListResponse,
     StatsResponse, HealthCheckResult, BatchIds, BatchStatus,
     AccessTokenCreate, AccessTokenUpdate, AccessTokenResponse,
     ConfigUpdate,
@@ -215,17 +215,6 @@ def delete_key(key_id: int, _=Depends(verify_auth)):
     return {"deleted": True}
 
 
-@router.patch("/keys/{key_id}")
-def update_key(key_id: int, body: ApiKeyUpdate, _=Depends(verify_auth)):
-    updates = {k: v for k, v in body.model_dump().items() if v is not None}
-    if not updates:
-        raise HTTPException(400, "No fields to update")
-    if not db.update_key(key_id, **updates):
-        raise HTTPException(404, "Key not found")
-    row = db.get_key(key_id)
-    return row
-
-
 @router.get("/keys/next")
 def get_next_key(service: str = "tavily", _=Depends(verify_auth)):
     key = db.get_next_active_key(service)

manager/static/index.html

@@ -561,31 +561,6 @@ user@example.com,pass,tvly-abc123'></textarea>
     </div>
 </div>
 
-<div id="modal-edit-key" class="modal-bg" onclick="if(event.target===this)closeModals()">
-    <div class="modal">
-        <div class="modal-title">Edit Key</div>
-        <input id="ek-id" type="hidden">
-        <div class="modal-field"><label>Service</label>
-            <select id="ek-service" class="inp" style="max-width:200px;">
-                <option value="tavily">Tavily</option>
-                <option value="firecrawl">Firecrawl</option>
-                <option value="exa">Exa</option>
-            </select>
-        </div>
-        <div class="modal-field"><label>Email</label><input id="ek-email" type="text" class="inp"></div>
-        <div class="modal-field"><label>Password</label><input id="ek-password" type="text" class="inp"></div>
-        <div class="modal-field"><label>API Key</label><input id="ek-apikey" type="text" class="inp inp-mono"></div>
-        <div class="modal-field"><label>Status</label>
-            <select id="ek-status" class="inp" style="max-width:200px;">
-                <option value="active">Active</option>
-                <option value="inactive">Inactive</option>
-                <option value="exhausted">Exhausted</option>
-            </select>
-        </div>
-        <div class="modal-acts"><button onclick="closeModals()" class="btn btn-o">Cancel</button><button onclick="saveEditKey()" class="btn btn-p">Save</button></div>
-    </div>
-</div>
-
 <script>
 (() => {
     let TOKEN = '';
@@ -746,7 +721,6 @@ user@example.com,pass,tvly-abc123'></textarea>
                 <td class="c-id">${k.use_count||0}</td>
                 <td><div class="c-acts" style="justify-content:flex-end;">
                     <button class="btn-icon" onclick="copyKey('${escA(k.api_key)}')" title="Copy">&#128203;</button>
-                    <button class="btn-icon" onclick="editKey(${k.id},'${escA(k.email)}','${escA(k.password)}','${escA(k.api_key)}','${escA(k.service||'tavily')}','${escA(k.status)}')" title="Edit">&#9998;</button>
                     <button class="btn-icon ok" onclick="checkKey(${k.id})" title="Test">&#9889;</button>
                     <button class="btn-icon danger" onclick="deleteKey(${k.id})" title="Delete">&#128465;</button>
                 </div></td></tr>`;
@@ -868,37 +842,6 @@ user@example.com,pass,tvly-abc123'></textarea>
         reader.onload = e => { $('import-json').value = e.target.result; };
         reader.readAsText(file);
     };
-    window.editKey = function(id, email, password, apiKey, service, status) {
-        $('ek-id').value = id;
-        $('ek-email').value = email;
-        $('ek-password').value = password;
-        $('ek-apikey').value = apiKey;
-        $('ek-service').value = service;
-        $('ek-status').value = status;
-        $('modal-edit-key').classList.add('active');
-    };
-    window.saveEditKey = async function() {
-        const id = $('ek-id').value;
-        const body = {};
-        const email = $('ek-email').value.trim();
-        const password = $('ek-password').value.trim();
-        const apiKey = $('ek-apikey').value.trim();
-        const service = $('ek-service').value;
-        const status = $('ek-status').value;
-        if (email) body.email = email;
-        if (password) body.password = password;
-        if (apiKey) body.api_key = apiKey;
-        if (service) body.service = service;
-        if (status) body.status = status;
-        try {
-            const r = await fetch(`${API}/api/keys/${id}`, {
-                method: 'PATCH', headers: { ...hdr(), 'Content-Type': 'application/json' },
-                body: JSON.stringify(body),
-            });
-            if (!r.ok) throw new Error(`HTTP ${r.status}`);
-            toast('Key updated', 'success'); closeModals(); refresh();
-        } catch(e) { toast('Update failed: ' + e.message, 'error'); }
-    };
     window.deleteKey = async function(id) {
         if (!confirm('Delete this key?')) return;
         try { await fetch(`${API}/api/keys/${id}`, { method: 'DELETE', headers: hdr() }); toast('Deleted', 'success'); refresh(); }