Remove debug logs

- Move email and avatar functions to package/auth

.env.example

@@ -58,7 +58,7 @@ DEBUG_CONSOLE=false
 #                     Endpoints                     #
 #===================================================#
 
-# ENDPOINTS=openAI,assistants,azureOpenAI,google,anthropic
+# ENDPOINTS=openAI,assistants,azureOpenAI,google,gptPlugins,anthropic
 
 PROXY=
 
@@ -142,10 +142,10 @@ GOOGLE_KEY=user_provided
 # GOOGLE_AUTH_HEADER=true
 
 # Gemini API (AI Studio)
-# GOOGLE_MODELS=gemini-2.5-pro,gemini-2.5-flash,gemini-2.5-flash-lite-preview-06-17,gemini-2.0-flash,gemini-2.0-flash-lite
+# GOOGLE_MODELS=gemini-2.5-pro-preview-05-06,gemini-2.5-flash-preview-04-17,gemini-2.0-flash-001,gemini-2.0-flash-exp,gemini-2.0-flash-lite-001,gemini-1.5-pro-002,gemini-1.5-flash-002
 
 # Vertex AI
-# GOOGLE_MODELS=gemini-2.5-pro,gemini-2.5-flash,gemini-2.5-flash-lite-preview-06-17,gemini-2.0-flash-001,gemini-2.0-flash-lite-001
+# GOOGLE_MODELS=gemini-2.5-pro-preview-05-06,gemini-2.5-flash-preview-04-17,gemini-2.0-flash-001,gemini-2.0-flash-exp,gemini-2.0-flash-lite-001,gemini-1.5-pro-002,gemini-1.5-flash-002
 
 # GOOGLE_TITLE_MODEL=gemini-2.0-flash-lite-001
 
@@ -349,11 +349,6 @@ REGISTRATION_VIOLATION_SCORE=1
 CONCURRENT_VIOLATION_SCORE=1
 MESSAGE_VIOLATION_SCORE=1
 NON_BROWSER_VIOLATION_SCORE=20
-TTS_VIOLATION_SCORE=0
-STT_VIOLATION_SCORE=0
-FORK_VIOLATION_SCORE=0
-IMPORT_VIOLATION_SCORE=0
-FILE_UPLOAD_VIOLATION_SCORE=0
 
 LOGIN_MAX=7
 LOGIN_WINDOW=5
@@ -458,8 +453,8 @@ OPENID_REUSE_TOKENS=
 OPENID_JWKS_URL_CACHE_ENABLED=
 OPENID_JWKS_URL_CACHE_TIME= # 600000 ms eq to 10 minutes leave empty to disable caching
 #Set to true to trigger token exchange flow to acquire access token for the userinfo endpoint.
-OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED=
-OPENID_ON_BEHALF_FLOW_USERINFO_SCOPE="user.read" # example for Scope Needed for Microsoft Graph API
+OPENID_ON_BEHALF_FLOW_FOR_USERINFRO_REQUIRED=
+OPENID_ON_BEHALF_FLOW_USERINFRO_SCOPE = "user.read" # example for Scope Needed for Microsoft Graph API
 # Set to true to use the OpenID Connect end session endpoint for logout
 OPENID_USE_END_SESSION_ENDPOINT=
 
@@ -580,10 +575,6 @@ ALLOW_SHARED_LINKS_PUBLIC=true
 # If you have another service in front of your LibreChat doing compression, disable express based compression here
 # DISABLE_COMPRESSION=true
 
-# If you have gzipped version of uploaded image images in the same folder, this will enable gzip scan and serving of these images
-# Note: The images folder will be scanned on startup and a ma kept in memory. Be careful for large number of images.
-# ENABLE_IMAGE_OUTPUT_GZIP_SCAN=true
-
 #===================================================#
 #                        UI                         #
 #===================================================#
@@ -601,31 +592,11 @@ HELP_AND_FAQ_URL=https://librechat.ai
 # REDIS Options #
 #===============#
 
-# Enable Redis for caching and session storage
+# REDIS_URI=10.10.10.10:6379
 # USE_REDIS=true
 
-# Single Redis instance
-# REDIS_URI=redis://127.0.0.1:6379
-
-# Redis cluster (multiple nodes)
-# REDIS_URI=redis://127.0.0.1:7001,redis://127.0.0.1:7002,redis://127.0.0.1:7003
-
-# Redis with TLS/SSL encryption and CA certificate
-# REDIS_URI=rediss://127.0.0.1:6380
-# REDIS_CA=/path/to/ca-cert.pem
-
-# Redis authentication (if required)
-# REDIS_USERNAME=your_redis_username
-# REDIS_PASSWORD=your_redis_password
-
-# Redis key prefix configuration
-# Use environment variable name for dynamic prefix (recommended for cloud deployments)
-# REDIS_KEY_PREFIX_VAR=K_REVISION
-# Or use static prefix directly
-# REDIS_KEY_PREFIX=librechat
-
-# Redis connection limits
-# REDIS_MAX_LISTENERS=40
+# USE_REDIS_CLUSTER=true
+# REDIS_CA=/path/to/ca.crt
 
 #==================================================#
 #                      Others                      #
@@ -686,4 +657,4 @@ OPENWEATHER_API_KEY=
 # Reranker (Required)
 # JINA_API_KEY=your_jina_api_key
 # or
-# COHERE_API_KEY=your_cohere_api_key
+# COHERE_API_KEY=your_cohere_api_key

.github/workflows/backend-review.yml

@@ -7,7 +7,7 @@ on:
       - release/*
     paths:
       - 'api/**'
-      - 'packages/**'
+      - 'packages/api/**'
 jobs:
   tests_Backend:
     name: Run Backend unit tests

.github/workflows/client.yml

@@ -1,32 +0,0 @@
-name: Publish `@librechat/client` to NPM
-
-on:
-  workflow_dispatch:
-    inputs:
-      reason:
-        description: 'Reason for manual trigger'
-        required: false
-        default: 'Manual publish requested'
-
-jobs:
-  build-and-publish:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      
-      - name: Use Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '18.x'
-          
-      - name: Check if client package exists
-        run: |
-          if [ -d "packages/client" ]; then
-            echo "Client package directory found"
-          else
-            echo "Client package directory not found - workflow ready for future use"
-            exit 0
-          fi
-          
-      - name: Placeholder for future publishing
-        run: echo "Client package publishing workflow is ready" 

.github/workflows/frontend-review.yml

@@ -8,7 +8,7 @@ on:
       - release/*
     paths:
       - 'client/**'
-      - 'packages/data-provider/**'
+      - 'packages/**'
 
 jobs:
   tests_frontend_ubuntu:

.github/workflows/unused-packages.yml

@@ -98,8 +98,6 @@ jobs:
             cd client
             UNUSED=$(depcheck --json | jq -r '.dependencies | join("\n")' || echo "")
             UNUSED=$(comm -23 <(echo "$UNUSED" | sort) <(cat ../client_used_deps.txt ../client_used_code.txt | sort) || echo "")
-            # Filter out false positives
-            UNUSED=$(echo "$UNUSED" | grep -v "^micromark-extension-llm-math$" || echo "")
             echo "CLIENT_UNUSED<<EOF" >> $GITHUB_ENV
             echo "$UNUSED" >> $GITHUB_ENV
             echo "EOF" >> $GITHUB_ENV

.gitignore

@@ -55,7 +55,6 @@ bower_components/
 # AI
 .clineignore
 .cursor
-.aider*
 
 # Floobits
 .floo
@@ -125,12 +124,3 @@ helm/**/.values.yaml
 
 # SAML Idp cert
 *.cert
-
-# AI Assistants
-/.claude/
-/.cursor/
-/.copilot/
-/.aider/
-/.openai/
-/.tabnine/
-/.codeium

Dockerfile

@@ -1,4 +1,4 @@
-# v0.7.9-rc1
+# v0.7.8
 
 # Base node image
 FROM node:20-alpine AS node

Dockerfile.multi

@@ -1,5 +1,5 @@
 # Dockerfile.multi
-# v0.7.9-rc1
+# v0.7.8
 
 # Base for all builds
 FROM node:20-alpine AS base-min

README.md

@@ -52,7 +52,7 @@
 - 🖥️ **UI & Experience** inspired by ChatGPT with enhanced design and features
 
 - 🤖 **AI Model Selection**:  
-  - Anthropic (Claude), AWS Bedrock, OpenAI, Azure OpenAI, Google, Vertex AI, OpenAI Responses API (incl. Azure)
+  - Anthropic (Claude), AWS Bedrock, OpenAI, Azure OpenAI, Google, Vertex AI, OpenAI Assistants API (incl. Azure)
   - [Custom Endpoints](https://www.librechat.ai/docs/quick_start/custom_endpoints): Use any OpenAI-compatible API with LibreChat, no proxy required
   - Compatible with [Local & Remote AI Providers](https://www.librechat.ai/docs/configuration/librechat_yaml/ai_endpoints):
     - Ollama, groq, Cohere, Mistral AI, Apple MLX, koboldcpp, together.ai,
@@ -66,9 +66,10 @@
 - 🔦 **Agents & Tools Integration**:  
   - **[LibreChat Agents](https://www.librechat.ai/docs/features/agents)**:
     - No-Code Custom Assistants: Build specialized, AI-driven helpers without coding  
-    - Flexible & Extensible: Use MCP Servers, tools, file search, code execution, and more  
-    - Compatible with Custom Endpoints, OpenAI, Azure, Anthropic, AWS Bedrock, Google, Vertex AI, Responses API, and more
+    - Flexible & Extensible: Attach tools like DALL-E-3, file search, code execution, and more  
+    - Compatible with Custom Endpoints, OpenAI, Azure, Anthropic, AWS Bedrock, and more
     - [Model Context Protocol (MCP) Support](https://modelcontextprotocol.io/clients#librechat) for Tools
+  - Use LibreChat Agents and OpenAI Assistants with Files, Code Interpreter, Tools, and API Actions
 
 - 🔍 **Web Search**:  
   - Search the internet and retrieve relevant information to enhance your AI context

api/app/clients/AnthropicClient.js

@@ -190,11 +190,10 @@ class AnthropicClient extends BaseClient {
         reverseProxyUrl: this.options.reverseProxyUrl,
       }),
       apiKey: this.apiKey,
-      fetchOptions: {},
     };
 
     if (this.options.proxy) {
-      options.fetchOptions.agent = new HttpsProxyAgent(this.options.proxy);
+      options.httpAgent = new HttpsProxyAgent(this.options.proxy);
     }
 
     if (this.options.reverseProxyUrl) {

api/app/clients/BaseClient.js

@@ -13,6 +13,7 @@ const {
 const { getMessages, saveMessage, updateMessage, saveConvo, getConvo } = require('~/models');
 const { checkBalance } = require('~/models/balanceMethods');
 const { truncateToolCallOutputs } = require('./prompts');
+const { addSpaceIfNeeded } = require('~/server/utils');
 const { getFiles } = require('~/models/File');
 const TextStream = require('./TextStream');
 const { logger } = require('~/config');
@@ -108,15 +109,12 @@ class BaseClient {
   /**
    * Abstract method to record token usage. Subclasses must implement this method.
    * If a correction to the token usage is needed, the method should return an object with the corrected token counts.
-   * Should only be used if `recordCollectedUsage` was not used instead.
-   * @param {string} [model]
    * @param {number} promptTokens
    * @param {number} completionTokens
    * @returns {Promise<void>}
    */
-  async recordTokenUsage({ model, promptTokens, completionTokens }) {
+  async recordTokenUsage({ promptTokens, completionTokens }) {
     logger.debug('[BaseClient] `recordTokenUsage` not implemented.', {
-      model,
       promptTokens,
       completionTokens,
     });
@@ -200,10 +198,6 @@ class BaseClient {
       this.currentMessages[this.currentMessages.length - 1].messageId = head;
     }
 
-    if (opts.isRegenerate && responseMessageId.endsWith('_')) {
-      responseMessageId = crypto.randomUUID();
-    }
-
     this.responseMessageId = responseMessageId;
 
     return {
@@ -578,7 +572,7 @@ class BaseClient {
       });
     }
 
-    const { editedContent } = opts;
+    const { generation = '' } = opts;
 
     // It's not necessary to push to currentMessages
     // depending on subclass implementation of handling messages
@@ -593,21 +587,11 @@ class BaseClient {
           isCreatedByUser: false,
           model: this.modelOptions?.model ?? this.model,
           sender: this.sender,
+          text: generation,
         };
         this.currentMessages.push(userMessage, latestMessage);
-      } else if (editedContent != null) {
-        // Handle editedContent for content parts
-        if (editedContent && latestMessage.content && Array.isArray(latestMessage.content)) {
-          const { index, text, type } = editedContent;
-          if (index >= 0 && index < latestMessage.content.length) {
-            const contentPart = latestMessage.content[index];
-            if (type === ContentTypes.THINK && contentPart.type === ContentTypes.THINK) {
-              contentPart[ContentTypes.THINK] = text;
-            } else if (type === ContentTypes.TEXT && contentPart.type === ContentTypes.TEXT) {
-              contentPart[ContentTypes.TEXT] = text;
-            }
-          }
-        }
+      } else {
+        latestMessage.text = generation;
       }
       this.continued = true;
     } else {
@@ -688,32 +672,16 @@ class BaseClient {
     };
 
     if (typeof completion === 'string') {
-      responseMessage.text = completion;
+      responseMessage.text = addSpaceIfNeeded(generation) + completion;
     } else if (
       Array.isArray(completion) &&
       (this.clientName === EModelEndpoint.agents ||
         isParamEndpoint(this.options.endpoint, this.options.endpointType))
     ) {
       responseMessage.text = '';
-
-      if (!opts.editedContent || this.currentMessages.length === 0) {
-        responseMessage.content = completion;
-      } else {
-        const latestMessage = this.currentMessages[this.currentMessages.length - 1];
-        if (!latestMessage?.content) {
-          responseMessage.content = completion;
-        } else {
-          const existingContent = [...latestMessage.content];
-          const { type: editedType } = opts.editedContent;
-          responseMessage.content = this.mergeEditedContent(
-            existingContent,
-            completion,
-            editedType,
-          );
-        }
-      }
+      responseMessage.content = completion;
     } else if (Array.isArray(completion)) {
-      responseMessage.text = completion.join('');
+      responseMessage.text = addSpaceIfNeeded(generation) + completion.join('');
     }
 
     if (
@@ -744,13 +712,9 @@ class BaseClient {
       } else {
         responseMessage.tokenCount = this.getTokenCountForResponse(responseMessage);
         completionTokens = responseMessage.tokenCount;
-        await this.recordTokenUsage({
-          usage,
-          promptTokens,
-          completionTokens,
-          model: responseMessage.model,
-        });
       }
+
+      await this.recordTokenUsage({ promptTokens, completionTokens, usage });
     }
 
     if (userMessagePromise) {
@@ -828,8 +792,7 @@ class BaseClient {
 
     userMessage.tokenCount = userMessageTokenCount;
     /*
-      Note: `AgentController` saves the user message if not saved here
-      (noted by `savedMessageIds`), so we update the count of its `userMessage` reference
+      Note: `AskController` saves the user message, so we update the count of its `userMessage` reference
     */
     if (typeof opts?.getReqData === 'function') {
       opts.getReqData({
@@ -838,8 +801,7 @@ class BaseClient {
     }
     /*
       Note: we update the user message to be sure it gets the calculated token count;
-      though `AgentController` saves the user message if not saved here
-      (noted by `savedMessageIds`), EditController does not
+      though `AskController` saves the user message, EditController does not
     */
     await userMessagePromise;
     await this.updateMessageInDatabase({
@@ -1131,50 +1093,6 @@ class BaseClient {
     return numTokens;
   }
 
-  /**
-   * Merges completion content with existing content when editing TEXT or THINK types
-   * @param {Array} existingContent - The existing content array
-   * @param {Array} newCompletion - The new completion content
-   * @param {string} editedType - The type of content being edited
-   * @returns {Array} The merged content array
-   */
-  mergeEditedContent(existingContent, newCompletion, editedType) {
-    if (!newCompletion.length) {
-      return existingContent.concat(newCompletion);
-    }
-
-    if (editedType !== ContentTypes.TEXT && editedType !== ContentTypes.THINK) {
-      return existingContent.concat(newCompletion);
-    }
-
-    const lastIndex = existingContent.length - 1;
-    const lastExisting = existingContent[lastIndex];
-    const firstNew = newCompletion[0];
-
-    if (lastExisting?.type !== firstNew?.type || firstNew?.type !== editedType) {
-      return existingContent.concat(newCompletion);
-    }
-
-    const mergedContent = [...existingContent];
-    if (editedType === ContentTypes.TEXT) {
-      mergedContent[lastIndex] = {
-        ...mergedContent[lastIndex],
-        [ContentTypes.TEXT]:
-          (mergedContent[lastIndex][ContentTypes.TEXT] || '') + (firstNew[ContentTypes.TEXT] || ''),
-      };
-    } else {
-      mergedContent[lastIndex] = {
-        ...mergedContent[lastIndex],
-        [ContentTypes.THINK]:
-          (mergedContent[lastIndex][ContentTypes.THINK] || '') +
-          (firstNew[ContentTypes.THINK] || ''),
-      };
-    }
-
-    // Add remaining completion items
-    return mergedContent.concat(newCompletion.slice(1));
-  }
-
   async sendPayload(payload, opts = {}) {
     if (opts && typeof opts === 'object') {
       this.setOptions(opts);

api/app/clients/ChatGPTClient.js

@@ -0,0 +1,804 @@
+const { Keyv } = require('keyv');
+const crypto = require('crypto');
+const { CohereClient } = require('cohere-ai');
+const { fetchEventSource } = require('@waylaidwanderer/fetch-event-source');
+const { constructAzureURL, genAzureChatCompletion } = require('@librechat/api');
+const { encoding_for_model: encodingForModel, get_encoding: getEncoding } = require('tiktoken');
+const {
+  ImageDetail,
+  EModelEndpoint,
+  resolveHeaders,
+  CohereConstants,
+  mapModelToAzureConfig,
+} = require('librechat-data-provider');
+const { createContextHandlers } = require('./prompts');
+const { createCoherePayload } = require('./llm');
+const { extractBaseURL } = require('~/utils');
+const BaseClient = require('./BaseClient');
+const { logger } = require('~/config');
+
+const CHATGPT_MODEL = 'gpt-3.5-turbo';
+const tokenizersCache = {};
+
+class ChatGPTClient extends BaseClient {
+  constructor(apiKey, options = {}, cacheOptions = {}) {
+    super(apiKey, options, cacheOptions);
+
+    cacheOptions.namespace = cacheOptions.namespace || 'chatgpt';
+    this.conversationsCache = new Keyv(cacheOptions);
+    this.setOptions(options);
+  }
+
+  setOptions(options) {
+    if (this.options && !this.options.replaceOptions) {
+      // nested options aren't spread properly, so we need to do this manually
+      this.options.modelOptions = {
+        ...this.options.modelOptions,
+        ...options.modelOptions,
+      };
+      delete options.modelOptions;
+      // now we can merge options
+      this.options = {
+        ...this.options,
+        ...options,
+      };
+    } else {
+      this.options = options;
+    }
+
+    if (this.options.openaiApiKey) {
+      this.apiKey = this.options.openaiApiKey;
+    }
+
+    const modelOptions = this.options.modelOptions || {};
+    this.modelOptions = {
+      ...modelOptions,
+      // set some good defaults (check for undefined in some cases because they may be 0)
+      model: modelOptions.model || CHATGPT_MODEL,
+      temperature: typeof modelOptions.temperature === 'undefined' ? 0.8 : modelOptions.temperature,
+      top_p: typeof modelOptions.top_p === 'undefined' ? 1 : modelOptions.top_p,
+      presence_penalty:
+        typeof modelOptions.presence_penalty === 'undefined' ? 1 : modelOptions.presence_penalty,
+      stop: modelOptions.stop,
+    };
+
+    this.isChatGptModel = this.modelOptions.model.includes('gpt-');
+    const { isChatGptModel } = this;
+    this.isUnofficialChatGptModel =
+      this.modelOptions.model.startsWith('text-chat') ||
+      this.modelOptions.model.startsWith('text-davinci-002-render');
+    const { isUnofficialChatGptModel } = this;
+
+    // Davinci models have a max context length of 4097 tokens.
+    this.maxContextTokens = this.options.maxContextTokens || (isChatGptModel ? 4095 : 4097);
+    // I decided to reserve 1024 tokens for the response.
+    // The max prompt tokens is determined by the max context tokens minus the max response tokens.
+    // Earlier messages will be dropped until the prompt is within the limit.
+    this.maxResponseTokens = this.modelOptions.max_tokens || 1024;
+    this.maxPromptTokens =
+      this.options.maxPromptTokens || this.maxContextTokens - this.maxResponseTokens;
+
+    if (this.maxPromptTokens + this.maxResponseTokens > this.maxContextTokens) {
+      throw new Error(
+        `maxPromptTokens + max_tokens (${this.maxPromptTokens} + ${this.maxResponseTokens} = ${
+          this.maxPromptTokens + this.maxResponseTokens
+        }) must be less than or equal to maxContextTokens (${this.maxContextTokens})`,
+      );
+    }
+
+    this.userLabel = this.options.userLabel || 'User';
+    this.chatGptLabel = this.options.chatGptLabel || 'ChatGPT';
+
+    if (isChatGptModel) {
+      // Use these faux tokens to help the AI understand the context since we are building the chat log ourselves.
+      // Trying to use "<|im_start|>" causes the AI to still generate "<" or "<|" at the end sometimes for some reason,
+      // without tripping the stop sequences, so I'm using "||>" instead.
+      this.startToken = '||>';
+      this.endToken = '';
+      this.gptEncoder = this.constructor.getTokenizer('cl100k_base');
+    } else if (isUnofficialChatGptModel) {
+      this.startToken = '<|im_start|>';
+      this.endToken = '<|im_end|>';
+      this.gptEncoder = this.constructor.getTokenizer('text-davinci-003', true, {
+        '<|im_start|>': 100264,
+        '<|im_end|>': 100265,
+      });
+    } else {
+      // Previously I was trying to use "<|endoftext|>" but there seems to be some bug with OpenAI's token counting
+      // system that causes only the first "<|endoftext|>" to be counted as 1 token, and the rest are not treated
+      // as a single token. So we're using this instead.
+      this.startToken = '||>';
+      this.endToken = '';
+      try {
+        this.gptEncoder = this.constructor.getTokenizer(this.modelOptions.model, true);
+      } catch {
+        this.gptEncoder = this.constructor.getTokenizer('text-davinci-003', true);
+      }
+    }
+
+    if (!this.modelOptions.stop) {
+      const stopTokens = [this.startToken];
+      if (this.endToken && this.endToken !== this.startToken) {
+        stopTokens.push(this.endToken);
+      }
+      stopTokens.push(`\n${this.userLabel}:`);
+      stopTokens.push('<|diff_marker|>');
+      // I chose not to do one for `chatGptLabel` because I've never seen it happen
+      this.modelOptions.stop = stopTokens;
+    }
+
+    if (this.options.reverseProxyUrl) {
+      this.completionsUrl = this.options.reverseProxyUrl;
+    } else if (isChatGptModel) {
+      this.completionsUrl = 'https://api.openai.com/v1/chat/completions';
+    } else {
+      this.completionsUrl = 'https://api.openai.com/v1/completions';
+    }
+
+    return this;
+  }
+
+  static getTokenizer(encoding, isModelName = false, extendSpecialTokens = {}) {
+    if (tokenizersCache[encoding]) {
+      return tokenizersCache[encoding];
+    }
+    let tokenizer;
+    if (isModelName) {
+      tokenizer = encodingForModel(encoding, extendSpecialTokens);
+    } else {
+      tokenizer = getEncoding(encoding, extendSpecialTokens);
+    }
+    tokenizersCache[encoding] = tokenizer;
+    return tokenizer;
+  }
+
+  /** @type {getCompletion} */
+  async getCompletion(input, onProgress, onTokenProgress, abortController = null) {
+    if (!abortController) {
+      abortController = new AbortController();
+    }
+
+    let modelOptions = { ...this.modelOptions };
+    if (typeof onProgress === 'function') {
+      modelOptions.stream = true;
+    }
+    if (this.isChatGptModel) {
+      modelOptions.messages = input;
+    } else {
+      modelOptions.prompt = input;
+    }
+
+    if (this.useOpenRouter && modelOptions.prompt) {
+      delete modelOptions.stop;
+    }
+
+    const { debug } = this.options;
+    let baseURL = this.completionsUrl;
+    if (debug) {
+      console.debug();
+      console.debug(baseURL);
+      console.debug(modelOptions);
+      console.debug();
+    }
+
+    const opts = {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+      },
+    };
+
+    if (this.isVisionModel) {
+      modelOptions.max_tokens = 4000;
+    }
+
+    /** @type {TAzureConfig | undefined} */
+    const azureConfig = this.options?.req?.app?.locals?.[EModelEndpoint.azureOpenAI];
+
+    const isAzure = this.azure || this.options.azure;
+    if (
+      (isAzure && this.isVisionModel && azureConfig) ||
+      (azureConfig && this.isVisionModel && this.options.endpoint === EModelEndpoint.azureOpenAI)
+    ) {
+      const { modelGroupMap, groupMap } = azureConfig;
+      const {
+        azureOptions,
+        baseURL,
+        headers = {},
+        serverless,
+      } = mapModelToAzureConfig({
+        modelName: modelOptions.model,
+        modelGroupMap,
+        groupMap,
+      });
+      opts.headers = resolveHeaders(headers);
+      this.langchainProxy = extractBaseURL(baseURL);
+      this.apiKey = azureOptions.azureOpenAIApiKey;
+
+      const groupName = modelGroupMap[modelOptions.model].group;
+      this.options.addParams = azureConfig.groupMap[groupName].addParams;
+      this.options.dropParams = azureConfig.groupMap[groupName].dropParams;
+      // Note: `forcePrompt` not re-assigned as only chat models are vision models
+
+      this.azure = !serverless && azureOptions;
+      this.azureEndpoint =
+        !serverless && genAzureChatCompletion(this.azure, modelOptions.model, this);
+      if (serverless === true) {
+        this.options.defaultQuery = azureOptions.azureOpenAIApiVersion
+          ? { 'api-version': azureOptions.azureOpenAIApiVersion }
+          : undefined;
+        this.options.headers['api-key'] = this.apiKey;
+      }
+    }
+
+    if (this.options.defaultQuery) {
+      opts.defaultQuery = this.options.defaultQuery;
+    }
+
+    if (this.options.headers) {
+      opts.headers = { ...opts.headers, ...this.options.headers };
+    }
+
+    if (isAzure) {
+      // Azure does not accept `model` in the body, so we need to remove it.
+      delete modelOptions.model;
+
+      baseURL = this.langchainProxy
+        ? constructAzureURL({
+            baseURL: this.langchainProxy,
+            azureOptions: this.azure,
+          })
+        : this.azureEndpoint.split(/(?<!\/)\/(chat|completion)\//)[0];
+
+      if (this.options.forcePrompt) {
+        baseURL += '/completions';
+      } else {
+        baseURL += '/chat/completions';
+      }
+
+      opts.defaultQuery = { 'api-version': this.azure.azureOpenAIApiVersion };
+      opts.headers = { ...opts.headers, 'api-key': this.apiKey };
+    } else if (this.apiKey) {
+      opts.headers.Authorization = `Bearer ${this.apiKey}`;
+    }
+
+    if (process.env.OPENAI_ORGANIZATION) {
+      opts.headers['OpenAI-Organization'] = process.env.OPENAI_ORGANIZATION;
+    }
+
+    if (this.useOpenRouter) {
+      opts.headers['HTTP-Referer'] = 'https://librechat.ai';
+      opts.headers['X-Title'] = 'LibreChat';
+    }
+
+    /* hacky fixes for Mistral AI API:
+      - Re-orders system message to the top of the messages payload, as not allowed anywhere else
+      - If there is only one message and it's a system message, change the role to user
+      */
+    if (baseURL.includes('https://api.mistral.ai/v1') && modelOptions.messages) {
+      const { messages } = modelOptions;
+
+      const systemMessageIndex = messages.findIndex((msg) => msg.role === 'system');
+
+      if (systemMessageIndex > 0) {
+        const [systemMessage] = messages.splice(systemMessageIndex, 1);
+        messages.unshift(systemMessage);
+      }
+
+      modelOptions.messages = messages;
+
+      if (messages.length === 1 && messages[0].role === 'system') {
+        modelOptions.messages[0].role = 'user';
+      }
+    }
+
+    if (this.options.addParams && typeof this.options.addParams === 'object') {
+      modelOptions = {
+        ...modelOptions,
+        ...this.options.addParams,
+      };
+      logger.debug('[ChatGPTClient] chatCompletion: added params', {
+        addParams: this.options.addParams,
+        modelOptions,
+      });
+    }
+
+    if (this.options.dropParams && Array.isArray(this.options.dropParams)) {
+      this.options.dropParams.forEach((param) => {
+        delete modelOptions[param];
+      });
+      logger.debug('[ChatGPTClient] chatCompletion: dropped params', {
+        dropParams: this.options.dropParams,
+        modelOptions,
+      });
+    }
+
+    if (baseURL.startsWith(CohereConstants.API_URL)) {
+      const payload = createCoherePayload({ modelOptions });
+      return await this.cohereChatCompletion({ payload, onTokenProgress });
+    }
+
+    if (baseURL.includes('v1') && !baseURL.includes('/completions') && !this.isChatCompletion) {
+      baseURL = baseURL.split('v1')[0] + 'v1/completions';
+    } else if (
+      baseURL.includes('v1') &&
+      !baseURL.includes('/chat/completions') &&
+      this.isChatCompletion
+    ) {
+      baseURL = baseURL.split('v1')[0] + 'v1/chat/completions';
+    }
+
+    const BASE_URL = new URL(baseURL);
+    if (opts.defaultQuery) {
+      Object.entries(opts.defaultQuery).forEach(([key, value]) => {
+        BASE_URL.searchParams.append(key, value);
+      });
+      delete opts.defaultQuery;
+    }
+
+    const completionsURL = BASE_URL.toString();
+    opts.body = JSON.stringify(modelOptions);
+
+    if (modelOptions.stream) {
+      return new Promise(async (resolve, reject) => {
+        try {
+          let done = false;
+          await fetchEventSource(completionsURL, {
+            ...opts,
+            signal: abortController.signal,
+            async onopen(response) {
+              if (response.status === 200) {
+                return;
+              }
+              if (debug) {
+                console.debug(response);
+              }
+              let error;
+              try {
+                const body = await response.text();
+                error = new Error(`Failed to send message. HTTP ${response.status} - ${body}`);
+                error.status = response.status;
+                error.json = JSON.parse(body);
+              } catch {
+                error = error || new Error(`Failed to send message. HTTP ${response.status}`);
+              }
+              throw error;
+            },
+            onclose() {
+              if (debug) {
+                console.debug('Server closed the connection unexpectedly, returning...');
+              }
+              // workaround for private API not sending [DONE] event
+              if (!done) {
+                onProgress('[DONE]');
+                resolve();
+              }
+            },
+            onerror(err) {
+              if (debug) {
+                console.debug(err);
+              }
+              // rethrow to stop the operation
+              throw err;
+            },
+            onmessage(message) {
+              if (debug) {
+                console.debug(message);
+              }
+              if (!message.data || message.event === 'ping') {
+                return;
+              }
+              if (message.data === '[DONE]') {
+                onProgress('[DONE]');
+                resolve();
+                done = true;
+                return;
+              }
+              onProgress(JSON.parse(message.data));
+            },
+          });
+        } catch (err) {
+          reject(err);
+        }
+      });
+    }
+    const response = await fetch(completionsURL, {
+      ...opts,
+      signal: abortController.signal,
+    });
+    if (response.status !== 200) {
+      const body = await response.text();
+      const error = new Error(`Failed to send message. HTTP ${response.status} - ${body}`);
+      error.status = response.status;
+      try {
+        error.json = JSON.parse(body);
+      } catch {
+        error.body = body;
+      }
+      throw error;
+    }
+    return response.json();
+  }
+
+  /** @type {cohereChatCompletion} */
+  async cohereChatCompletion({ payload, onTokenProgress }) {
+    const cohere = new CohereClient({
+      token: this.apiKey,
+      environment: this.completionsUrl,
+    });
+
+    if (!payload.stream) {
+      const chatResponse = await cohere.chat(payload);
+      return chatResponse.text;
+    }
+
+    const chatStream = await cohere.chatStream(payload);
+    let reply = '';
+    for await (const message of chatStream) {
+      if (!message) {
+        continue;
+      }
+
+      if (message.eventType === 'text-generation' && message.text) {
+        onTokenProgress(message.text);
+        reply += message.text;
+      }
+      /*
+      Cohere API Chinese Unicode character replacement hotfix.
+      Should be un-commented when the following issue is resolved:
+      https://github.com/cohere-ai/cohere-typescript/issues/151
+
+      else if (message.eventType === 'stream-end' && message.response) {
+        reply = message.response.text;
+      }
+      */
+    }
+
+    return reply;
+  }
+
+  async generateTitle(userMessage, botMessage) {
+    const instructionsPayload = {
+      role: 'system',
+      content: `Write an extremely concise subtitle for this conversation with no more than a few words. All words should be capitalized. Exclude punctuation.
+
+||>Message:
+${userMessage.message}
+||>Response:
+${botMessage.message}
+
+||>Title:`,
+    };
+
+    const titleGenClientOptions = JSON.parse(JSON.stringify(this.options));
+    titleGenClientOptions.modelOptions = {
+      model: 'gpt-3.5-turbo',
+      temperature: 0,
+      presence_penalty: 0,
+      frequency_penalty: 0,
+    };
+    const titleGenClient = new ChatGPTClient(this.apiKey, titleGenClientOptions);
+    const result = await titleGenClient.getCompletion([instructionsPayload], null);
+    // remove any non-alphanumeric characters, replace multiple spaces with 1, and then trim
+    return result.choices[0].message.content
+      .replace(/[^a-zA-Z0-9' ]/g, '')
+      .replace(/\s+/g, ' ')
+      .trim();
+  }
+
+  async sendMessage(message, opts = {}) {
+    if (opts.clientOptions && typeof opts.clientOptions === 'object') {
+      this.setOptions(opts.clientOptions);
+    }
+
+    const conversationId = opts.conversationId || crypto.randomUUID();
+    const parentMessageId = opts.parentMessageId || crypto.randomUUID();
+
+    let conversation =
+      typeof opts.conversation === 'object'
+        ? opts.conversation
+        : await this.conversationsCache.get(conversationId);
+
+    let isNewConversation = false;
+    if (!conversation) {
+      conversation = {
+        messages: [],
+        createdAt: Date.now(),
+      };
+      isNewConversation = true;
+    }
+
+    const shouldGenerateTitle = opts.shouldGenerateTitle && isNewConversation;
+
+    const userMessage = {
+      id: crypto.randomUUID(),
+      parentMessageId,
+      role: 'User',
+      message,
+    };
+    conversation.messages.push(userMessage);
+
+    // Doing it this way instead of having each message be a separate element in the array seems to be more reliable,
+    // especially when it comes to keeping the AI in character. It also seems to improve coherency and context retention.
+    const { prompt: payload, context } = await this.buildPrompt(
+      conversation.messages,
+      userMessage.id,
+      {
+        isChatGptModel: this.isChatGptModel,
+        promptPrefix: opts.promptPrefix,
+      },
+    );
+
+    if (this.options.keepNecessaryMessagesOnly) {
+      conversation.messages = context;
+    }
+
+    let reply = '';
+    let result = null;
+    if (typeof opts.onProgress === 'function') {
+      await this.getCompletion(
+        payload,
+        (progressMessage) => {
+          if (progressMessage === '[DONE]') {
+            return;
+          }
+          const token = this.isChatGptModel
+            ? progressMessage.choices[0].delta.content
+            : progressMessage.choices[0].text;
+          // first event's delta content is always undefined
+          if (!token) {
+            return;
+          }
+          if (this.options.debug) {
+            console.debug(token);
+          }
+          if (token === this.endToken) {
+            return;
+          }
+          opts.onProgress(token);
+          reply += token;
+        },
+        opts.abortController || new AbortController(),
+      );
+    } else {
+      result = await this.getCompletion(
+        payload,
+        null,
+        opts.abortController || new AbortController(),
+      );
+      if (this.options.debug) {
+        console.debug(JSON.stringify(result));
+      }
+      if (this.isChatGptModel) {
+        reply = result.choices[0].message.content;
+      } else {
+        reply = result.choices[0].text.replace(this.endToken, '');
+      }
+    }
+
+    // avoids some rendering issues when using the CLI app
+    if (this.options.debug) {
+      console.debug();
+    }
+
+    reply = reply.trim();
+
+    const replyMessage = {
+      id: crypto.randomUUID(),
+      parentMessageId: userMessage.id,
+      role: 'ChatGPT',
+      message: reply,
+    };
+    conversation.messages.push(replyMessage);
+
+    const returnData = {
+      response: replyMessage.message,
+      conversationId,
+      parentMessageId: replyMessage.parentMessageId,
+      messageId: replyMessage.id,
+      details: result || {},
+    };
+
+    if (shouldGenerateTitle) {
+      conversation.title = await this.generateTitle(userMessage, replyMessage);
+      returnData.title = conversation.title;
+    }
+
+    await this.conversationsCache.set(conversationId, conversation);
+
+    if (this.options.returnConversation) {
+      returnData.conversation = conversation;
+    }
+
+    return returnData;
+  }
+
+  async buildPrompt(messages, { isChatGptModel = false, promptPrefix = null }) {
+    promptPrefix = (promptPrefix || this.options.promptPrefix || '').trim();
+
+    // Handle attachments and create augmentedPrompt
+    if (this.options.attachments) {
+      const attachments = await this.options.attachments;
+      const lastMessage = messages[messages.length - 1];
+
+      if (this.message_file_map) {
+        this.message_file_map[lastMessage.messageId] = attachments;
+      } else {
+        this.message_file_map = {
+          [lastMessage.messageId]: attachments,
+        };
+      }
+
+      const files = await this.addImageURLs(lastMessage, attachments);
+      this.options.attachments = files;
+
+      this.contextHandlers = createContextHandlers(this.options.req, lastMessage.text);
+    }
+
+    if (this.message_file_map) {
+      this.contextHandlers = createContextHandlers(
+        this.options.req,
+        messages[messages.length - 1].text,
+      );
+    }
+
+    // Calculate image token cost and process embedded files
+    messages.forEach((message, i) => {
+      if (this.message_file_map && this.message_file_map[message.messageId]) {
+        const attachments = this.message_file_map[message.messageId];
+        for (const file of attachments) {
+          if (file.embedded) {
+            this.contextHandlers?.processFile(file);
+            continue;
+          }
+
+          messages[i].tokenCount =
+            (messages[i].tokenCount || 0) +
+            this.calculateImageTokenCost({
+              width: file.width,
+              height: file.height,
+              detail: this.options.imageDetail ?? ImageDetail.auto,
+            });
+        }
+      }
+    });
+
+    if (this.contextHandlers) {
+      this.augmentedPrompt = await this.contextHandlers.createContext();
+      promptPrefix = this.augmentedPrompt + promptPrefix;
+    }
+
+    if (promptPrefix) {
+      // If the prompt prefix doesn't end with the end token, add it.
+      if (!promptPrefix.endsWith(`${this.endToken}`)) {
+        promptPrefix = `${promptPrefix.trim()}${this.endToken}\n\n`;
+      }
+      promptPrefix = `${this.startToken}Instructions:\n${promptPrefix}`;
+    }
+    const promptSuffix = `${this.startToken}${this.chatGptLabel}:\n`; // Prompt ChatGPT to respond.
+
+    const instructionsPayload = {
+      role: 'system',
+      content: promptPrefix,
+    };
+
+    const messagePayload = {
+      role: 'system',
+      content: promptSuffix,
+    };
+
+    let currentTokenCount;
+    if (isChatGptModel) {
+      currentTokenCount =
+        this.getTokenCountForMessage(instructionsPayload) +
+        this.getTokenCountForMessage(messagePayload);
+    } else {
+      currentTokenCount = this.getTokenCount(`${promptPrefix}${promptSuffix}`);
+    }
+    let promptBody = '';
+    const maxTokenCount = this.maxPromptTokens;
+
+    const context = [];
+
+    // Iterate backwards through the messages, adding them to the prompt until we reach the max token count.
+    // Do this within a recursive async function so that it doesn't block the event loop for too long.
+    const buildPromptBody = async () => {
+      if (currentTokenCount < maxTokenCount && messages.length > 0) {
+        const message = messages.pop();
+        const roleLabel =
+          message?.isCreatedByUser || message?.role?.toLowerCase() === 'user'
+            ? this.userLabel
+            : this.chatGptLabel;
+        const messageString = `${this.startToken}${roleLabel}:\n${
+          message?.text ?? message?.message
+        }${this.endToken}\n`;
+        let newPromptBody;
+        if (promptBody || isChatGptModel) {
+          newPromptBody = `${messageString}${promptBody}`;
+        } else {
+          // Always insert prompt prefix before the last user message, if not gpt-3.5-turbo.
+          // This makes the AI obey the prompt instructions better, which is important for custom instructions.
+          // After a bunch of testing, it doesn't seem to cause the AI any confusion, even if you ask it things
+          // like "what's the last thing I wrote?".
+          newPromptBody = `${promptPrefix}${messageString}${promptBody}`;
+        }
+
+        context.unshift(message);
+
+        const tokenCountForMessage = this.getTokenCount(messageString);
+        const newTokenCount = currentTokenCount + tokenCountForMessage;
+        if (newTokenCount > maxTokenCount) {
+          if (promptBody) {
+            // This message would put us over the token limit, so don't add it.
+            return false;
+          }
+          // This is the first message, so we can't add it. Just throw an error.
+          throw new Error(
+            `Prompt is too long. Max token count is ${maxTokenCount}, but prompt is ${newTokenCount} tokens long.`,
+          );
+        }
+        promptBody = newPromptBody;
+        currentTokenCount = newTokenCount;
+        // wait for next tick to avoid blocking the event loop
+        await new Promise((resolve) => setImmediate(resolve));
+        return buildPromptBody();
+      }
+      return true;
+    };
+
+    await buildPromptBody();
+
+    const prompt = `${promptBody}${promptSuffix}`;
+    if (isChatGptModel) {
+      messagePayload.content = prompt;
+      // Add 3 tokens for Assistant Label priming after all messages have been counted.
+      currentTokenCount += 3;
+    }
+
+    // Use up to `this.maxContextTokens` tokens (prompt + response), but try to leave `this.maxTokens` tokens for the response.
+    this.modelOptions.max_tokens = Math.min(
+      this.maxContextTokens - currentTokenCount,
+      this.maxResponseTokens,
+    );
+
+    if (isChatGptModel) {
+      return { prompt: [instructionsPayload, messagePayload], context };
+    }
+    return { prompt, context, promptTokens: currentTokenCount };
+  }
+
+  getTokenCount(text) {
+    return this.gptEncoder.encode(text, 'all').length;
+  }
+
+  /**
+   * Algorithm adapted from "6. Counting tokens for chat API calls" of
+   * https://github.com/openai/openai-cookbook/blob/main/examples/How_to_count_tokens_with_tiktoken.ipynb
+   *
+   * An additional 3 tokens need to be added for assistant label priming after all messages have been counted.
+   *
+   * @param {Object} message
+   */
+  getTokenCountForMessage(message) {
+    // Note: gpt-3.5-turbo and gpt-4 may update over time. Use default for these as well as for unknown models
+    let tokensPerMessage = 3;
+    let tokensPerName = 1;
+
+    if (this.modelOptions.model === 'gpt-3.5-turbo-0301') {
+      tokensPerMessage = 4;
+      tokensPerName = -1;
+    }
+
+    let numTokens = tokensPerMessage;
+    for (let [key, value] of Object.entries(message)) {
+      numTokens += this.getTokenCount(value);
+      if (key === 'name') {
+        numTokens += tokensPerName;
+      }
+    }
+
+    return numTokens;
+  }
+}
+
+module.exports = ChatGPTClient;

api/app/clients/GoogleClient.js

@@ -1,7 +1,7 @@
 const { google } = require('googleapis');
+const { Tokenizer } = require('@librechat/api');
 const { concat } = require('@langchain/core/utils/stream');
 const { ChatVertexAI } = require('@langchain/google-vertexai');
-const { Tokenizer, getSafetySettings } = require('@librechat/api');
 const { ChatGoogleGenerativeAI } = require('@langchain/google-genai');
 const { GoogleGenerativeAI: GenAI } = require('@google/generative-ai');
 const { HumanMessage, SystemMessage } = require('@langchain/core/messages');
@@ -12,13 +12,13 @@ const {
   endpointSettings,
   parseTextParts,
   EModelEndpoint,
-  googleSettings,
   ContentTypes,
   VisionModes,
   ErrorTypes,
   Constants,
   AuthKeys,
 } = require('librechat-data-provider');
+const { getSafetySettings } = require('~/server/services/Endpoints/google/llm');
 const { encodeAndFormat } = require('~/server/services/Files/images');
 const { spendTokens } = require('~/models/spendTokens');
 const { getModelMaxTokens } = require('~/utils');
@@ -166,16 +166,6 @@ class GoogleClient extends BaseClient {
       );
     }
 
-    // Add thinking configuration
-    this.modelOptions.thinkingConfig = {
-      thinkingBudget:
-        (this.modelOptions.thinking ?? googleSettings.thinking.default)
-          ? this.modelOptions.thinkingBudget
-          : 0,
-    };
-    delete this.modelOptions.thinking;
-    delete this.modelOptions.thinkingBudget;
-
     this.sender =
       this.options.sender ??
       getResponseSender({

api/app/clients/OpenAIClient.js

@@ -5,7 +5,6 @@ const {
   isEnabled,
   Tokenizer,
   createFetch,
-  resolveHeaders,
   constructAzureURL,
   genAzureChatCompletion,
   createStreamEventHandlers,
@@ -16,6 +15,7 @@ const {
   ContentTypes,
   parseTextParts,
   EModelEndpoint,
+  resolveHeaders,
   KnownEndpoints,
   openAISettings,
   ImageDetailCost,
@@ -37,6 +37,7 @@ const { addSpaceIfNeeded, sleep } = require('~/server/utils');
 const { spendTokens } = require('~/models/spendTokens');
 const { handleOpenAIErrors } = require('./tools/util');
 const { createLLM, RunManager } = require('./llm');
+const ChatGPTClient = require('./ChatGPTClient');
 const { summaryBuffer } = require('./memory');
 const { runTitleChain } = require('./chains');
 const { tokenSplit } = require('./document');
@@ -46,6 +47,12 @@ const { logger } = require('~/config');
 class OpenAIClient extends BaseClient {
   constructor(apiKey, options = {}) {
     super(apiKey, options);
+    this.ChatGPTClient = new ChatGPTClient();
+    this.buildPrompt = this.ChatGPTClient.buildPrompt.bind(this);
+    /** @type {getCompletion} */
+    this.getCompletion = this.ChatGPTClient.getCompletion.bind(this);
+    /** @type {cohereChatCompletion} */
+    this.cohereChatCompletion = this.ChatGPTClient.cohereChatCompletion.bind(this);
     this.contextStrategy = options.contextStrategy
       ? options.contextStrategy.toLowerCase()
       : 'discard';
@@ -372,12 +379,23 @@ class OpenAIClient extends BaseClient {
     return files;
   }
 
-  async buildMessages(messages, parentMessageId, { promptPrefix = null }, opts) {
+  async buildMessages(
+    messages,
+    parentMessageId,
+    { isChatCompletion = false, promptPrefix = null },
+    opts,
+  ) {
     let orderedMessages = this.constructor.getMessagesForConversation({
       messages,
       parentMessageId,
       summary: this.shouldSummarize,
     });
+    if (!isChatCompletion) {
+      return await this.buildPrompt(orderedMessages, {
+        isChatGptModel: isChatCompletion,
+        promptPrefix,
+      });
+    }
 
     let payload;
     let instructions;
@@ -1141,7 +1159,6 @@ ${convo}
       logger.debug('[OpenAIClient] chatCompletion', { baseURL, modelOptions });
       const opts = {
         baseURL,
-        fetchOptions: {},
       };
 
       if (this.useOpenRouter) {
@@ -1160,7 +1177,7 @@ ${convo}
       }
 
       if (this.options.proxy) {
-        opts.fetchOptions.agent = new HttpsProxyAgent(this.options.proxy);
+        opts.httpAgent = new HttpsProxyAgent(this.options.proxy);
       }
 
       /** @type {TAzureConfig | undefined} */
@@ -1378,7 +1395,7 @@ ${convo}
           ...modelOptions,
           stream: true,
         };
-        const stream = await openai.chat.completions
+        const stream = await openai.beta.chat.completions
           .stream(params)
           .on('abort', () => {
             /* Do nothing here */

api/app/clients/PluginsClient.js

@@ -0,0 +1,542 @@
+const OpenAIClient = require('./OpenAIClient');
+const { CallbackManager } = require('@langchain/core/callbacks/manager');
+const { BufferMemory, ChatMessageHistory } = require('langchain/memory');
+const { addImages, buildErrorInput, buildPromptPrefix } = require('./output_parsers');
+const { initializeCustomAgent, initializeFunctionsAgent } = require('./agents');
+const { processFileURL } = require('~/server/services/Files/process');
+const { EModelEndpoint } = require('librechat-data-provider');
+const { checkBalance } = require('~/models/balanceMethods');
+const { formatLangChainMessages } = require('./prompts');
+const { extractBaseURL } = require('~/utils');
+const { loadTools } = require('./tools/util');
+const { logger } = require('~/config');
+
+class PluginsClient extends OpenAIClient {
+  constructor(apiKey, options = {}) {
+    super(apiKey, options);
+    this.sender = options.sender ?? 'Assistant';
+    this.tools = [];
+    this.actions = [];
+    this.setOptions(options);
+    this.openAIApiKey = this.apiKey;
+    this.executor = null;
+  }
+
+  setOptions(options) {
+    this.agentOptions = { ...options.agentOptions };
+    this.functionsAgent = this.agentOptions?.agent === 'functions';
+    this.agentIsGpt3 = this.agentOptions?.model?.includes('gpt-3');
+
+    super.setOptions(options);
+
+    this.isGpt3 = this.modelOptions?.model?.includes('gpt-3');
+
+    if (this.options.reverseProxyUrl) {
+      this.langchainProxy = extractBaseURL(this.options.reverseProxyUrl);
+    }
+  }
+
+  getSaveOptions() {
+    return {
+      artifacts: this.options.artifacts,
+      chatGptLabel: this.options.chatGptLabel,
+      modelLabel: this.options.modelLabel,
+      promptPrefix: this.options.promptPrefix,
+      tools: this.options.tools,
+      ...this.modelOptions,
+      agentOptions: this.agentOptions,
+      iconURL: this.options.iconURL,
+      greeting: this.options.greeting,
+      spec: this.options.spec,
+    };
+  }
+
+  saveLatestAction(action) {
+    this.actions.push(action);
+  }
+
+  getFunctionModelName(input) {
+    if (/-(?!0314)\d{4}/.test(input)) {
+      return input;
+    } else if (input.includes('gpt-3.5-turbo')) {
+      return 'gpt-3.5-turbo';
+    } else if (input.includes('gpt-4')) {
+      return 'gpt-4';
+    } else {
+      return 'gpt-3.5-turbo';
+    }
+  }
+
+  getBuildMessagesOptions(opts) {
+    return {
+      isChatCompletion: true,
+      promptPrefix: opts.promptPrefix,
+      abortController: opts.abortController,
+    };
+  }
+
+  async initialize({ user, message, onAgentAction, onChainEnd, signal }) {
+    const modelOptions = {
+      modelName: this.agentOptions.model,
+      temperature: this.agentOptions.temperature,
+    };
+
+    const model = this.initializeLLM({
+      ...modelOptions,
+      context: 'plugins',
+      initialMessageCount: this.currentMessages.length + 1,
+    });
+
+    logger.debug(
+      `[PluginsClient] Agent Model: ${model.modelName} | Temp: ${model.temperature} | Functions: ${this.functionsAgent}`,
+    );
+
+    // Map Messages to Langchain format
+    const pastMessages = formatLangChainMessages(this.currentMessages.slice(0, -1), {
+      userName: this.options?.name,
+    });
+    logger.debug('[PluginsClient] pastMessages: ' + pastMessages.length);
+
+    // TODO: use readOnly memory, TokenBufferMemory? (both unavailable in LangChainJS)
+    const memory = new BufferMemory({
+      llm: model,
+      chatHistory: new ChatMessageHistory(pastMessages),
+    });
+
+    const { loadedTools } = await loadTools({
+      user,
+      model,
+      tools: this.options.tools,
+      functions: this.functionsAgent,
+      options: {
+        memory,
+        signal: this.abortController.signal,
+        openAIApiKey: this.openAIApiKey,
+        conversationId: this.conversationId,
+        fileStrategy: this.options.req.app.locals.fileStrategy,
+        processFileURL,
+        message,
+      },
+      useSpecs: true,
+    });
+
+    if (loadedTools.length === 0) {
+      return;
+    }
+
+    this.tools = loadedTools;
+
+    logger.debug('[PluginsClient] Requested Tools', this.options.tools);
+    logger.debug(
+      '[PluginsClient] Loaded Tools',
+      this.tools.map((tool) => tool.name),
+    );
+
+    const handleAction = (action, runId, callback = null) => {
+      this.saveLatestAction(action);
+
+      logger.debug('[PluginsClient] Latest Agent Action ', this.actions[this.actions.length - 1]);
+
+      if (typeof callback === 'function') {
+        callback(action, runId);
+      }
+    };
+
+    // initialize agent
+    const initializer = this.functionsAgent ? initializeFunctionsAgent : initializeCustomAgent;
+
+    let customInstructions = (this.options.promptPrefix ?? '').trim();
+    if (typeof this.options.artifactsPrompt === 'string' && this.options.artifactsPrompt) {
+      customInstructions = `${customInstructions ?? ''}\n${this.options.artifactsPrompt}`.trim();
+    }
+
+    this.executor = await initializer({
+      model,
+      signal,
+      pastMessages,
+      tools: this.tools,
+      customInstructions,
+      verbose: this.options.debug,
+      returnIntermediateSteps: true,
+      customName: this.options.chatGptLabel,
+      currentDateString: this.currentDateString,
+      callbackManager: CallbackManager.fromHandlers({
+        async handleAgentAction(action, runId) {
+          handleAction(action, runId, onAgentAction);
+        },
+        async handleChainEnd(action) {
+          if (typeof onChainEnd === 'function') {
+            onChainEnd(action);
+          }
+        },
+      }),
+    });
+
+    logger.debug('[PluginsClient] Loaded agent.');
+  }
+
+  async executorCall(message, { signal, stream, onToolStart, onToolEnd }) {
+    let errorMessage = '';
+    const maxAttempts = 1;
+
+    for (let attempts = 1; attempts <= maxAttempts; attempts++) {
+      const errorInput = buildErrorInput({
+        message,
+        errorMessage,
+        actions: this.actions,
+        functionsAgent: this.functionsAgent,
+      });
+      const input = attempts > 1 ? errorInput : message;
+
+      logger.debug(`[PluginsClient] Attempt ${attempts} of ${maxAttempts}`);
+
+      if (errorMessage.length > 0) {
+        logger.debug('[PluginsClient] Caught error, input: ' + JSON.stringify(input));
+      }
+
+      try {
+        this.result = await this.executor.call({ input, signal }, [
+          {
+            async handleToolStart(...args) {
+              await onToolStart(...args);
+            },
+            async handleToolEnd(...args) {
+              await onToolEnd(...args);
+            },
+            async handleLLMEnd(output) {
+              const { generations } = output;
+              const { text } = generations[0][0];
+              if (text && typeof stream === 'function') {
+                await stream(text);
+              }
+            },
+          },
+        ]);
+        break; // Exit the loop if the function call is successful
+      } catch (err) {
+        logger.error('[PluginsClient] executorCall error:', err);
+        if (attempts === maxAttempts) {
+          const { run } = this.runManager.getRunByConversationId(this.conversationId);
+          const defaultOutput = `Encountered an error while attempting to respond: ${err.message}`;
+          this.result.output = run && run.error ? run.error : defaultOutput;
+          this.result.errorMessage = run && run.error ? run.error : err.message;
+          this.result.intermediateSteps = this.actions;
+          break;
+        }
+      }
+    }
+  }
+
+  /**
+   *
+   * @param {TMessage} responseMessage
+   * @param {Partial<TMessage>} saveOptions
+   * @param {string} user
+   * @returns
+   */
+  async handleResponseMessage(responseMessage, saveOptions, user) {
+    const { output, errorMessage, ...result } = this.result;
+    logger.debug('[PluginsClient][handleResponseMessage] Output:', {
+      output,
+      errorMessage,
+      ...result,
+    });
+    const { error } = responseMessage;
+    if (!error) {
+      responseMessage.tokenCount = this.getTokenCountForResponse(responseMessage);
+      responseMessage.completionTokens = this.getTokenCount(responseMessage.text);
+    }
+
+    // Record usage only when completion is skipped as it is already recorded in the agent phase.
+    if (!this.agentOptions.skipCompletion && !error) {
+      await this.recordTokenUsage(responseMessage);
+    }
+
+    const databasePromise = this.saveMessageToDatabase(responseMessage, saveOptions, user);
+    delete responseMessage.tokenCount;
+    return { ...responseMessage, ...result, databasePromise };
+  }
+
+  async sendMessage(message, opts = {}) {
+    /** @type {Promise<TMessage>} */
+    let userMessagePromise;
+    /** @type {{ filteredTools: string[], includedTools: string[] }} */
+    const { filteredTools = [], includedTools = [] } = this.options.req.app.locals;
+
+    if (includedTools.length > 0) {
+      const tools = this.options.tools.filter((plugin) => includedTools.includes(plugin));
+      this.options.tools = tools;
+    } else {
+      const tools = this.options.tools.filter((plugin) => !filteredTools.includes(plugin));
+      this.options.tools = tools;
+    }
+
+    // If a message is edited, no tools can be used.
+    const completionMode = this.options.tools.length === 0 || opts.isEdited;
+    if (completionMode) {
+      this.setOptions(opts);
+      return super.sendMessage(message, opts);
+    }
+
+    logger.debug('[PluginsClient] sendMessage', { userMessageText: message, opts });
+    const {
+      user,
+      conversationId,
+      responseMessageId,
+      saveOptions,
+      userMessage,
+      onAgentAction,
+      onChainEnd,
+      onToolStart,
+      onToolEnd,
+    } = await this.handleStartMethods(message, opts);
+
+    if (opts.progressCallback) {
+      opts.onProgress = opts.progressCallback.call(null, {
+        ...(opts.progressOptions ?? {}),
+        parentMessageId: userMessage.messageId,
+        messageId: responseMessageId,
+      });
+    }
+
+    this.currentMessages.push(userMessage);
+
+    let {
+      prompt: payload,
+      tokenCountMap,
+      promptTokens,
+    } = await this.buildMessages(
+      this.currentMessages,
+      userMessage.messageId,
+      this.getBuildMessagesOptions({
+        promptPrefix: null,
+        abortController: this.abortController,
+      }),
+    );
+
+    if (tokenCountMap) {
+      logger.debug('[PluginsClient] tokenCountMap', { tokenCountMap });
+      if (tokenCountMap[userMessage.messageId]) {
+        userMessage.tokenCount = tokenCountMap[userMessage.messageId];
+        logger.debug('[PluginsClient] userMessage.tokenCount', userMessage.tokenCount);
+      }
+      this.handleTokenCountMap(tokenCountMap);
+    }
+
+    this.result = {};
+    if (payload) {
+      this.currentMessages = payload;
+    }
+
+    if (!this.skipSaveUserMessage) {
+      userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
+      if (typeof opts?.getReqData === 'function') {
+        opts.getReqData({
+          userMessagePromise,
+        });
+      }
+    }
+
+    const balance = this.options.req?.app?.locals?.balance;
+    if (balance?.enabled) {
+      await checkBalance({
+        req: this.options.req,
+        res: this.options.res,
+        txData: {
+          user: this.user,
+          tokenType: 'prompt',
+          amount: promptTokens,
+          debug: this.options.debug,
+          model: this.modelOptions.model,
+          endpoint: EModelEndpoint.openAI,
+        },
+      });
+    }
+
+    const responseMessage = {
+      endpoint: EModelEndpoint.gptPlugins,
+      iconURL: this.options.iconURL,
+      messageId: responseMessageId,
+      conversationId,
+      parentMessageId: userMessage.messageId,
+      isCreatedByUser: false,
+      model: this.modelOptions.model,
+      sender: this.sender,
+      promptTokens,
+    };
+
+    await this.initialize({
+      user,
+      message,
+      onAgentAction,
+      onChainEnd,
+      signal: this.abortController.signal,
+      onProgress: opts.onProgress,
+    });
+
+    // const stream = async (text) => {
+    //   await this.generateTextStream.call(this, text, opts.onProgress, { delay: 1 });
+    // };
+    await this.executorCall(message, {
+      signal: this.abortController.signal,
+      // stream,
+      onToolStart,
+      onToolEnd,
+    });
+
+    // If message was aborted mid-generation
+    if (this.result?.errorMessage?.length > 0 && this.result?.errorMessage?.includes('cancel')) {
+      responseMessage.text = 'Cancelled.';
+      return await this.handleResponseMessage(responseMessage, saveOptions, user);
+    }
+
+    // If error occurred during generation (likely token_balance)
+    if (this.result?.errorMessage?.length > 0) {
+      responseMessage.error = true;
+      responseMessage.text = this.result.output;
+      return await this.handleResponseMessage(responseMessage, saveOptions, user);
+    }
+
+    if (this.agentOptions.skipCompletion && this.result.output && this.functionsAgent) {
+      const partialText = opts.getPartialText();
+      const trimmedPartial = opts.getPartialText().replaceAll(':::plugin:::\n', '');
+      responseMessage.text =
+        trimmedPartial.length === 0 ? `${partialText}${this.result.output}` : partialText;
+      addImages(this.result.intermediateSteps, responseMessage);
+      await this.generateTextStream(this.result.output, opts.onProgress, { delay: 5 });
+      return await this.handleResponseMessage(responseMessage, saveOptions, user);
+    }
+
+    if (this.agentOptions.skipCompletion && this.result.output) {
+      responseMessage.text = this.result.output;
+      addImages(this.result.intermediateSteps, responseMessage);
+      await this.generateTextStream(this.result.output, opts.onProgress, { delay: 5 });
+      return await this.handleResponseMessage(responseMessage, saveOptions, user);
+    }
+
+    logger.debug('[PluginsClient] Completion phase: this.result', this.result);
+
+    const promptPrefix = buildPromptPrefix({
+      result: this.result,
+      message,
+      functionsAgent: this.functionsAgent,
+    });
+
+    logger.debug('[PluginsClient]', { promptPrefix });
+
+    payload = await this.buildCompletionPrompt({
+      messages: this.currentMessages,
+      promptPrefix,
+    });
+
+    logger.debug('[PluginsClient] buildCompletionPrompt Payload', payload);
+    responseMessage.text = await this.sendCompletion(payload, opts);
+    return await this.handleResponseMessage(responseMessage, saveOptions, user);
+  }
+
+  async buildCompletionPrompt({ messages, promptPrefix: _promptPrefix }) {
+    logger.debug('[PluginsClient] buildCompletionPrompt messages', messages);
+
+    const orderedMessages = messages;
+    let promptPrefix = _promptPrefix.trim();
+    // If the prompt prefix doesn't end with the end token, add it.
+    if (!promptPrefix.endsWith(`${this.endToken}`)) {
+      promptPrefix = `${promptPrefix.trim()}${this.endToken}\n\n`;
+    }
+    promptPrefix = `${this.startToken}Instructions:\n${promptPrefix}`;
+    const promptSuffix = `${this.startToken}${this.chatGptLabel ?? 'Assistant'}:\n`;
+
+    const instructionsPayload = {
+      role: 'system',
+      content: promptPrefix,
+    };
+
+    const messagePayload = {
+      role: 'system',
+      content: promptSuffix,
+    };
+
+    if (this.isGpt3) {
+      instructionsPayload.role = 'user';
+      messagePayload.role = 'user';
+      instructionsPayload.content += `\n${promptSuffix}`;
+    }
+
+    // testing if this works with browser endpoint
+    if (!this.isGpt3 && this.options.reverseProxyUrl) {
+      instructionsPayload.role = 'user';
+    }
+
+    let currentTokenCount =
+      this.getTokenCountForMessage(instructionsPayload) +
+      this.getTokenCountForMessage(messagePayload);
+
+    let promptBody = '';
+    const maxTokenCount = this.maxPromptTokens;
+    // Iterate backwards through the messages, adding them to the prompt until we reach the max token count.
+    // Do this within a recursive async function so that it doesn't block the event loop for too long.
+    const buildPromptBody = async () => {
+      if (currentTokenCount < maxTokenCount && orderedMessages.length > 0) {
+        const message = orderedMessages.pop();
+        const isCreatedByUser = message.isCreatedByUser || message.role?.toLowerCase() === 'user';
+        const roleLabel = isCreatedByUser ? this.userLabel : this.chatGptLabel;
+        let messageString = `${this.startToken}${roleLabel}:\n${
+          message.text ?? message.content ?? ''
+        }${this.endToken}\n`;
+        let newPromptBody = `${messageString}${promptBody}`;
+
+        const tokenCountForMessage = this.getTokenCount(messageString);
+        const newTokenCount = currentTokenCount + tokenCountForMessage;
+        if (newTokenCount > maxTokenCount) {
+          if (promptBody) {
+            // This message would put us over the token limit, so don't add it.
+            return false;
+          }
+          // This is the first message, so we can't add it. Just throw an error.
+          throw new Error(
+            `Prompt is too long. Max token count is ${maxTokenCount}, but prompt is ${newTokenCount} tokens long.`,
+          );
+        }
+        promptBody = newPromptBody;
+        currentTokenCount = newTokenCount;
+        // wait for next tick to avoid blocking the event loop
+        await new Promise((resolve) => setTimeout(resolve, 0));
+        return buildPromptBody();
+      }
+      return true;
+    };
+
+    await buildPromptBody();
+    const prompt = promptBody;
+    messagePayload.content = prompt;
+    // Add 2 tokens for metadata after all messages have been counted.
+    currentTokenCount += 2;
+
+    if (this.isGpt3 && messagePayload.content.length > 0) {
+      const context = 'Chat History:\n';
+      messagePayload.content = `${context}${prompt}`;
+      currentTokenCount += this.getTokenCount(context);
+    }
+
+    // Use up to `this.maxContextTokens` tokens (prompt + response), but try to leave `this.maxTokens` tokens for the response.
+    this.modelOptions.max_tokens = Math.min(
+      this.maxContextTokens - currentTokenCount,
+      this.maxResponseTokens,
+    );
+
+    if (this.isGpt3) {
+      messagePayload.content += promptSuffix;
+      return [instructionsPayload, messagePayload];
+    }
+
+    const result = [messagePayload, instructionsPayload];
+
+    if (this.functionsAgent && !this.isGpt3) {
+      result[1].content = `${result[1].content}\n${this.startToken}${this.chatGptLabel}:\nSure thing! Here is the output you requested:\n`;
+    }
+
+    return result.filter((message) => message.content.length > 0);
+  }
+}
+
+module.exports = PluginsClient;

api/app/clients/index.js

@@ -1,11 +1,15 @@
+const ChatGPTClient = require('./ChatGPTClient');
 const OpenAIClient = require('./OpenAIClient');
+const PluginsClient = require('./PluginsClient');
 const GoogleClient = require('./GoogleClient');
 const TextStream = require('./TextStream');
 const AnthropicClient = require('./AnthropicClient');
 const toolUtils = require('./tools/util');
 
 module.exports = {
+  ChatGPTClient,
   OpenAIClient,
+  PluginsClient,
   GoogleClient,
   TextStream,
   AnthropicClient,

api/app/clients/prompts/createContextHandlers.js

@@ -1,7 +1,6 @@
 const axios = require('axios');
-const { isEnabled } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
-const { generateShortLivedToken } = require('~/server/services/AuthService');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const footer = `Use the context as your learned knowledge to better answer the user.
 
@@ -19,7 +18,7 @@ function createContextHandlers(req, userMessageContent) {
   const queryPromises = [];
   const processedFiles = [];
   const processedIds = new Set();
-  const jwtToken = generateShortLivedToken(req.user.id);
+  const jwtToken = req.headers.authorization.split(' ')[1];
   const useFullContext = isEnabled(process.env.RAG_USE_FULL_CONTEXT);
 
   const query = async (file) => {
@@ -97,35 +96,35 @@ function createContextHandlers(req, userMessageContent) {
         resolvedQueries.length === 0
           ? '\n\tThe semantic search did not return any results.'
           : resolvedQueries
-              .map((queryResult, index) => {
-                const file = processedFiles[index];
-                let contextItems = queryResult.data;
+            .map((queryResult, index) => {
+              const file = processedFiles[index];
+              let contextItems = queryResult.data;
 
-                const generateContext = (currentContext) =>
-                  `
+              const generateContext = (currentContext) =>
+                `
           <file>
             <filename>${file.filename}</filename>
             <context>${currentContext}
             </context>
           </file>`;
 
-                if (useFullContext) {
-                  return generateContext(`\n${contextItems}`);
-                }
+              if (useFullContext) {
+                return generateContext(`\n${contextItems}`);
+              }
 
-                contextItems = queryResult.data
-                  .map((item) => {
-                    const pageContent = item[0].page_content;
-                    return `
+              contextItems = queryResult.data
+                .map((item) => {
+                  const pageContent = item[0].page_content;
+                  return `
             <contextItem>
               <![CDATA[${pageContent?.trim()}]]>
             </contextItem>`;
-                  })
-                  .join('');
+                })
+                .join('');
 
-                return generateContext(contextItems);
-              })
-              .join('');
+              return generateContext(contextItems);
+            })
+            .join('');
 
       if (useFullContext) {
         const prompt = `${header}

api/app/clients/prompts/formatMessages.js

@@ -237,9 +237,41 @@ const formatAgentMessages = (payload) => {
   return messages;
 };
 
+/**
+ * Formats an array of messages for LangChain, making sure all content fields are strings
+ * @param {Array<(HumanMessage|AIMessage|SystemMessage|ToolMessage)>} payload - The array of messages to format.
+ * @returns {Array<(HumanMessage|AIMessage|SystemMessage|ToolMessage)>} - The array of formatted LangChain messages, including ToolMessages for tool calls.
+ */
+const formatContentStrings = (payload) => {
+  const messages = [];
+
+  for (const message of payload) {
+    if (typeof message.content === 'string') {
+      continue;
+    }
+
+    if (!Array.isArray(message.content)) {
+      continue;
+    }
+
+    // Reduce text types to a single string, ignore all other types
+    const content = message.content.reduce((acc, curr) => {
+      if (curr.type === ContentTypes.TEXT) {
+        return `${acc}${curr[ContentTypes.TEXT]}\n`;
+      }
+      return acc;
+    }, '');
+
+    message.content = content.trim();
+  }
+
+  return messages;
+};
+
 module.exports = {
   formatMessage,
   formatFromLangChain,
   formatAgentMessages,
+  formatContentStrings,
   formatLangChainMessages,
 };

api/app/clients/specs/AnthropicClient.test.js

@@ -309,7 +309,7 @@ describe('AnthropicClient', () => {
       };
       client.setOptions({ modelOptions, promptCache: true });
       const anthropicClient = client.getClient(modelOptions);
-      expect(anthropicClient._options.defaultHeaders).toBeUndefined();
+      expect(anthropicClient.defaultHeaders).not.toHaveProperty('anthropic-beta');
     });
 
     it('should not add beta header for other models', () => {
@@ -320,7 +320,7 @@ describe('AnthropicClient', () => {
         },
       });
       const anthropicClient = client.getClient();
-      expect(anthropicClient._options.defaultHeaders).toBeUndefined();
+      expect(anthropicClient.defaultHeaders).not.toHaveProperty('anthropic-beta');
     });
   });
 

api/app/clients/specs/BaseClient.test.js

@@ -422,46 +422,6 @@ describe('BaseClient', () => {
       expect(response).toEqual(expectedResult);
     });
 
-    test('should replace responseMessageId with new UUID when isRegenerate is true and messageId ends with underscore', async () => {
-      const mockCrypto = require('crypto');
-      const newUUID = 'new-uuid-1234';
-      jest.spyOn(mockCrypto, 'randomUUID').mockReturnValue(newUUID);
-
-      const opts = {
-        isRegenerate: true,
-        responseMessageId: 'existing-message-id_',
-      };
-
-      await TestClient.setMessageOptions(opts);
-
-      expect(TestClient.responseMessageId).toBe(newUUID);
-      expect(TestClient.responseMessageId).not.toBe('existing-message-id_');
-
-      mockCrypto.randomUUID.mockRestore();
-    });
-
-    test('should not replace responseMessageId when isRegenerate is false', async () => {
-      const opts = {
-        isRegenerate: false,
-        responseMessageId: 'existing-message-id_',
-      };
-
-      await TestClient.setMessageOptions(opts);
-
-      expect(TestClient.responseMessageId).toBe('existing-message-id_');
-    });
-
-    test('should not replace responseMessageId when it does not end with underscore', async () => {
-      const opts = {
-        isRegenerate: true,
-        responseMessageId: 'existing-message-id',
-      };
-
-      await TestClient.setMessageOptions(opts);
-
-      expect(TestClient.responseMessageId).toBe('existing-message-id');
-    });
-
     test('sendMessage should work with provided conversationId and parentMessageId', async () => {
       const userMessage = 'Second message in the conversation';
       const opts = {

api/app/clients/specs/OpenAIClient.test.js

@@ -531,6 +531,44 @@ describe('OpenAIClient', () => {
     });
   });
 
+  describe('sendMessage/getCompletion/chatCompletion', () => {
+    afterEach(() => {
+      delete process.env.AZURE_OPENAI_DEFAULT_MODEL;
+      delete process.env.AZURE_USE_MODEL_AS_DEPLOYMENT_NAME;
+    });
+
+    it('should call getCompletion and fetchEventSource when using a text/instruct model', async () => {
+      const model = 'text-davinci-003';
+      const onProgress = jest.fn().mockImplementation(() => ({}));
+
+      const testClient = new OpenAIClient('test-api-key', {
+        ...defaultOptions,
+        modelOptions: { model },
+      });
+
+      const getCompletion = jest.spyOn(testClient, 'getCompletion');
+      await testClient.sendMessage('Hi mom!', { onProgress });
+
+      expect(getCompletion).toHaveBeenCalled();
+      expect(getCompletion.mock.calls.length).toBe(1);
+
+      expect(getCompletion.mock.calls[0][0]).toBe('||>User:\nHi mom!\n||>Assistant:\n');
+
+      expect(fetchEventSource).toHaveBeenCalled();
+      expect(fetchEventSource.mock.calls.length).toBe(1);
+
+      // Check if the first argument (url) is correct
+      const firstCallArgs = fetchEventSource.mock.calls[0];
+
+      const expectedURL = 'https://api.openai.com/v1/completions';
+      expect(firstCallArgs[0]).toBe(expectedURL);
+
+      const requestBody = JSON.parse(firstCallArgs[1].body);
+      expect(requestBody).toHaveProperty('model');
+      expect(requestBody.model).toBe(model);
+    });
+  });
+
   describe('checkVisionRequest functionality', () => {
     let client;
     const attachments = [{ type: 'image/png' }];

api/app/clients/specs/PluginsClient.test.js

@@ -0,0 +1,314 @@
+const crypto = require('crypto');
+const { Constants } = require('librechat-data-provider');
+const { HumanMessage, AIMessage } = require('@langchain/core/messages');
+const PluginsClient = require('../PluginsClient');
+
+jest.mock('~/db/connect');
+jest.mock('~/models/Conversation', () => {
+  return function () {
+    return {
+      save: jest.fn(),
+      deleteConvos: jest.fn(),
+    };
+  };
+});
+
+const defaultAzureOptions = {
+  azureOpenAIApiInstanceName: 'your-instance-name',
+  azureOpenAIApiDeploymentName: 'your-deployment-name',
+  azureOpenAIApiVersion: '2020-07-01-preview',
+};
+
+describe('PluginsClient', () => {
+  let TestAgent;
+  let options = {
+    tools: [],
+    modelOptions: {
+      model: 'gpt-3.5-turbo',
+      temperature: 0,
+      max_tokens: 2,
+    },
+    agentOptions: {
+      model: 'gpt-3.5-turbo',
+    },
+  };
+  let parentMessageId;
+  let conversationId;
+  const fakeMessages = [];
+  const userMessage = 'Hello, ChatGPT!';
+  const apiKey = 'fake-api-key';
+
+  beforeEach(() => {
+    TestAgent = new PluginsClient(apiKey, options);
+    TestAgent.loadHistory = jest
+      .fn()
+      .mockImplementation((conversationId, parentMessageId = null) => {
+        if (!conversationId) {
+          TestAgent.currentMessages = [];
+          return Promise.resolve([]);
+        }
+
+        const orderedMessages = TestAgent.constructor.getMessagesForConversation({
+          messages: fakeMessages,
+          parentMessageId,
+        });
+
+        const chatMessages = orderedMessages.map((msg) =>
+          msg?.isCreatedByUser || msg?.role?.toLowerCase() === 'user'
+            ? new HumanMessage(msg.text)
+            : new AIMessage(msg.text),
+        );
+
+        TestAgent.currentMessages = orderedMessages;
+        return Promise.resolve(chatMessages);
+      });
+    TestAgent.sendMessage = jest.fn().mockImplementation(async (message, opts = {}) => {
+      if (opts && typeof opts === 'object') {
+        TestAgent.setOptions(opts);
+      }
+      const conversationId = opts.conversationId || crypto.randomUUID();
+      const parentMessageId = opts.parentMessageId || Constants.NO_PARENT;
+      const userMessageId = opts.overrideParentMessageId || crypto.randomUUID();
+      this.pastMessages = await TestAgent.loadHistory(
+        conversationId,
+        TestAgent.options?.parentMessageId,
+      );
+
+      const userMessage = {
+        text: message,
+        sender: 'ChatGPT',
+        isCreatedByUser: true,
+        messageId: userMessageId,
+        parentMessageId,
+        conversationId,
+      };
+
+      const response = {
+        sender: 'ChatGPT',
+        text: 'Hello, User!',
+        isCreatedByUser: false,
+        messageId: crypto.randomUUID(),
+        parentMessageId: userMessage.messageId,
+        conversationId,
+      };
+
+      fakeMessages.push(userMessage);
+      fakeMessages.push(response);
+      return response;
+    });
+  });
+
+  test('initializes PluginsClient without crashing', () => {
+    expect(TestAgent).toBeInstanceOf(PluginsClient);
+  });
+
+  test('check setOptions function', () => {
+    expect(TestAgent.agentIsGpt3).toBe(true);
+  });
+
+  describe('sendMessage', () => {
+    test('sendMessage should return a response message', async () => {
+      const expectedResult = expect.objectContaining({
+        sender: 'ChatGPT',
+        text: expect.any(String),
+        isCreatedByUser: false,
+        messageId: expect.any(String),
+        parentMessageId: expect.any(String),
+        conversationId: expect.any(String),
+      });
+
+      const response = await TestAgent.sendMessage(userMessage);
+      parentMessageId = response.messageId;
+      conversationId = response.conversationId;
+      expect(response).toEqual(expectedResult);
+    });
+
+    test('sendMessage should work with provided conversationId and parentMessageId', async () => {
+      const userMessage = 'Second message in the conversation';
+      const opts = {
+        conversationId,
+        parentMessageId,
+      };
+
+      const expectedResult = expect.objectContaining({
+        sender: 'ChatGPT',
+        text: expect.any(String),
+        isCreatedByUser: false,
+        messageId: expect.any(String),
+        parentMessageId: expect.any(String),
+        conversationId: opts.conversationId,
+      });
+
+      const response = await TestAgent.sendMessage(userMessage, opts);
+      parentMessageId = response.messageId;
+      expect(response.conversationId).toEqual(conversationId);
+      expect(response).toEqual(expectedResult);
+    });
+
+    test('should return chat history', async () => {
+      const chatMessages = await TestAgent.loadHistory(conversationId, parentMessageId);
+      expect(TestAgent.currentMessages).toHaveLength(4);
+      expect(chatMessages[0].text).toEqual(userMessage);
+    });
+  });
+
+  describe('getFunctionModelName', () => {
+    let client;
+
+    beforeEach(() => {
+      client = new PluginsClient('dummy_api_key');
+    });
+
+    test('should return the input when it includes a dash followed by four digits', () => {
+      expect(client.getFunctionModelName('-1234')).toBe('-1234');
+      expect(client.getFunctionModelName('gpt-4-5678-preview')).toBe('gpt-4-5678-preview');
+    });
+
+    test('should return the input for all function-capable models (`0613` models and above)', () => {
+      expect(client.getFunctionModelName('gpt-4-0613')).toBe('gpt-4-0613');
+      expect(client.getFunctionModelName('gpt-4-32k-0613')).toBe('gpt-4-32k-0613');
+      expect(client.getFunctionModelName('gpt-3.5-turbo-0613')).toBe('gpt-3.5-turbo-0613');
+      expect(client.getFunctionModelName('gpt-3.5-turbo-16k-0613')).toBe('gpt-3.5-turbo-16k-0613');
+      expect(client.getFunctionModelName('gpt-3.5-turbo-1106')).toBe('gpt-3.5-turbo-1106');
+      expect(client.getFunctionModelName('gpt-4-1106-preview')).toBe('gpt-4-1106-preview');
+      expect(client.getFunctionModelName('gpt-4-1106')).toBe('gpt-4-1106');
+    });
+
+    test('should return the corresponding model if input is non-function capable (`0314` models)', () => {
+      expect(client.getFunctionModelName('gpt-4-0314')).toBe('gpt-4');
+      expect(client.getFunctionModelName('gpt-4-32k-0314')).toBe('gpt-4');
+      expect(client.getFunctionModelName('gpt-3.5-turbo-0314')).toBe('gpt-3.5-turbo');
+      expect(client.getFunctionModelName('gpt-3.5-turbo-16k-0314')).toBe('gpt-3.5-turbo');
+    });
+
+    test('should return "gpt-3.5-turbo" when the input includes "gpt-3.5-turbo"', () => {
+      expect(client.getFunctionModelName('test gpt-3.5-turbo model')).toBe('gpt-3.5-turbo');
+    });
+
+    test('should return "gpt-4" when the input includes "gpt-4"', () => {
+      expect(client.getFunctionModelName('testing gpt-4')).toBe('gpt-4');
+    });
+
+    test('should return "gpt-3.5-turbo" for input that does not meet any specific condition', () => {
+      expect(client.getFunctionModelName('random string')).toBe('gpt-3.5-turbo');
+      expect(client.getFunctionModelName('')).toBe('gpt-3.5-turbo');
+    });
+  });
+
+  describe('Azure OpenAI tests specific to Plugins', () => {
+    // TODO: add more tests for Azure OpenAI integration with Plugins
+    // let client;
+    // beforeEach(() => {
+    //   client = new PluginsClient('dummy_api_key');
+    // });
+
+    test('should not call getFunctionModelName when azure options are set', () => {
+      const spy = jest.spyOn(PluginsClient.prototype, 'getFunctionModelName');
+      const model = 'gpt-4-turbo';
+
+      // note, without the azure change in PR #1766, `getFunctionModelName` is called twice
+      const testClient = new PluginsClient('dummy_api_key', {
+        agentOptions: {
+          model,
+          agent: 'functions',
+        },
+        azure: defaultAzureOptions,
+      });
+
+      expect(spy).not.toHaveBeenCalled();
+      expect(testClient.agentOptions.model).toBe(model);
+
+      spy.mockRestore();
+    });
+  });
+
+  describe('sendMessage with filtered tools', () => {
+    let TestAgent;
+    const apiKey = 'fake-api-key';
+    const mockTools = [{ name: 'tool1' }, { name: 'tool2' }, { name: 'tool3' }, { name: 'tool4' }];
+
+    beforeEach(() => {
+      TestAgent = new PluginsClient(apiKey, {
+        tools: mockTools,
+        modelOptions: {
+          model: 'gpt-3.5-turbo',
+          temperature: 0,
+          max_tokens: 2,
+        },
+        agentOptions: {
+          model: 'gpt-3.5-turbo',
+        },
+      });
+
+      TestAgent.options.req = {
+        app: {
+          locals: {},
+        },
+      };
+
+      TestAgent.sendMessage = jest.fn().mockImplementation(async () => {
+        const { filteredTools = [], includedTools = [] } = TestAgent.options.req.app.locals;
+
+        if (includedTools.length > 0) {
+          const tools = TestAgent.options.tools.filter((plugin) =>
+            includedTools.includes(plugin.name),
+          );
+          TestAgent.options.tools = tools;
+        } else {
+          const tools = TestAgent.options.tools.filter(
+            (plugin) => !filteredTools.includes(plugin.name),
+          );
+          TestAgent.options.tools = tools;
+        }
+
+        return {
+          text: 'Mocked response',
+          tools: TestAgent.options.tools,
+        };
+      });
+    });
+
+    test('should filter out tools when filteredTools is provided', async () => {
+      TestAgent.options.req.app.locals.filteredTools = ['tool1', 'tool3'];
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(2);
+      expect(response.tools).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: 'tool2' }),
+          expect.objectContaining({ name: 'tool4' }),
+        ]),
+      );
+    });
+
+    test('should only include specified tools when includedTools is provided', async () => {
+      TestAgent.options.req.app.locals.includedTools = ['tool2', 'tool4'];
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(2);
+      expect(response.tools).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: 'tool2' }),
+          expect.objectContaining({ name: 'tool4' }),
+        ]),
+      );
+    });
+
+    test('should prioritize includedTools over filteredTools', async () => {
+      TestAgent.options.req.app.locals.filteredTools = ['tool1', 'tool3'];
+      TestAgent.options.req.app.locals.includedTools = ['tool1', 'tool2'];
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(2);
+      expect(response.tools).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: 'tool1' }),
+          expect.objectContaining({ name: 'tool2' }),
+        ]),
+      );
+    });
+
+    test('should not modify tools when no filters are provided', async () => {
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(4);
+      expect(response.tools).toEqual(expect.arrayContaining(mockTools));
+    });
+  });
+});

api/app/clients/tools/structured/OpenAIImageTools.js

@@ -107,12 +107,6 @@ const getImageEditPromptDescription = () => {
   return process.env.IMAGE_EDIT_OAI_PROMPT_DESCRIPTION || DEFAULT_IMAGE_EDIT_PROMPT_DESCRIPTION;
 };
 
-function createAbortHandler() {
-  return function () {
-    logger.debug('[ImageGenOAI] Image generation aborted');
-  };
-}
-
 /**
  * Creates OpenAI Image tools (generation and editing)
  * @param {Object} fields - Configuration fields
@@ -207,18 +201,10 @@ function createOpenAIImageTools(fields = {}) {
       }
 
       let resp;
-      /** @type {AbortSignal} */
-      let derivedSignal = null;
-      /** @type {() => void} */
-      let abortHandler = null;
-
       try {
-        if (runnableConfig?.signal) {
-          derivedSignal = AbortSignal.any([runnableConfig.signal]);
-          abortHandler = createAbortHandler();
-          derivedSignal.addEventListener('abort', abortHandler, { once: true });
-        }
-
+        const derivedSignal = runnableConfig?.signal
+          ? AbortSignal.any([runnableConfig.signal])
+          : undefined;
         resp = await openai.images.generate(
           {
             model: 'gpt-image-1',
@@ -242,10 +228,6 @@ function createOpenAIImageTools(fields = {}) {
         logAxiosError({ error, message });
         return returnValue(`Something went wrong when trying to generate the image. The OpenAI API may be unavailable:
 Error Message: ${error.message}`);
-      } finally {
-        if (abortHandler && derivedSignal) {
-          derivedSignal.removeEventListener('abort', abortHandler);
-        }
       }
 
       if (!resp) {
@@ -427,17 +409,10 @@ Error Message: ${error.message}`);
         headers['Authorization'] = `Bearer ${apiKey}`;
       }
 
-      /** @type {AbortSignal} */
-      let derivedSignal = null;
-      /** @type {() => void} */
-      let abortHandler = null;
-
       try {
-        if (runnableConfig?.signal) {
-          derivedSignal = AbortSignal.any([runnableConfig.signal]);
-          abortHandler = createAbortHandler();
-          derivedSignal.addEventListener('abort', abortHandler, { once: true });
-        }
+        const derivedSignal = runnableConfig?.signal
+          ? AbortSignal.any([runnableConfig.signal])
+          : undefined;
 
         /** @type {import('axios').AxiosRequestConfig} */
         const axiosConfig = {
@@ -492,10 +467,6 @@ Error Message: ${error.message}`);
         logAxiosError({ error, message });
         return returnValue(`Something went wrong when trying to edit the image. The OpenAI API may be unavailable:
 Error Message: ${error.message || 'Unknown error'}`);
-      } finally {
-        if (abortHandler && derivedSignal) {
-          derivedSignal.removeEventListener('abort', abortHandler);
-        }
       }
     },
     {

api/app/clients/tools/util/fileSearch.js

@@ -1,35 +1,26 @@
 const { z } = require('zod');
 const axios = require('axios');
 const { tool } = require('@langchain/core/tools');
-const { logger } = require('@librechat/data-schemas');
 const { Tools, EToolResources } = require('librechat-data-provider');
-const { generateShortLivedToken } = require('~/server/services/AuthService');
 const { getFiles } = require('~/models/File');
+const { logger } = require('~/config');
 
 /**
  *
  * @param {Object} options
  * @param {ServerRequest} options.req
  * @param {Agent['tool_resources']} options.tool_resources
- * @param {string} [options.agentId] - The agent ID for file access control
  * @returns {Promise<{
  *   files: Array<{ file_id: string; filename: string }>,
  *   toolContext: string
  * }>}
  */
 const primeFiles = async (options) => {
-  const { tool_resources, req, agentId } = options;
+  const { tool_resources } = options;
   const file_ids = tool_resources?.[EToolResources.file_search]?.file_ids ?? [];
   const agentResourceIds = new Set(file_ids);
   const resourceFiles = tool_resources?.[EToolResources.file_search]?.files ?? [];
-  const dbFiles = (
-    (await getFiles(
-      { file_id: { $in: file_ids } },
-      null,
-      { text: 0 },
-      { userId: req?.user?.id, agentId },
-    )) ?? []
-  ).concat(resourceFiles);
+  const dbFiles = ((await getFiles({ file_id: { $in: file_ids } })) ?? []).concat(resourceFiles);
 
   let toolContext = `- Note: Semantic search is available through the ${Tools.file_search} tool but no files are currently loaded. Request the user to upload documents to search through.`;
 
@@ -68,7 +59,7 @@ const createFileSearchTool = async ({ req, files, entity_id }) => {
       if (files.length === 0) {
         return 'No files to search. Instruct the user to add files for the search.';
       }
-      const jwtToken = generateShortLivedToken(req.user.id);
+      const jwtToken = req.headers.authorization.split(' ')[1];
       if (!jwtToken) {
         return 'There was an error authenticating the file search request.';
       }

api/app/clients/tools/util/handleTools.js

@@ -1,9 +1,14 @@
-const { logger } = require('@librechat/data-schemas');
 const { SerpAPI } = require('@langchain/community/tools/serpapi');
 const { Calculator } = require('@langchain/community/tools/calculator');
-const { mcpToolPattern, loadWebSearchAuth } = require('@librechat/api');
 const { EnvVar, createCodeExecutionTool, createSearchTool } = require('@librechat/agents');
-const { Tools, EToolResources, replaceSpecialVars } = require('librechat-data-provider');
+const {
+  Tools,
+  Constants,
+  EToolResources,
+  loadWebSearchAuth,
+  replaceSpecialVars,
+} = require('librechat-data-provider');
+const { getUserPluginAuthValue } = require('~/server/services/PluginService');
 const {
   availableTools,
   manifestToolMap,
@@ -23,10 +28,11 @@ const {
 } = require('../');
 const { primeFiles: primeCodeFiles } = require('~/server/services/Files/Code/process');
 const { createFileSearchTool, primeFiles: primeSearchFiles } = require('./fileSearch');
-const { getUserPluginAuthValue } = require('~/server/services/PluginService');
 const { loadAuthValues } = require('~/server/services/Tools/credentials');
-const { getCachedTools } = require('~/server/services/Config');
 const { createMCPTool } = require('~/server/services/MCP');
+const { logger } = require('~/config');
+
+const mcpToolPattern = new RegExp(`^.+${Constants.mcp_delimiter}.+$`);
 
 /**
  * Validates the availability and authentication of tools for a user based on environment variables or user-specific plugin authentication values.
@@ -87,7 +93,7 @@ const validateTools = async (user, tools = []) => {
     return Array.from(validToolsSet.values());
   } catch (err) {
     logger.error('[validateTools] There was a problem validating tools', err);
-    throw new Error(err);
+    throw new Error('There was a problem validating tools');
   }
 };
 
@@ -230,7 +236,7 @@ const loadTools = async ({
 
   /** @type {Record<string, string>} */
   const toolContextMap = {};
-  const cachedTools = (await getCachedTools({ userId: user, includeGlobal: true })) ?? {};
+  const appTools = options.req?.app?.locals?.availableTools ?? {};
 
   for (const tool of tools) {
     if (tool === Tools.execute_code) {
@@ -240,13 +246,7 @@ const loadTools = async ({
           authFields: [EnvVar.CODE_API_KEY],
         });
         const codeApiKey = authValues[EnvVar.CODE_API_KEY];
-        const { files, toolContext } = await primeCodeFiles(
-          {
-            ...options,
-            agentId: agent?.id,
-          },
-          codeApiKey,
-        );
+        const { files, toolContext } = await primeCodeFiles(options, codeApiKey);
         if (toolContext) {
           toolContextMap[tool] = toolContext;
         }
@@ -261,10 +261,7 @@ const loadTools = async ({
       continue;
     } else if (tool === Tools.file_search) {
       requestedTools[tool] = async () => {
-        const { files, toolContext } = await primeSearchFiles({
-          ...options,
-          agentId: agent?.id,
-        });
+        const { files, toolContext } = await primeSearchFiles(options);
         if (toolContext) {
           toolContextMap[tool] = toolContext;
         }
@@ -298,11 +295,10 @@ Current Date & Time: ${replaceSpecialVars({ text: '{{iso_datetime}}' })}
         });
       };
       continue;
-    } else if (tool && cachedTools && mcpToolPattern.test(tool)) {
+    } else if (tool && appTools[tool] && mcpToolPattern.test(tool)) {
       requestedTools[tool] = async () =>
         createMCPTool({
           req: options.req,
-          res: options.res,
           toolKey: tool,
           model: agent?.model ?? model,
           provider: agent?.provider ?? endpoint,

api/cache/banViolation.js

@@ -1,8 +1,7 @@
 const { logger } = require('@librechat/data-schemas');
-const { isEnabled, math } = require('@librechat/api');
 const { ViolationTypes } = require('librechat-data-provider');
+const { isEnabled, math, removePorts } = require('~/server/utils');
 const { deleteAllUserSessions } = require('~/models');
-const { removePorts } = require('~/server/utils');
 const getLogStores = require('./getLogStores');
 
 const { BAN_VIOLATIONS, BAN_INTERVAL } = process.env ?? {};

api/cache/cacheConfig.js

@@ -1,33 +0,0 @@
-const fs = require('fs');
-const { math, isEnabled } = require('@librechat/api');
-
-// To ensure that different deployments do not interfere with each other's cache, we use a prefix for the Redis keys.
-// This prefix is usually the deployment ID, which is often passed to the container or pod as an env var.
-// Set REDIS_KEY_PREFIX_VAR to the env var that contains the deployment ID.
-const REDIS_KEY_PREFIX_VAR = process.env.REDIS_KEY_PREFIX_VAR;
-const REDIS_KEY_PREFIX = process.env.REDIS_KEY_PREFIX;
-if (REDIS_KEY_PREFIX_VAR && REDIS_KEY_PREFIX) {
-  throw new Error('Only either REDIS_KEY_PREFIX_VAR or REDIS_KEY_PREFIX can be set.');
-}
-
-const USE_REDIS = isEnabled(process.env.USE_REDIS);
-if (USE_REDIS && !process.env.REDIS_URI) {
-  throw new Error('USE_REDIS is enabled but REDIS_URI is not set.');
-}
-
-const cacheConfig = {
-  USE_REDIS,
-  REDIS_URI: process.env.REDIS_URI,
-  REDIS_USERNAME: process.env.REDIS_USERNAME,
-  REDIS_PASSWORD: process.env.REDIS_PASSWORD,
-  REDIS_CA: process.env.REDIS_CA ? fs.readFileSync(process.env.REDIS_CA, 'utf8') : null,
-  REDIS_KEY_PREFIX: process.env[REDIS_KEY_PREFIX_VAR] || REDIS_KEY_PREFIX || '',
-  REDIS_MAX_LISTENERS: math(process.env.REDIS_MAX_LISTENERS, 40),
-
-  CI: isEnabled(process.env.CI),
-  DEBUG_MEMORY_CACHE: isEnabled(process.env.DEBUG_MEMORY_CACHE),
-
-  BAN_DURATION: math(process.env.BAN_DURATION, 7200000), // 2 hours
-};
-
-module.exports = { cacheConfig };

api/cache/cacheConfig.spec.js

@@ -1,108 +0,0 @@
-const fs = require('fs');
-
-describe('cacheConfig', () => {
-  let originalEnv;
-  let originalReadFileSync;
-
-  beforeEach(() => {
-    originalEnv = { ...process.env };
-    originalReadFileSync = fs.readFileSync;
-
-    // Clear all related env vars first
-    delete process.env.REDIS_URI;
-    delete process.env.REDIS_CA;
-    delete process.env.REDIS_KEY_PREFIX_VAR;
-    delete process.env.REDIS_KEY_PREFIX;
-    delete process.env.USE_REDIS;
-
-    // Clear require cache
-    jest.resetModules();
-  });
-
-  afterEach(() => {
-    process.env = originalEnv;
-    fs.readFileSync = originalReadFileSync;
-    jest.resetModules();
-  });
-
-  describe('REDIS_KEY_PREFIX validation and resolution', () => {
-    test('should throw error when both REDIS_KEY_PREFIX_VAR and REDIS_KEY_PREFIX are set', () => {
-      process.env.REDIS_KEY_PREFIX_VAR = 'DEPLOYMENT_ID';
-      process.env.REDIS_KEY_PREFIX = 'manual-prefix';
-
-      expect(() => {
-        require('./cacheConfig');
-      }).toThrow('Only either REDIS_KEY_PREFIX_VAR or REDIS_KEY_PREFIX can be set.');
-    });
-
-    test('should resolve REDIS_KEY_PREFIX from variable reference', () => {
-      process.env.REDIS_KEY_PREFIX_VAR = 'DEPLOYMENT_ID';
-      process.env.DEPLOYMENT_ID = 'test-deployment-123';
-
-      const { cacheConfig } = require('./cacheConfig');
-      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('test-deployment-123');
-    });
-
-    test('should use direct REDIS_KEY_PREFIX value', () => {
-      process.env.REDIS_KEY_PREFIX = 'direct-prefix';
-
-      const { cacheConfig } = require('./cacheConfig');
-      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('direct-prefix');
-    });
-
-    test('should default to empty string when no prefix is configured', () => {
-      const { cacheConfig } = require('./cacheConfig');
-      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('');
-    });
-
-    test('should handle empty variable reference', () => {
-      process.env.REDIS_KEY_PREFIX_VAR = 'EMPTY_VAR';
-      process.env.EMPTY_VAR = '';
-
-      const { cacheConfig } = require('./cacheConfig');
-      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('');
-    });
-
-    test('should handle undefined variable reference', () => {
-      process.env.REDIS_KEY_PREFIX_VAR = 'UNDEFINED_VAR';
-
-      const { cacheConfig } = require('./cacheConfig');
-      expect(cacheConfig.REDIS_KEY_PREFIX).toBe('');
-    });
-  });
-
-  describe('USE_REDIS and REDIS_URI validation', () => {
-    test('should throw error when USE_REDIS is enabled but REDIS_URI is not set', () => {
-      process.env.USE_REDIS = 'true';
-
-      expect(() => {
-        require('./cacheConfig');
-      }).toThrow('USE_REDIS is enabled but REDIS_URI is not set.');
-    });
-
-    test('should not throw error when USE_REDIS is enabled and REDIS_URI is set', () => {
-      process.env.USE_REDIS = 'true';
-      process.env.REDIS_URI = 'redis://localhost:6379';
-
-      expect(() => {
-        require('./cacheConfig');
-      }).not.toThrow();
-    });
-
-    test('should handle empty REDIS_URI when USE_REDIS is enabled', () => {
-      process.env.USE_REDIS = 'true';
-      process.env.REDIS_URI = '';
-
-      expect(() => {
-        require('./cacheConfig');
-      }).toThrow('USE_REDIS is enabled but REDIS_URI is not set.');
-    });
-  });
-
-  describe('REDIS_CA file reading', () => {
-    test('should be null when REDIS_CA is not set', () => {
-      const { cacheConfig } = require('./cacheConfig');
-      expect(cacheConfig.REDIS_CA).toBeNull();
-    });
-  });
-});

api/cache/cacheFactory.js

@@ -1,66 +0,0 @@
-const KeyvRedis = require('@keyv/redis').default;
-const { Keyv } = require('keyv');
-const { cacheConfig } = require('./cacheConfig');
-const { keyvRedisClient, ioredisClient, GLOBAL_PREFIX_SEPARATOR } = require('./redisClients');
-const { Time } = require('librechat-data-provider');
-const { RedisStore: ConnectRedis } = require('connect-redis');
-const MemoryStore = require('memorystore')(require('express-session'));
-const { violationFile } = require('./keyvFiles');
-const { RedisStore } = require('rate-limit-redis');
-
-/**
- * Creates a cache instance using Redis or a fallback store. Suitable for general caching needs.
- * @param {string} namespace - The cache namespace.
- * @param {number} [ttl] - Time to live for cache entries.
- * @param {object} [fallbackStore] - Optional fallback store if Redis is not used.
- * @returns {Keyv} Cache instance.
- */
-const standardCache = (namespace, ttl = undefined, fallbackStore = undefined) => {
-  if (cacheConfig.USE_REDIS) {
-    const keyvRedis = new KeyvRedis(keyvRedisClient);
-    const cache = new Keyv(keyvRedis, { namespace, ttl });
-    keyvRedis.namespace = cacheConfig.REDIS_KEY_PREFIX;
-    keyvRedis.keyPrefixSeparator = GLOBAL_PREFIX_SEPARATOR;
-    return cache;
-  }
-  if (fallbackStore) return new Keyv({ store: fallbackStore, namespace, ttl });
-  return new Keyv({ namespace, ttl });
-};
-
-/**
- * Creates a cache instance for storing violation data.
- * Uses a file-based fallback store if Redis is not enabled.
- * @param {string} namespace - The cache namespace for violations.
- * @param {number} [ttl] - Time to live for cache entries.
- * @returns {Keyv} Cache instance for violations.
- */
-const violationCache = (namespace, ttl = undefined) => {
-  return standardCache(`violations:${namespace}`, ttl, violationFile);
-};
-
-/**
- * Creates a session cache instance using Redis or in-memory store.
- * @param {string} namespace - The session namespace.
- * @param {number} [ttl] - Time to live for session entries.
- * @returns {MemoryStore | ConnectRedis} Session store instance.
- */
-const sessionCache = (namespace, ttl = undefined) => {
-  namespace = namespace.endsWith(':') ? namespace : `${namespace}:`;
-  if (!cacheConfig.USE_REDIS) return new MemoryStore({ ttl, checkPeriod: Time.ONE_DAY });
-  return new ConnectRedis({ client: ioredisClient, ttl, prefix: namespace });
-};
-
-/**
- * Creates a rate limiter cache using Redis.
- * @param {string} prefix - The key prefix for rate limiting.
- * @returns {RedisStore|undefined} RedisStore instance or undefined if Redis is not used.
- */
-const limiterCache = (prefix) => {
-  if (!prefix) throw new Error('prefix is required');
-  if (!cacheConfig.USE_REDIS) return undefined;
-  prefix = prefix.endsWith(':') ? prefix : `${prefix}:`;
-  return new RedisStore({ sendCommand, prefix });
-};
-const sendCommand = (...args) => ioredisClient?.call(...args);
-
-module.exports = { standardCache, sessionCache, violationCache, limiterCache };

api/cache/cacheFactory.spec.js

@@ -1,270 +0,0 @@
-const { Time } = require('librechat-data-provider');
-
-// Mock dependencies first
-const mockKeyvRedis = {
-  namespace: '',
-  keyPrefixSeparator: '',
-};
-
-const mockKeyv = jest.fn().mockReturnValue({ mock: 'keyv' });
-const mockConnectRedis = jest.fn().mockReturnValue({ mock: 'connectRedis' });
-const mockMemoryStore = jest.fn().mockReturnValue({ mock: 'memoryStore' });
-const mockRedisStore = jest.fn().mockReturnValue({ mock: 'redisStore' });
-
-const mockIoredisClient = {
-  call: jest.fn(),
-};
-
-const mockKeyvRedisClient = {};
-const mockViolationFile = {};
-
-// Mock modules before requiring the main module
-jest.mock('@keyv/redis', () => ({
-  default: jest.fn().mockImplementation(() => mockKeyvRedis),
-}));
-
-jest.mock('keyv', () => ({
-  Keyv: mockKeyv,
-}));
-
-jest.mock('./cacheConfig', () => ({
-  cacheConfig: {
-    USE_REDIS: false,
-    REDIS_KEY_PREFIX: 'test',
-  },
-}));
-
-jest.mock('./redisClients', () => ({
-  keyvRedisClient: mockKeyvRedisClient,
-  ioredisClient: mockIoredisClient,
-  GLOBAL_PREFIX_SEPARATOR: '::',
-}));
-
-jest.mock('./keyvFiles', () => ({
-  violationFile: mockViolationFile,
-}));
-
-jest.mock('connect-redis', () => ({ RedisStore: mockConnectRedis }));
-
-jest.mock('memorystore', () => jest.fn(() => mockMemoryStore));
-
-jest.mock('rate-limit-redis', () => ({
-  RedisStore: mockRedisStore,
-}));
-
-// Import after mocking
-const { standardCache, sessionCache, violationCache, limiterCache } = require('./cacheFactory');
-const { cacheConfig } = require('./cacheConfig');
-
-describe('cacheFactory', () => {
-  beforeEach(() => {
-    jest.clearAllMocks();
-
-    // Reset cache config mock
-    cacheConfig.USE_REDIS = false;
-    cacheConfig.REDIS_KEY_PREFIX = 'test';
-  });
-
-  describe('redisCache', () => {
-    it('should create Redis cache when USE_REDIS is true', () => {
-      cacheConfig.USE_REDIS = true;
-      const namespace = 'test-namespace';
-      const ttl = 3600;
-
-      standardCache(namespace, ttl);
-
-      expect(require('@keyv/redis').default).toHaveBeenCalledWith(mockKeyvRedisClient);
-      expect(mockKeyv).toHaveBeenCalledWith(mockKeyvRedis, { namespace, ttl });
-      expect(mockKeyvRedis.namespace).toBe(cacheConfig.REDIS_KEY_PREFIX);
-      expect(mockKeyvRedis.keyPrefixSeparator).toBe('::');
-    });
-
-    it('should create Redis cache with undefined ttl when not provided', () => {
-      cacheConfig.USE_REDIS = true;
-      const namespace = 'test-namespace';
-
-      standardCache(namespace);
-
-      expect(mockKeyv).toHaveBeenCalledWith(mockKeyvRedis, { namespace, ttl: undefined });
-    });
-
-    it('should use fallback store when USE_REDIS is false and fallbackStore is provided', () => {
-      cacheConfig.USE_REDIS = false;
-      const namespace = 'test-namespace';
-      const ttl = 3600;
-      const fallbackStore = { some: 'store' };
-
-      standardCache(namespace, ttl, fallbackStore);
-
-      expect(mockKeyv).toHaveBeenCalledWith({ store: fallbackStore, namespace, ttl });
-    });
-
-    it('should create default Keyv instance when USE_REDIS is false and no fallbackStore', () => {
-      cacheConfig.USE_REDIS = false;
-      const namespace = 'test-namespace';
-      const ttl = 3600;
-
-      standardCache(namespace, ttl);
-
-      expect(mockKeyv).toHaveBeenCalledWith({ namespace, ttl });
-    });
-
-    it('should handle namespace and ttl as undefined', () => {
-      cacheConfig.USE_REDIS = false;
-
-      standardCache();
-
-      expect(mockKeyv).toHaveBeenCalledWith({ namespace: undefined, ttl: undefined });
-    });
-  });
-
-  describe('violationCache', () => {
-    it('should create violation cache with prefixed namespace', () => {
-      const namespace = 'test-violations';
-      const ttl = 7200;
-
-      // We can't easily mock the internal redisCache call since it's in the same module
-      // But we can test that the function executes without throwing
-      expect(() => violationCache(namespace, ttl)).not.toThrow();
-    });
-
-    it('should create violation cache with undefined ttl', () => {
-      const namespace = 'test-violations';
-
-      violationCache(namespace);
-
-      // The function should call redisCache with violations: prefixed namespace
-      // Since we can't easily mock the internal redisCache call, we test the behavior
-      expect(() => violationCache(namespace)).not.toThrow();
-    });
-
-    it('should handle undefined namespace', () => {
-      expect(() => violationCache(undefined)).not.toThrow();
-    });
-  });
-
-  describe('sessionCache', () => {
-    it('should return MemoryStore when USE_REDIS is false', () => {
-      cacheConfig.USE_REDIS = false;
-      const namespace = 'sessions';
-      const ttl = 86400;
-
-      const result = sessionCache(namespace, ttl);
-
-      expect(mockMemoryStore).toHaveBeenCalledWith({ ttl, checkPeriod: Time.ONE_DAY });
-      expect(result).toBe(mockMemoryStore());
-    });
-
-    it('should return ConnectRedis when USE_REDIS is true', () => {
-      cacheConfig.USE_REDIS = true;
-      const namespace = 'sessions';
-      const ttl = 86400;
-
-      const result = sessionCache(namespace, ttl);
-
-      expect(mockConnectRedis).toHaveBeenCalledWith({
-        client: mockIoredisClient,
-        ttl,
-        prefix: `${namespace}:`,
-      });
-      expect(result).toBe(mockConnectRedis());
-    });
-
-    it('should add colon to namespace if not present', () => {
-      cacheConfig.USE_REDIS = true;
-      const namespace = 'sessions';
-
-      sessionCache(namespace);
-
-      expect(mockConnectRedis).toHaveBeenCalledWith({
-        client: mockIoredisClient,
-        ttl: undefined,
-        prefix: 'sessions:',
-      });
-    });
-
-    it('should not add colon to namespace if already present', () => {
-      cacheConfig.USE_REDIS = true;
-      const namespace = 'sessions:';
-
-      sessionCache(namespace);
-
-      expect(mockConnectRedis).toHaveBeenCalledWith({
-        client: mockIoredisClient,
-        ttl: undefined,
-        prefix: 'sessions:',
-      });
-    });
-
-    it('should handle undefined ttl', () => {
-      cacheConfig.USE_REDIS = false;
-      const namespace = 'sessions';
-
-      sessionCache(namespace);
-
-      expect(mockMemoryStore).toHaveBeenCalledWith({
-        ttl: undefined,
-        checkPeriod: Time.ONE_DAY,
-      });
-    });
-  });
-
-  describe('limiterCache', () => {
-    it('should return undefined when USE_REDIS is false', () => {
-      cacheConfig.USE_REDIS = false;
-      const result = limiterCache('prefix');
-
-      expect(result).toBeUndefined();
-    });
-
-    it('should return RedisStore when USE_REDIS is true', () => {
-      cacheConfig.USE_REDIS = true;
-      const result = limiterCache('rate-limit');
-
-      expect(mockRedisStore).toHaveBeenCalledWith({
-        sendCommand: expect.any(Function),
-        prefix: `rate-limit:`,
-      });
-      expect(result).toBe(mockRedisStore());
-    });
-
-    it('should add colon to prefix if not present', () => {
-      cacheConfig.USE_REDIS = true;
-      limiterCache('rate-limit');
-
-      expect(mockRedisStore).toHaveBeenCalledWith({
-        sendCommand: expect.any(Function),
-        prefix: 'rate-limit:',
-      });
-    });
-
-    it('should not add colon to prefix if already present', () => {
-      cacheConfig.USE_REDIS = true;
-      limiterCache('rate-limit:');
-
-      expect(mockRedisStore).toHaveBeenCalledWith({
-        sendCommand: expect.any(Function),
-        prefix: 'rate-limit:',
-      });
-    });
-
-    it('should pass sendCommand function that calls ioredisClient.call', () => {
-      cacheConfig.USE_REDIS = true;
-      limiterCache('rate-limit');
-
-      const sendCommandCall = mockRedisStore.mock.calls[0][0];
-      const sendCommand = sendCommandCall.sendCommand;
-
-      // Test that sendCommand properly delegates to ioredisClient.call
-      const args = ['GET', 'test-key'];
-      sendCommand(...args);
-
-      expect(mockIoredisClient.call).toHaveBeenCalledWith(...args);
-    });
-
-    it('should handle undefined prefix', () => {
-      cacheConfig.USE_REDIS = true;
-      expect(() => limiterCache()).toThrow('prefix is required');
-    });
-  });
-});

api/cache/getLogStores.js

@@ -1,52 +1,108 @@
-const { cacheConfig } = require('./cacheConfig');
 const { Keyv } = require('keyv');
 const { CacheKeys, ViolationTypes, Time } = require('librechat-data-provider');
-const { logFile } = require('./keyvFiles');
+const { logFile, violationFile } = require('./keyvFiles');
+const { isEnabled, math } = require('~/server/utils');
+const keyvRedis = require('./keyvRedis');
 const keyvMongo = require('./keyvMongo');
-const { standardCache, sessionCache, violationCache } = require('./cacheFactory');
+
+const { BAN_DURATION, USE_REDIS, DEBUG_MEMORY_CACHE, CI } = process.env ?? {};
+
+const duration = math(BAN_DURATION, 7200000);
+const isRedisEnabled = isEnabled(USE_REDIS);
+const debugMemoryCache = isEnabled(DEBUG_MEMORY_CACHE);
+
+const createViolationInstance = (namespace) => {
+  const config = isRedisEnabled ? { store: keyvRedis } : { store: violationFile, namespace };
+  return new Keyv(config);
+};
+
+// Serve cache from memory so no need to clear it on startup/exit
+const pending_req = isRedisEnabled
+  ? new Keyv({ store: keyvRedis })
+  : new Keyv({ namespace: CacheKeys.PENDING_REQ });
+
+const config = isRedisEnabled
+  ? new Keyv({ store: keyvRedis })
+  : new Keyv({ namespace: CacheKeys.CONFIG_STORE });
+
+const roles = isRedisEnabled
+  ? new Keyv({ store: keyvRedis })
+  : new Keyv({ namespace: CacheKeys.ROLES });
+
+const audioRuns = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.TEN_MINUTES })
+  : new Keyv({ namespace: CacheKeys.AUDIO_RUNS, ttl: Time.TEN_MINUTES });
+
+const messages = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.ONE_MINUTE })
+  : new Keyv({ namespace: CacheKeys.MESSAGES, ttl: Time.ONE_MINUTE });
+
+const flows = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.TWO_MINUTES })
+  : new Keyv({ namespace: CacheKeys.FLOWS, ttl: Time.ONE_MINUTE * 3 });
+
+const tokenConfig = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.THIRTY_MINUTES })
+  : new Keyv({ namespace: CacheKeys.TOKEN_CONFIG, ttl: Time.THIRTY_MINUTES });
+
+const genTitle = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.TWO_MINUTES })
+  : new Keyv({ namespace: CacheKeys.GEN_TITLE, ttl: Time.TWO_MINUTES });
+
+const s3ExpiryInterval = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.THIRTY_MINUTES })
+  : new Keyv({ namespace: CacheKeys.S3_EXPIRY_INTERVAL, ttl: Time.THIRTY_MINUTES });
+
+const modelQueries = isEnabled(process.env.USE_REDIS)
+  ? new Keyv({ store: keyvRedis })
+  : new Keyv({ namespace: CacheKeys.MODEL_QUERIES });
+
+const abortKeys = isRedisEnabled
+  ? new Keyv({ store: keyvRedis })
+  : new Keyv({ namespace: CacheKeys.ABORT_KEYS, ttl: Time.TEN_MINUTES });
+
+const openIdExchangedTokensCache = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.TEN_MINUTES })
+  : new Keyv({ namespace: CacheKeys.OPENID_EXCHANGED_TOKENS, ttl: Time.TEN_MINUTES });
 
 const namespaces = {
-  [ViolationTypes.GENERAL]: new Keyv({ store: logFile, namespace: 'violations' }),
-  [ViolationTypes.LOGINS]: violationCache(ViolationTypes.LOGINS),
-  [ViolationTypes.CONCURRENT]: violationCache(ViolationTypes.CONCURRENT),
-  [ViolationTypes.NON_BROWSER]: violationCache(ViolationTypes.NON_BROWSER),
-  [ViolationTypes.MESSAGE_LIMIT]: violationCache(ViolationTypes.MESSAGE_LIMIT),
-  [ViolationTypes.REGISTRATIONS]: violationCache(ViolationTypes.REGISTRATIONS),
-  [ViolationTypes.TOKEN_BALANCE]: violationCache(ViolationTypes.TOKEN_BALANCE),
-  [ViolationTypes.TTS_LIMIT]: violationCache(ViolationTypes.TTS_LIMIT),
-  [ViolationTypes.STT_LIMIT]: violationCache(ViolationTypes.STT_LIMIT),
-  [ViolationTypes.CONVO_ACCESS]: violationCache(ViolationTypes.CONVO_ACCESS),
-  [ViolationTypes.TOOL_CALL_LIMIT]: violationCache(ViolationTypes.TOOL_CALL_LIMIT),
-  [ViolationTypes.FILE_UPLOAD_LIMIT]: violationCache(ViolationTypes.FILE_UPLOAD_LIMIT),
-  [ViolationTypes.VERIFY_EMAIL_LIMIT]: violationCache(ViolationTypes.VERIFY_EMAIL_LIMIT),
-  [ViolationTypes.RESET_PASSWORD_LIMIT]: violationCache(ViolationTypes.RESET_PASSWORD_LIMIT),
-  [ViolationTypes.ILLEGAL_MODEL_REQUEST]: violationCache(ViolationTypes.ILLEGAL_MODEL_REQUEST),
-  [ViolationTypes.BAN]: new Keyv({
+  [CacheKeys.ROLES]: roles,
+  [CacheKeys.CONFIG_STORE]: config,
+  [CacheKeys.PENDING_REQ]: pending_req,
+  [ViolationTypes.BAN]: new Keyv({ store: keyvMongo, namespace: CacheKeys.BANS, ttl: duration }),
+  [CacheKeys.ENCODED_DOMAINS]: new Keyv({
     store: keyvMongo,
-    namespace: CacheKeys.BANS,
-    ttl: cacheConfig.BAN_DURATION,
+    namespace: CacheKeys.ENCODED_DOMAINS,
+    ttl: 0,
   }),
-
-  [CacheKeys.OPENID_SESSION]: sessionCache(CacheKeys.OPENID_SESSION),
-  [CacheKeys.SAML_SESSION]: sessionCache(CacheKeys.SAML_SESSION),
-
-  [CacheKeys.ROLES]: standardCache(CacheKeys.ROLES),
-  [CacheKeys.MCP_TOOLS]: standardCache(CacheKeys.MCP_TOOLS),
-  [CacheKeys.CONFIG_STORE]: standardCache(CacheKeys.CONFIG_STORE),
-  [CacheKeys.PENDING_REQ]: standardCache(CacheKeys.PENDING_REQ),
-  [CacheKeys.ENCODED_DOMAINS]: new Keyv({ store: keyvMongo, namespace: CacheKeys.ENCODED_DOMAINS }),
-  [CacheKeys.ABORT_KEYS]: standardCache(CacheKeys.ABORT_KEYS, Time.TEN_MINUTES),
-  [CacheKeys.TOKEN_CONFIG]: standardCache(CacheKeys.TOKEN_CONFIG, Time.THIRTY_MINUTES),
-  [CacheKeys.GEN_TITLE]: standardCache(CacheKeys.GEN_TITLE, Time.TWO_MINUTES),
-  [CacheKeys.S3_EXPIRY_INTERVAL]: standardCache(CacheKeys.S3_EXPIRY_INTERVAL, Time.THIRTY_MINUTES),
-  [CacheKeys.MODEL_QUERIES]: standardCache(CacheKeys.MODEL_QUERIES),
-  [CacheKeys.AUDIO_RUNS]: standardCache(CacheKeys.AUDIO_RUNS, Time.TEN_MINUTES),
-  [CacheKeys.MESSAGES]: standardCache(CacheKeys.MESSAGES, Time.ONE_MINUTE),
-  [CacheKeys.FLOWS]: standardCache(CacheKeys.FLOWS, Time.ONE_MINUTE * 3),
-  [CacheKeys.OPENID_EXCHANGED_TOKENS]: standardCache(
-    CacheKeys.OPENID_EXCHANGED_TOKENS,
-    Time.TEN_MINUTES,
+  general: new Keyv({ store: logFile, namespace: 'violations' }),
+  concurrent: createViolationInstance('concurrent'),
+  non_browser: createViolationInstance('non_browser'),
+  message_limit: createViolationInstance('message_limit'),
+  token_balance: createViolationInstance(ViolationTypes.TOKEN_BALANCE),
+  registrations: createViolationInstance('registrations'),
+  [ViolationTypes.TTS_LIMIT]: createViolationInstance(ViolationTypes.TTS_LIMIT),
+  [ViolationTypes.STT_LIMIT]: createViolationInstance(ViolationTypes.STT_LIMIT),
+  [ViolationTypes.CONVO_ACCESS]: createViolationInstance(ViolationTypes.CONVO_ACCESS),
+  [ViolationTypes.TOOL_CALL_LIMIT]: createViolationInstance(ViolationTypes.TOOL_CALL_LIMIT),
+  [ViolationTypes.FILE_UPLOAD_LIMIT]: createViolationInstance(ViolationTypes.FILE_UPLOAD_LIMIT),
+  [ViolationTypes.VERIFY_EMAIL_LIMIT]: createViolationInstance(ViolationTypes.VERIFY_EMAIL_LIMIT),
+  [ViolationTypes.RESET_PASSWORD_LIMIT]: createViolationInstance(
+    ViolationTypes.RESET_PASSWORD_LIMIT,
   ),
+  [ViolationTypes.ILLEGAL_MODEL_REQUEST]: createViolationInstance(
+    ViolationTypes.ILLEGAL_MODEL_REQUEST,
+  ),
+  logins: createViolationInstance('logins'),
+  [CacheKeys.ABORT_KEYS]: abortKeys,
+  [CacheKeys.TOKEN_CONFIG]: tokenConfig,
+  [CacheKeys.GEN_TITLE]: genTitle,
+  [CacheKeys.S3_EXPIRY_INTERVAL]: s3ExpiryInterval,
+  [CacheKeys.MODEL_QUERIES]: modelQueries,
+  [CacheKeys.AUDIO_RUNS]: audioRuns,
+  [CacheKeys.MESSAGES]: messages,
+  [CacheKeys.FLOWS]: flows,
+  [CacheKeys.OPENID_EXCHANGED_TOKENS]: openIdExchangedTokensCache,
 };
 
 /**
@@ -55,10 +111,7 @@ const namespaces = {
  */
 function getTTLStores() {
   return Object.values(namespaces).filter(
-    (store) =>
-      store instanceof Keyv &&
-      parseInt(store.opts?.ttl ?? '0') > 0 &&
-      !store.opts?.store?.constructor?.name?.includes('Redis'), // Only include non-Redis stores
+    (store) => store instanceof Keyv && typeof store.opts?.ttl === 'number' && store.opts.ttl > 0,
   );
 }
 
@@ -94,18 +147,18 @@ async function clearExpiredFromCache(cache) {
       if (data?.expires && data.expires <= expiryTime) {
         const deleted = await cache.opts.store.delete(key);
         if (!deleted) {
-          cacheConfig.DEBUG_MEMORY_CACHE &&
+          debugMemoryCache &&
             console.warn(`[Cache] Error deleting entry: ${key} from ${cache.opts.namespace}`);
           continue;
         }
         cleared++;
       }
     } catch (error) {
-      cacheConfig.DEBUG_MEMORY_CACHE &&
+      debugMemoryCache &&
         console.log(`[Cache] Error processing entry from ${cache.opts.namespace}:`, error);
       const deleted = await cache.opts.store.delete(key);
       if (!deleted) {
-        cacheConfig.DEBUG_MEMORY_CACHE &&
+        debugMemoryCache &&
           console.warn(`[Cache] Error deleting entry: ${key} from ${cache.opts.namespace}`);
         continue;
       }
@@ -114,7 +167,7 @@ async function clearExpiredFromCache(cache) {
   }
 
   if (cleared > 0) {
-    cacheConfig.DEBUG_MEMORY_CACHE &&
+    debugMemoryCache &&
       console.log(
         `[Cache] Cleared ${cleared} entries older than ${ttl}ms from ${cache.opts.namespace}`,
       );
@@ -155,7 +208,7 @@ async function clearAllExpiredFromCache() {
   }
 }
 
-if (!cacheConfig.USE_REDIS && !cacheConfig.CI) {
+if (!isRedisEnabled && !isEnabled(CI)) {
   /** @type {Set<NodeJS.Timeout>} */
   const cleanupIntervals = new Set();
 
@@ -166,7 +219,7 @@ if (!cacheConfig.USE_REDIS && !cacheConfig.CI) {
 
   cleanupIntervals.add(cleanup);
 
-  if (cacheConfig.DEBUG_MEMORY_CACHE) {
+  if (debugMemoryCache) {
     const monitor = setInterval(() => {
       const ttlStores = getTTLStores();
       const memory = process.memoryUsage();
@@ -187,13 +240,13 @@ if (!cacheConfig.USE_REDIS && !cacheConfig.CI) {
   }
 
   const dispose = () => {
-    cacheConfig.DEBUG_MEMORY_CACHE && console.log('[Cache] Cleaning up and shutting down...');
+    debugMemoryCache && console.log('[Cache] Cleaning up and shutting down...');
     cleanupIntervals.forEach((interval) => clearInterval(interval));
     cleanupIntervals.clear();
 
     // One final cleanup before exit
     clearAllExpiredFromCache().then(() => {
-      cacheConfig.DEBUG_MEMORY_CACHE && console.log('[Cache] Final cleanup completed');
+      debugMemoryCache && console.log('[Cache] Final cleanup completed');
       process.exit(0);
     });
   };

api/cache/ioredisClient.js

@@ -0,0 +1,92 @@
+const fs = require('fs');
+const Redis = require('ioredis');
+const { isEnabled } = require('~/server/utils');
+const logger = require('~/config/winston');
+
+const { REDIS_URI, USE_REDIS, USE_REDIS_CLUSTER, REDIS_CA, REDIS_MAX_LISTENERS } = process.env;
+
+/** @type {import('ioredis').Redis | import('ioredis').Cluster} */
+let ioredisClient;
+const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 40;
+
+function mapURI(uri) {
+  const regex =
+    /^(?:(?<scheme>\w+):\/\/)?(?:(?<user>[^:@]+)(?::(?<password>[^@]+))?@)?(?<host>[\w.-]+)(?::(?<port>\d{1,5}))?$/;
+  const match = uri.match(regex);
+
+  if (match) {
+    const { scheme, user, password, host, port } = match.groups;
+
+    return {
+      scheme: scheme || 'none',
+      user: user || null,
+      password: password || null,
+      host: host || null,
+      port: port || null,
+    };
+  } else {
+    const parts = uri.split(':');
+    if (parts.length === 2) {
+      return {
+        scheme: 'none',
+        user: null,
+        password: null,
+        host: parts[0],
+        port: parts[1],
+      };
+    }
+
+    return {
+      scheme: 'none',
+      user: null,
+      password: null,
+      host: uri,
+      port: null,
+    };
+  }
+}
+
+if (REDIS_URI && isEnabled(USE_REDIS)) {
+  let redisOptions = null;
+
+  if (REDIS_CA) {
+    const ca = fs.readFileSync(REDIS_CA);
+    redisOptions = { tls: { ca } };
+  }
+
+  if (isEnabled(USE_REDIS_CLUSTER)) {
+    const hosts = REDIS_URI.split(',').map((item) => {
+      var value = mapURI(item);
+
+      return {
+        host: value.host,
+        port: value.port,
+      };
+    });
+    ioredisClient = new Redis.Cluster(hosts, { redisOptions });
+  } else {
+    ioredisClient = new Redis(REDIS_URI, redisOptions);
+  }
+
+  ioredisClient.on('ready', () => {
+    logger.info('IoRedis connection ready');
+  });
+  ioredisClient.on('reconnecting', () => {
+    logger.info('IoRedis connection reconnecting');
+  });
+  ioredisClient.on('end', () => {
+    logger.info('IoRedis connection ended');
+  });
+  ioredisClient.on('close', () => {
+    logger.info('IoRedis connection closed');
+  });
+  ioredisClient.on('error', (err) => logger.error('IoRedis connection error:', err));
+  ioredisClient.setMaxListeners(redis_max_listeners);
+  logger.info(
+    '[Optional] IoRedis initialized for rate limiters. If you have issues, disable Redis or restart the server.',
+  );
+} else {
+  logger.info('[Optional] IoRedis not initialized for rate limiters.');
+}
+
+module.exports = ioredisClient;

api/cache/keyvRedis.js

@@ -0,0 +1,109 @@
+const fs = require('fs');
+const ioredis = require('ioredis');
+const KeyvRedis = require('@keyv/redis').default;
+const { isEnabled } = require('~/server/utils');
+const logger = require('~/config/winston');
+
+const { REDIS_URI, USE_REDIS, USE_REDIS_CLUSTER, REDIS_CA, REDIS_KEY_PREFIX, REDIS_MAX_LISTENERS } =
+  process.env;
+
+let keyvRedis;
+const redis_prefix = REDIS_KEY_PREFIX || '';
+const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 40;
+
+function mapURI(uri) {
+  const regex =
+    /^(?:(?<scheme>\w+):\/\/)?(?:(?<user>[^:@]+)(?::(?<password>[^@]+))?@)?(?<host>[\w.-]+)(?::(?<port>\d{1,5}))?$/;
+  const match = uri.match(regex);
+
+  if (match) {
+    const { scheme, user, password, host, port } = match.groups;
+
+    return {
+      scheme: scheme || 'none',
+      user: user || null,
+      password: password || null,
+      host: host || null,
+      port: port || null,
+    };
+  } else {
+    const parts = uri.split(':');
+    if (parts.length === 2) {
+      return {
+        scheme: 'none',
+        user: null,
+        password: null,
+        host: parts[0],
+        port: parts[1],
+      };
+    }
+
+    return {
+      scheme: 'none',
+      user: null,
+      password: null,
+      host: uri,
+      port: null,
+    };
+  }
+}
+
+if (REDIS_URI && isEnabled(USE_REDIS)) {
+  let redisOptions = null;
+  /** @type {import('@keyv/redis').KeyvRedisOptions} */
+  let keyvOpts = {
+    useRedisSets: false,
+    keyPrefix: redis_prefix,
+  };
+
+  if (REDIS_CA) {
+    const ca = fs.readFileSync(REDIS_CA);
+    redisOptions = { tls: { ca } };
+  }
+
+  if (isEnabled(USE_REDIS_CLUSTER)) {
+    const hosts = REDIS_URI.split(',').map((item) => {
+      var value = mapURI(item);
+
+      return {
+        host: value.host,
+        port: value.port,
+      };
+    });
+    const cluster = new ioredis.Cluster(hosts, { redisOptions });
+    keyvRedis = new KeyvRedis(cluster, keyvOpts);
+  } else {
+    keyvRedis = new KeyvRedis(REDIS_URI, keyvOpts);
+  }
+
+  const pingInterval = setInterval(
+    () => {
+      logger.debug('KeyvRedis ping');
+      keyvRedis.client.ping().catch((err) => logger.error('Redis keep-alive ping failed:', err));
+    },
+    5 * 60 * 1000,
+  );
+
+  keyvRedis.on('ready', () => {
+    logger.info('KeyvRedis connection ready');
+  });
+  keyvRedis.on('reconnecting', () => {
+    logger.info('KeyvRedis connection reconnecting');
+  });
+  keyvRedis.on('end', () => {
+    logger.info('KeyvRedis connection ended');
+  });
+  keyvRedis.on('close', () => {
+    clearInterval(pingInterval);
+    logger.info('KeyvRedis connection closed');
+  });
+  keyvRedis.on('error', (err) => logger.error('KeyvRedis connection error:', err));
+  keyvRedis.setMaxListeners(redis_max_listeners);
+  logger.info(
+    '[Optional] Redis initialized. If you have issues, or seeing older values, disable it or flush cache to refresh values.',
+  );
+} else {
+  logger.info('[Optional] Redis not initialized.');
+}
+
+module.exports = keyvRedis;

api/cache/logViolation.js

@@ -1,5 +1,4 @@
 const { isEnabled } = require('~/server/utils');
-const { ViolationTypes } = require('librechat-data-provider');
 const getLogStores = require('./getLogStores');
 const banViolation = require('./banViolation');
 
@@ -10,14 +9,14 @@ const banViolation = require('./banViolation');
  * @param {Object} res - Express response object.
  * @param {string} type - The type of violation.
  * @param {Object} errorMessage - The error message to log.
- * @param {number | string} [score=1] - The severity of the violation. Defaults to 1
+ * @param {number} [score=1] - The severity of the violation. Defaults to 1
  */
 const logViolation = async (req, res, type, errorMessage, score = 1) => {
   const userId = req.user?.id ?? req.user?._id;
   if (!userId) {
     return;
   }
-  const logs = getLogStores(ViolationTypes.GENERAL);
+  const logs = getLogStores('general');
   const violationLogs = getLogStores(type);
   const key = isEnabled(process.env.USE_REDIS) ? `${type}:${userId}` : userId;
 

api/cache/redisClients.js

@@ -1,57 +0,0 @@
-const IoRedis = require('ioredis');
-const { cacheConfig } = require('./cacheConfig');
-const { createClient, createCluster } = require('@keyv/redis');
-
-const GLOBAL_PREFIX_SEPARATOR = '::';
-
-const urls = cacheConfig.REDIS_URI?.split(',').map((uri) => new URL(uri));
-const username = urls?.[0].username || cacheConfig.REDIS_USERNAME;
-const password = urls?.[0].password || cacheConfig.REDIS_PASSWORD;
-const ca = cacheConfig.REDIS_CA;
-
-/** @type {import('ioredis').Redis | import('ioredis').Cluster | null} */
-let ioredisClient = null;
-if (cacheConfig.USE_REDIS) {
-  const redisOptions = {
-    username: username,
-    password: password,
-    tls: ca ? { ca } : undefined,
-    keyPrefix: `${cacheConfig.REDIS_KEY_PREFIX}${GLOBAL_PREFIX_SEPARATOR}`,
-    maxListeners: cacheConfig.REDIS_MAX_LISTENERS,
-  };
-
-  ioredisClient =
-    urls.length === 1
-      ? new IoRedis(cacheConfig.REDIS_URI, redisOptions)
-      : new IoRedis.Cluster(cacheConfig.REDIS_URI, { redisOptions });
-
-  // Pinging the Redis server every 5 minutes to keep the connection alive
-  const pingInterval = setInterval(() => ioredisClient.ping(), 5 * 60 * 1000);
-  ioredisClient.on('close', () => clearInterval(pingInterval));
-  ioredisClient.on('end', () => clearInterval(pingInterval));
-}
-
-/** @type {import('@keyv/redis').RedisClient | import('@keyv/redis').RedisCluster | null} */
-let keyvRedisClient = null;
-if (cacheConfig.USE_REDIS) {
-  // ** WARNING ** Keyv Redis client does not support Prefix like ioredis above.
-  // The prefix feature will be handled by the Keyv-Redis store in cacheFactory.js
-  const redisOptions = { username, password, socket: { tls: ca != null, ca } };
-
-  keyvRedisClient =
-    urls.length === 1
-      ? createClient({ url: cacheConfig.REDIS_URI, ...redisOptions })
-      : createCluster({
-          rootNodes: cacheConfig.REDIS_URI.split(',').map((url) => ({ url })),
-          defaults: redisOptions,
-        });
-
-  keyvRedisClient.setMaxListeners(cacheConfig.REDIS_MAX_LISTENERS);
-
-  // Pinging the Redis server every 5 minutes to keep the connection alive
-  const keyvPingInterval = setInterval(() => keyvRedisClient.ping(), 5 * 60 * 1000);
-  keyvRedisClient.on('disconnect', () => clearInterval(keyvPingInterval));
-  keyvRedisClient.on('end', () => clearInterval(keyvPingInterval));
-}
-
-module.exports = { ioredisClient, keyvRedisClient, GLOBAL_PREFIX_SEPARATOR };

api/config/index.js

@@ -11,13 +11,12 @@ let flowManager = null;
 
 /**
  * @param {string} [userId] - Optional user ID, to avoid disconnecting the current user.
- * @param {boolean} [skipIdleCheck] - Skip idle connection checking to avoid unnecessary pings.
  * @returns {MCPManager}
  */
-function getMCPManager(userId, skipIdleCheck = false) {
+function getMCPManager(userId) {
   if (!mcpManager) {
-    mcpManager = MCPManager.getInstance();
-  } else if (!skipIdleCheck) {
+    mcpManager = MCPManager.getInstance(logger);
+  } else {
     mcpManager.checkIdleConnections(userId);
   }
   return mcpManager;
@@ -31,6 +30,7 @@ function getFlowStateManager(flowsCache) {
   if (!flowManager) {
     flowManager = new FlowStateManager(flowsCache, {
       ttl: Time.ONE_MINUTE * 3,
+      logger,
     });
   }
   return flowManager;

api/db/indexSync.js

@@ -1,11 +1,8 @@
 const mongoose = require('mongoose');
 const { MeiliSearch } = require('meilisearch');
 const { logger } = require('@librechat/data-schemas');
-const { FlowStateManager } = require('@librechat/api');
-const { CacheKeys } = require('librechat-data-provider');
 
 const { isEnabled } = require('~/server/utils');
-const { getLogStores } = require('~/cache');
 
 const Conversation = mongoose.models.Conversation;
 const Message = mongoose.models.Message;
@@ -31,123 +28,43 @@ class MeiliSearchClient {
   }
 }
 
-/**
- * Performs the actual sync operations for messages and conversations
- */
-async function performSync() {
-  const client = MeiliSearchClient.getInstance();
-
-  const { status } = await client.health();
-  if (status !== 'available') {
-    throw new Error('Meilisearch not available');
-  }
-
-  if (indexingDisabled === true) {
-    logger.info('[indexSync] Indexing is disabled, skipping...');
-    return { messagesSync: false, convosSync: false };
-  }
-
-  let messagesSync = false;
-  let convosSync = false;
-
-  // Check if we need to sync messages
-  const messageProgress = await Message.getSyncProgress();
-  if (!messageProgress.isComplete) {
-    logger.info(
-      `[indexSync] Messages need syncing: ${messageProgress.totalProcessed}/${messageProgress.totalDocuments} indexed`,
-    );
-
-    // Check if we should do a full sync or incremental
-    const messageCount = await Message.countDocuments();
-    const messagesIndexed = messageProgress.totalProcessed;
-    const syncThreshold = parseInt(process.env.MEILI_SYNC_THRESHOLD || '1000', 10);
-
-    if (messageCount - messagesIndexed > syncThreshold) {
-      logger.info('[indexSync] Starting full message sync due to large difference');
-      await Message.syncWithMeili();
-      messagesSync = true;
-    } else if (messageCount !== messagesIndexed) {
-      logger.warn('[indexSync] Messages out of sync, performing incremental sync');
-      await Message.syncWithMeili();
-      messagesSync = true;
-    }
-  } else {
-    logger.info(
-      `[indexSync] Messages are fully synced: ${messageProgress.totalProcessed}/${messageProgress.totalDocuments}`,
-    );
-  }
-
-  // Check if we need to sync conversations
-  const convoProgress = await Conversation.getSyncProgress();
-  if (!convoProgress.isComplete) {
-    logger.info(
-      `[indexSync] Conversations need syncing: ${convoProgress.totalProcessed}/${convoProgress.totalDocuments} indexed`,
-    );
-
-    const convoCount = await Conversation.countDocuments();
-    const convosIndexed = convoProgress.totalProcessed;
-    const syncThreshold = parseInt(process.env.MEILI_SYNC_THRESHOLD || '1000', 10);
-
-    if (convoCount - convosIndexed > syncThreshold) {
-      logger.info('[indexSync] Starting full conversation sync due to large difference');
-      await Conversation.syncWithMeili();
-      convosSync = true;
-    } else if (convoCount !== convosIndexed) {
-      logger.warn('[indexSync] Convos out of sync, performing incremental sync');
-      await Conversation.syncWithMeili();
-      convosSync = true;
-    }
-  } else {
-    logger.info(
-      `[indexSync] Conversations are fully synced: ${convoProgress.totalProcessed}/${convoProgress.totalDocuments}`,
-    );
-  }
-
-  return { messagesSync, convosSync };
-}
-
-/**
- * Main index sync function that uses FlowStateManager to prevent concurrent execution
- */
 async function indexSync() {
   if (!searchEnabled) {
     return;
   }
-
-  logger.info('[indexSync] Starting index synchronization check...');
-
   try {
-    // Get or create FlowStateManager instance
-    const flowsCache = getLogStores(CacheKeys.FLOWS);
-    if (!flowsCache) {
-      logger.warn('[indexSync] Flows cache not available, falling back to direct sync');
-      return await performSync();
+    const client = MeiliSearchClient.getInstance();
+
+    const { status } = await client.health();
+    if (status !== 'available') {
+      throw new Error('Meilisearch not available');
     }
 
-    const flowManager = new FlowStateManager(flowsCache, {
-      ttl: 60000 * 10, // 10 minutes TTL for sync operations
-    });
-
-    // Use a unique flow ID for the sync operation
-    const flowId = 'meili-index-sync';
-    const flowType = 'MEILI_SYNC';
-
-    // This will only execute the handler if no other instance is running the sync
-    const result = await flowManager.createFlowWithHandler(flowId, flowType, performSync);
-
-    if (result.messagesSync || result.convosSync) {
-      logger.info('[indexSync] Sync completed successfully');
-    } else {
-      logger.debug('[indexSync] No sync was needed');
-    }
-
-    return result;
-  } catch (err) {
-    if (err.message.includes('flow already exists')) {
-      logger.info('[indexSync] Sync already running on another instance');
+    if (indexingDisabled === true) {
+      logger.info('[indexSync] Indexing is disabled, skipping...');
       return;
     }
 
+    const messageCount = await Message.countDocuments();
+    const convoCount = await Conversation.countDocuments();
+    const messages = await client.index('messages').getStats();
+    const convos = await client.index('convos').getStats();
+    const messagesIndexed = messages.numberOfDocuments;
+    const convosIndexed = convos.numberOfDocuments;
+
+    logger.debug(`[indexSync] There are ${messageCount} messages and ${messagesIndexed} indexed`);
+    logger.debug(`[indexSync] There are ${convoCount} convos and ${convosIndexed} indexed`);
+
+    if (messageCount !== messagesIndexed) {
+      logger.debug('[indexSync] Messages out of sync, indexing');
+      Message.syncWithMeili();
+    }
+
+    if (convoCount !== convosIndexed) {
+      logger.debug('[indexSync] Convos out of sync, indexing');
+      Conversation.syncWithMeili();
+    }
+  } catch (err) {
     if (err.message.includes('not found')) {
       logger.debug('[indexSync] Creating indices...');
       currentTimeout = setTimeout(async () => {

api/jest.config.js

@@ -1,4 +1,6 @@
+/** @type {import('jest').Config} */
 module.exports = {
+  displayName: 'default',
   testEnvironment: 'node',
   clearMocks: true,
   roots: ['<rootDir>'],
@@ -11,7 +13,7 @@ module.exports = {
   moduleNameMapper: {
     '~/(.*)': '<rootDir>/$1',
     '~/data/auth.json': '<rootDir>/__mocks__/auth.mock.json',
-    '^openid-client/passport$': '<rootDir>/test/__mocks__/openid-client-passport.js', // Mock for the passport strategy part
+    '^openid-client/passport$': '<rootDir>/test/__mocks__/openid-client-passport.js',
     '^openid-client$': '<rootDir>/test/__mocks__/openid-client.js',
   },
   transformIgnorePatterns: ['/node_modules/(?!(openid-client|oauth4webapi|jose)/).*/'],

api/models/Agent.js

@@ -11,7 +11,6 @@ const {
   removeAgentIdsFromProject,
   removeAgentFromAllProjects,
 } = require('./Project');
-const { getCachedTools } = require('~/server/services/Config');
 const getLogStores = require('~/cache/getLogStores');
 const { getActions } = require('./Action');
 const { Agent } = require('~/db/models');
@@ -56,12 +55,12 @@ const getAgent = async (searchParameter) => await Agent.findOne(searchParameter)
  * @param {string} params.agent_id
  * @param {string} params.endpoint
  * @param {import('@librechat/agents').ClientOptions} [params.model_parameters]
- * @returns {Promise<Agent|null>} The agent document as a plain object, or null if not found.
+ * @returns {Agent|null} The agent document as a plain object, or null if not found.
  */
-const loadEphemeralAgent = async ({ req, agent_id, endpoint, model_parameters: _m }) => {
+const loadEphemeralAgent = ({ req, agent_id, endpoint, model_parameters: _m }) => {
   const { model, ...model_parameters } = _m;
   /** @type {Record<string, FunctionTool>} */
-  const availableTools = await getCachedTools({ userId: req.user.id, includeGlobal: true });
+  const availableTools = req.app.locals.availableTools;
   /** @type {TEphemeralAgent | null} */
   const ephemeralAgent = req.body.ephemeralAgent;
   const mcpServers = new Set(ephemeralAgent?.mcp);
@@ -70,9 +69,6 @@ const loadEphemeralAgent = async ({ req, agent_id, endpoint, model_parameters: _
   if (ephemeralAgent?.execute_code === true) {
     tools.push(Tools.execute_code);
   }
-  if (ephemeralAgent?.file_search === true) {
-    tools.push(Tools.file_search);
-  }
   if (ephemeralAgent?.web_search === true) {
     tools.push(Tools.web_search);
   }
@@ -90,7 +86,7 @@ const loadEphemeralAgent = async ({ req, agent_id, endpoint, model_parameters: _
   }
 
   const instructions = req.body.promptPrefix;
-  const result = {
+  return {
     id: agent_id,
     instructions,
     provider: endpoint,
@@ -98,11 +94,6 @@ const loadEphemeralAgent = async ({ req, agent_id, endpoint, model_parameters: _
     model,
     tools,
   };
-
-  if (ephemeralAgent?.artifacts != null && ephemeralAgent.artifacts) {
-    result.artifacts = ephemeralAgent.artifacts;
-  }
-  return result;
 };
 
 /**
@@ -120,7 +111,7 @@ const loadAgent = async ({ req, agent_id, endpoint, model_parameters }) => {
     return null;
   }
   if (agent_id === EPHEMERAL_AGENT_ID) {
-    return await loadEphemeralAgent({ req, agent_id, endpoint, model_parameters });
+    return loadEphemeralAgent({ req, agent_id, endpoint, model_parameters });
   }
   const agent = await getAgent({
     id: agent_id,

api/models/Agent.spec.js

@@ -6,10 +6,6 @@ const originalEnv = {
 process.env.CREDS_KEY = '0123456789abcdef0123456789abcdef';
 process.env.CREDS_IV = '0123456789abcdef';
 
-jest.mock('~/server/services/Config', () => ({
-  getCachedTools: jest.fn(),
-}));
-
 const mongoose = require('mongoose');
 const { v4: uuidv4 } = require('uuid');
 const { agentSchema } = require('@librechat/data-schemas');
@@ -27,7 +23,6 @@ const {
   generateActionMetadataHash,
   revertAgentVersion,
 } = require('./Agent');
-const { getCachedTools } = require('~/server/services/Config');
 
 /**
  * @type {import('mongoose').Model<import('@librechat/data-schemas').IAgent>}
@@ -43,7 +38,7 @@ describe('models/Agent', () => {
       const mongoUri = mongoServer.getUri();
       Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();
@@ -411,9 +406,8 @@ describe('models/Agent', () => {
     beforeAll(async () => {
       mongoServer = await MongoMemoryServer.create();
       const mongoUri = mongoServer.getUri();
-      Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();
@@ -670,7 +664,7 @@ describe('models/Agent', () => {
       const mongoUri = mongoServer.getUri();
       Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();
@@ -1332,7 +1326,7 @@ describe('models/Agent', () => {
       const mongoUri = mongoServer.getUri();
       Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();
@@ -1514,7 +1508,7 @@ describe('models/Agent', () => {
       const mongoUri = mongoServer.getUri();
       Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();
@@ -1552,12 +1546,6 @@ describe('models/Agent', () => {
     test('should test ephemeral agent loading logic', async () => {
       const { EPHEMERAL_AGENT_ID } = require('librechat-data-provider').Constants;
 
-      getCachedTools.mockResolvedValue({
-        tool1_mcp_server1: {},
-        tool2_mcp_server2: {},
-        another_tool: {},
-      });
-
       const mockReq = {
         user: { id: 'user123' },
         body: {
@@ -1568,6 +1556,15 @@ describe('models/Agent', () => {
             mcp: ['server1', 'server2'],
           },
         },
+        app: {
+          locals: {
+            availableTools: {
+              tool1_mcp_server1: {},
+              tool2_mcp_server2: {},
+              another_tool: {},
+            },
+          },
+        },
       };
 
       const result = await loadAgent({
@@ -1660,8 +1657,6 @@ describe('models/Agent', () => {
     test('should handle ephemeral agent with no MCP servers', async () => {
       const { EPHEMERAL_AGENT_ID } = require('librechat-data-provider').Constants;
 
-      getCachedTools.mockResolvedValue({});
-
       const mockReq = {
         user: { id: 'user123' },
         body: {
@@ -1672,6 +1667,11 @@ describe('models/Agent', () => {
             mcp: [],
           },
         },
+        app: {
+          locals: {
+            availableTools: {},
+          },
+        },
       };
 
       const result = await loadAgent({
@@ -1692,13 +1692,16 @@ describe('models/Agent', () => {
     test('should handle ephemeral agent with undefined ephemeralAgent in body', async () => {
       const { EPHEMERAL_AGENT_ID } = require('librechat-data-provider').Constants;
 
-      getCachedTools.mockResolvedValue({});
-
       const mockReq = {
         user: { id: 'user123' },
         body: {
           promptPrefix: 'Basic instructions',
         },
+        app: {
+          locals: {
+            availableTools: {},
+          },
+        },
       };
 
       const result = await loadAgent({
@@ -1731,13 +1734,6 @@ describe('models/Agent', () => {
         const { EPHEMERAL_AGENT_ID } = require('librechat-data-provider').Constants;
 
         const largeToolList = Array.from({ length: 100 }, (_, i) => `tool_${i}_mcp_server1`);
-        const availableTools = largeToolList.reduce((acc, tool) => {
-          acc[tool] = {};
-          return acc;
-        }, {});
-
-        getCachedTools.mockResolvedValue(availableTools);
-
         const mockReq = {
           user: { id: 'user123' },
           body: {
@@ -1748,6 +1744,14 @@ describe('models/Agent', () => {
               mcp: ['server1'],
             },
           },
+          app: {
+            locals: {
+              availableTools: largeToolList.reduce((acc, tool) => {
+                acc[tool] = {};
+                return acc;
+              }, {}),
+            },
+          },
         };
 
         const result = await loadAgent({
@@ -1798,7 +1802,7 @@ describe('models/Agent', () => {
       const mongoUri = mongoServer.getUri();
       Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();
@@ -2268,13 +2272,6 @@ describe('models/Agent', () => {
     test('should handle loadEphemeralAgent with malformed MCP tool names', async () => {
       const { EPHEMERAL_AGENT_ID } = require('librechat-data-provider').Constants;
 
-      getCachedTools.mockResolvedValue({
-        malformed_tool_name: {}, // No mcp delimiter
-        tool__server1: {}, // Wrong delimiter
-        tool_mcp_server1: {}, // Correct format
-        tool_mcp_server2: {}, // Different server
-      });
-
       const mockReq = {
         user: { id: 'user123' },
         body: {
@@ -2285,6 +2282,16 @@ describe('models/Agent', () => {
             mcp: ['server1'],
           },
         },
+        app: {
+          locals: {
+            availableTools: {
+              malformed_tool_name: {}, // No mcp delimiter
+              tool__server1: {}, // Wrong delimiter
+              tool_mcp_server1: {}, // Correct format
+              tool_mcp_server2: {}, // Different server
+            },
+          },
+        },
       };
 
       const result = await loadAgent({
@@ -2350,7 +2357,7 @@ describe('models/Agent', () => {
       const mongoUri = mongoServer.getUri();
       Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
       await mongoose.connect(mongoUri);
-    }, 20000);
+    });
 
     afterAll(async () => {
       await mongoose.disconnect();

api/models/Conversation.js

@@ -1,6 +1,4 @@
 const { logger } = require('@librechat/data-schemas');
-const { createTempChatExpirationDate } = require('@librechat/api');
-const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { getMessages, deleteMessages } = require('./Message');
 const { Conversation } = require('~/db/models');
 
@@ -100,15 +98,10 @@ module.exports = {
         update.conversationId = newConversationId;
       }
 
-      if (req?.body?.isTemporary) {
-        try {
-          const customConfig = await getCustomConfig();
-          update.expiredAt = createTempChatExpirationDate(customConfig);
-        } catch (err) {
-          logger.error('Error creating temporary chat expiration date:', err);
-          logger.info(`---\`saveConvo\` context: ${metadata?.context}`);
-          update.expiredAt = null;
-        }
+      if (req.body.isTemporary) {
+        const expiredAt = new Date();
+        expiredAt.setDate(expiredAt.getDate() + 30);
+        update.expiredAt = expiredAt;
       } else {
         update.expiredAt = null;
       }

api/models/File.js

@@ -1,7 +1,5 @@
 const { logger } = require('@librechat/data-schemas');
-const { EToolResources, FileContext, Constants } = require('librechat-data-provider');
-const { getProjectByName } = require('./Project');
-const { getAgent } = require('./Agent');
+const { EToolResources } = require('librechat-data-provider');
 const { File } = require('~/db/models');
 
 /**
@@ -14,124 +12,17 @@ const findFileById = async (file_id, options = {}) => {
   return await File.findOne({ file_id, ...options }).lean();
 };
 
-/**
- * Checks if a user has access to multiple files through a shared agent (batch operation)
- * @param {string} userId - The user ID to check access for
- * @param {string[]} fileIds - Array of file IDs to check
- * @param {string} agentId - The agent ID that might grant access
- * @returns {Promise<Map<string, boolean>>} Map of fileId to access status
- */
-const hasAccessToFilesViaAgent = async (userId, fileIds, agentId, checkCollaborative = true) => {
-  const accessMap = new Map();
-
-  // Initialize all files as no access
-  fileIds.forEach((fileId) => accessMap.set(fileId, false));
-
-  try {
-    const agent = await getAgent({ id: agentId });
-
-    if (!agent) {
-      return accessMap;
-    }
-
-    // Check if user is the author - if so, grant access to all files
-    if (agent.author.toString() === userId) {
-      fileIds.forEach((fileId) => accessMap.set(fileId, true));
-      return accessMap;
-    }
-
-    // Check if agent is shared with the user via projects
-    if (!agent.projectIds || agent.projectIds.length === 0) {
-      return accessMap;
-    }
-
-    // Check if agent is in global project
-    const globalProject = await getProjectByName(Constants.GLOBAL_PROJECT_NAME, '_id');
-    if (
-      !globalProject ||
-      !agent.projectIds.some((pid) => pid.toString() === globalProject._id.toString())
-    ) {
-      return accessMap;
-    }
-
-    // Agent is globally shared - check if it's collaborative
-    if (checkCollaborative && !agent.isCollaborative) {
-      return accessMap;
-    }
-
-    // Check which files are actually attached
-    const attachedFileIds = new Set();
-    if (agent.tool_resources) {
-      for (const [_resourceType, resource] of Object.entries(agent.tool_resources)) {
-        if (resource?.file_ids && Array.isArray(resource.file_ids)) {
-          resource.file_ids.forEach((fileId) => attachedFileIds.add(fileId));
-        }
-      }
-    }
-
-    // Grant access only to files that are attached to this agent
-    fileIds.forEach((fileId) => {
-      if (attachedFileIds.has(fileId)) {
-        accessMap.set(fileId, true);
-      }
-    });
-
-    return accessMap;
-  } catch (error) {
-    logger.error('[hasAccessToFilesViaAgent] Error checking file access:', error);
-    return accessMap;
-  }
-};
-
 /**
  * Retrieves files matching a given filter, sorted by the most recently updated.
  * @param {Object} filter - The filter criteria to apply.
  * @param {Object} [_sortOptions] - Optional sort parameters.
  * @param {Object|String} [selectFields={ text: 0 }] - Fields to include/exclude in the query results.
  *                                                   Default excludes the 'text' field.
- * @param {Object} [options] - Additional options
- * @param {string} [options.userId] - User ID for access control
- * @param {string} [options.agentId] - Agent ID that might grant access to files
  * @returns {Promise<Array<MongoFile>>} A promise that resolves to an array of file documents.
  */
-const getFiles = async (filter, _sortOptions, selectFields = { text: 0 }, options = {}) => {
+const getFiles = async (filter, _sortOptions, selectFields = { text: 0 }) => {
   const sortOptions = { updatedAt: -1, ..._sortOptions };
-  const files = await File.find(filter).select(selectFields).sort(sortOptions).lean();
-
-  // If userId and agentId are provided, filter files based on access
-  if (options.userId && options.agentId) {
-    // Collect file IDs that need access check
-    const filesToCheck = [];
-    const ownedFiles = [];
-
-    for (const file of files) {
-      if (file.user && file.user.toString() === options.userId) {
-        ownedFiles.push(file);
-      } else {
-        filesToCheck.push(file);
-      }
-    }
-
-    if (filesToCheck.length === 0) {
-      return ownedFiles;
-    }
-
-    // Batch check access for all non-owned files
-    const fileIds = filesToCheck.map((f) => f.file_id);
-    const accessMap = await hasAccessToFilesViaAgent(
-      options.userId,
-      fileIds,
-      options.agentId,
-      false,
-    );
-
-    // Filter files based on access
-    const accessibleFiles = filesToCheck.filter((file) => accessMap.get(file.file_id));
-
-    return [...ownedFiles, ...accessibleFiles];
-  }
-
-  return files;
+  return await File.find(filter).select(selectFields).sort(sortOptions).lean();
 };
 
 /**
@@ -141,19 +32,19 @@ const getFiles = async (filter, _sortOptions, selectFields = { text: 0 }, option
  * @returns {Promise<Array<MongoFile>>} Files that match the criteria
  */
 const getToolFilesByIds = async (fileIds, toolResourceSet) => {
-  if (!fileIds || !fileIds.length || !toolResourceSet?.size) {
+  if (!fileIds || !fileIds.length) {
     return [];
   }
 
   try {
     const filter = {
       file_id: { $in: fileIds },
-      $or: [],
     };
 
-    if (toolResourceSet.has(EToolResources.ocr)) {
-      filter.$or.push({ text: { $exists: true, $ne: null }, context: FileContext.agents });
+    if (toolResourceSet.size) {
+      filter.$or = [];
     }
+
     if (toolResourceSet.has(EToolResources.file_search)) {
       filter.$or.push({ embedded: true });
     }
@@ -285,5 +176,4 @@ module.exports = {
   deleteFiles,
   deleteFileByFilter,
   batchUpdateFiles,
-  hasAccessToFilesViaAgent,
 };

api/models/File.spec.js

@@ -1,264 +0,0 @@
-const mongoose = require('mongoose');
-const { v4: uuidv4 } = require('uuid');
-const { fileSchema } = require('@librechat/data-schemas');
-const { agentSchema } = require('@librechat/data-schemas');
-const { projectSchema } = require('@librechat/data-schemas');
-const { MongoMemoryServer } = require('mongodb-memory-server');
-const { GLOBAL_PROJECT_NAME } = require('librechat-data-provider').Constants;
-const { getFiles, createFile } = require('./File');
-const { getProjectByName } = require('./Project');
-const { createAgent } = require('./Agent');
-
-let File;
-let Agent;
-let Project;
-
-describe('File Access Control', () => {
-  let mongoServer;
-
-  beforeAll(async () => {
-    mongoServer = await MongoMemoryServer.create();
-    const mongoUri = mongoServer.getUri();
-    File = mongoose.models.File || mongoose.model('File', fileSchema);
-    Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
-    Project = mongoose.models.Project || mongoose.model('Project', projectSchema);
-    await mongoose.connect(mongoUri);
-  });
-
-  afterAll(async () => {
-    await mongoose.disconnect();
-    await mongoServer.stop();
-  });
-
-  beforeEach(async () => {
-    await File.deleteMany({});
-    await Agent.deleteMany({});
-    await Project.deleteMany({});
-  });
-
-  describe('hasAccessToFilesViaAgent', () => {
-    it('should efficiently check access for multiple files at once', async () => {
-      const userId = new mongoose.Types.ObjectId().toString();
-      const authorId = new mongoose.Types.ObjectId().toString();
-      const agentId = uuidv4();
-      const fileIds = [uuidv4(), uuidv4(), uuidv4(), uuidv4()];
-
-      // Create files
-      for (const fileId of fileIds) {
-        await createFile({
-          user: authorId,
-          file_id: fileId,
-          filename: `file-${fileId}.txt`,
-          filepath: `/uploads/${fileId}`,
-        });
-      }
-
-      // Create agent with only first two files attached
-      await createAgent({
-        id: agentId,
-        name: 'Test Agent',
-        author: authorId,
-        model: 'gpt-4',
-        provider: 'openai',
-        isCollaborative: true,
-        tool_resources: {
-          file_search: {
-            file_ids: [fileIds[0], fileIds[1]],
-          },
-        },
-      });
-
-      // Get or create global project
-      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
-
-      // Share agent globally
-      await Agent.updateOne({ id: agentId }, { $push: { projectIds: globalProject._id } });
-
-      // Check access for all files
-      const { hasAccessToFilesViaAgent } = require('./File');
-      const accessMap = await hasAccessToFilesViaAgent(userId, fileIds, agentId);
-
-      // Should have access only to the first two files
-      expect(accessMap.get(fileIds[0])).toBe(true);
-      expect(accessMap.get(fileIds[1])).toBe(true);
-      expect(accessMap.get(fileIds[2])).toBe(false);
-      expect(accessMap.get(fileIds[3])).toBe(false);
-    });
-
-    it('should grant access to all files when user is the agent author', async () => {
-      const authorId = new mongoose.Types.ObjectId().toString();
-      const agentId = uuidv4();
-      const fileIds = [uuidv4(), uuidv4(), uuidv4()];
-
-      // Create agent
-      await createAgent({
-        id: agentId,
-        name: 'Test Agent',
-        author: authorId,
-        model: 'gpt-4',
-        provider: 'openai',
-        tool_resources: {
-          file_search: {
-            file_ids: [fileIds[0]], // Only one file attached
-          },
-        },
-      });
-
-      // Check access as the author
-      const { hasAccessToFilesViaAgent } = require('./File');
-      const accessMap = await hasAccessToFilesViaAgent(authorId, fileIds, agentId);
-
-      // Author should have access to all files
-      expect(accessMap.get(fileIds[0])).toBe(true);
-      expect(accessMap.get(fileIds[1])).toBe(true);
-      expect(accessMap.get(fileIds[2])).toBe(true);
-    });
-
-    it('should handle non-existent agent gracefully', async () => {
-      const userId = new mongoose.Types.ObjectId().toString();
-      const fileIds = [uuidv4(), uuidv4()];
-
-      const { hasAccessToFilesViaAgent } = require('./File');
-      const accessMap = await hasAccessToFilesViaAgent(userId, fileIds, 'non-existent-agent');
-
-      // Should have no access to any files
-      expect(accessMap.get(fileIds[0])).toBe(false);
-      expect(accessMap.get(fileIds[1])).toBe(false);
-    });
-
-    it('should deny access when agent is not collaborative', async () => {
-      const userId = new mongoose.Types.ObjectId().toString();
-      const authorId = new mongoose.Types.ObjectId().toString();
-      const agentId = uuidv4();
-      const fileIds = [uuidv4(), uuidv4()];
-
-      // Create agent with files but isCollaborative: false
-      await createAgent({
-        id: agentId,
-        name: 'Non-Collaborative Agent',
-        author: authorId,
-        model: 'gpt-4',
-        provider: 'openai',
-        isCollaborative: false,
-        tool_resources: {
-          file_search: {
-            file_ids: fileIds,
-          },
-        },
-      });
-
-      // Get or create global project
-      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME, '_id');
-
-      // Share agent globally
-      await Agent.updateOne({ id: agentId }, { $push: { projectIds: globalProject._id } });
-
-      // Check access for files
-      const { hasAccessToFilesViaAgent } = require('./File');
-      const accessMap = await hasAccessToFilesViaAgent(userId, fileIds, agentId);
-
-      // Should have no access to any files when isCollaborative is false
-      expect(accessMap.get(fileIds[0])).toBe(false);
-      expect(accessMap.get(fileIds[1])).toBe(false);
-    });
-  });
-
-  describe('getFiles with agent access control', () => {
-    test('should return files owned by user and files accessible through agent', async () => {
-      const authorId = new mongoose.Types.ObjectId();
-      const userId = new mongoose.Types.ObjectId();
-      const agentId = `agent_${uuidv4()}`;
-      const ownedFileId = `file_${uuidv4()}`;
-      const sharedFileId = `file_${uuidv4()}`;
-      const inaccessibleFileId = `file_${uuidv4()}`;
-
-      // Create/get global project using getProjectByName which will upsert
-      const globalProject = await getProjectByName(GLOBAL_PROJECT_NAME);
-
-      // Create agent with shared file
-      await createAgent({
-        id: agentId,
-        name: 'Shared Agent',
-        provider: 'test',
-        model: 'test-model',
-        author: authorId,
-        projectIds: [globalProject._id],
-        isCollaborative: true,
-        tool_resources: {
-          file_search: {
-            file_ids: [sharedFileId],
-          },
-        },
-      });
-
-      // Create files
-      await createFile({
-        file_id: ownedFileId,
-        user: userId,
-        filename: 'owned.txt',
-        filepath: '/uploads/owned.txt',
-        type: 'text/plain',
-        bytes: 100,
-      });
-
-      await createFile({
-        file_id: sharedFileId,
-        user: authorId,
-        filename: 'shared.txt',
-        filepath: '/uploads/shared.txt',
-        type: 'text/plain',
-        bytes: 200,
-        embedded: true,
-      });
-
-      await createFile({
-        file_id: inaccessibleFileId,
-        user: authorId,
-        filename: 'inaccessible.txt',
-        filepath: '/uploads/inaccessible.txt',
-        type: 'text/plain',
-        bytes: 300,
-      });
-
-      // Get files with access control
-      const files = await getFiles(
-        { file_id: { $in: [ownedFileId, sharedFileId, inaccessibleFileId] } },
-        null,
-        { text: 0 },
-        { userId: userId.toString(), agentId },
-      );
-
-      expect(files).toHaveLength(2);
-      expect(files.map((f) => f.file_id)).toContain(ownedFileId);
-      expect(files.map((f) => f.file_id)).toContain(sharedFileId);
-      expect(files.map((f) => f.file_id)).not.toContain(inaccessibleFileId);
-    });
-
-    test('should return all files when no userId/agentId provided', async () => {
-      const userId = new mongoose.Types.ObjectId();
-      const fileId1 = `file_${uuidv4()}`;
-      const fileId2 = `file_${uuidv4()}`;
-
-      await createFile({
-        file_id: fileId1,
-        user: userId,
-        filename: 'file1.txt',
-        filepath: '/uploads/file1.txt',
-        type: 'text/plain',
-        bytes: 100,
-      });
-
-      await createFile({
-        file_id: fileId2,
-        user: new mongoose.Types.ObjectId(),
-        filename: 'file2.txt',
-        filepath: '/uploads/file2.txt',
-        type: 'text/plain',
-        bytes: 200,
-      });
-
-      const files = await getFiles({ file_id: { $in: [fileId1, fileId2] } });
-      expect(files).toHaveLength(2);
-    });
-  });
-});

api/models/Message.js

@@ -1,7 +1,5 @@
 const { z } = require('zod');
 const { logger } = require('@librechat/data-schemas');
-const { createTempChatExpirationDate } = require('@librechat/api');
-const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { Message } = require('~/db/models');
 
 const idSchema = z.string().uuid();
@@ -56,14 +54,9 @@ async function saveMessage(req, params, metadata) {
     };
 
     if (req?.body?.isTemporary) {
-      try {
-        const customConfig = await getCustomConfig();
-        update.expiredAt = createTempChatExpirationDate(customConfig);
-      } catch (err) {
-        logger.error('Error creating temporary chat expiration date:', err);
-        logger.info(`---\`saveMessage\` context: ${metadata?.context}`);
-        update.expiredAt = null;
-      }
+      const expiredAt = new Date();
+      expiredAt.setDate(expiredAt.getDate() + 30);
+      update.expiredAt = expiredAt;
     } else {
       update.expiredAt = null;
     }

api/models/Share.js

@@ -0,0 +1,346 @@
+const { nanoid } = require('nanoid');
+const { logger } = require('@librechat/data-schemas');
+const { Constants } = require('librechat-data-provider');
+const { Conversation, SharedLink } = require('~/db/models');
+const { getMessages } = require('./Message');
+
+class ShareServiceError extends Error {
+  constructor(message, code) {
+    super(message);
+    this.name = 'ShareServiceError';
+    this.code = code;
+  }
+}
+
+const memoizedAnonymizeId = (prefix) => {
+  const memo = new Map();
+  return (id) => {
+    if (!memo.has(id)) {
+      memo.set(id, `${prefix}_${nanoid()}`);
+    }
+    return memo.get(id);
+  };
+};
+
+const anonymizeConvoId = memoizedAnonymizeId('convo');
+const anonymizeAssistantId = memoizedAnonymizeId('a');
+const anonymizeMessageId = (id) =>
+  id === Constants.NO_PARENT ? id : memoizedAnonymizeId('msg')(id);
+
+function anonymizeConvo(conversation) {
+  if (!conversation) {
+    return null;
+  }
+
+  const newConvo = { ...conversation };
+  if (newConvo.assistant_id) {
+    newConvo.assistant_id = anonymizeAssistantId(newConvo.assistant_id);
+  }
+  return newConvo;
+}
+
+function anonymizeMessages(messages, newConvoId) {
+  if (!Array.isArray(messages)) {
+    return [];
+  }
+
+  const idMap = new Map();
+  return messages.map((message) => {
+    const newMessageId = anonymizeMessageId(message.messageId);
+    idMap.set(message.messageId, newMessageId);
+
+    const anonymizedAttachments = message.attachments?.map((attachment) => {
+      return {
+        ...attachment,
+        messageId: newMessageId,
+        conversationId: newConvoId,
+      };
+    });
+
+    return {
+      ...message,
+      messageId: newMessageId,
+      parentMessageId:
+        idMap.get(message.parentMessageId) || anonymizeMessageId(message.parentMessageId),
+      conversationId: newConvoId,
+      model: message.model?.startsWith('asst_')
+        ? anonymizeAssistantId(message.model)
+        : message.model,
+      attachments: anonymizedAttachments,
+    };
+  });
+}
+
+async function getSharedMessages(shareId) {
+  try {
+    const share = await SharedLink.findOne({ shareId, isPublic: true })
+      .populate({
+        path: 'messages',
+        select: '-_id -__v -user',
+      })
+      .select('-_id -__v -user')
+      .lean();
+
+    if (!share?.conversationId || !share.isPublic) {
+      return null;
+    }
+
+    const newConvoId = anonymizeConvoId(share.conversationId);
+    const result = {
+      ...share,
+      conversationId: newConvoId,
+      messages: anonymizeMessages(share.messages, newConvoId),
+    };
+
+    return result;
+  } catch (error) {
+    logger.error('[getShare] Error getting share link', {
+      error: error.message,
+      shareId,
+    });
+    throw new ShareServiceError('Error getting share link', 'SHARE_FETCH_ERROR');
+  }
+}
+
+async function getSharedLinks(user, pageParam, pageSize, isPublic, sortBy, sortDirection, search) {
+  try {
+    const query = { user, isPublic };
+
+    if (pageParam) {
+      if (sortDirection === 'desc') {
+        query[sortBy] = { $lt: pageParam };
+      } else {
+        query[sortBy] = { $gt: pageParam };
+      }
+    }
+
+    if (search && search.trim()) {
+      try {
+        const searchResults = await Conversation.meiliSearch(search);
+
+        if (!searchResults?.hits?.length) {
+          return {
+            links: [],
+            nextCursor: undefined,
+            hasNextPage: false,
+          };
+        }
+
+        const conversationIds = searchResults.hits.map((hit) => hit.conversationId);
+        query['conversationId'] = { $in: conversationIds };
+      } catch (searchError) {
+        logger.error('[getSharedLinks] Meilisearch error', {
+          error: searchError.message,
+          user,
+        });
+        return {
+          links: [],
+          nextCursor: undefined,
+          hasNextPage: false,
+        };
+      }
+    }
+
+    const sort = {};
+    sort[sortBy] = sortDirection === 'desc' ? -1 : 1;
+
+    if (Array.isArray(query.conversationId)) {
+      query.conversationId = { $in: query.conversationId };
+    }
+
+    const sharedLinks = await SharedLink.find(query)
+      .sort(sort)
+      .limit(pageSize + 1)
+      .select('-__v -user')
+      .lean();
+
+    const hasNextPage = sharedLinks.length > pageSize;
+    const links = sharedLinks.slice(0, pageSize);
+
+    const nextCursor = hasNextPage ? links[links.length - 1][sortBy] : undefined;
+
+    return {
+      links: links.map((link) => ({
+        shareId: link.shareId,
+        title: link?.title || 'Untitled',
+        isPublic: link.isPublic,
+        createdAt: link.createdAt,
+        conversationId: link.conversationId,
+      })),
+      nextCursor,
+      hasNextPage,
+    };
+  } catch (error) {
+    logger.error('[getSharedLinks] Error getting shares', {
+      error: error.message,
+      user,
+    });
+    throw new ShareServiceError('Error getting shares', 'SHARES_FETCH_ERROR');
+  }
+}
+
+async function deleteAllSharedLinks(user) {
+  try {
+    const result = await SharedLink.deleteMany({ user });
+    return {
+      message: 'All shared links deleted successfully',
+      deletedCount: result.deletedCount,
+    };
+  } catch (error) {
+    logger.error('[deleteAllSharedLinks] Error deleting shared links', {
+      error: error.message,
+      user,
+    });
+    throw new ShareServiceError('Error deleting shared links', 'BULK_DELETE_ERROR');
+  }
+}
+
+async function createSharedLink(user, conversationId) {
+  if (!user || !conversationId) {
+    throw new ShareServiceError('Missing required parameters', 'INVALID_PARAMS');
+  }
+  try {
+    const [existingShare, conversationMessages] = await Promise.all([
+      SharedLink.findOne({ conversationId, isPublic: true }).select('-_id -__v -user').lean(),
+      getMessages({ conversationId }),
+    ]);
+
+    if (existingShare && existingShare.isPublic) {
+      throw new ShareServiceError('Share already exists', 'SHARE_EXISTS');
+    } else if (existingShare) {
+      await SharedLink.deleteOne({ conversationId });
+    }
+
+    const conversation = await Conversation.findOne({ conversationId }).lean();
+    const title = conversation?.title || 'Untitled';
+
+    const shareId = nanoid();
+    await SharedLink.create({
+      shareId,
+      conversationId,
+      messages: conversationMessages,
+      title,
+      user,
+    });
+
+    return { shareId, conversationId };
+  } catch (error) {
+    logger.error('[createSharedLink] Error creating shared link', {
+      error: error.message,
+      user,
+      conversationId,
+    });
+    throw new ShareServiceError('Error creating shared link', 'SHARE_CREATE_ERROR');
+  }
+}
+
+async function getSharedLink(user, conversationId) {
+  if (!user || !conversationId) {
+    throw new ShareServiceError('Missing required parameters', 'INVALID_PARAMS');
+  }
+
+  try {
+    const share = await SharedLink.findOne({ conversationId, user, isPublic: true })
+      .select('shareId -_id')
+      .lean();
+
+    if (!share) {
+      return { shareId: null, success: false };
+    }
+
+    return { shareId: share.shareId, success: true };
+  } catch (error) {
+    logger.error('[getSharedLink] Error getting shared link', {
+      error: error.message,
+      user,
+      conversationId,
+    });
+    throw new ShareServiceError('Error getting shared link', 'SHARE_FETCH_ERROR');
+  }
+}
+
+async function updateSharedLink(user, shareId) {
+  if (!user || !shareId) {
+    throw new ShareServiceError('Missing required parameters', 'INVALID_PARAMS');
+  }
+
+  try {
+    const share = await SharedLink.findOne({ shareId }).select('-_id -__v -user').lean();
+
+    if (!share) {
+      throw new ShareServiceError('Share not found', 'SHARE_NOT_FOUND');
+    }
+
+    const [updatedMessages] = await Promise.all([
+      getMessages({ conversationId: share.conversationId }),
+    ]);
+
+    const newShareId = nanoid();
+    const update = {
+      messages: updatedMessages,
+      user,
+      shareId: newShareId,
+    };
+
+    const updatedShare = await SharedLink.findOneAndUpdate({ shareId, user }, update, {
+      new: true,
+      upsert: false,
+      runValidators: true,
+    }).lean();
+
+    if (!updatedShare) {
+      throw new ShareServiceError('Share update failed', 'SHARE_UPDATE_ERROR');
+    }
+
+    anonymizeConvo(updatedShare);
+
+    return { shareId: newShareId, conversationId: updatedShare.conversationId };
+  } catch (error) {
+    logger.error('[updateSharedLink] Error updating shared link', {
+      error: error.message,
+      user,
+      shareId,
+    });
+    throw new ShareServiceError(
+      error.code === 'SHARE_UPDATE_ERROR' ? error.message : 'Error updating shared link',
+      error.code || 'SHARE_UPDATE_ERROR',
+    );
+  }
+}
+
+async function deleteSharedLink(user, shareId) {
+  if (!user || !shareId) {
+    throw new ShareServiceError('Missing required parameters', 'INVALID_PARAMS');
+  }
+
+  try {
+    const result = await SharedLink.findOneAndDelete({ shareId, user }).lean();
+
+    if (!result) {
+      return null;
+    }
+
+    return {
+      success: true,
+      shareId,
+      message: 'Share deleted successfully',
+    };
+  } catch (error) {
+    logger.error('[deleteSharedLink] Error deleting shared link', {
+      error: error.message,
+      user,
+      shareId,
+    });
+    throw new ShareServiceError('Error deleting shared link', 'SHARE_DELETE_ERROR');
+  }
+}
+
+module.exports = {
+  getSharedLink,
+  getSharedLinks,
+  createSharedLink,
+  updateSharedLink,
+  deleteSharedLink,
+  getSharedMessages,
+  deleteAllSharedLinks,
+};

api/models/Token.js

@@ -0,0 +1,42 @@
+const { findToken, updateToken, createToken } = require('~/models');
+const { encryptV2 } = require('~/server/utils/crypto');
+
+/**
+ * Handles the OAuth token by creating or updating the token.
+ * @param {object} fields
+ * @param {string} fields.userId - The user's ID.
+ * @param {string} fields.token - The full token to store.
+ * @param {string} fields.identifier - Unique, alternative identifier for the token.
+ * @param {number} fields.expiresIn - The number of seconds until the token expires.
+ * @param {object} fields.metadata - Additional metadata to store with the token.
+ * @param {string} [fields.type="oauth"] - The type of token. Default is 'oauth'.
+ */
+async function handleOAuthToken({
+  token,
+  userId,
+  identifier,
+  expiresIn,
+  metadata,
+  type = 'oauth',
+}) {
+  const encrypedToken = await encryptV2(token);
+  const tokenData = {
+    type,
+    userId,
+    metadata,
+    identifier,
+    token: encrypedToken,
+    expiresIn: parseInt(expiresIn, 10) || 3600,
+  };
+
+  const existingToken = await findToken({ userId, identifier });
+  if (existingToken) {
+    return await updateToken({ identifier }, tokenData);
+  } else {
+    return await createToken(tokenData);
+  }
+}
+
+module.exports = {
+  handleOAuthToken,
+};

api/models/inviteUser.js

@@ -1,6 +1,6 @@
 const mongoose = require('mongoose');
-const { getRandomValues } = require('@librechat/api');
 const { logger, hashToken } = require('@librechat/data-schemas');
+const { getRandomValues } = require('~/server/utils/crypto');
 const { createToken, findToken } = require('~/models');
 
 /**

api/models/tx.js

@@ -78,7 +78,7 @@ const tokenValues = Object.assign(
     'gpt-3.5-turbo-1106': { prompt: 1, completion: 2 },
     'o4-mini': { prompt: 1.1, completion: 4.4 },
     'o3-mini': { prompt: 1.1, completion: 4.4 },
-    o3: { prompt: 2, completion: 8 },
+    o3: { prompt: 10, completion: 40 },
     'o1-mini': { prompt: 1.1, completion: 4.4 },
     'o1-preview': { prompt: 15, completion: 60 },
     o1: { prompt: 15, completion: 60 },
@@ -135,11 +135,10 @@ const tokenValues = Object.assign(
     'grok-2-1212': { prompt: 2.0, completion: 10.0 },
     'grok-2-latest': { prompt: 2.0, completion: 10.0 },
     'grok-2': { prompt: 2.0, completion: 10.0 },
-    'grok-3-mini-fast': { prompt: 0.6, completion: 4 },
+    'grok-3-mini-fast': { prompt: 0.4, completion: 4 },
     'grok-3-mini': { prompt: 0.3, completion: 0.5 },
     'grok-3-fast': { prompt: 5.0, completion: 25.0 },
     'grok-3': { prompt: 3.0, completion: 15.0 },
-    'grok-4': { prompt: 3.0, completion: 15.0 },
     'grok-beta': { prompt: 5.0, completion: 15.0 },
     'mistral-large': { prompt: 2.0, completion: 6.0 },
     'pixtral-large': { prompt: 2.0, completion: 6.0 },

api/models/tx.spec.js

@@ -636,15 +636,6 @@ describe('Grok Model Tests - Pricing', () => {
       );
     });
 
-    test('should return correct prompt and completion rates for Grok 4 model', () => {
-      expect(getMultiplier({ model: 'grok-4-0709', tokenType: 'prompt' })).toBe(
-        tokenValues['grok-4'].prompt,
-      );
-      expect(getMultiplier({ model: 'grok-4-0709', tokenType: 'completion' })).toBe(
-        tokenValues['grok-4'].completion,
-      );
-    });
-
     test('should return correct prompt and completion rates for Grok 3 models with prefixes', () => {
       expect(getMultiplier({ model: 'xai/grok-3', tokenType: 'prompt' })).toBe(
         tokenValues['grok-3'].prompt,
@@ -671,15 +662,6 @@ describe('Grok Model Tests - Pricing', () => {
         tokenValues['grok-3-mini-fast'].completion,
       );
     });
-
-    test('should return correct prompt and completion rates for Grok 4 model with prefixes', () => {
-      expect(getMultiplier({ model: 'xai/grok-4-0709', tokenType: 'prompt' })).toBe(
-        tokenValues['grok-4'].prompt,
-      );
-      expect(getMultiplier({ model: 'xai/grok-4-0709', tokenType: 'completion' })).toBe(
-        tokenValues['grok-4'].completion,
-      );
-    });
   });
 });
 

api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@librechat/backend",
-  "version": "v0.7.9-rc1",
+  "version": "v0.7.8",
   "description": "",
   "scripts": {
     "start": "echo 'please run this from the root directory'",
@@ -34,30 +34,31 @@
   },
   "homepage": "https://librechat.ai",
   "dependencies": {
-    "@anthropic-ai/sdk": "^0.52.0",
+    "@anthropic-ai/sdk": "^0.37.0",
     "@aws-sdk/client-s3": "^3.758.0",
     "@aws-sdk/s3-request-presigner": "^3.758.0",
     "@azure/identity": "^4.7.0",
     "@azure/search-documents": "^12.0.0",
     "@azure/storage-blob": "^12.27.0",
-    "@google/generative-ai": "^0.24.0",
+    "@google/generative-ai": "^0.23.0",
     "@googleapis/youtube": "^20.0.0",
     "@keyv/redis": "^4.3.3",
-    "@langchain/community": "^0.3.47",
-    "@langchain/core": "^0.3.62",
-    "@langchain/google-genai": "^0.2.13",
-    "@langchain/google-vertexai": "^0.2.13",
-    "@langchain/openai": "^0.5.18",
+    "@langchain/community": "^0.3.44",
+    "@langchain/core": "^0.3.57",
+    "@langchain/google-genai": "^0.2.9",
+    "@langchain/google-vertexai": "^0.2.9",
     "@langchain/textsplitters": "^0.1.0",
-    "@librechat/agents": "^2.4.67",
+    "@librechat/agents": "^2.4.38",
+    "@librechat/auth": "*",
     "@librechat/api": "*",
     "@librechat/data-schemas": "*",
     "@node-saml/passport-saml": "^5.0.0",
     "@waylaidwanderer/fetch-event-source": "^3.0.1",
     "axios": "^1.8.2",
     "bcryptjs": "^2.4.3",
-    "compression": "^1.8.1",
-    "connect-redis": "^8.1.0",
+    "cohere-ai": "^7.9.1",
+    "compression": "^1.7.4",
+    "connect-redis": "^7.1.0",
     "cookie": "^0.7.2",
     "cookie-parser": "^1.4.7",
     "cors": "^2.8.5",
@@ -67,11 +68,10 @@
     "express": "^4.21.2",
     "express-mongo-sanitize": "^2.2.0",
     "express-rate-limit": "^7.4.1",
-    "express-session": "^1.18.2",
+    "express-session": "^1.18.1",
     "express-static-gzip": "^2.2.0",
     "file-type": "^18.7.0",
     "firebase": "^11.0.2",
-    "form-data": "^4.0.4",
     "googleapis": "^126.0.1",
     "handlebars": "^4.7.7",
     "https-proxy-agent": "^7.0.6",
@@ -89,12 +89,12 @@
     "mime": "^3.0.0",
     "module-alias": "^2.2.3",
     "mongoose": "^8.12.1",
-    "multer": "^2.0.2",
+    "multer": "^2.0.1",
     "nanoid": "^3.3.7",
     "node-fetch": "^2.7.0",
     "nodemailer": "^6.9.15",
     "ollama": "^0.5.0",
-    "openai": "^5.10.1",
+    "openai": "^4.96.2",
     "openai-chat-tokens": "^0.2.8",
     "openid-client": "^6.5.0",
     "passport": "^0.6.0",
@@ -121,6 +121,7 @@
     "jest": "^29.7.0",
     "mongodb-memory-server": "^10.1.3",
     "nodemon": "^3.0.3",
-    "supertest": "^7.1.0"
+    "supertest": "^7.1.0",
+    "ts-jest": "^29.4.0"
   }
-}
+}

api/server/cleanup.js

@@ -169,6 +169,9 @@ function disposeClient(client) {
       client.isGenerativeModel = null;
     }
     // Properties specific to OpenAIClient
+    if (client.ChatGPTClient) {
+      client.ChatGPTClient = null;
+    }
     if (client.completionsUrl) {
       client.completionsUrl = null;
     }

api/server/controllers/AskController.js

@@ -0,0 +1,282 @@
+const { getResponseSender, Constants } = require('librechat-data-provider');
+const {
+  handleAbortError,
+  createAbortController,
+  cleanupAbortController,
+} = require('~/server/middleware');
+const {
+  disposeClient,
+  processReqData,
+  clientRegistry,
+  requestDataMap,
+} = require('~/server/cleanup');
+const { sendMessage, createOnProgress } = require('~/server/utils');
+const { saveMessage } = require('~/models');
+const { logger } = require('~/config');
+
+const AskController = async (req, res, next, initializeClient, addTitle) => {
+  let {
+    text,
+    endpointOption,
+    conversationId,
+    modelDisplayLabel,
+    parentMessageId = null,
+    overrideParentMessageId = null,
+  } = req.body;
+
+  let client = null;
+  let abortKey = null;
+  let cleanupHandlers = [];
+  let clientRef = null;
+
+  logger.debug('[AskController]', {
+    text,
+    conversationId,
+    ...endpointOption,
+    modelsConfig: endpointOption?.modelsConfig ? 'exists' : '',
+  });
+
+  let userMessage = null;
+  let userMessagePromise = null;
+  let promptTokens = null;
+  let userMessageId = null;
+  let responseMessageId = null;
+  let getAbortData = null;
+
+  const sender = getResponseSender({
+    ...endpointOption,
+    model: endpointOption.modelOptions.model,
+    modelDisplayLabel,
+  });
+  const initialConversationId = conversationId;
+  const newConvo = !initialConversationId;
+  const userId = req.user.id;
+
+  let reqDataContext = {
+    userMessage,
+    userMessagePromise,
+    responseMessageId,
+    promptTokens,
+    conversationId,
+    userMessageId,
+  };
+
+  const updateReqData = (data = {}) => {
+    reqDataContext = processReqData(data, reqDataContext);
+    abortKey = reqDataContext.abortKey;
+    userMessage = reqDataContext.userMessage;
+    userMessagePromise = reqDataContext.userMessagePromise;
+    responseMessageId = reqDataContext.responseMessageId;
+    promptTokens = reqDataContext.promptTokens;
+    conversationId = reqDataContext.conversationId;
+    userMessageId = reqDataContext.userMessageId;
+  };
+
+  let { onProgress: progressCallback, getPartialText } = createOnProgress();
+
+  const performCleanup = () => {
+    logger.debug('[AskController] Performing cleanup');
+    if (Array.isArray(cleanupHandlers)) {
+      for (const handler of cleanupHandlers) {
+        try {
+          if (typeof handler === 'function') {
+            handler();
+          }
+        } catch (e) {
+          // Ignore
+        }
+      }
+    }
+
+    if (abortKey) {
+      logger.debug('[AskController] Cleaning up abort controller');
+      cleanupAbortController(abortKey);
+      abortKey = null;
+    }
+
+    if (client) {
+      disposeClient(client);
+      client = null;
+    }
+
+    reqDataContext = null;
+    userMessage = null;
+    userMessagePromise = null;
+    promptTokens = null;
+    getAbortData = null;
+    progressCallback = null;
+    endpointOption = null;
+    cleanupHandlers = null;
+    addTitle = null;
+
+    if (requestDataMap.has(req)) {
+      requestDataMap.delete(req);
+    }
+    logger.debug('[AskController] Cleanup completed');
+  };
+
+  try {
+    ({ client } = await initializeClient({ req, res, endpointOption }));
+    if (clientRegistry && client) {
+      clientRegistry.register(client, { userId }, client);
+    }
+
+    if (client) {
+      requestDataMap.set(req, { client });
+    }
+
+    clientRef = new WeakRef(client);
+
+    getAbortData = () => {
+      const currentClient = clientRef?.deref();
+      const currentText =
+        currentClient?.getStreamText != null ? currentClient.getStreamText() : getPartialText();
+
+      return {
+        sender,
+        conversationId,
+        messageId: reqDataContext.responseMessageId,
+        parentMessageId: overrideParentMessageId ?? userMessageId,
+        text: currentText,
+        userMessage: userMessage,
+        userMessagePromise: userMessagePromise,
+        promptTokens: reqDataContext.promptTokens,
+      };
+    };
+
+    const { onStart, abortController } = createAbortController(
+      req,
+      res,
+      getAbortData,
+      updateReqData,
+    );
+
+    const closeHandler = () => {
+      logger.debug('[AskController] Request closed');
+      if (!abortController || abortController.signal.aborted || abortController.requestCompleted) {
+        return;
+      }
+      abortController.abort();
+      logger.debug('[AskController] Request aborted on close');
+    };
+
+    res.on('close', closeHandler);
+    cleanupHandlers.push(() => {
+      try {
+        res.removeListener('close', closeHandler);
+      } catch (e) {
+        // Ignore
+      }
+    });
+
+    const messageOptions = {
+      user: userId,
+      parentMessageId,
+      conversationId: reqDataContext.conversationId,
+      overrideParentMessageId,
+      getReqData: updateReqData,
+      onStart,
+      abortController,
+      progressCallback,
+      progressOptions: {
+        res,
+      },
+    };
+
+    /** @type {TMessage} */
+    let response = await client.sendMessage(text, messageOptions);
+    response.endpoint = endpointOption.endpoint;
+
+    const databasePromise = response.databasePromise;
+    delete response.databasePromise;
+
+    const { conversation: convoData = {} } = await databasePromise;
+    const conversation = { ...convoData };
+    conversation.title =
+      conversation && !conversation.title ? null : conversation?.title || 'New Chat';
+
+    const latestUserMessage = reqDataContext.userMessage;
+
+    if (client?.options?.attachments && latestUserMessage) {
+      latestUserMessage.files = client.options.attachments;
+      if (endpointOption?.modelOptions?.model) {
+        conversation.model = endpointOption.modelOptions.model;
+      }
+      delete latestUserMessage.image_urls;
+    }
+
+    if (!abortController.signal.aborted) {
+      const finalResponseMessage = { ...response };
+
+      sendMessage(res, {
+        final: true,
+        conversation,
+        title: conversation.title,
+        requestMessage: latestUserMessage,
+        responseMessage: finalResponseMessage,
+      });
+      res.end();
+
+      if (client?.savedMessageIds && !client.savedMessageIds.has(response.messageId)) {
+        await saveMessage(
+          req,
+          { ...finalResponseMessage, user: userId },
+          { context: 'api/server/controllers/AskController.js - response end' },
+        );
+      }
+    }
+
+    if (!client?.skipSaveUserMessage && latestUserMessage) {
+      await saveMessage(req, latestUserMessage, {
+        context: "api/server/controllers/AskController.js - don't skip saving user message",
+      });
+    }
+
+    if (typeof addTitle === 'function' && parentMessageId === Constants.NO_PARENT && newConvo) {
+      addTitle(req, {
+        text,
+        response: { ...response },
+        client,
+      })
+        .then(() => {
+          logger.debug('[AskController] Title generation started');
+        })
+        .catch((err) => {
+          logger.error('[AskController] Error in title generation', err);
+        })
+        .finally(() => {
+          logger.debug('[AskController] Title generation completed');
+          performCleanup();
+        });
+    } else {
+      performCleanup();
+    }
+  } catch (error) {
+    logger.error('[AskController] Error handling request', error);
+    let partialText = '';
+    try {
+      const currentClient = clientRef?.deref();
+      partialText =
+        currentClient?.getStreamText != null ? currentClient.getStreamText() : getPartialText();
+    } catch (getTextError) {
+      logger.error('[AskController] Error calling getText() during error handling', getTextError);
+    }
+
+    handleAbortError(res, req, error, {
+      sender,
+      partialText,
+      conversationId: reqDataContext.conversationId,
+      messageId: reqDataContext.responseMessageId,
+      parentMessageId: overrideParentMessageId ?? reqDataContext.userMessageId ?? parentMessageId,
+      userMessageId: reqDataContext.userMessageId,
+    })
+      .catch((err) => {
+        logger.error('[AskController] Error in `handleAbortError` during catch block', err);
+      })
+      .finally(() => {
+        performCleanup();
+      });
+  }
+};
+
+module.exports = AskController;

api/server/controllers/AuthController.js

@@ -1,21 +1,24 @@
 const cookies = require('cookie');
 const jwt = require('jsonwebtoken');
-const openIdClient = require('openid-client');
-const { isEnabled } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
 const {
+  registerUser,
   requestPasswordReset,
-  setOpenIDAuthTokens,
   resetPassword,
   setAuthTokens,
-  registerUser,
-} = require('~/server/services/AuthService');
+  setOpenIDAuthTokens,
+} = require('@librechat/auth');
 const { findUser, getUserById, deleteAllUserSessions, findSession } = require('~/models');
-const { getOpenIdConfig } = require('~/strategies');
+const { getOpenIdConfig } = require('@librechat/auth');
+const { isEnabled } = require('~/server/utils');
+const { isEmailDomainAllowed } = require('~/server/services/domains');
+const { getBalanceConfig } = require('~/server/services/Config');
 
 const registrationController = async (req, res) => {
   try {
-    const response = await registerUser(req.body);
+    const isEmailDomAllowed = await isEmailDomainAllowed(req.body.email);
+    const balanceConfig = await getBalanceConfig();
+    const response = await registerUser(req.body, {}, isEmailDomAllowed, balanceConfig);
     const { status, message } = response;
     res.status(status).send({ message });
   } catch (err) {
@@ -65,9 +68,11 @@ const refreshController = async (req, res) => {
   if (!refreshToken) {
     return res.status(200).send('Refresh token not provided');
   }
+
   if (token_provider === 'openid' && isEnabled(process.env.OPENID_REUSE_TOKENS) === true) {
     try {
       const openIdConfig = getOpenIdConfig();
+      const openIdClient = await import('openid-client');
       const tokenset = await openIdClient.refreshTokenGrant(openIdConfig, refreshToken);
       const claims = tokenset.claims();
       const user = await findUser({ email: claims.email });

api/server/controllers/EditController.js

@@ -1,5 +1,3 @@
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { getResponseSender } = require('librechat-data-provider');
 const {
   handleAbortError,
@@ -12,8 +10,9 @@ const {
   clientRegistry,
   requestDataMap,
 } = require('~/server/cleanup');
-const { createOnProgress } = require('~/server/utils');
+const { sendMessage, createOnProgress } = require('~/server/utils');
 const { saveMessage } = require('~/models');
+const { logger } = require('~/config');
 
 const EditController = async (req, res, next, initializeClient) => {
   let {
@@ -85,7 +84,7 @@ const EditController = async (req, res, next, initializeClient) => {
     }
 
     if (abortKey) {
-      logger.debug('[EditController] Cleaning up abort controller');
+      logger.debug('[AskController] Cleaning up abort controller');
       cleanupAbortController(abortKey);
       abortKey = null;
     }
@@ -199,7 +198,7 @@ const EditController = async (req, res, next, initializeClient) => {
       const finalUserMessage = reqDataContext.userMessage;
       const finalResponseMessage = { ...response };
 
-      sendEvent(res, {
+      sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,

api/server/controllers/ErrorController.js

@@ -24,23 +24,17 @@ const handleValidationError = (err, res) => {
   }
 };
 
-module.exports = (err, _req, res, _next) => {
+// eslint-disable-next-line no-unused-vars
+module.exports = (err, req, res, next) => {
   try {
     if (err.name === 'ValidationError') {
-      return handleValidationError(err, res);
+      return (err = handleValidationError(err, res));
     }
     if (err.code && err.code == 11000) {
-      return handleDuplicateKeyError(err, res);
+      return (err = handleDuplicateKeyError(err, res));
     }
-    // Special handling for errors like SyntaxError
-    if (err.statusCode && err.body) {
-      return res.status(err.statusCode).send(err.body);
-    }
-
-    logger.error('ErrorController => error', err);
-    return res.status(500).send('An unknown error occurred.');
   } catch (err) {
-    logger.error('ErrorController => processing error', err);
-    return res.status(500).send('Processing error in ErrorController.');
+    logger.error('ErrorController => error', err);
+    res.status(500).send('An unknown error occurred.');
   }
 };

api/server/controllers/ErrorController.spec.js

@@ -1,241 +0,0 @@
-const errorController = require('./ErrorController');
-const { logger } = require('~/config');
-
-// Mock the logger
-jest.mock('~/config', () => ({
-  logger: {
-    error: jest.fn(),
-  },
-}));
-
-describe('ErrorController', () => {
-  let mockReq, mockRes, mockNext;
-
-  beforeEach(() => {
-    mockReq = {};
-    mockRes = {
-      status: jest.fn().mockReturnThis(),
-      send: jest.fn(),
-    };
-    mockNext = jest.fn();
-    logger.error.mockClear();
-  });
-
-  describe('ValidationError handling', () => {
-    it('should handle ValidationError with single error', () => {
-      const validationError = {
-        name: 'ValidationError',
-        errors: {
-          email: { message: 'Email is required', path: 'email' },
-        },
-      };
-
-      errorController(validationError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: '["Email is required"]',
-        fields: '["email"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Validation error:', validationError.errors);
-    });
-
-    it('should handle ValidationError with multiple errors', () => {
-      const validationError = {
-        name: 'ValidationError',
-        errors: {
-          email: { message: 'Email is required', path: 'email' },
-          password: { message: 'Password is required', path: 'password' },
-        },
-      };
-
-      errorController(validationError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: '"Email is required Password is required"',
-        fields: '["email","password"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Validation error:', validationError.errors);
-    });
-
-    it('should handle ValidationError with empty errors object', () => {
-      const validationError = {
-        name: 'ValidationError',
-        errors: {},
-      };
-
-      errorController(validationError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: '[]',
-        fields: '[]',
-      });
-    });
-  });
-
-  describe('Duplicate key error handling', () => {
-    it('should handle duplicate key error (code 11000)', () => {
-      const duplicateKeyError = {
-        code: 11000,
-        keyValue: { email: 'test@example.com' },
-      };
-
-      errorController(duplicateKeyError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(409);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: 'An document with that ["email"] already exists.',
-        fields: '["email"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Duplicate key error:', duplicateKeyError.keyValue);
-    });
-
-    it('should handle duplicate key error with multiple fields', () => {
-      const duplicateKeyError = {
-        code: 11000,
-        keyValue: { email: 'test@example.com', username: 'testuser' },
-      };
-
-      errorController(duplicateKeyError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(409);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: 'An document with that ["email","username"] already exists.',
-        fields: '["email","username"]',
-      });
-      expect(logger.error).toHaveBeenCalledWith('Duplicate key error:', duplicateKeyError.keyValue);
-    });
-
-    it('should handle error with code 11000 as string', () => {
-      const duplicateKeyError = {
-        code: '11000',
-        keyValue: { email: 'test@example.com' },
-      };
-
-      errorController(duplicateKeyError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(409);
-      expect(mockRes.send).toHaveBeenCalledWith({
-        messages: 'An document with that ["email"] already exists.',
-        fields: '["email"]',
-      });
-    });
-  });
-
-  describe('SyntaxError handling', () => {
-    it('should handle errors with statusCode and body', () => {
-      const syntaxError = {
-        statusCode: 400,
-        body: 'Invalid JSON syntax',
-      };
-
-      errorController(syntaxError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.send).toHaveBeenCalledWith('Invalid JSON syntax');
-    });
-
-    it('should handle errors with different statusCode and body', () => {
-      const customError = {
-        statusCode: 422,
-        body: { error: 'Unprocessable entity' },
-      };
-
-      errorController(customError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(422);
-      expect(mockRes.send).toHaveBeenCalledWith({ error: 'Unprocessable entity' });
-    });
-
-    it('should handle error with statusCode but no body', () => {
-      const partialError = {
-        statusCode: 400,
-      };
-
-      errorController(partialError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-    });
-
-    it('should handle error with body but no statusCode', () => {
-      const partialError = {
-        body: 'Some error message',
-      };
-
-      errorController(partialError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-    });
-  });
-
-  describe('Unknown error handling', () => {
-    it('should handle unknown errors', () => {
-      const unknownError = new Error('Some unknown error');
-
-      errorController(unknownError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-      expect(logger.error).toHaveBeenCalledWith('ErrorController => error', unknownError);
-    });
-
-    it('should handle errors with code other than 11000', () => {
-      const mongoError = {
-        code: 11100,
-        message: 'Some MongoDB error',
-      };
-
-      errorController(mongoError, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('An unknown error occurred.');
-      expect(logger.error).toHaveBeenCalledWith('ErrorController => error', mongoError);
-    });
-
-    it('should handle null/undefined errors', () => {
-      errorController(null, mockReq, mockRes, mockNext);
-
-      expect(mockRes.status).toHaveBeenCalledWith(500);
-      expect(mockRes.send).toHaveBeenCalledWith('Processing error in ErrorController.');
-      expect(logger.error).toHaveBeenCalledWith(
-        'ErrorController => processing error',
-        expect.any(Error),
-      );
-    });
-  });
-
-  describe('Catch block handling', () => {
-    beforeEach(() => {
-      // Restore logger mock to normal behavior for these tests
-      logger.error.mockRestore();
-      logger.error = jest.fn();
-    });
-
-    it('should handle errors when logger.error throws', () => {
-      // Create fresh mocks for this test
-      const freshMockRes = {
-        status: jest.fn().mockReturnThis(),
-        send: jest.fn(),
-      };
-
-      // Mock logger to throw on the first call, succeed on the second
-      logger.error
-        .mockImplementationOnce(() => {
-          throw new Error('Logger error');
-        })
-        .mockImplementation(() => {});
-
-      const testError = new Error('Test error');
-
-      errorController(testError, mockReq, freshMockRes, mockNext);
-
-      expect(freshMockRes.status).toHaveBeenCalledWith(500);
-      expect(freshMockRes.send).toHaveBeenCalledWith('Processing error in ErrorController.');
-      expect(logger.error).toHaveBeenCalledTimes(2);
-    });
-  });
-});

api/server/controllers/PluginController.js

@@ -1,9 +1,8 @@
-const { logger } = require('@librechat/data-schemas');
-const { CacheKeys, AuthType, Constants } = require('librechat-data-provider');
-const { getCustomConfig, getCachedTools } = require('~/server/services/Config');
+const { CacheKeys, AuthType } = require('librechat-data-provider');
 const { getToolkitKey } = require('~/server/services/ToolService');
-const { getMCPManager, getFlowStateManager } = require('~/config');
+const { getCustomConfig } = require('~/server/services/Config');
 const { availableTools } = require('~/app/clients/tools');
+const { getMCPManager } = require('~/config');
 const { getLogStores } = require('~/cache');
 
 /**
@@ -85,44 +84,6 @@ const getAvailablePluginsController = async (req, res) => {
   }
 };
 
-function createServerToolsCallback() {
-  /**
-   * @param {string} serverName
-   * @param {TPlugin[] | null} serverTools
-   */
-  return async function (serverName, serverTools) {
-    try {
-      const mcpToolsCache = getLogStores(CacheKeys.MCP_TOOLS);
-      if (!serverName || !mcpToolsCache) {
-        return;
-      }
-      await mcpToolsCache.set(serverName, serverTools);
-    } catch (error) {
-      logger.error('Error retrieving MCP tools from cache:', error);
-    }
-  };
-}
-
-function createGetServerTools() {
-  /**
-   * Retrieves cached server tools
-   * @param {string} serverName
-   * @returns {Promise<TPlugin[] | null>}
-   */
-  return async function (serverName) {
-    try {
-      const mcpToolsCache = getLogStores(CacheKeys.MCP_TOOLS);
-      if (!mcpToolsCache) {
-        return null;
-      }
-      return await mcpToolsCache.get(serverName);
-    } catch (error) {
-      logger.error('Error retrieving MCP tools from cache:', error);
-      return null;
-    }
-  };
-}
-
 /**
  * Retrieves and returns a list of available tools, either from a cache or by reading a plugin manifest file.
  *
@@ -137,33 +98,18 @@ function createGetServerTools() {
  */
 const getAvailableTools = async (req, res) => {
   try {
-    const userId = req.user?.id;
-    const customConfig = await getCustomConfig();
     const cache = getLogStores(CacheKeys.CONFIG_STORE);
-    const cachedToolsArray = await cache.get(CacheKeys.TOOLS);
-    const cachedUserTools = await getCachedTools({ userId });
-    const userPlugins = await convertMCPToolsToPlugins(cachedUserTools, customConfig, userId);
-
-    if (cachedToolsArray && userPlugins) {
-      const dedupedTools = filterUniquePlugins([...userPlugins, ...cachedToolsArray]);
-      res.status(200).json(dedupedTools);
+    const cachedTools = await cache.get(CacheKeys.TOOLS);
+    if (cachedTools) {
+      res.status(200).json(cachedTools);
       return;
     }
 
-    // If not in cache, build from manifest
     let pluginManifest = availableTools;
+    const customConfig = await getCustomConfig();
     if (customConfig?.mcpServers != null) {
       const mcpManager = getMCPManager();
-      const flowsCache = getLogStores(CacheKeys.FLOWS);
-      const flowManager = flowsCache ? getFlowStateManager(flowsCache) : null;
-      const serverToolsCallback = createServerToolsCallback();
-      const getServerTools = createGetServerTools();
-      const mcpTools = await mcpManager.loadManifestTools({
-        flowManager,
-        serverToolsCallback,
-        getServerTools,
-      });
-      pluginManifest = [...mcpTools, ...pluginManifest];
+      pluginManifest = await mcpManager.loadManifestTools(pluginManifest);
     }
 
     /** @type {TPlugin[]} */
@@ -177,174 +123,21 @@ const getAvailableTools = async (req, res) => {
       }
     });
 
-    const toolDefinitions = (await getCachedTools({ includeGlobal: true })) || {};
+    const toolDefinitions = req.app.locals.availableTools;
+    const tools = authenticatedPlugins.filter(
+      (plugin) =>
+        toolDefinitions[plugin.pluginKey] !== undefined ||
+        (plugin.toolkit === true &&
+          Object.keys(toolDefinitions).some((key) => getToolkitKey(key) === plugin.pluginKey)),
+    );
 
-    const toolsOutput = [];
-    for (const plugin of authenticatedPlugins) {
-      const isToolDefined = toolDefinitions[plugin.pluginKey] !== undefined;
-      const isToolkit =
-        plugin.toolkit === true &&
-        Object.keys(toolDefinitions).some((key) => getToolkitKey(key) === plugin.pluginKey);
-
-      if (!isToolDefined && !isToolkit) {
-        continue;
-      }
-
-      const toolToAdd = { ...plugin };
-
-      if (!plugin.pluginKey.includes(Constants.mcp_delimiter)) {
-        toolsOutput.push(toolToAdd);
-        continue;
-      }
-
-      const parts = plugin.pluginKey.split(Constants.mcp_delimiter);
-      const serverName = parts[parts.length - 1];
-      const serverConfig = customConfig?.mcpServers?.[serverName];
-
-      if (!serverConfig) {
-        toolsOutput.push(toolToAdd);
-        continue;
-      }
-
-      // Handle MCP servers with customUserVars (user-level auth required)
-      if (serverConfig.customUserVars) {
-        // Build authConfig for MCP tools
-        toolToAdd.authConfig = Object.entries(serverConfig.customUserVars).map(([key, value]) => ({
-          authField: key,
-          label: value.title || key,
-          description: value.description || '',
-        }));
-
-        // Check actual connection status for MCP tools with auth requirements
-        if (userId) {
-          try {
-            const mcpManager = getMCPManager(userId);
-            const connectionStatus = await mcpManager.getUserConnectionStatus(userId, serverName);
-            toolToAdd.authenticated = connectionStatus.connected;
-          } catch (error) {
-            logger.error(
-              `[getAvailableTools] Error checking connection status for ${serverName}:`,
-              error,
-            );
-            toolToAdd.authenticated = false;
-          }
-        } else {
-          // For non-authenticated requests, default to false
-          toolToAdd.authenticated = false;
-        }
-      } else {
-        // Handle app-level MCP servers (no auth required)
-        toolToAdd.authConfig = [];
-
-        // Check if the app-level connection is active
-        try {
-          const mcpManager = getMCPManager();
-
-          const appConnection = mcpManager.getConnection(serverName);
-
-          if (appConnection) {
-            const connectionState = appConnection.getConnectionState();
-
-            // For app-level connections, consider them authenticated if they're in 'connected' state
-            // This is more reliable than isConnected() which does network calls
-            toolToAdd.authenticated = connectionState === 'connected';
-          } else {
-            logger.warn(`[getAvailableTools] No app-level connection found for ${serverName}`);
-            toolToAdd.authenticated = false;
-          }
-        } catch (error) {
-          logger.error(
-            `[getAvailableTools] Error checking app-level connection status for ${serverName}:`,
-            error,
-          );
-          toolToAdd.authenticated = false;
-        }
-      }
-
-      toolsOutput.push(toolToAdd);
-    }
-    const finalTools = filterUniquePlugins(toolsOutput);
-    await cache.set(CacheKeys.TOOLS, finalTools);
-
-    const dedupedTools = filterUniquePlugins([...userPlugins, ...finalTools]);
-
-    res.status(200).json(dedupedTools);
+    await cache.set(CacheKeys.TOOLS, tools);
+    res.status(200).json(tools);
   } catch (error) {
-    logger.error('[getAvailableTools]', error);
     res.status(500).json({ message: error.message });
   }
 };
 
-/**
- * Converts MCP function format tools to plugin format
- * @param {Object} functionTools - Object with function format tools
- * @param {Object} customConfig - Custom configuration for MCP servers
- * @returns {Array} Array of plugin objects
- */
-async function convertMCPToolsToPlugins(functionTools, customConfig, userId = null) {
-  const plugins = [];
-
-  for (const [toolKey, toolData] of Object.entries(functionTools)) {
-    if (!toolData.function || !toolKey.includes(Constants.mcp_delimiter)) {
-      continue;
-    }
-
-    const functionData = toolData.function;
-    const parts = toolKey.split(Constants.mcp_delimiter);
-    const serverName = parts[parts.length - 1];
-
-    const plugin = {
-      name: parts[0], // Use the tool name without server suffix
-      pluginKey: toolKey,
-      description: functionData.description || '',
-      authenticated: false, // Default to false, will be updated based on connection status
-      icon: undefined,
-    };
-
-    // Build authConfig for MCP tools
-    const serverConfig = customConfig?.mcpServers?.[serverName];
-    if (!serverConfig?.customUserVars) {
-      plugin.authConfig = [];
-      plugin.authenticated = true; // No auth required
-      plugins.push(plugin);
-      continue;
-    }
-
-    const customVarKeys = Object.keys(serverConfig.customUserVars);
-    if (customVarKeys.length === 0) {
-      plugin.authConfig = [];
-      plugin.authenticated = true; // No auth required
-    } else {
-      plugin.authConfig = Object.entries(serverConfig.customUserVars).map(([key, value]) => ({
-        authField: key,
-        label: value.title || key,
-        description: value.description || '',
-      }));
-
-      // Check actual connection status for MCP tools with auth requirements
-      if (userId) {
-        try {
-          const mcpManager = getMCPManager(userId);
-          const connectionStatus = await mcpManager.getUserConnectionStatus(userId, serverName);
-          plugin.authenticated = connectionStatus.connected;
-        } catch (error) {
-          logger.error(
-            `[convertMCPToolsToPlugins] Error checking connection status for ${serverName}:`,
-            error,
-          );
-          plugin.authenticated = false;
-        }
-      } else {
-        plugin.authenticated = false;
-      }
-    }
-
-    plugins.push(plugin);
-  }
-
-  return plugins;
-}
-
 module.exports = {
   getAvailableTools,
   getAvailablePluginsController,

api/server/controllers/TwoFactorController.js

@@ -1,4 +1,3 @@
-const { encryptV3 } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
 const {
   verifyTOTP,
@@ -8,6 +7,7 @@ const {
   generateBackupCodes,
 } = require('~/server/services/twoFactorService');
 const { getUserById, updateUser } = require('~/models');
+const { encryptV3 } = require('~/server/utils/crypto');
 
 const safeAppTitle = (process.env.APP_TITLE || 'LibreChat').replace(/\s+/g, '');
 

api/server/controllers/UserController.js

@@ -1,5 +1,10 @@
+const {
+  Tools,
+  FileSources,
+  webSearchKeys,
+  extractWebSearchEnvVars,
+} = require('librechat-data-provider');
 const { logger } = require('@librechat/data-schemas');
-const { webSearchKeys, extractWebSearchEnvVars } = require('@librechat/api');
 const {
   getFiles,
   updateUser,
@@ -12,14 +17,12 @@ const {
 } = require('~/models');
 const { updateUserPluginAuth, deleteUserPluginAuth } = require('~/server/services/PluginService');
 const { updateUserPluginsService, deleteUserKey } = require('~/server/services/UserService');
-const { verifyEmail, resendVerificationEmail } = require('~/server/services/AuthService');
+const { verifyEmail, resendVerificationEmail } = require('@librechat/auth');
 const { needsRefresh, getNewS3URL } = require('~/server/services/Files/S3/crud');
-const { Tools, Constants, FileSources } = require('librechat-data-provider');
 const { processDeleteRequest } = require('~/server/services/Files/process');
 const { Transaction, Balance, User } = require('~/db/models');
+const { deleteAllSharedLinks } = require('~/models/Share');
 const { deleteToolCalls } = require('~/models/ToolCall');
-const { deleteAllSharedLinks } = require('~/models');
-const { getMCPManager } = require('~/config');
 
 const getUserController = async (req, res) => {
   /** @type {MongoUser} */
@@ -99,22 +102,10 @@ const updateUserPluginsController = async (req, res) => {
     }
 
     let keys = Object.keys(auth);
-    const values = Object.values(auth); // Used in 'install' block
-
-    const isMCPTool = pluginKey.startsWith('mcp_') || pluginKey.includes(Constants.mcp_delimiter);
-
-    // Early exit condition:
-    // If keys are empty (meaning auth: {} was likely sent for uninstall, or auth was empty for install)
-    // AND it's not web_search (which has special key handling to populate `keys` for uninstall)
-    // AND it's NOT (an uninstall action FOR an MCP tool - we need to proceed for this case to clear all its auth)
-    // THEN return.
-    if (
-      keys.length === 0 &&
-      pluginKey !== Tools.web_search &&
-      !(action === 'uninstall' && isMCPTool)
-    ) {
+    if (keys.length === 0 && pluginKey !== Tools.web_search) {
       return res.status(200).send();
     }
+    const values = Object.values(auth);
 
     /** @type {number} */
     let status = 200;
@@ -141,57 +132,16 @@ const updateUserPluginsController = async (req, res) => {
         }
       }
     } else if (action === 'uninstall') {
-      // const isMCPTool was defined earlier
-      if (isMCPTool && keys.length === 0) {
-        // This handles the case where auth: {} is sent for an MCP tool uninstall.
-        // It means "delete all credentials associated with this MCP pluginKey".
-        authService = await deleteUserPluginAuth(user.id, null, true, pluginKey);
+      for (let i = 0; i < keys.length; i++) {
+        authService = await deleteUserPluginAuth(user.id, keys[i]);
         if (authService instanceof Error) {
-          logger.error(
-            `[authService] Error deleting all auth for MCP tool ${pluginKey}:`,
-            authService,
-          );
+          logger.error('[authService]', authService);
           ({ status, message } = authService);
         }
-      } else {
-        // This handles:
-        // 1. Web_search uninstall (keys will be populated with all webSearchKeys if auth was {}).
-        // 2. Other tools uninstall (if keys were provided).
-        // 3. MCP tool uninstall if specific keys were provided in `auth` (not current frontend behavior).
-        // If keys is empty for non-MCP tools (and not web_search), this loop won't run, and nothing is deleted.
-        for (let i = 0; i < keys.length; i++) {
-          authService = await deleteUserPluginAuth(user.id, keys[i]); // Deletes by authField name
-          if (authService instanceof Error) {
-            logger.error('[authService] Error deleting specific auth key:', authService);
-            ({ status, message } = authService);
-          }
-        }
       }
     }
 
     if (status === 200) {
-      // If auth was updated successfully, disconnect MCP sessions as they might use these credentials
-      if (pluginKey.startsWith(Constants.mcp_prefix)) {
-        try {
-          const mcpManager = getMCPManager(user.id);
-          if (mcpManager) {
-            // Extract server name from pluginKey (e.g., "mcp_myserver" -> "myserver")
-            const serverName = pluginKey.replace(Constants.mcp_prefix, '');
-
-            logger.info(
-              `[updateUserPluginsController] Disconnecting MCP connection for user ${user.id} and server ${serverName} after plugin auth update for ${pluginKey}.`,
-            );
-            // Don't kill the server connection on revoke anymore, user can just reinitialize the server if thats what they want
-            await mcpManager.disconnectUserConnection(user.id, serverName);
-          }
-        } catch (disconnectError) {
-          logger.error(
-            `[updateUserPluginsController] Error disconnecting MCP connection for user ${user.id} after plugin auth update:`,
-            disconnectError,
-          );
-          // Do not fail the request for this, but log it.
-        }
-      }
       return res.status(status).send();
     }
 

api/server/controllers/agents/__tests__/v1.spec.js

@@ -1,195 +0,0 @@
-const { duplicateAgent } = require('../v1');
-const { getAgent, createAgent } = require('~/models/Agent');
-const { getActions } = require('~/models/Action');
-const { nanoid } = require('nanoid');
-
-jest.mock('~/models/Agent');
-jest.mock('~/models/Action');
-jest.mock('nanoid');
-
-describe('duplicateAgent', () => {
-  let req, res;
-
-  beforeEach(() => {
-    req = {
-      params: { id: 'agent_123' },
-      user: { id: 'user_456' },
-    };
-    res = {
-      status: jest.fn().mockReturnThis(),
-      json: jest.fn(),
-    };
-    jest.clearAllMocks();
-  });
-
-  it('should duplicate an agent successfully', async () => {
-    const mockAgent = {
-      id: 'agent_123',
-      name: 'Test Agent',
-      description: 'Test Description',
-      instructions: 'Test Instructions',
-      provider: 'openai',
-      model: 'gpt-4',
-      tools: ['file_search'],
-      actions: [],
-      author: 'user_789',
-      versions: [{ name: 'Test Agent', version: 1 }],
-      __v: 0,
-    };
-
-    const mockNewAgent = {
-      id: 'agent_new_123',
-      name: 'Test Agent (1/2/23, 12:34)',
-      description: 'Test Description',
-      instructions: 'Test Instructions',
-      provider: 'openai',
-      model: 'gpt-4',
-      tools: ['file_search'],
-      actions: [],
-      author: 'user_456',
-      versions: [
-        {
-          name: 'Test Agent (1/2/23, 12:34)',
-          description: 'Test Description',
-          instructions: 'Test Instructions',
-          provider: 'openai',
-          model: 'gpt-4',
-          tools: ['file_search'],
-          actions: [],
-          createdAt: new Date(),
-          updatedAt: new Date(),
-        },
-      ],
-    };
-
-    getAgent.mockResolvedValue(mockAgent);
-    getActions.mockResolvedValue([]);
-    nanoid.mockReturnValue('new_123');
-    createAgent.mockResolvedValue(mockNewAgent);
-
-    await duplicateAgent(req, res);
-
-    expect(getAgent).toHaveBeenCalledWith({ id: 'agent_123' });
-    expect(getActions).toHaveBeenCalledWith({ agent_id: 'agent_123' }, true);
-    expect(createAgent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        id: 'agent_new_123',
-        author: 'user_456',
-        name: expect.stringContaining('Test Agent ('),
-        description: 'Test Description',
-        instructions: 'Test Instructions',
-        provider: 'openai',
-        model: 'gpt-4',
-        tools: ['file_search'],
-        actions: [],
-      }),
-    );
-
-    expect(createAgent).toHaveBeenCalledWith(
-      expect.not.objectContaining({
-        versions: expect.anything(),
-        __v: expect.anything(),
-      }),
-    );
-
-    expect(res.status).toHaveBeenCalledWith(201);
-    expect(res.json).toHaveBeenCalledWith({
-      agent: mockNewAgent,
-      actions: [],
-    });
-  });
-
-  it('should ensure duplicated agent has clean versions array without nested fields', async () => {
-    const mockAgent = {
-      id: 'agent_123',
-      name: 'Test Agent',
-      description: 'Test Description',
-      versions: [
-        {
-          name: 'Test Agent',
-          versions: [{ name: 'Nested' }],
-          __v: 1,
-        },
-      ],
-      __v: 2,
-    };
-
-    const mockNewAgent = {
-      id: 'agent_new_123',
-      name: 'Test Agent (1/2/23, 12:34)',
-      description: 'Test Description',
-      versions: [
-        {
-          name: 'Test Agent (1/2/23, 12:34)',
-          description: 'Test Description',
-          createdAt: new Date(),
-          updatedAt: new Date(),
-        },
-      ],
-    };
-
-    getAgent.mockResolvedValue(mockAgent);
-    getActions.mockResolvedValue([]);
-    nanoid.mockReturnValue('new_123');
-    createAgent.mockResolvedValue(mockNewAgent);
-
-    await duplicateAgent(req, res);
-
-    expect(mockNewAgent.versions).toHaveLength(1);
-
-    const firstVersion = mockNewAgent.versions[0];
-    expect(firstVersion).not.toHaveProperty('versions');
-    expect(firstVersion).not.toHaveProperty('__v');
-
-    expect(mockNewAgent).not.toHaveProperty('__v');
-
-    expect(res.status).toHaveBeenCalledWith(201);
-  });
-
-  it('should return 404 if agent not found', async () => {
-    getAgent.mockResolvedValue(null);
-
-    await duplicateAgent(req, res);
-
-    expect(res.status).toHaveBeenCalledWith(404);
-    expect(res.json).toHaveBeenCalledWith({
-      error: 'Agent not found',
-      status: 'error',
-    });
-  });
-
-  it('should handle tool_resources.ocr correctly', async () => {
-    const mockAgent = {
-      id: 'agent_123',
-      name: 'Test Agent',
-      tool_resources: {
-        ocr: { enabled: true, config: 'test' },
-        other: { should: 'not be copied' },
-      },
-    };
-
-    getAgent.mockResolvedValue(mockAgent);
-    getActions.mockResolvedValue([]);
-    nanoid.mockReturnValue('new_123');
-    createAgent.mockResolvedValue({ id: 'agent_new_123' });
-
-    await duplicateAgent(req, res);
-
-    expect(createAgent).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tool_resources: {
-          ocr: { enabled: true, config: 'test' },
-        },
-      }),
-    );
-  });
-
-  it('should handle errors gracefully', async () => {
-    getAgent.mockRejectedValue(new Error('Database error'));
-
-    await duplicateAgent(req, res);
-
-    expect(res.status).toHaveBeenCalledWith(500);
-    expect(res.json).toHaveBeenCalledWith({ error: 'Database error' });
-  });
-});

api/server/controllers/agents/client.js

@@ -1,23 +1,18 @@
 require('events').EventEmitter.defaultMaxListeners = 100;
 const { logger } = require('@librechat/data-schemas');
-const { DynamicStructuredTool } = require('@langchain/core/tools');
-const { getBufferString, HumanMessage } = require('@langchain/core/messages');
 const {
   sendEvent,
   createRun,
   Tokenizer,
-  checkAccess,
   memoryInstructions,
-  formatContentStrings,
   createMemoryProcessor,
 } = require('@librechat/api');
 const {
   Callback,
-  Providers,
   GraphEvents,
-  TitleMethod,
   formatMessage,
   formatAgentMessages,
+  formatContentStrings,
   getTokenCountForMessage,
   createMetadataAggregator,
 } = require('@librechat/agents');
@@ -27,41 +22,27 @@ const {
   VisionModes,
   ContentTypes,
   EModelEndpoint,
+  KnownEndpoints,
   PermissionTypes,
   isAgentsEndpoint,
   AgentCapabilities,
   bedrockInputSchema,
   removeNullishValues,
 } = require('librechat-data-provider');
-const {
-  findPluginAuthsByKeys,
-  getFormattedMemories,
-  deleteMemory,
-  setMemory,
-} = require('~/models');
-const { getMCPAuthMap, checkCapability, hasCustomUserVars } = require('~/server/services/Config');
+const { DynamicStructuredTool } = require('@langchain/core/tools');
+const { getBufferString, HumanMessage } = require('@langchain/core/messages');
+const { getCustomEndpointConfig, checkCapability } = require('~/server/services/Config');
 const { addCacheControl, createContextHandlers } = require('~/app/clients/prompts');
 const { initializeAgent } = require('~/server/services/Endpoints/agents/agent');
 const { spendTokens, spendStructuredTokens } = require('~/models/spendTokens');
+const { setMemory, deleteMemory, getFormattedMemories } = require('~/models');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
-const { getProviderConfig } = require('~/server/services/Endpoints');
+const initOpenAI = require('~/server/services/Endpoints/openAI/initialize');
+const { checkAccess } = require('~/server/middleware/roles/access');
 const BaseClient = require('~/app/clients/BaseClient');
-const { getRoleByName } = require('~/models/Role');
 const { loadAgent } = require('~/models/Agent');
 const { getMCPManager } = require('~/config');
 
-const omitTitleOptions = new Set([
-  'stream',
-  'thinking',
-  'streaming',
-  'clientOptions',
-  'thinkingConfig',
-  'thinkingBudget',
-  'includeThoughts',
-  'maxOutputTokens',
-  'additionalModelRequestFields',
-]);
-
 /**
  * @param {ServerRequest} req
  * @param {Agent} agent
@@ -76,6 +57,8 @@ const payloadParser = ({ req, agent, endpoint }) => {
   return req.body.endpointOption.model_parameters;
 };
 
+const legacyContentEndpoints = new Set([KnownEndpoints.groq, KnownEndpoints.deepseek]);
+
 const noSystemModelRegex = [/\b(o1-preview|o1-mini|amazon\.titan-text)\b/gi];
 
 function createTokenCounter(encoding) {
@@ -406,12 +389,7 @@ class AgentClient extends BaseClient {
     if (user.personalization?.memories === false) {
       return;
     }
-    const hasAccess = await checkAccess({
-      user,
-      permissionType: PermissionTypes.MEMORIES,
-      permissions: [Permissions.USE],
-      getRoleByName,
-    });
+    const hasAccess = await checkAccess(user, PermissionTypes.MEMORIES, [Permissions.USE]);
 
     if (!hasAccess) {
       logger.debug(
@@ -456,12 +434,6 @@ class AgentClient extends BaseClient {
       res: this.options.res,
       agent: prelimAgent,
       allowedProviders,
-      endpointOption: {
-        endpoint:
-          prelimAgent.id !== Constants.EPHEMERAL_AGENT_ID
-            ? EModelEndpoint.agents
-            : memoryConfig.agent?.provider,
-      },
     });
 
     if (!agent) {
@@ -535,10 +507,7 @@ class AgentClient extends BaseClient {
           messagesToProcess = [...messages.slice(-messageWindowSize)];
         }
       }
-
-      const bufferString = getBufferString(messagesToProcess);
-      const bufferMessage = new HumanMessage(`# Current Chat:\n\n${bufferString}`);
-      return await this.processMemory([bufferMessage]);
+      return await this.processMemory(messagesToProcess);
     } catch (error) {
       logger.error('Memory Agent failed to process memory', error);
     }
@@ -704,7 +673,7 @@ class AgentClient extends BaseClient {
           hide_sequential_outputs: this.options.agent.hide_sequential_outputs,
           user: this.options.req.user,
         },
-        recursionLimit: agentsEConfig?.recursionLimit ?? 25,
+        recursionLimit: agentsEConfig?.recursionLimit,
         signal: abortController.signal,
         streamMode: 'values',
         version: 'v2',
@@ -716,6 +685,9 @@ class AgentClient extends BaseClient {
         this.indexTokenCountMap,
         toolSet,
       );
+      if (legacyContentEndpoints.has(this.options.agent.endpoint?.toLowerCase())) {
+        initialMessages = formatContentStrings(initialMessages);
+      }
 
       /**
        *
@@ -779,9 +751,6 @@ class AgentClient extends BaseClient {
         }
 
         let messages = _messages;
-        if (agent.useLegacyContent === true) {
-          messages = formatContentStrings(messages);
-        }
         if (
           agent.model_parameters?.clientOptions?.defaultHeaders?.['anthropic-beta']?.includes(
             'prompt-caching',
@@ -829,21 +798,6 @@ class AgentClient extends BaseClient {
           run.Graph.contentData = contentData;
         }
 
-        try {
-          if (await hasCustomUserVars()) {
-            config.configurable.userMCPAuthMap = await getMCPAuthMap({
-              tools: agent.tools,
-              userId: this.options.req.user.id,
-              findPluginAuthsByKeys,
-            });
-          }
-        } catch (err) {
-          logger.error(
-            `[api/server/controllers/agents/client.js #chatCompletion] Error getting custom user vars for agent ${agent.id}`,
-            err,
-          );
-        }
-
         await run.processStream({ messages }, config, {
           keepContent: i !== 0,
           tokenCounter: createTokenCounter(this.getEncoding()),
@@ -1009,41 +963,23 @@ class AgentClient extends BaseClient {
       throw new Error('Run not initialized');
     }
     const { handleLLMEnd, collected: collectedMetadata } = createMetadataAggregator();
-    const { req, res, agent } = this.options;
-    let endpoint = agent.endpoint;
-
+    const endpoint = this.options.agent.endpoint;
+    const { req, res } = this.options;
     /** @type {import('@librechat/agents').ClientOptions} */
     let clientOptions = {
       maxTokens: 75,
-      model: agent.model_parameters.model,
     };
-
-    let titleProviderConfig = await getProviderConfig(endpoint);
-
-    /** @type {TEndpoint | undefined} */
-    const endpointConfig =
-      req.app.locals.all ?? req.app.locals[endpoint] ?? titleProviderConfig.customEndpointConfig;
+    let endpointConfig = req.app.locals[endpoint];
     if (!endpointConfig) {
-      logger.warn(
-        '[api/server/controllers/agents/client.js #titleConvo] Error getting endpoint config',
-      );
-    }
-
-    if (endpointConfig?.titleEndpoint && endpointConfig.titleEndpoint !== endpoint) {
       try {
-        titleProviderConfig = await getProviderConfig(endpointConfig.titleEndpoint);
-        endpoint = endpointConfig.titleEndpoint;
-      } catch (error) {
-        logger.warn(
-          `[api/server/controllers/agents/client.js #titleConvo] Error getting title endpoint config for ${endpointConfig.titleEndpoint}, falling back to default`,
-          error,
+        endpointConfig = await getCustomEndpointConfig(endpoint);
+      } catch (err) {
+        logger.error(
+          '[api/server/controllers/agents/client.js #titleConvo] Error getting custom endpoint config',
+          err,
         );
-        // Fall back to original provider config
-        endpoint = agent.endpoint;
-        titleProviderConfig = await getProviderConfig(endpoint);
       }
     }
-
     if (
       endpointConfig &&
       endpointConfig.titleModel &&
@@ -1051,66 +987,33 @@ class AgentClient extends BaseClient {
     ) {
       clientOptions.model = endpointConfig.titleModel;
     }
-
-    const options = await titleProviderConfig.getOptions({
-      req,
-      res,
-      optionsOnly: true,
-      overrideEndpoint: endpoint,
-      overrideModel: clientOptions.model,
-      endpointOption: { model_parameters: clientOptions },
-    });
-
-    let provider = options.provider ?? titleProviderConfig.overrideProvider ?? agent.provider;
     if (
       endpoint === EModelEndpoint.azureOpenAI &&
-      options.llmConfig?.azureOpenAIApiInstanceName == null
+      clientOptions.model &&
+      this.options.agent.model_parameters.model !== clientOptions.model
     ) {
-      provider = Providers.OPENAI;
-    } else if (
-      endpoint === EModelEndpoint.azureOpenAI &&
-      options.llmConfig?.azureOpenAIApiInstanceName != null &&
-      provider !== Providers.AZURE
-    ) {
-      provider = Providers.AZURE;
+      clientOptions =
+        (
+          await initOpenAI({
+            req,
+            res,
+            optionsOnly: true,
+            overrideModel: clientOptions.model,
+            overrideEndpoint: endpoint,
+            endpointOption: {
+              model_parameters: clientOptions,
+            },
+          })
+        )?.llmConfig ?? clientOptions;
     }
-
-    /** @type {import('@librechat/agents').ClientOptions} */
-    clientOptions = { ...options.llmConfig };
-    if (options.configOptions) {
-      clientOptions.configuration = options.configOptions;
-    }
-
-    // Ensure maxTokens is set for non-o1 models
-    if (!/\b(o\d)\b/i.test(clientOptions.model) && !clientOptions.maxTokens) {
-      clientOptions.maxTokens = 75;
-    } else if (/\b(o\d)\b/i.test(clientOptions.model) && clientOptions.maxTokens != null) {
+    if (/\b(o\d)\b/i.test(clientOptions.model) && clientOptions.maxTokens != null) {
       delete clientOptions.maxTokens;
     }
-
-    clientOptions = Object.assign(
-      Object.fromEntries(
-        Object.entries(clientOptions).filter(([key]) => !omitTitleOptions.has(key)),
-      ),
-    );
-
-    if (
-      provider === Providers.GOOGLE &&
-      (endpointConfig?.titleMethod === TitleMethod.FUNCTIONS ||
-        endpointConfig?.titleMethod === TitleMethod.STRUCTURED)
-    ) {
-      clientOptions.json = true;
-    }
-
     try {
       const titleResult = await this.run.generateTitle({
-        provider,
-        clientOptions,
         inputText: text,
         contentParts: this.contentParts,
-        titleMethod: endpointConfig?.titleMethod,
-        titlePrompt: endpointConfig?.titlePrompt,
-        titlePromptTemplate: endpointConfig?.titlePromptTemplate,
+        clientOptions,
         chainOptions: {
           signal: abortController.signal,
           callbacks: [
@@ -1125,10 +1028,8 @@ class AgentClient extends BaseClient {
         let input_tokens, output_tokens;
 
         if (item.usage) {
-          input_tokens =
-            item.usage.prompt_tokens || item.usage.input_tokens || item.usage.inputTokens;
-          output_tokens =
-            item.usage.completion_tokens || item.usage.output_tokens || item.usage.outputTokens;
+          input_tokens = item.usage.input_tokens || item.usage.inputTokens;
+          output_tokens = item.usage.output_tokens || item.usage.outputTokens;
         } else if (item.tokenUsage) {
           input_tokens = item.tokenUsage.promptTokens;
           output_tokens = item.tokenUsage.completionTokens;
@@ -1158,52 +1059,8 @@ class AgentClient extends BaseClient {
     }
   }
 
-  /**
-   * @param {object} params
-   * @param {number} params.promptTokens
-   * @param {number} params.completionTokens
-   * @param {OpenAIUsageMetadata} [params.usage]
-   * @param {string} [params.model]
-   * @param {string} [params.context='message']
-   * @returns {Promise<void>}
-   */
-  async recordTokenUsage({ model, promptTokens, completionTokens, usage, context = 'message' }) {
-    try {
-      await spendTokens(
-        {
-          model,
-          context,
-          conversationId: this.conversationId,
-          user: this.user ?? this.options.req.user?.id,
-          endpointTokenConfig: this.options.endpointTokenConfig,
-        },
-        { promptTokens, completionTokens },
-      );
-
-      if (
-        usage &&
-        typeof usage === 'object' &&
-        'reasoning_tokens' in usage &&
-        typeof usage.reasoning_tokens === 'number'
-      ) {
-        await spendTokens(
-          {
-            model,
-            context: 'reasoning',
-            conversationId: this.conversationId,
-            user: this.user ?? this.options.req.user?.id,
-            endpointTokenConfig: this.options.endpointTokenConfig,
-          },
-          { completionTokens: usage.reasoning_tokens },
-        );
-      }
-    } catch (error) {
-      logger.error(
-        '[api/server/controllers/agents/client.js #recordTokenUsage] Error recording token usage',
-        error,
-      );
-    }
-  }
+  /** Silent method, as `recordCollectedUsage` is used instead */
+  async recordTokenUsage() {}
 
   getEncoding() {
     return 'o200k_base';

api/server/controllers/agents/client.test.js

@@ -1,730 +0,0 @@
-const { Providers } = require('@librechat/agents');
-const { Constants, EModelEndpoint } = require('librechat-data-provider');
-const AgentClient = require('./client');
-
-jest.mock('@librechat/agents', () => ({
-  ...jest.requireActual('@librechat/agents'),
-  createMetadataAggregator: () => ({
-    handleLLMEnd: jest.fn(),
-    collected: [],
-  }),
-}));
-
-describe('AgentClient - titleConvo', () => {
-  let client;
-  let mockRun;
-  let mockReq;
-  let mockRes;
-  let mockAgent;
-  let mockOptions;
-
-  beforeEach(() => {
-    // Reset all mocks
-    jest.clearAllMocks();
-
-    // Mock run object
-    mockRun = {
-      generateTitle: jest.fn().mockResolvedValue({
-        title: 'Generated Title',
-      }),
-    };
-
-    // Mock agent - with both endpoint and provider
-    mockAgent = {
-      id: 'agent-123',
-      endpoint: EModelEndpoint.openAI, // Use a valid provider as endpoint for getProviderConfig
-      provider: EModelEndpoint.openAI, // Add provider property
-      model_parameters: {
-        model: 'gpt-4',
-      },
-    };
-
-    // Mock request and response
-    mockReq = {
-      app: {
-        locals: {
-          [EModelEndpoint.openAI]: {
-            // Match the agent endpoint
-            titleModel: 'gpt-3.5-turbo',
-            titlePrompt: 'Custom title prompt',
-            titleMethod: 'structured',
-            titlePromptTemplate: 'Template: {{content}}',
-          },
-        },
-      },
-      user: {
-        id: 'user-123',
-      },
-      body: {
-        model: 'gpt-4',
-        endpoint: EModelEndpoint.openAI,
-        key: null,
-      },
-    };
-
-    mockRes = {};
-
-    // Mock options
-    mockOptions = {
-      req: mockReq,
-      res: mockRes,
-      agent: mockAgent,
-      endpointTokenConfig: {},
-    };
-
-    // Create client instance
-    client = new AgentClient(mockOptions);
-    client.run = mockRun;
-    client.responseMessageId = 'response-123';
-    client.conversationId = 'convo-123';
-    client.contentParts = [{ type: 'text', text: 'Test content' }];
-    client.recordCollectedUsage = jest.fn().mockResolvedValue(); // Mock as async function that resolves
-  });
-
-  describe('titleConvo method', () => {
-    it('should throw error if run is not initialized', async () => {
-      client.run = null;
-
-      await expect(
-        client.titleConvo({ text: 'Test', abortController: new AbortController() }),
-      ).rejects.toThrow('Run not initialized');
-    });
-
-    it('should use titlePrompt from endpoint config', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          titlePrompt: 'Custom title prompt',
-        }),
-      );
-    });
-
-    it('should use titlePromptTemplate from endpoint config', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          titlePromptTemplate: 'Template: {{content}}',
-        }),
-      );
-    });
-
-    it('should use titleMethod from endpoint config', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          provider: Providers.OPENAI,
-          titleMethod: 'structured',
-        }),
-      );
-    });
-
-    it('should use titleModel from endpoint config when provided', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      // Check that generateTitle was called with correct clientOptions
-      const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-      expect(generateTitleCall.clientOptions.model).toBe('gpt-3.5-turbo');
-    });
-
-    it('should handle missing endpoint config gracefully', async () => {
-      // Remove endpoint config
-      mockReq.app.locals[EModelEndpoint.openAI] = undefined;
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          titlePrompt: undefined,
-          titlePromptTemplate: undefined,
-          titleMethod: undefined,
-        }),
-      );
-    });
-
-    it('should use agent model when titleModel is not provided', async () => {
-      // Remove titleModel from config
-      delete mockReq.app.locals[EModelEndpoint.openAI].titleModel;
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-      expect(generateTitleCall.clientOptions.model).toBe('gpt-4'); // Should use agent's model
-    });
-
-    it('should not use titleModel when it equals CURRENT_MODEL constant', async () => {
-      mockReq.app.locals[EModelEndpoint.openAI].titleModel = Constants.CURRENT_MODEL;
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-      expect(generateTitleCall.clientOptions.model).toBe('gpt-4'); // Should use agent's model
-    });
-
-    it('should pass all required parameters to generateTitle', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      expect(mockRun.generateTitle).toHaveBeenCalledWith({
-        provider: expect.any(String),
-        inputText: text,
-        contentParts: client.contentParts,
-        clientOptions: expect.objectContaining({
-          model: 'gpt-3.5-turbo',
-        }),
-        titlePrompt: 'Custom title prompt',
-        titlePromptTemplate: 'Template: {{content}}',
-        titleMethod: 'structured',
-        chainOptions: expect.objectContaining({
-          signal: abortController.signal,
-        }),
-      });
-    });
-
-    it('should record collected usage after title generation', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      expect(client.recordCollectedUsage).toHaveBeenCalledWith({
-        model: 'gpt-3.5-turbo',
-        context: 'title',
-        collectedUsage: expect.any(Array),
-      });
-    });
-
-    it('should return the generated title', async () => {
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      const result = await client.titleConvo({ text, abortController });
-
-      expect(result).toBe('Generated Title');
-    });
-
-    it('should handle errors gracefully and return undefined', async () => {
-      mockRun.generateTitle.mockRejectedValue(new Error('Title generation failed'));
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      const result = await client.titleConvo({ text, abortController });
-
-      expect(result).toBeUndefined();
-    });
-
-    it('should pass titleEndpoint configuration to generateTitle', async () => {
-      // Mock the API key just for this test
-      const originalApiKey = process.env.ANTHROPIC_API_KEY;
-      process.env.ANTHROPIC_API_KEY = 'test-api-key';
-
-      // Add titleEndpoint to the config
-      mockReq.app.locals[EModelEndpoint.openAI].titleEndpoint = EModelEndpoint.anthropic;
-      mockReq.app.locals[EModelEndpoint.openAI].titleMethod = 'structured';
-      mockReq.app.locals[EModelEndpoint.openAI].titlePrompt = 'Custom title prompt';
-      mockReq.app.locals[EModelEndpoint.openAI].titlePromptTemplate = 'Custom template';
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      // Verify generateTitle was called with the custom configuration
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          titleMethod: 'structured',
-          provider: Providers.ANTHROPIC,
-          titlePrompt: 'Custom title prompt',
-          titlePromptTemplate: 'Custom template',
-        }),
-      );
-
-      // Restore the original API key
-      if (originalApiKey) {
-        process.env.ANTHROPIC_API_KEY = originalApiKey;
-      } else {
-        delete process.env.ANTHROPIC_API_KEY;
-      }
-    });
-
-    it('should use all config when endpoint config is missing', async () => {
-      // Remove endpoint-specific config
-      delete mockReq.app.locals[EModelEndpoint.openAI].titleModel;
-      delete mockReq.app.locals[EModelEndpoint.openAI].titlePrompt;
-      delete mockReq.app.locals[EModelEndpoint.openAI].titleMethod;
-      delete mockReq.app.locals[EModelEndpoint.openAI].titlePromptTemplate;
-
-      // Set 'all' config
-      mockReq.app.locals.all = {
-        titleModel: 'gpt-4o-mini',
-        titlePrompt: 'All config title prompt',
-        titleMethod: 'completion',
-        titlePromptTemplate: 'All config template: {{content}}',
-      };
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      // Verify generateTitle was called with 'all' config values
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          titleMethod: 'completion',
-          titlePrompt: 'All config title prompt',
-          titlePromptTemplate: 'All config template: {{content}}',
-        }),
-      );
-
-      // Check that the model was set from 'all' config
-      const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-      expect(generateTitleCall.clientOptions.model).toBe('gpt-4o-mini');
-    });
-
-    it('should prioritize all config over endpoint config for title settings', async () => {
-      // Set both endpoint and 'all' config
-      mockReq.app.locals[EModelEndpoint.openAI].titleModel = 'gpt-3.5-turbo';
-      mockReq.app.locals[EModelEndpoint.openAI].titlePrompt = 'Endpoint title prompt';
-      mockReq.app.locals[EModelEndpoint.openAI].titleMethod = 'structured';
-      // Remove titlePromptTemplate from endpoint config to test fallback
-      delete mockReq.app.locals[EModelEndpoint.openAI].titlePromptTemplate;
-
-      mockReq.app.locals.all = {
-        titleModel: 'gpt-4o-mini',
-        titlePrompt: 'All config title prompt',
-        titleMethod: 'completion',
-        titlePromptTemplate: 'All config template',
-      };
-
-      const text = 'Test conversation text';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      // Verify 'all' config takes precedence over endpoint config
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          titleMethod: 'completion',
-          titlePrompt: 'All config title prompt',
-          titlePromptTemplate: 'All config template',
-        }),
-      );
-
-      // Check that the model was set from 'all' config
-      const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-      expect(generateTitleCall.clientOptions.model).toBe('gpt-4o-mini');
-    });
-
-    it('should use all config with titleEndpoint and verify provider switch', async () => {
-      // Mock the API key for the titleEndpoint provider
-      const originalApiKey = process.env.ANTHROPIC_API_KEY;
-      process.env.ANTHROPIC_API_KEY = 'test-anthropic-key';
-
-      // Remove endpoint-specific config to test 'all' config
-      delete mockReq.app.locals[EModelEndpoint.openAI];
-
-      // Set comprehensive 'all' config with all new title options
-      mockReq.app.locals.all = {
-        titleConvo: true,
-        titleModel: 'claude-3-haiku-20240307',
-        titleMethod: 'completion', // Testing the new default method
-        titlePrompt: 'Generate a concise, descriptive title for this conversation',
-        titlePromptTemplate: 'Conversation summary: {{content}}',
-        titleEndpoint: EModelEndpoint.anthropic, // Should switch provider to Anthropic
-      };
-
-      const text = 'Test conversation about AI and machine learning';
-      const abortController = new AbortController();
-
-      await client.titleConvo({ text, abortController });
-
-      // Verify all config values were used
-      expect(mockRun.generateTitle).toHaveBeenCalledWith(
-        expect.objectContaining({
-          provider: Providers.ANTHROPIC, // Critical: Verify provider switched to Anthropic
-          titleMethod: 'completion',
-          titlePrompt: 'Generate a concise, descriptive title for this conversation',
-          titlePromptTemplate: 'Conversation summary: {{content}}',
-          inputText: text,
-          contentParts: client.contentParts,
-        }),
-      );
-
-      // Verify the model was set from 'all' config
-      const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-      expect(generateTitleCall.clientOptions.model).toBe('claude-3-haiku-20240307');
-
-      // Verify other client options are set correctly
-      expect(generateTitleCall.clientOptions).toMatchObject({
-        model: 'claude-3-haiku-20240307',
-        // Note: Anthropic's getOptions may set its own maxTokens value
-      });
-
-      // Restore the original API key
-      if (originalApiKey) {
-        process.env.ANTHROPIC_API_KEY = originalApiKey;
-      } else {
-        delete process.env.ANTHROPIC_API_KEY;
-      }
-    });
-
-    it('should test all titleMethod options from all config', async () => {
-      // Test each titleMethod: 'completion', 'functions', 'structured'
-      const titleMethods = ['completion', 'functions', 'structured'];
-
-      for (const method of titleMethods) {
-        // Clear previous calls
-        mockRun.generateTitle.mockClear();
-
-        // Remove endpoint config
-        delete mockReq.app.locals[EModelEndpoint.openAI];
-
-        // Set 'all' config with specific titleMethod
-        mockReq.app.locals.all = {
-          titleModel: 'gpt-4o-mini',
-          titleMethod: method,
-          titlePrompt: `Testing ${method} method`,
-          titlePromptTemplate: `Template for ${method}: {{content}}`,
-        };
-
-        const text = `Test conversation for ${method} method`;
-        const abortController = new AbortController();
-
-        await client.titleConvo({ text, abortController });
-
-        // Verify the correct titleMethod was used
-        expect(mockRun.generateTitle).toHaveBeenCalledWith(
-          expect.objectContaining({
-            titleMethod: method,
-            titlePrompt: `Testing ${method} method`,
-            titlePromptTemplate: `Template for ${method}: {{content}}`,
-          }),
-        );
-      }
-    });
-
-    describe('Azure-specific title generation', () => {
-      let originalEnv;
-
-      beforeEach(() => {
-        // Reset mocks
-        jest.clearAllMocks();
-
-        // Save original environment variables
-        originalEnv = { ...process.env };
-
-        // Mock Azure API keys
-        process.env.AZURE_OPENAI_API_KEY = 'test-azure-key';
-        process.env.AZURE_API_KEY = 'test-azure-key';
-        process.env.EASTUS_API_KEY = 'test-eastus-key';
-        process.env.EASTUS2_API_KEY = 'test-eastus2-key';
-      });
-
-      afterEach(() => {
-        // Restore environment variables
-        process.env = originalEnv;
-      });
-
-      it('should use OPENAI provider for Azure serverless endpoints', async () => {
-        // Set up Azure endpoint with serverless config
-        mockAgent.endpoint = EModelEndpoint.azureOpenAI;
-        mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: 'grok-3',
-          titleMethod: 'completion',
-          titlePrompt: 'Azure serverless title prompt',
-          streamRate: 35,
-          modelGroupMap: {
-            'grok-3': {
-              group: 'Azure AI Foundry',
-              deploymentName: 'grok-3',
-            },
-          },
-          groupMap: {
-            'Azure AI Foundry': {
-              apiKey: '${AZURE_API_KEY}',
-              baseURL: 'https://test.services.ai.azure.com/models',
-              version: '2024-05-01-preview',
-              serverless: true,
-              models: {
-                'grok-3': {
-                  deploymentName: 'grok-3',
-                },
-              },
-            },
-          },
-        };
-        mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
-        mockReq.body.model = 'grok-3';
-
-        const text = 'Test Azure serverless conversation';
-        const abortController = new AbortController();
-
-        await client.titleConvo({ text, abortController });
-
-        // Verify provider was switched to OPENAI for serverless
-        expect(mockRun.generateTitle).toHaveBeenCalledWith(
-          expect.objectContaining({
-            provider: Providers.OPENAI, // Should be OPENAI for serverless
-            titleMethod: 'completion',
-            titlePrompt: 'Azure serverless title prompt',
-          }),
-        );
-      });
-
-      it('should use AZURE provider for Azure endpoints with instanceName', async () => {
-        // Set up Azure endpoint
-        mockAgent.endpoint = EModelEndpoint.azureOpenAI;
-        mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: 'gpt-4o',
-          titleMethod: 'structured',
-          titlePrompt: 'Azure instance title prompt',
-          streamRate: 35,
-          modelGroupMap: {
-            'gpt-4o': {
-              group: 'eastus',
-              deploymentName: 'gpt-4o',
-            },
-          },
-          groupMap: {
-            eastus: {
-              apiKey: '${EASTUS_API_KEY}',
-              instanceName: 'region-instance',
-              version: '2024-02-15-preview',
-              models: {
-                'gpt-4o': {
-                  deploymentName: 'gpt-4o',
-                },
-              },
-            },
-          },
-        };
-        mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
-        mockReq.body.model = 'gpt-4o';
-
-        const text = 'Test Azure instance conversation';
-        const abortController = new AbortController();
-
-        await client.titleConvo({ text, abortController });
-
-        // Verify provider remains AZURE with instanceName
-        expect(mockRun.generateTitle).toHaveBeenCalledWith(
-          expect.objectContaining({
-            provider: Providers.AZURE,
-            titleMethod: 'structured',
-            titlePrompt: 'Azure instance title prompt',
-          }),
-        );
-      });
-
-      it('should handle Azure titleModel with CURRENT_MODEL constant', async () => {
-        // Set up Azure endpoint
-        mockAgent.endpoint = EModelEndpoint.azureOpenAI;
-        mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockAgent.model_parameters.model = 'gpt-4o-latest';
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: Constants.CURRENT_MODEL,
-          titleMethod: 'functions',
-          streamRate: 35,
-          modelGroupMap: {
-            'gpt-4o-latest': {
-              group: 'region-eastus',
-              deploymentName: 'gpt-4o-mini',
-              version: '2024-02-15-preview',
-            },
-          },
-          groupMap: {
-            'region-eastus': {
-              apiKey: '${EASTUS2_API_KEY}',
-              instanceName: 'test-instance',
-              version: '2024-12-01-preview',
-              models: {
-                'gpt-4o-latest': {
-                  deploymentName: 'gpt-4o-mini',
-                  version: '2024-02-15-preview',
-                },
-              },
-            },
-          },
-        };
-        mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
-        mockReq.body.model = 'gpt-4o-latest';
-
-        const text = 'Test Azure current model';
-        const abortController = new AbortController();
-
-        await client.titleConvo({ text, abortController });
-
-        // Verify it uses the correct model when titleModel is CURRENT_MODEL
-        const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-        // When CURRENT_MODEL is used with Azure, the model gets mapped to the deployment name
-        // In this case, 'gpt-4o-latest' is mapped to 'gpt-4o-mini' deployment
-        expect(generateTitleCall.clientOptions.model).toBe('gpt-4o-mini');
-        // Also verify that CURRENT_MODEL constant was not passed as the model
-        expect(generateTitleCall.clientOptions.model).not.toBe(Constants.CURRENT_MODEL);
-      });
-
-      it('should handle Azure with multiple model groups', async () => {
-        // Set up Azure endpoint
-        mockAgent.endpoint = EModelEndpoint.azureOpenAI;
-        mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: 'o1-mini',
-          titleMethod: 'completion',
-          streamRate: 35,
-          modelGroupMap: {
-            'gpt-4o': {
-              group: 'eastus',
-              deploymentName: 'gpt-4o',
-            },
-            'o1-mini': {
-              group: 'region-eastus',
-              deploymentName: 'o1-mini',
-            },
-            'codex-mini': {
-              group: 'codex-mini',
-              deploymentName: 'codex-mini',
-            },
-          },
-          groupMap: {
-            eastus: {
-              apiKey: '${EASTUS_API_KEY}',
-              instanceName: 'region-eastus',
-              version: '2024-02-15-preview',
-              models: {
-                'gpt-4o': {
-                  deploymentName: 'gpt-4o',
-                },
-              },
-            },
-            'region-eastus': {
-              apiKey: '${EASTUS2_API_KEY}',
-              instanceName: 'region-eastus2',
-              version: '2024-12-01-preview',
-              models: {
-                'o1-mini': {
-                  deploymentName: 'o1-mini',
-                },
-              },
-            },
-            'codex-mini': {
-              apiKey: '${AZURE_API_KEY}',
-              baseURL: 'https://example.cognitiveservices.azure.com/openai/',
-              version: '2025-04-01-preview',
-              serverless: true,
-              models: {
-                'codex-mini': {
-                  deploymentName: 'codex-mini',
-                },
-              },
-            },
-          },
-        };
-        mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
-        mockReq.body.model = 'o1-mini';
-
-        const text = 'Test Azure multi-group conversation';
-        const abortController = new AbortController();
-
-        await client.titleConvo({ text, abortController });
-
-        // Verify correct model and provider are used
-        expect(mockRun.generateTitle).toHaveBeenCalledWith(
-          expect.objectContaining({
-            provider: Providers.AZURE,
-            titleMethod: 'completion',
-          }),
-        );
-
-        const generateTitleCall = mockRun.generateTitle.mock.calls[0][0];
-        expect(generateTitleCall.clientOptions.model).toBe('o1-mini');
-        expect(generateTitleCall.clientOptions.maxTokens).toBeUndefined(); // o1 models shouldn't have maxTokens
-      });
-
-      it('should use all config as fallback for Azure endpoints', async () => {
-        // Set up Azure endpoint with minimal config
-        mockAgent.endpoint = EModelEndpoint.azureOpenAI;
-        mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
-        mockReq.body.model = 'gpt-4';
-
-        // Remove Azure-specific config
-        delete mockReq.app.locals[EModelEndpoint.azureOpenAI];
-
-        // Set 'all' config as fallback with a serverless Azure config
-        mockReq.app.locals.all = {
-          titleConvo: true,
-          titleModel: 'gpt-4',
-          titleMethod: 'structured',
-          titlePrompt: 'Fallback title prompt from all config',
-          titlePromptTemplate: 'Template: {{content}}',
-          modelGroupMap: {
-            'gpt-4': {
-              group: 'default-group',
-              deploymentName: 'gpt-4',
-            },
-          },
-          groupMap: {
-            'default-group': {
-              apiKey: '${AZURE_API_KEY}',
-              baseURL: 'https://default.openai.azure.com/',
-              version: '2024-02-15-preview',
-              serverless: true,
-              models: {
-                'gpt-4': {
-                  deploymentName: 'gpt-4',
-                },
-              },
-            },
-          },
-        };
-
-        const text = 'Test Azure with all config fallback';
-        const abortController = new AbortController();
-
-        await client.titleConvo({ text, abortController });
-
-        // Verify all config is used
-        expect(mockRun.generateTitle).toHaveBeenCalledWith(
-          expect.objectContaining({
-            provider: Providers.OPENAI, // Should be OPENAI when no instanceName
-            titleMethod: 'structured',
-            titlePrompt: 'Fallback title prompt from all config',
-            titlePromptTemplate: 'Template: {{content}}',
-          }),
-        );
-      });
-    });
-  });
-});

api/server/controllers/agents/errors.js

@@ -1,10 +1,10 @@
 // errorHandler.js
-const { logger } = require('@librechat/data-schemas');
+const { logger } = require('~/config');
+const getLogStores = require('~/cache/getLogStores');
 const { CacheKeys, ViolationTypes } = require('librechat-data-provider');
-const { sendResponse } = require('~/server/middleware/error');
 const { recordUsage } = require('~/server/services/Threads');
 const { getConvo } = require('~/models/Conversation');
-const getLogStores = require('~/cache/getLogStores');
+const { sendResponse } = require('~/server/utils');
 
 /**
  * @typedef {Object} ErrorHandlerContext
@@ -75,7 +75,7 @@ const createErrorHandler = ({ req, res, getContext, originPath = '/assistants/ch
     } else if (/Files.*are invalid/.test(error.message)) {
       const errorMessage = `Files are invalid, or may not have uploaded yet.${
         endpoint === 'azureAssistants'
-          ? " If using Azure OpenAI, files are only available in the region of the assistant's model at the time of upload."
+          ? ' If using Azure OpenAI, files are only available in the region of the assistant\'s model at the time of upload.'
           : ''
       }`;
       return sendResponse(req, res, messageData, errorMessage);

api/server/controllers/agents/llm.js

@@ -0,0 +1,106 @@
+const { HttpsProxyAgent } = require('https-proxy-agent');
+const { resolveHeaders } = require('librechat-data-provider');
+const { createLLM } = require('~/app/clients/llm');
+
+/**
+ * Initializes and returns a Language Learning Model (LLM) instance.
+ *
+ * @param {Object} options - Configuration options for the LLM.
+ * @param {string} options.model - The model identifier.
+ * @param {string} options.modelName - The specific name of the model.
+ * @param {number} options.temperature - The temperature setting for the model.
+ * @param {number} options.presence_penalty - The presence penalty for the model.
+ * @param {number} options.frequency_penalty - The frequency penalty for the model.
+ * @param {number} options.max_tokens - The maximum number of tokens for the model output.
+ * @param {boolean} options.streaming - Whether to use streaming for the model output.
+ * @param {Object} options.context - The context for the conversation.
+ * @param {number} options.tokenBuffer - The token buffer size.
+ * @param {number} options.initialMessageCount - The initial message count.
+ * @param {string} options.conversationId - The ID of the conversation.
+ * @param {string} options.user - The user identifier.
+ * @param {string} options.langchainProxy - The langchain proxy URL.
+ * @param {boolean} options.useOpenRouter - Whether to use OpenRouter.
+ * @param {Object} options.options - Additional options.
+ * @param {Object} options.options.headers - Custom headers for the request.
+ * @param {string} options.options.proxy - Proxy URL.
+ * @param {Object} options.options.req - The request object.
+ * @param {Object} options.options.res - The response object.
+ * @param {boolean} options.options.debug - Whether to enable debug mode.
+ * @param {string} options.apiKey - The API key for authentication.
+ * @param {Object} options.azure - Azure-specific configuration.
+ * @param {Object} options.abortController - The AbortController instance.
+ * @returns {Object} The initialized LLM instance.
+ */
+function initializeLLM(options) {
+  const {
+    model,
+    modelName,
+    temperature,
+    presence_penalty,
+    frequency_penalty,
+    max_tokens,
+    streaming,
+    user,
+    langchainProxy,
+    useOpenRouter,
+    options: { headers, proxy },
+    apiKey,
+    azure,
+  } = options;
+
+  const modelOptions = {
+    modelName: modelName || model,
+    temperature,
+    presence_penalty,
+    frequency_penalty,
+    user,
+  };
+
+  if (max_tokens) {
+    modelOptions.max_tokens = max_tokens;
+  }
+
+  const configOptions = {};
+
+  if (langchainProxy) {
+    configOptions.basePath = langchainProxy;
+  }
+
+  if (useOpenRouter) {
+    configOptions.basePath = 'https://openrouter.ai/api/v1';
+    configOptions.baseOptions = {
+      headers: {
+        'HTTP-Referer': 'https://librechat.ai',
+        'X-Title': 'LibreChat',
+      },
+    };
+  }
+
+  if (headers && typeof headers === 'object' && !Array.isArray(headers)) {
+    configOptions.baseOptions = {
+      headers: resolveHeaders({
+        ...headers,
+        ...configOptions?.baseOptions?.headers,
+      }),
+    };
+  }
+
+  if (proxy) {
+    configOptions.httpAgent = new HttpsProxyAgent(proxy);
+    configOptions.httpsAgent = new HttpsProxyAgent(proxy);
+  }
+
+  const llm = createLLM({
+    modelOptions,
+    configOptions,
+    openAIApiKey: apiKey,
+    azure,
+    streaming,
+  });
+
+  return llm;
+}
+
+module.exports = {
+  initializeLLM,
+};

api/server/controllers/agents/request.js

@@ -1,5 +1,3 @@
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { Constants } = require('librechat-data-provider');
 const {
   handleAbortError,
@@ -7,19 +5,17 @@ const {
   cleanupAbortController,
 } = require('~/server/middleware');
 const { disposeClient, clientRegistry, requestDataMap } = require('~/server/cleanup');
+const { sendMessage } = require('~/server/utils');
 const { saveMessage } = require('~/models');
+const { logger } = require('~/config');
 
 const AgentController = async (req, res, next, initializeClient, addTitle) => {
   let {
     text,
-    isRegenerate,
     endpointOption,
     conversationId,
-    isContinued = false,
-    editedContent = null,
     parentMessageId = null,
     overrideParentMessageId = null,
-    responseMessageId: editedResponseMessageId = null,
   } = req.body;
 
   let sender;
@@ -71,7 +67,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
             handler();
           }
         } catch (e) {
-          logger.error('[AgentController] Error in cleanup handler', e);
+          // Ignore cleanup errors
         }
       }
     }
@@ -159,7 +155,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       try {
         res.removeListener('close', closeHandler);
       } catch (e) {
-        logger.error('[AgentController] Error removing close listener', e);
+        // Ignore
       }
     });
 
@@ -167,15 +163,10 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       user: userId,
       onStart,
       getReqData,
-      isContinued,
-      isRegenerate,
-      editedContent,
       conversationId,
       parentMessageId,
       abortController,
       overrideParentMessageId,
-      isEdited: !!editedContent,
-      responseMessageId: editedResponseMessageId,
       progressOptions: {
         res,
       },
@@ -215,7 +206,7 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       // Create a new response object with minimal copies
       const finalResponse = { ...response };
 
-      sendEvent(res, {
+      sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,

api/server/controllers/agents/v1.js

@@ -1,16 +1,13 @@
-const { z } = require('zod');
 const fs = require('fs').promises;
 const { nanoid } = require('nanoid');
-const { logger } = require('@librechat/data-schemas');
-const { agentCreateSchema, agentUpdateSchema } = require('@librechat/api');
 const {
   Tools,
   Constants,
+  FileContext,
   FileSources,
   SystemRoles,
   EToolResources,
   actionDelimiter,
-  removeNullishValues,
 } = require('librechat-data-provider');
 const {
   getAgent,
@@ -19,21 +16,20 @@ const {
   deleteAgent,
   getListAgents,
 } = require('~/models/Agent');
+const { uploadImageBuffer, filterFile } = require('~/server/services/Files/process');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
-const { resizeAvatar } = require('~/server/services/Files/images/avatar');
+const { resizeAvatar } = require('@librechat/auth');
 const { refreshS3Url } = require('~/server/services/Files/S3/crud');
-const { filterFile } = require('~/server/services/Files/process');
 const { updateAction, getActions } = require('~/models/Action');
-const { getCachedTools } = require('~/server/services/Config');
 const { updateAgentProjects } = require('~/models/Agent');
 const { getProjectByName } = require('~/models/Project');
-const { revertAgentVersion } = require('~/models/Agent');
 const { deleteFileByFilter } = require('~/models/File');
+const { revertAgentVersion } = require('~/models/Agent');
+const { logger } = require('~/config');
 
 const systemTools = {
   [Tools.execute_code]: true,
   [Tools.file_search]: true,
-  [Tools.web_search]: true,
 };
 
 /**
@@ -46,18 +42,13 @@ const systemTools = {
  */
 const createAgentHandler = async (req, res) => {
   try {
-    const validatedData = agentCreateSchema.parse(req.body);
-    const { tools = [], ...agentData } = removeNullishValues(validatedData);
-
+    const { tools = [], provider, name, description, instructions, model, ...agentData } = req.body;
     const { id: userId } = req.user;
 
-    agentData.id = `agent_${nanoid()}`;
-    agentData.author = userId;
     agentData.tools = [];
 
-    const availableTools = await getCachedTools({ includeGlobal: true });
     for (const tool of tools) {
-      if (availableTools[tool]) {
+      if (req.app.locals.availableTools[tool]) {
         agentData.tools.push(tool);
       }
 
@@ -66,13 +57,19 @@ const createAgentHandler = async (req, res) => {
       }
     }
 
+    Object.assign(agentData, {
+      author: userId,
+      name,
+      description,
+      instructions,
+      provider,
+      model,
+    });
+
+    agentData.id = `agent_${nanoid()}`;
     const agent = await createAgent(agentData);
     res.status(201).json(agent);
   } catch (error) {
-    if (error instanceof z.ZodError) {
-      logger.error('[/Agents] Validation error', error.errors);
-      return res.status(400).json({ error: 'Invalid request data', details: error.errors });
-    }
     logger.error('[/Agents] Error creating agent', error);
     res.status(500).json({ error: error.message });
   }
@@ -156,16 +153,14 @@ const getAgentHandler = async (req, res) => {
 const updateAgentHandler = async (req, res) => {
   try {
     const id = req.params.id;
-    const validatedData = agentUpdateSchema.parse(req.body);
-    const { projectIds, removeProjectIds, ...updateData } = removeNullishValues(validatedData);
+    const { projectIds, removeProjectIds, ...updateData } = req.body;
     const isAdmin = req.user.role === SystemRoles.ADMIN;
     const existingAgent = await getAgent({ id });
+    const isAuthor = existingAgent.author.toString() === req.user.id;
 
     if (!existingAgent) {
       return res.status(404).json({ error: 'Agent not found' });
     }
-
-    const isAuthor = existingAgent.author.toString() === req.user.id;
     const hasEditPermission = existingAgent.isCollaborative || isAdmin || isAuthor;
 
     if (!hasEditPermission) {
@@ -204,11 +199,6 @@ const updateAgentHandler = async (req, res) => {
 
     return res.json(updatedAgent);
   } catch (error) {
-    if (error instanceof z.ZodError) {
-      logger.error('[/Agents/:id] Validation error', error.errors);
-      return res.status(400).json({ error: 'Invalid request data', details: error.errors });
-    }
-
     logger.error('[/Agents/:id] Error updating Agent', error);
 
     if (error.statusCode === 409) {
@@ -251,8 +241,6 @@ const duplicateAgentHandler = async (req, res) => {
       createdAt: _createdAt,
       updatedAt: _updatedAt,
       tool_resources: _tool_resources = {},
-      versions: _versions,
-      __v: _v,
       ...cloneData
     } = agent;
     cloneData.name = `${agent.name} (${new Date().toLocaleString('en-US', {
@@ -391,22 +379,6 @@ const uploadAgentAvatarHandler = async (req, res) => {
       return res.status(400).json({ message: 'Agent ID is required' });
     }
 
-    const isAdmin = req.user.role === SystemRoles.ADMIN;
-    const existingAgent = await getAgent({ id: agent_id });
-
-    if (!existingAgent) {
-      return res.status(404).json({ error: 'Agent not found' });
-    }
-
-    const isAuthor = existingAgent.author.toString() === req.user.id;
-    const hasEditPermission = existingAgent.isCollaborative || isAdmin || isAuthor;
-
-    if (!hasEditPermission) {
-      return res.status(403).json({
-        error: 'You do not have permission to modify this non-collaborative agent',
-      });
-    }
-
     const buffer = await fs.readFile(req.file.path);
 
     const fileStrategy = req.app.locals.fileStrategy;
@@ -429,7 +401,14 @@ const uploadAgentAvatarHandler = async (req, res) => {
       source: fileStrategy,
     };
 
-    let _avatar = existingAgent.avatar;
+    let _avatar;
+    try {
+      const agent = await getAgent({ id: agent_id });
+      _avatar = agent.avatar;
+    } catch (error) {
+      logger.error('[/:agent_id/avatar] Error fetching agent', error);
+      _avatar = {};
+    }
 
     if (_avatar && _avatar.source) {
       const { deleteFile } = getStrategyFunctions(_avatar.source);
@@ -451,7 +430,7 @@ const uploadAgentAvatarHandler = async (req, res) => {
     };
 
     promises.push(
-      await updateAgent({ id: agent_id }, data, {
+      await updateAgent({ id: agent_id, author: req.user.id }, data, {
         updatingUserId: req.user.id,
       }),
     );
@@ -466,7 +445,7 @@ const uploadAgentAvatarHandler = async (req, res) => {
     try {
       await fs.unlink(req.file.path);
       logger.debug('[/:agent_id/avatar] Temp. image upload file deleted');
-    } catch {
+    } catch (error) {
       logger.debug('[/:agent_id/avatar] Temp. image upload file already deleted');
     }
   }

api/server/controllers/agents/v1.spec.js

@@ -1,659 +0,0 @@
-const mongoose = require('mongoose');
-const { v4: uuidv4 } = require('uuid');
-const { MongoMemoryServer } = require('mongodb-memory-server');
-const { agentSchema } = require('@librechat/data-schemas');
-
-// Only mock the dependencies that are not database-related
-jest.mock('~/server/services/Config', () => ({
-  getCachedTools: jest.fn().mockResolvedValue({
-    web_search: true,
-    execute_code: true,
-    file_search: true,
-  }),
-}));
-
-jest.mock('~/models/Project', () => ({
-  getProjectByName: jest.fn().mockResolvedValue(null),
-}));
-
-jest.mock('~/server/services/Files/strategies', () => ({
-  getStrategyFunctions: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/images/avatar', () => ({
-  resizeAvatar: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/S3/crud', () => ({
-  refreshS3Url: jest.fn(),
-}));
-
-jest.mock('~/server/services/Files/process', () => ({
-  filterFile: jest.fn(),
-}));
-
-jest.mock('~/models/Action', () => ({
-  updateAction: jest.fn(),
-  getActions: jest.fn().mockResolvedValue([]),
-}));
-
-jest.mock('~/models/File', () => ({
-  deleteFileByFilter: jest.fn(),
-}));
-
-const { createAgent: createAgentHandler, updateAgent: updateAgentHandler } = require('./v1');
-
-/**
- * @type {import('mongoose').Model<import('@librechat/data-schemas').IAgent>}
- */
-let Agent;
-
-describe('Agent Controllers - Mass Assignment Protection', () => {
-  let mongoServer;
-  let mockReq;
-  let mockRes;
-
-  beforeAll(async () => {
-    mongoServer = await MongoMemoryServer.create();
-    const mongoUri = mongoServer.getUri();
-    await mongoose.connect(mongoUri);
-    Agent = mongoose.models.Agent || mongoose.model('Agent', agentSchema);
-  }, 20000);
-
-  afterAll(async () => {
-    await mongoose.disconnect();
-    await mongoServer.stop();
-  });
-
-  beforeEach(async () => {
-    await Agent.deleteMany({});
-
-    // Reset all mocks
-    jest.clearAllMocks();
-
-    // Setup mock request and response objects
-    mockReq = {
-      user: {
-        id: new mongoose.Types.ObjectId().toString(),
-        role: 'USER',
-      },
-      body: {},
-      params: {},
-      app: {
-        locals: {
-          fileStrategy: 'local',
-        },
-      },
-    };
-
-    mockRes = {
-      status: jest.fn().mockReturnThis(),
-      json: jest.fn().mockReturnThis(),
-    };
-  });
-
-  describe('createAgentHandler', () => {
-    test('should create agent with allowed fields only', async () => {
-      const validData = {
-        name: 'Test Agent',
-        description: 'A test agent',
-        instructions: 'Be helpful',
-        provider: 'openai',
-        model: 'gpt-4',
-        tools: ['web_search'],
-        model_parameters: { temperature: 0.7 },
-        tool_resources: {
-          file_search: { file_ids: ['file1', 'file2'] },
-        },
-      };
-
-      mockReq.body = validData;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-      expect(createdAgent.name).toBe('Test Agent');
-      expect(createdAgent.description).toBe('A test agent');
-      expect(createdAgent.provider).toBe('openai');
-      expect(createdAgent.model).toBe('gpt-4');
-      expect(createdAgent.author.toString()).toBe(mockReq.user.id);
-      expect(createdAgent.tools).toContain('web_search');
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb).toBeDefined();
-      expect(agentInDb.name).toBe('Test Agent');
-      expect(agentInDb.author.toString()).toBe(mockReq.user.id);
-    });
-
-    test('should reject creation with unauthorized fields (mass assignment protection)', async () => {
-      const maliciousData = {
-        // Required fields
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Malicious Agent',
-
-        // Unauthorized fields that should be stripped
-        author: new mongoose.Types.ObjectId().toString(), // Should not be able to set author
-        authorName: 'Hacker', // Should be stripped
-        isCollaborative: true, // Should be stripped on creation
-        versions: [], // Should be stripped
-        _id: new mongoose.Types.ObjectId(), // Should be stripped
-        id: 'custom_agent_id', // Should be overridden
-        createdAt: new Date('2020-01-01'), // Should be stripped
-        updatedAt: new Date('2020-01-01'), // Should be stripped
-      };
-
-      mockReq.body = maliciousData;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify unauthorized fields were not set
-      expect(createdAgent.author.toString()).toBe(mockReq.user.id); // Should be the request user, not the malicious value
-      expect(createdAgent.authorName).toBeUndefined();
-      expect(createdAgent.isCollaborative).toBeFalsy();
-      expect(createdAgent.versions).toHaveLength(1); // Should have exactly 1 version from creation
-      expect(createdAgent.id).not.toBe('custom_agent_id'); // Should have generated ID
-      expect(createdAgent.id).toMatch(/^agent_/); // Should have proper prefix
-
-      // Verify timestamps are recent (not the malicious dates)
-      const createdTime = new Date(createdAgent.createdAt).getTime();
-      const now = Date.now();
-      expect(now - createdTime).toBeLessThan(5000); // Created within last 5 seconds
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.author.toString()).toBe(mockReq.user.id);
-      expect(agentInDb.authorName).toBeUndefined();
-    });
-
-    test('should validate required fields', async () => {
-      const invalidData = {
-        name: 'Missing Required Fields',
-        // Missing provider and model
-      };
-
-      mockReq.body = invalidData;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.json).toHaveBeenCalledWith(
-        expect.objectContaining({
-          error: 'Invalid request data',
-          details: expect.any(Array),
-        }),
-      );
-
-      // Verify nothing was created in database
-      const count = await Agent.countDocuments();
-      expect(count).toBe(0);
-    });
-
-    test('should handle tool_resources validation', async () => {
-      const dataWithInvalidToolResources = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Agent with Tool Resources',
-        tool_resources: {
-          // Valid resources
-          file_search: {
-            file_ids: ['file1', 'file2'],
-            vector_store_ids: ['vs1'],
-          },
-          execute_code: {
-            file_ids: ['file3'],
-          },
-          // Invalid resource (should be stripped by schema)
-          invalid_resource: {
-            file_ids: ['file4'],
-          },
-        },
-      };
-
-      mockReq.body = dataWithInvalidToolResources;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-      expect(createdAgent.tool_resources).toBeDefined();
-      expect(createdAgent.tool_resources.file_search).toBeDefined();
-      expect(createdAgent.tool_resources.execute_code).toBeDefined();
-      expect(createdAgent.tool_resources.invalid_resource).toBeUndefined(); // Should be stripped
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.tool_resources.invalid_resource).toBeUndefined();
-    });
-
-    test('should handle avatar validation', async () => {
-      const dataWithAvatar = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Agent with Avatar',
-        avatar: {
-          filepath: 'https://example.com/avatar.png',
-          source: 's3',
-        },
-      };
-
-      mockReq.body = dataWithAvatar;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-      expect(createdAgent.avatar).toEqual({
-        filepath: 'https://example.com/avatar.png',
-        source: 's3',
-      });
-    });
-
-    test('should handle invalid avatar format', async () => {
-      const dataWithInvalidAvatar = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Agent with Invalid Avatar',
-        avatar: 'just-a-string', // Invalid format
-      };
-
-      mockReq.body = dataWithInvalidAvatar;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.json).toHaveBeenCalledWith(
-        expect.objectContaining({
-          error: 'Invalid request data',
-        }),
-      );
-    });
-  });
-
-  describe('updateAgentHandler', () => {
-    let existingAgentId;
-    let existingAgentAuthorId;
-
-    beforeEach(async () => {
-      // Create an existing agent for update tests
-      existingAgentAuthorId = new mongoose.Types.ObjectId();
-      const agent = await Agent.create({
-        id: `agent_${uuidv4()}`,
-        name: 'Original Agent',
-        provider: 'openai',
-        model: 'gpt-3.5-turbo',
-        author: existingAgentAuthorId,
-        description: 'Original description',
-        isCollaborative: false,
-        versions: [
-          {
-            name: 'Original Agent',
-            provider: 'openai',
-            model: 'gpt-3.5-turbo',
-            description: 'Original description',
-            createdAt: new Date(),
-            updatedAt: new Date(),
-          },
-        ],
-      });
-      existingAgentId = agent.id;
-    });
-
-    test('should update agent with allowed fields only', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString(); // Set as author
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Updated Agent',
-        description: 'Updated description',
-        model: 'gpt-4',
-        isCollaborative: true, // This IS allowed in updates
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).not.toHaveBeenCalledWith(400);
-      expect(mockRes.status).not.toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.name).toBe('Updated Agent');
-      expect(updatedAgent.description).toBe('Updated description');
-      expect(updatedAgent.model).toBe('gpt-4');
-      expect(updatedAgent.isCollaborative).toBe(true);
-      expect(updatedAgent.author).toBe(existingAgentAuthorId.toString());
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.name).toBe('Updated Agent');
-      expect(agentInDb.isCollaborative).toBe(true);
-    });
-
-    test('should reject update with unauthorized fields (mass assignment protection)', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Updated Name',
-
-        // Unauthorized fields that should be stripped
-        author: new mongoose.Types.ObjectId().toString(), // Should not be able to change author
-        authorName: 'Hacker', // Should be stripped
-        id: 'different_agent_id', // Should be stripped
-        _id: new mongoose.Types.ObjectId(), // Should be stripped
-        versions: [], // Should be stripped
-        createdAt: new Date('2020-01-01'), // Should be stripped
-        updatedAt: new Date('2020-01-01'), // Should be stripped
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify unauthorized fields were not changed
-      expect(updatedAgent.author).toBe(existingAgentAuthorId.toString()); // Should not have changed
-      expect(updatedAgent.authorName).toBeUndefined();
-      expect(updatedAgent.id).toBe(existingAgentId); // Should not have changed
-      expect(updatedAgent.name).toBe('Updated Name'); // Only this should have changed
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.author.toString()).toBe(existingAgentAuthorId.toString());
-      expect(agentInDb.id).toBe(existingAgentId);
-    });
-
-    test('should reject update from non-author when not collaborative', async () => {
-      const differentUserId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = differentUserId; // Different user
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Unauthorized Update',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalledWith({
-        error: 'You do not have permission to modify this non-collaborative agent',
-      });
-
-      // Verify agent was not modified in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.name).toBe('Original Agent');
-    });
-
-    test('should allow update from non-author when collaborative', async () => {
-      // First make the agent collaborative
-      await Agent.updateOne({ id: existingAgentId }, { isCollaborative: true });
-
-      const differentUserId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = differentUserId; // Different user
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Collaborative Update',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).not.toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.name).toBe('Collaborative Update');
-      // Author field should be removed for non-author
-      expect(updatedAgent.author).toBeUndefined();
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: existingAgentId });
-      expect(agentInDb.name).toBe('Collaborative Update');
-    });
-
-    test('should allow admin to update any agent', async () => {
-      const adminUserId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = adminUserId;
-      mockReq.user.role = 'ADMIN'; // Set as admin
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        name: 'Admin Update',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).not.toHaveBeenCalledWith(403);
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.name).toBe('Admin Update');
-    });
-
-    test('should handle projectIds updates', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-
-      const projectId1 = new mongoose.Types.ObjectId().toString();
-      const projectId2 = new mongoose.Types.ObjectId().toString();
-
-      mockReq.body = {
-        projectIds: [projectId1, projectId2],
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent).toBeDefined();
-      // Note: updateAgentProjects requires more setup, so we just verify the handler doesn't crash
-    });
-
-    test('should validate tool_resources in updates', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        tool_resources: {
-          ocr: {
-            file_ids: ['ocr1', 'ocr2'],
-          },
-          execute_code: {
-            file_ids: ['img1'],
-          },
-          // Invalid tool resource
-          invalid_tool: {
-            file_ids: ['invalid'],
-          },
-        },
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.json).toHaveBeenCalled();
-
-      const updatedAgent = mockRes.json.mock.calls[0][0];
-      expect(updatedAgent.tool_resources).toBeDefined();
-      expect(updatedAgent.tool_resources.ocr).toBeDefined();
-      expect(updatedAgent.tool_resources.execute_code).toBeDefined();
-      expect(updatedAgent.tool_resources.invalid_tool).toBeUndefined();
-    });
-
-    test('should return 404 for non-existent agent', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = `agent_${uuidv4()}`; // Non-existent ID
-      mockReq.body = {
-        name: 'Update Non-existent',
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(404);
-      expect(mockRes.json).toHaveBeenCalledWith({ error: 'Agent not found' });
-    });
-
-    test('should handle validation errors properly', async () => {
-      mockReq.user.id = existingAgentAuthorId.toString();
-      mockReq.params.id = existingAgentId;
-      mockReq.body = {
-        model_parameters: 'invalid-not-an-object', // Should be an object
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(400);
-      expect(mockRes.json).toHaveBeenCalledWith(
-        expect.objectContaining({
-          error: 'Invalid request data',
-          details: expect.any(Array),
-        }),
-      );
-    });
-  });
-
-  describe('Mass Assignment Attack Scenarios', () => {
-    test('should prevent setting system fields during creation', async () => {
-      const systemFields = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'System Fields Test',
-
-        // System fields that should never be settable by users
-        __v: 99,
-        _id: new mongoose.Types.ObjectId(),
-        versions: [
-          {
-            name: 'Fake Version',
-            provider: 'fake',
-            model: 'fake-model',
-          },
-        ],
-      };
-
-      mockReq.body = systemFields;
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify system fields were not affected
-      expect(createdAgent.__v).not.toBe(99);
-      expect(createdAgent.versions).toHaveLength(1); // Should only have the auto-created version
-      expect(createdAgent.versions[0].name).toBe('System Fields Test'); // From actual creation
-      expect(createdAgent.versions[0].provider).toBe('openai'); // From actual creation
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.__v).not.toBe(99);
-    });
-
-    test('should prevent privilege escalation through isCollaborative', async () => {
-      // Create a non-collaborative agent
-      const authorId = new mongoose.Types.ObjectId();
-      const agent = await Agent.create({
-        id: `agent_${uuidv4()}`,
-        name: 'Private Agent',
-        provider: 'openai',
-        model: 'gpt-4',
-        author: authorId,
-        isCollaborative: false,
-        versions: [
-          {
-            name: 'Private Agent',
-            provider: 'openai',
-            model: 'gpt-4',
-            createdAt: new Date(),
-            updatedAt: new Date(),
-          },
-        ],
-      });
-
-      // Try to make it collaborative as a different user
-      const attackerId = new mongoose.Types.ObjectId().toString();
-      mockReq.user.id = attackerId;
-      mockReq.params.id = agent.id;
-      mockReq.body = {
-        isCollaborative: true, // Trying to escalate privileges
-      };
-
-      await updateAgentHandler(mockReq, mockRes);
-
-      // Should be rejected
-      expect(mockRes.status).toHaveBeenCalledWith(403);
-
-      // Verify in database that it's still not collaborative
-      const agentInDb = await Agent.findOne({ id: agent.id });
-      expect(agentInDb.isCollaborative).toBe(false);
-    });
-
-    test('should prevent author hijacking', async () => {
-      const originalAuthorId = new mongoose.Types.ObjectId();
-      const attackerId = new mongoose.Types.ObjectId();
-
-      // Admin creates an agent
-      mockReq.user.id = originalAuthorId.toString();
-      mockReq.user.role = 'ADMIN';
-      mockReq.body = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Admin Agent',
-        author: attackerId.toString(), // Trying to set different author
-      };
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Author should be the actual user, not the attempted value
-      expect(createdAgent.author.toString()).toBe(originalAuthorId.toString());
-      expect(createdAgent.author.toString()).not.toBe(attackerId.toString());
-
-      // Verify in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id });
-      expect(agentInDb.author.toString()).toBe(originalAuthorId.toString());
-    });
-
-    test('should strip unknown fields to prevent future vulnerabilities', async () => {
-      mockReq.body = {
-        provider: 'openai',
-        model: 'gpt-4',
-        name: 'Future Proof Test',
-
-        // Unknown fields that might be added in future
-        superAdminAccess: true,
-        bypassAllChecks: true,
-        internalFlag: 'secret',
-        futureFeature: 'exploit',
-      };
-
-      await createAgentHandler(mockReq, mockRes);
-
-      expect(mockRes.status).toHaveBeenCalledWith(201);
-
-      const createdAgent = mockRes.json.mock.calls[0][0];
-
-      // Verify unknown fields were stripped
-      expect(createdAgent.superAdminAccess).toBeUndefined();
-      expect(createdAgent.bypassAllChecks).toBeUndefined();
-      expect(createdAgent.internalFlag).toBeUndefined();
-      expect(createdAgent.futureFeature).toBeUndefined();
-
-      // Also check in database
-      const agentInDb = await Agent.findOne({ id: createdAgent.id }).lean();
-      expect(agentInDb.superAdminAccess).toBeUndefined();
-      expect(agentInDb.bypassAllChecks).toBeUndefined();
-      expect(agentInDb.internalFlag).toBeUndefined();
-      expect(agentInDb.futureFeature).toBeUndefined();
-    });
-  });
-});

api/server/controllers/assistants/chatV1.js

@@ -1,7 +1,4 @@
 const { v4 } = require('uuid');
-const { sleep } = require('@librechat/agents');
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   Time,
   Constants,
@@ -22,20 +19,20 @@ const {
   addThreadMetadata,
   saveAssistantMessage,
 } = require('~/server/services/Threads');
+const { sendResponse, sendMessage, sleep, countTokens } = require('~/server/utils');
 const { runAssistant, createOnTextProgress } = require('~/server/services/AssistantService');
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { formatMessage, createVisionPrompt } = require('~/app/clients/prompts');
 const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
 const { createRunBody } = require('~/server/services/createRunBody');
-const { sendResponse } = require('~/server/middleware/error');
 const { getTransactions } = require('~/models/Transaction');
 const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
-const { countTokens } = require('~/server/utils');
 const { getModelMaxTokens } = require('~/utils');
 const { getOpenAIClient } = require('./helpers');
+const { logger } = require('~/config');
 
 /**
  * @route POST /
@@ -474,7 +471,7 @@ const chatV1 = async (req, res) => {
     await Promise.all(promises);
 
     const sendInitialResponse = () => {
-      sendEvent(res, {
+      sendMessage(res, {
         sync: true,
         conversationId,
         // messages: previousMessages,
@@ -590,7 +587,7 @@ const chatV1 = async (req, res) => {
       iconURL: endpointOption.iconURL,
     };
 
-    sendEvent(res, {
+    sendMessage(res, {
       final: true,
       conversation,
       requestMessage: {

api/server/controllers/assistants/chatV2.js

@@ -1,7 +1,4 @@
 const { v4 } = require('uuid');
-const { sleep } = require('@librechat/agents');
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
   Time,
   Constants,
@@ -25,14 +22,15 @@ const { createErrorHandler } = require('~/server/controllers/assistants/errors')
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
+const { sendMessage, sleep, countTokens } = require('~/server/utils');
 const { createRunBody } = require('~/server/services/createRunBody');
 const { getTransactions } = require('~/models/Transaction');
 const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
-const { countTokens } = require('~/server/utils');
 const { getModelMaxTokens } = require('~/utils');
 const { getOpenAIClient } = require('./helpers');
+const { logger } = require('~/config');
 
 /**
  * @route POST /
@@ -311,7 +309,7 @@ const chatV2 = async (req, res) => {
     await Promise.all(promises);
 
     const sendInitialResponse = () => {
-      sendEvent(res, {
+      sendMessage(res, {
         sync: true,
         conversationId,
         // messages: previousMessages,
@@ -434,7 +432,7 @@ const chatV2 = async (req, res) => {
       iconURL: endpointOption.iconURL,
     };
 
-    sendEvent(res, {
+    sendMessage(res, {
       final: true,
       conversation,
       requestMessage: {

api/server/controllers/assistants/errors.js

@@ -1,10 +1,10 @@
 // errorHandler.js
-const { logger } = require('@librechat/data-schemas');
-const { CacheKeys, ViolationTypes, ContentTypes } = require('librechat-data-provider');
-const { recordUsage, checkMessageGaps } = require('~/server/services/Threads');
-const { sendResponse } = require('~/server/middleware/error');
-const { getConvo } = require('~/models/Conversation');
+const { sendResponse } = require('~/server/utils');
+const { logger } = require('~/config');
 const getLogStores = require('~/cache/getLogStores');
+const { CacheKeys, ViolationTypes, ContentTypes } = require('librechat-data-provider');
+const { getConvo } = require('~/models/Conversation');
+const { recordUsage, checkMessageGaps } = require('~/server/services/Threads');
 
 /**
  * @typedef {Object} ErrorHandlerContext
@@ -78,7 +78,7 @@ const createErrorHandler = ({ req, res, getContext, originPath = '/assistants/ch
     } else if (/Files.*are invalid/.test(error.message)) {
       const errorMessage = `Files are invalid, or may not have uploaded yet.${
         endpoint === 'azureAssistants'
-          ? " If using Azure OpenAI, files are only available in the region of the assistant's model at the time of upload."
+          ? ' If using Azure OpenAI, files are only available in the region of the assistant\'s model at the time of upload.'
           : ''
       }`;
       return sendResponse(req, res, messageData, errorMessage);

api/server/controllers/assistants/v1.js

@@ -1,5 +1,4 @@
 const fs = require('fs').promises;
-const { logger } = require('@librechat/data-schemas');
 const { FileContext } = require('librechat-data-provider');
 const { uploadImageBuffer, filterFile } = require('~/server/services/Files/process');
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
@@ -7,9 +6,9 @@ const { getStrategyFunctions } = require('~/server/services/Files/strategies');
 const { deleteAssistantActions } = require('~/server/services/ActionService');
 const { updateAssistantDoc, getAssistants } = require('~/models/Assistant');
 const { getOpenAIClient, fetchAssistants } = require('./helpers');
-const { getCachedTools } = require('~/server/services/Config');
 const { manifestToolMap } = require('~/app/clients/tools');
 const { deleteFileByFilter } = require('~/models/File');
+const { logger } = require('~/config');
 
 /**
  * Create an assistant.
@@ -31,20 +30,21 @@ const createAssistant = async (req, res) => {
     delete assistantData.conversation_starters;
     delete assistantData.append_current_datetime;
 
-    const toolDefinitions = await getCachedTools({ includeGlobal: true });
-
     assistantData.tools = tools
       .map((tool) => {
         if (typeof tool !== 'string') {
           return tool;
         }
 
+        const toolDefinitions = req.app.locals.availableTools;
         const toolDef = toolDefinitions[tool];
         if (!toolDef && manifestToolMap[tool] && manifestToolMap[tool].toolkit === true) {
-          return Object.entries(toolDefinitions)
-            .filter(([key]) => key.startsWith(`${tool}_`))
-
-            .map(([_, val]) => val);
+          return (
+            Object.entries(toolDefinitions)
+              .filter(([key]) => key.startsWith(`${tool}_`))
+              // eslint-disable-next-line no-unused-vars
+              .map(([_, val]) => val)
+          );
         }
 
         return toolDef;
@@ -135,21 +135,21 @@ const patchAssistant = async (req, res) => {
       append_current_datetime,
       ...updateData
     } = req.body;
-
-    const toolDefinitions = await getCachedTools({ includeGlobal: true });
-
     updateData.tools = (updateData.tools ?? [])
       .map((tool) => {
         if (typeof tool !== 'string') {
           return tool;
         }
 
+        const toolDefinitions = req.app.locals.availableTools;
         const toolDef = toolDefinitions[tool];
         if (!toolDef && manifestToolMap[tool] && manifestToolMap[tool].toolkit === true) {
-          return Object.entries(toolDefinitions)
-            .filter(([key]) => key.startsWith(`${tool}_`))
-
-            .map(([_, val]) => val);
+          return (
+            Object.entries(toolDefinitions)
+              .filter(([key]) => key.startsWith(`${tool}_`))
+              // eslint-disable-next-line no-unused-vars
+              .map(([_, val]) => val)
+          );
         }
 
         return toolDef;

api/server/controllers/assistants/v2.js

@@ -1,11 +1,10 @@
-const { logger } = require('@librechat/data-schemas');
 const { ToolCallTypes } = require('librechat-data-provider');
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { validateAndUpdateTool } = require('~/server/services/ActionService');
-const { getCachedTools } = require('~/server/services/Config');
 const { updateAssistantDoc } = require('~/models/Assistant');
 const { manifestToolMap } = require('~/app/clients/tools');
 const { getOpenAIClient } = require('./helpers');
+const { logger } = require('~/config');
 
 /**
  * Create an assistant.
@@ -28,20 +27,21 @@ const createAssistant = async (req, res) => {
     delete assistantData.conversation_starters;
     delete assistantData.append_current_datetime;
 
-    const toolDefinitions = await getCachedTools({ includeGlobal: true });
-
     assistantData.tools = tools
       .map((tool) => {
         if (typeof tool !== 'string') {
           return tool;
         }
 
+        const toolDefinitions = req.app.locals.availableTools;
         const toolDef = toolDefinitions[tool];
         if (!toolDef && manifestToolMap[tool] && manifestToolMap[tool].toolkit === true) {
-          return Object.entries(toolDefinitions)
-            .filter(([key]) => key.startsWith(`${tool}_`))
-
-            .map(([_, val]) => val);
+          return (
+            Object.entries(toolDefinitions)
+              .filter(([key]) => key.startsWith(`${tool}_`))
+              // eslint-disable-next-line no-unused-vars
+              .map(([_, val]) => val)
+          );
         }
 
         return toolDef;
@@ -125,13 +125,13 @@ const updateAssistant = async ({ req, openai, assistant_id, updateData }) => {
 
   let hasFileSearch = false;
   for (const tool of updateData.tools ?? []) {
-    const toolDefinitions = await getCachedTools({ includeGlobal: true });
+    const toolDefinitions = req.app.locals.availableTools;
     let actualTool = typeof tool === 'string' ? toolDefinitions[tool] : tool;
 
     if (!actualTool && manifestToolMap[tool] && manifestToolMap[tool].toolkit === true) {
       actualTool = Object.entries(toolDefinitions)
         .filter(([key]) => key.startsWith(`${tool}_`))
-
+        // eslint-disable-next-line no-unused-vars
         .map(([_, val]) => val);
     } else if (!actualTool) {
       continue;

api/server/controllers/auth/LoginController.js

@@ -1,5 +1,5 @@
 const { generate2FATempToken } = require('~/server/services/twoFactorService');
-const { setAuthTokens } = require('~/server/services/AuthService');
+const { setAuthTokens } = require('@librechat/auth');
 const { logger } = require('~/config');
 
 const loginController = async (req, res) => {

api/server/controllers/auth/LogoutController.js

@@ -1,6 +1,6 @@
 const cookies = require('cookie');
-const { getOpenIdConfig } = require('~/strategies');
-const { logoutUser } = require('~/server/services/AuthService');
+const { getOpenIdConfig } = require('@librechat/auth');
+const { logoutUser } = require('@librechat/auth');
 const { isEnabled } = require('~/server/utils');
 const { logger } = require('~/config');
 

api/server/controllers/auth/TwoFactorAuthController.js

@@ -5,7 +5,7 @@ const {
   getTOTPSecret,
   verifyBackupCode,
 } = require('~/server/services/twoFactorService');
-const { setAuthTokens } = require('~/server/services/AuthService');
+const { setAuthTokens } = require('@librechat/auth');
 const { getUserById } = require('~/models');
 
 /**

api/server/controllers/tools.js

@@ -1,21 +1,21 @@
 const { nanoid } = require('nanoid');
 const { EnvVar } = require('@librechat/agents');
-const { logger } = require('@librechat/data-schemas');
-const { checkAccess, loadWebSearchAuth } = require('@librechat/api');
 const {
   Tools,
   AuthType,
   Permissions,
   ToolCallTypes,
   PermissionTypes,
+  loadWebSearchAuth,
 } = require('librechat-data-provider');
 const { processFileURL, uploadImageBuffer } = require('~/server/services/Files/process');
 const { processCodeOutput } = require('~/server/services/Files/Code/process');
 const { createToolCall, getToolCallsByConvo } = require('~/models/ToolCall');
 const { loadAuthValues } = require('~/server/services/Tools/credentials');
 const { loadTools } = require('~/app/clients/tools/util');
-const { getRoleByName } = require('~/models/Role');
+const { checkAccess } = require('~/server/middleware');
 const { getMessage } = require('~/models/Message');
+const { logger } = require('~/config');
 
 const fieldsMap = {
   [Tools.execute_code]: [EnvVar.CODE_API_KEY],
@@ -79,7 +79,6 @@ const verifyToolAuth = async (req, res) => {
         throwError: false,
       });
     } catch (error) {
-      logger.error('Error loading auth values', error);
       res.status(200).json({ authenticated: false, message: AuthType.USER_PROVIDED });
       return;
     }
@@ -133,12 +132,7 @@ const callTool = async (req, res) => {
     logger.debug(`[${toolId}/call] User: ${req.user.id}`);
     let hasAccess = true;
     if (toolAccessPermType[toolId]) {
-      hasAccess = await checkAccess({
-        user: req.user,
-        permissionType: toolAccessPermType[toolId],
-        permissions: [Permissions.USE],
-        getRoleByName,
-      });
+      hasAccess = await checkAccess(req.user, toolAccessPermType[toolId], [Permissions.USE]);
     }
     if (!hasAccess) {
       logger.warn(

api/server/index.js

@@ -1,27 +1,29 @@
 require('dotenv').config();
-const fs = require('fs');
 const path = require('path');
 require('module-alias')({ base: path.resolve(__dirname, '..') });
 const cors = require('cors');
 const axios = require('axios');
 const express = require('express');
-const passport = require('passport');
 const compression = require('compression');
-const cookieParser = require('cookie-parser');
-const { isEnabled } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
+const passport = require('passport');
 const mongoSanitize = require('express-mongo-sanitize');
+const fs = require('fs');
+const cookieParser = require('cookie-parser');
 const { connectDb, indexSync } = require('~/db');
 
+const { initAuth, passportLogin, ldapLogin, jwtLogin } = require('@librechat/auth');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 const validateImageRequest = require('./middleware/validateImageRequest');
-const { jwtLogin, ldapLogin, passportLogin } = require('~/strategies');
 const errorController = require('./controllers/ErrorController');
-const initializeMCPs = require('./services/initializeMCPs');
 const configureSocialLogins = require('./socialLogins');
 const AppService = require('./services/AppService');
 const staticCache = require('./utils/staticCache');
 const noIndex = require('./middleware/noIndex');
 const routes = require('./routes');
+const { getBalanceConfig } = require('./services/Config');
+const { getStrategyFunctions } = require('~/server/services/Files/strategies');
+const { FileSources } = require('librechat-data-provider');
 
 const { PORT, HOST, ALLOW_SOCIAL_LOGIN, DISABLE_COMPRESSION, TRUST_PROXY } = process.env ?? {};
 
@@ -36,12 +38,15 @@ const startServer = async () => {
   if (typeof Bun !== 'undefined') {
     axios.defaults.headers.common['Accept-Encoding'] = 'gzip';
   }
-  await connectDb();
+  const mongooseInstance = await connectDb();
+
+  const balanceConfig = await getBalanceConfig();
+  const { saveBuffer } = getStrategyFunctions(process.env.CDN_PROVIDER ?? FileSources.local);
+  // initialize the auth package
+  initAuth(mongooseInstance, balanceConfig, saveBuffer);
 
   logger.info('Connected to MongoDB');
-  indexSync().catch((err) => {
-    logger.error('[indexSync] Background sync failed:', err);
-  });
+  await indexSync();
 
   app.disable('x-powered-by');
   app.set('trust proxy', trusted_proxy);
@@ -55,6 +60,7 @@ const startServer = async () => {
 
   /* Middleware */
   app.use(noIndex);
+  app.use(errorController);
   app.use(express.json({ limit: '3mb' }));
   app.use(express.urlencoded({ extended: true, limit: '3mb' }));
   app.use(mongoSanitize());
@@ -96,6 +102,7 @@ const startServer = async () => {
   app.use('/api/actions', routes.actions);
   app.use('/api/keys', routes.keys);
   app.use('/api/user', routes.user);
+  app.use('/api/ask', routes.ask);
   app.use('/api/search', routes.search);
   app.use('/api/edit', routes.edit);
   app.use('/api/messages', routes.messages);
@@ -116,12 +123,9 @@ const startServer = async () => {
   app.use('/api/roles', routes.roles);
   app.use('/api/agents', routes.agents);
   app.use('/api/banner', routes.banner);
+  app.use('/api/bedrock', routes.bedrock);
   app.use('/api/memories', routes.memories);
   app.use('/api/tags', routes.tags);
-  app.use('/api/mcp', routes.mcp);
-
-  // Add the error controller one more time after all routes
-  app.use(errorController);
 
   app.use((req, res) => {
     res.set({
@@ -145,8 +149,6 @@ const startServer = async () => {
     } else {
       logger.info(`Server listening at http://${host == '0.0.0.0' ? 'localhost' : host}:${port}`);
     }
-
-    initializeMCPs(app);
   });
 };
 
@@ -189,5 +191,5 @@ process.on('uncaughtException', (err) => {
   process.exit(1);
 });
 
-/** Export app for easier testing purposes */
+// export app for easier testing purposes
 module.exports = app;

api/server/index.spec.js

@@ -1,4 +1,5 @@
 const fs = require('fs');
+const path = require('path');
 const request = require('supertest');
 const { MongoMemoryServer } = require('mongodb-memory-server');
 const mongoose = require('mongoose');
@@ -58,30 +59,6 @@ describe('Server Configuration', () => {
     expect(response.headers['pragma']).toBe('no-cache');
     expect(response.headers['expires']).toBe('0');
   });
-
-  it('should return 500 for unknown errors via ErrorController', async () => {
-    // Testing the error handling here on top of unit tests to ensure the middleware is correctly integrated
-
-    // Mock MongoDB operations to fail
-    const originalFindOne = mongoose.models.User.findOne;
-    const mockError = new Error('MongoDB operation failed');
-    mongoose.models.User.findOne = jest.fn().mockImplementation(() => {
-      throw mockError;
-    });
-
-    try {
-      const response = await request(app).post('/api/auth/login').send({
-        email: 'test@example.com',
-        password: 'password123',
-      });
-
-      expect(response.status).toBe(500);
-      expect(response.text).toBe('An unknown error occurred.');
-    } finally {
-      // Restore original function
-      mongoose.models.User.findOne = originalFindOne;
-    }
-  });
 });
 
 // Polls the /health endpoint every 30ms for up to 10 seconds to wait for the server to start completely

api/server/middleware/abortMiddleware.js

@@ -1,13 +1,13 @@
-const { logger } = require('@librechat/data-schemas');
-const { countTokens, isEnabled, sendEvent } = require('@librechat/api');
+// abortMiddleware.js
 const { isAssistantsEndpoint, ErrorTypes } = require('librechat-data-provider');
+const { sendMessage, sendError, countTokens, isEnabled } = require('~/server/utils');
 const { truncateText, smartTruncateText } = require('~/app/clients/prompts');
 const clearPendingReq = require('~/cache/clearPendingReq');
-const { sendError } = require('~/server/middleware/error');
 const { spendTokens } = require('~/models/spendTokens');
 const abortControllers = require('./abortControllers');
 const { saveMessage, getConvo } = require('~/models');
 const { abortRun } = require('./abortRun');
+const { logger } = require('~/config');
 
 const abortDataMap = new WeakMap();
 
@@ -101,7 +101,7 @@ async function abortMessage(req, res) {
   cleanupAbortController(abortKey);
 
   if (res.headersSent && finalEvent) {
-    return sendEvent(res, finalEvent);
+    return sendMessage(res, finalEvent);
   }
 
   res.setHeader('Content-Type', 'application/json');
@@ -174,7 +174,7 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
    * @param {string} responseMessageId
    */
   const onStart = (userMessage, responseMessageId) => {
-    sendEvent(res, { message: userMessage, created: true });
+    sendMessage(res, { message: userMessage, created: true });
 
     const abortKey = userMessage?.conversationId ?? req.user.id;
     getReqData({ abortKey });

api/server/middleware/abortRun.js

@@ -1,11 +1,11 @@
-const { sendEvent } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const { CacheKeys, RunStatus, isUUID } = require('librechat-data-provider');
 const { initializeClient } = require('~/server/services/Endpoints/assistants');
 const { checkMessageGaps, recordUsage } = require('~/server/services/Threads');
 const { deleteMessages } = require('~/models/Message');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
+const { sendMessage } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const three_minutes = 1000 * 60 * 3;
 
@@ -34,7 +34,7 @@ async function abortRun(req, res) {
   const [thread_id, run_id] = runValues.split(':');
 
   if (!run_id) {
-    logger.warn("[abortRun] Couldn't find run for cancel request", { thread_id });
+    logger.warn('[abortRun] Couldn\'t find run for cancel request', { thread_id });
     return res.status(204).send({ message: 'Run not found' });
   } else if (run_id === 'cancelled') {
     logger.warn('[abortRun] Run already cancelled', { thread_id });
@@ -93,7 +93,7 @@ async function abortRun(req, res) {
   };
 
   if (res.headersSent && finalEvent) {
-    return sendEvent(res, finalEvent);
+    return sendMessage(res, finalEvent);
   }
 
   res.json(finalEvent);

api/server/middleware/buildEndpointOption.js

@@ -1,13 +1,13 @@
-const { handleError } = require('@librechat/api');
-const { logger } = require('@librechat/data-schemas');
 const {
-  EndpointURLs,
+  parseCompactConvo,
   EModelEndpoint,
   isAgentsEndpoint,
-  parseCompactConvo,
+  EndpointURLs,
 } = require('librechat-data-provider');
 const azureAssistants = require('~/server/services/Endpoints/azureAssistants');
+const { getModelsConfig } = require('~/server/controllers/ModelController');
 const assistants = require('~/server/services/Endpoints/assistants');
+const gptPlugins = require('~/server/services/Endpoints/gptPlugins');
 const { processFiles } = require('~/server/services/Files/process');
 const anthropic = require('~/server/services/Endpoints/anthropic');
 const bedrock = require('~/server/services/Endpoints/bedrock');
@@ -15,6 +15,7 @@ const openAI = require('~/server/services/Endpoints/openAI');
 const agents = require('~/server/services/Endpoints/agents');
 const custom = require('~/server/services/Endpoints/custom');
 const google = require('~/server/services/Endpoints/google');
+const { handleError } = require('~/server/utils');
 
 const buildFunction = {
   [EModelEndpoint.openAI]: openAI.buildOptions,
@@ -24,6 +25,7 @@ const buildFunction = {
   [EModelEndpoint.bedrock]: bedrock.buildOptions,
   [EModelEndpoint.azureOpenAI]: openAI.buildOptions,
   [EModelEndpoint.anthropic]: anthropic.buildOptions,
+  [EModelEndpoint.gptPlugins]: gptPlugins.buildOptions,
   [EModelEndpoint.assistants]: assistants.buildOptions,
   [EModelEndpoint.azureAssistants]: azureAssistants.buildOptions,
 };
@@ -34,9 +36,6 @@ async function buildEndpointOption(req, res, next) {
   try {
     parsedBody = parseCompactConvo({ endpoint, endpointType, conversation: req.body });
   } catch (error) {
-    logger.warn(
-      `Error parsing conversation for endpoint ${endpoint}${error?.message ? `: ${error.message}` : ''}`,
-    );
     return handleError(res, { text: 'Error parsing conversation' });
   }
 
@@ -58,6 +57,15 @@ async function buildEndpointOption(req, res, next) {
       return handleError(res, { text: 'Model spec mismatch' });
     }
 
+    if (
+      currentModelSpec.preset.endpoint !== EModelEndpoint.gptPlugins &&
+      currentModelSpec.preset.tools
+    ) {
+      return handleError(res, {
+        text: `Only the "${EModelEndpoint.gptPlugins}" endpoint can have tools defined in the preset`,
+      });
+    }
+
     try {
       currentModelSpec.preset.spec = spec;
       if (currentModelSpec.iconURL != null && currentModelSpec.iconURL !== '') {
@@ -69,7 +77,6 @@ async function buildEndpointOption(req, res, next) {
         conversation: currentModelSpec.preset,
       });
     } catch (error) {
-      logger.error(`Error parsing model spec for endpoint ${endpoint}`, error);
       return handleError(res, { text: 'Error parsing model spec' });
     }
   }
@@ -77,23 +84,20 @@ async function buildEndpointOption(req, res, next) {
   try {
     const isAgents =
       isAgentsEndpoint(endpoint) || req.baseUrl.startsWith(EndpointURLs[EModelEndpoint.agents]);
-    const builder = isAgents
-      ? (...args) => buildFunction[EModelEndpoint.agents](req, ...args)
-      : buildFunction[endpointType ?? endpoint];
+    const endpointFn = buildFunction[isAgents ? EModelEndpoint.agents : (endpointType ?? endpoint)];
+    const builder = isAgents ? (...args) => endpointFn(req, ...args) : endpointFn;
 
     // TODO: use object params
     req.body.endpointOption = await builder(endpoint, parsedBody, endpointType);
 
+    // TODO: use `getModelsConfig` only when necessary
+    const modelsConfig = await getModelsConfig(req);
+    req.body.endpointOption.modelsConfig = modelsConfig;
     if (req.body.files && !isAgents) {
       req.body.endpointOption.attachments = processFiles(req.body.files);
     }
-
     next();
   } catch (error) {
-    logger.error(
-      `Error building endpoint option for endpoint ${endpoint} with type ${endpointType}`,
-      error,
-    );
     return handleError(res, { text: 'Error building endpoint option' });
   }
 }

api/server/middleware/checkBan.js

@@ -18,6 +18,7 @@ const message = 'Your account has been temporarily banned due to violations of o
  * @function
  * @param {Object} req - Express Request object.
  * @param {Object} res - Express Response object.
+ * @param {String} errorMessage - Error message to be displayed in case of /api/ask or /api/edit request.
  *
  * @returns {Promise<Object>} - Returns a Promise which when resolved sends a response status of 403 with a specific message if request is not of api/ask or api/edit types. If it is, calls `denyRequest()` function.
  */
@@ -134,7 +135,6 @@ const checkBan = async (req, res, next = () => {}) => {
     return await banResponse(req, res);
   } catch (error) {
     logger.error('Error in checkBan middleware:', error);
-    return next(error);
   }
 };
 

api/server/middleware/concurrentLimiter.js

@@ -1,4 +1,4 @@
-const { Time, CacheKeys, ViolationTypes } = require('librechat-data-provider');
+const { Time, CacheKeys } = require('librechat-data-provider');
 const clearPendingReq = require('~/cache/clearPendingReq');
 const { logViolation, getLogStores } = require('~/cache');
 const { isEnabled } = require('~/server/utils');
@@ -37,7 +37,7 @@ const concurrentLimiter = async (req, res, next) => {
 
   const userId = req.user?.id ?? req.user?._id ?? '';
   const limit = Math.max(CONCURRENT_MESSAGE_MAX, 1);
-  const type = ViolationTypes.CONCURRENT;
+  const type = 'concurrent';
 
   const key = `${isEnabled(USE_REDIS) ? namespace : ''}:${userId}`;
   const pendingRequests = +((await cache.get(key)) ?? 0);

api/server/middleware/denyRequest.js

@@ -1,7 +1,6 @@
 const crypto = require('crypto');
-const { sendEvent } = require('@librechat/api');
 const { getResponseSender, Constants } = require('librechat-data-provider');
-const { sendError } = require('~/server/middleware/error');
+const { sendMessage, sendError } = require('~/server/utils');
 const { saveMessage } = require('~/models');
 
 /**
@@ -37,7 +36,7 @@ const denyRequest = async (req, res, errorMessage) => {
     isCreatedByUser: true,
     text,
   };
-  sendEvent(res, { message: userMessage, created: true });
+  sendMessage(res, { message: userMessage, created: true });
 
   const shouldSaveMessage = _convoId && parentMessageId && parentMessageId !== Constants.NO_PARENT;
 

api/server/middleware/limiters/forkLimiters.js

@@ -1,79 +0,0 @@
-const rateLimit = require('express-rate-limit');
-const { ViolationTypes } = require('librechat-data-provider');
-const { limiterCache } = require('~/cache/cacheFactory');
-const logViolation = require('~/cache/logViolation');
-
-const getEnvironmentVariables = () => {
-  const FORK_IP_MAX = parseInt(process.env.FORK_IP_MAX) || 30;
-  const FORK_IP_WINDOW = parseInt(process.env.FORK_IP_WINDOW) || 1;
-  const FORK_USER_MAX = parseInt(process.env.FORK_USER_MAX) || 7;
-  const FORK_USER_WINDOW = parseInt(process.env.FORK_USER_WINDOW) || 1;
-  const FORK_VIOLATION_SCORE = process.env.FORK_VIOLATION_SCORE;
-
-  const forkIpWindowMs = FORK_IP_WINDOW * 60 * 1000;
-  const forkIpMax = FORK_IP_MAX;
-  const forkIpWindowInMinutes = forkIpWindowMs / 60000;
-
-  const forkUserWindowMs = FORK_USER_WINDOW * 60 * 1000;
-  const forkUserMax = FORK_USER_MAX;
-  const forkUserWindowInMinutes = forkUserWindowMs / 60000;
-
-  return {
-    forkIpWindowMs,
-    forkIpMax,
-    forkIpWindowInMinutes,
-    forkUserWindowMs,
-    forkUserMax,
-    forkUserWindowInMinutes,
-    forkViolationScore: FORK_VIOLATION_SCORE,
-  };
-};
-
-const createForkHandler = (ip = true) => {
-  const {
-    forkIpMax,
-    forkUserMax,
-    forkViolationScore,
-    forkIpWindowInMinutes,
-    forkUserWindowInMinutes,
-  } = getEnvironmentVariables();
-
-  return async (req, res) => {
-    const type = ViolationTypes.FILE_UPLOAD_LIMIT;
-    const errorMessage = {
-      type,
-      max: ip ? forkIpMax : forkUserMax,
-      limiter: ip ? 'ip' : 'user',
-      windowInMinutes: ip ? forkIpWindowInMinutes : forkUserWindowInMinutes,
-    };
-
-    await logViolation(req, res, type, errorMessage, forkViolationScore);
-    res.status(429).json({ message: 'Too many conversation fork requests. Try again later' });
-  };
-};
-
-const createForkLimiters = () => {
-  const { forkIpWindowMs, forkIpMax, forkUserWindowMs, forkUserMax } = getEnvironmentVariables();
-
-  const ipLimiterOptions = {
-    windowMs: forkIpWindowMs,
-    max: forkIpMax,
-    handler: createForkHandler(),
-    store: limiterCache('fork_ip_limiter'),
-  };
-  const userLimiterOptions = {
-    windowMs: forkUserWindowMs,
-    max: forkUserMax,
-    handler: createForkHandler(false),
-    keyGenerator: function (req) {
-      return req.user?.id;
-    },
-    store: limiterCache('fork_user_limiter'),
-  };
-
-  const forkIpLimiter = rateLimit(ipLimiterOptions);
-  const forkUserLimiter = rateLimit(userLimiterOptions);
-  return { forkIpLimiter, forkUserLimiter };
-};
-
-module.exports = { createForkLimiters };

api/server/middleware/limiters/importLimiters.js

@@ -1,14 +1,16 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { limiterCache } = require('~/cache/cacheFactory');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const IMPORT_IP_MAX = parseInt(process.env.IMPORT_IP_MAX) || 100;
   const IMPORT_IP_WINDOW = parseInt(process.env.IMPORT_IP_WINDOW) || 15;
   const IMPORT_USER_MAX = parseInt(process.env.IMPORT_USER_MAX) || 50;
   const IMPORT_USER_WINDOW = parseInt(process.env.IMPORT_USER_WINDOW) || 15;
-  const IMPORT_VIOLATION_SCORE = process.env.IMPORT_VIOLATION_SCORE;
 
   const importIpWindowMs = IMPORT_IP_WINDOW * 60 * 1000;
   const importIpMax = IMPORT_IP_MAX;
@@ -25,18 +27,12 @@ const getEnvironmentVariables = () => {
     importUserWindowMs,
     importUserMax,
     importUserWindowInMinutes,
-    importViolationScore: IMPORT_VIOLATION_SCORE,
   };
 };
 
 const createImportHandler = (ip = true) => {
-  const {
-    importIpMax,
-    importUserMax,
-    importViolationScore,
-    importIpWindowInMinutes,
-    importUserWindowInMinutes,
-  } = getEnvironmentVariables();
+  const { importIpMax, importIpWindowInMinutes, importUserMax, importUserWindowInMinutes } =
+    getEnvironmentVariables();
 
   return async (req, res) => {
     const type = ViolationTypes.FILE_UPLOAD_LIMIT;
@@ -47,7 +43,7 @@ const createImportHandler = (ip = true) => {
       windowInMinutes: ip ? importIpWindowInMinutes : importUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, importViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many conversation import requests. Try again later' });
   };
 };
@@ -60,7 +56,6 @@ const createImportLimiters = () => {
     windowMs: importIpWindowMs,
     max: importIpMax,
     handler: createImportHandler(),
-    store: limiterCache('import_ip_limiter'),
   };
   const userLimiterOptions = {
     windowMs: importUserWindowMs,
@@ -69,9 +64,23 @@ const createImportLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-    store: limiterCache('import_user_limiter'),
   };
 
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for import rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'import_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'import_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
   const importIpLimiter = rateLimit(ipLimiterOptions);
   const importUserLimiter = rateLimit(userLimiterOptions);
   return { importIpLimiter, importUserLimiter };

api/server/middleware/limiters/index.js

@@ -4,7 +4,6 @@ const createSTTLimiters = require('./sttLimiters');
 const loginLimiter = require('./loginLimiter');
 const importLimiters = require('./importLimiters');
 const uploadLimiters = require('./uploadLimiters');
-const forkLimiters = require('./forkLimiters');
 const registerLimiter = require('./registerLimiter');
 const toolCallLimiter = require('./toolCallLimiter');
 const messageLimiters = require('./messageLimiters');
@@ -15,7 +14,6 @@ module.exports = {
   ...uploadLimiters,
   ...importLimiters,
   ...messageLimiters,
-  ...forkLimiters,
   loginLimiter,
   registerLimiter,
   toolCallLimiter,

api/server/middleware/limiters/loginLimiter.js

@@ -1,8 +1,9 @@
 const rateLimit = require('express-rate-limit');
-const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts } = require('~/server/utils');
-const { limiterCache } = require('~/cache/cacheFactory');
+const { RedisStore } = require('rate-limit-redis');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const { LOGIN_WINDOW = 5, LOGIN_MAX = 7, LOGIN_VIOLATION_SCORE: score } = process.env;
 const windowMs = LOGIN_WINDOW * 60 * 1000;
@@ -11,7 +12,7 @@ const windowInMinutes = windowMs / 60000;
 const message = `Too many login attempts, please try again after ${windowInMinutes} minutes.`;
 
 const handler = async (req, res) => {
-  const type = ViolationTypes.LOGINS;
+  const type = 'logins';
   const errorMessage = {
     type,
     max,
@@ -27,9 +28,17 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
-  store: limiterCache('login_limiter'),
 };
 
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for login rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'login_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
 const loginLimiter = rateLimit(limiterOptions);
 
 module.exports = loginLimiter;

api/server/middleware/limiters/messageLimiters.js

@@ -1,15 +1,16 @@
 const rateLimit = require('express-rate-limit');
-const { ViolationTypes } = require('librechat-data-provider');
+const { RedisStore } = require('rate-limit-redis');
 const denyRequest = require('~/server/middleware/denyRequest');
-const { limiterCache } = require('~/cache/cacheFactory');
+const ioredisClient = require('~/cache/ioredisClient');
+const { isEnabled } = require('~/server/utils');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const {
   MESSAGE_IP_MAX = 40,
   MESSAGE_IP_WINDOW = 1,
   MESSAGE_USER_MAX = 40,
   MESSAGE_USER_WINDOW = 1,
-  MESSAGE_VIOLATION_SCORE: score,
 } = process.env;
 
 const ipWindowMs = MESSAGE_IP_WINDOW * 60 * 1000;
@@ -30,7 +31,7 @@ const userWindowInMinutes = userWindowMs / 60000;
  */
 const createHandler = (ip = true) => {
   return async (req, res) => {
-    const type = ViolationTypes.MESSAGE_LIMIT;
+    const type = 'message_limit';
     const errorMessage = {
       type,
       max: ip ? ipMax : userMax,
@@ -38,7 +39,7 @@ const createHandler = (ip = true) => {
       windowInMinutes: ip ? ipWindowInMinutes : userWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, score);
+    await logViolation(req, res, type, errorMessage);
     return await denyRequest(req, res, errorMessage);
   };
 };
@@ -50,7 +51,6 @@ const ipLimiterOptions = {
   windowMs: ipWindowMs,
   max: ipMax,
   handler: createHandler(),
-  store: limiterCache('message_ip_limiter'),
 };
 
 const userLimiterOptions = {
@@ -60,9 +60,23 @@ const userLimiterOptions = {
   keyGenerator: function (req) {
     return req.user?.id; // Use the user ID or NULL if not available
   },
-  store: limiterCache('message_user_limiter'),
 };
 
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for message rate limiters.');
+  const sendCommand = (...args) => ioredisClient.call(...args);
+  const ipStore = new RedisStore({
+    sendCommand,
+    prefix: 'message_ip_limiter:',
+  });
+  const userStore = new RedisStore({
+    sendCommand,
+    prefix: 'message_user_limiter:',
+  });
+  ipLimiterOptions.store = ipStore;
+  userLimiterOptions.store = userStore;
+}
+
 /**
  * Message request rate limiter by IP
  */

api/server/middleware/limiters/registerLimiter.js

@@ -1,8 +1,9 @@
 const rateLimit = require('express-rate-limit');
-const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts } = require('~/server/utils');
-const { limiterCache } = require('~/cache/cacheFactory');
+const { RedisStore } = require('rate-limit-redis');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const { REGISTER_WINDOW = 60, REGISTER_MAX = 5, REGISTRATION_VIOLATION_SCORE: score } = process.env;
 const windowMs = REGISTER_WINDOW * 60 * 1000;
@@ -11,7 +12,7 @@ const windowInMinutes = windowMs / 60000;
 const message = `Too many accounts created, please try again after ${windowInMinutes} minutes`;
 
 const handler = async (req, res) => {
-  const type = ViolationTypes.REGISTRATIONS;
+  const type = 'registrations';
   const errorMessage = {
     type,
     max,
@@ -27,9 +28,17 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
-  store: limiterCache('register_limiter'),
 };
 
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for register rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'register_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
 const registerLimiter = rateLimit(limiterOptions);
 
 module.exports = registerLimiter;

api/server/middleware/limiters/resetPasswordLimiter.js

@@ -1,8 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts } = require('~/server/utils');
-const { limiterCache } = require('~/cache/cacheFactory');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const {
   RESET_PASSWORD_WINDOW = 2,
@@ -31,9 +33,17 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
-  store: limiterCache('reset_password_limiter'),
 };
 
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for reset password rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'reset_password_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
 const resetPasswordLimiter = rateLimit(limiterOptions);
 
 module.exports = resetPasswordLimiter;

api/server/middleware/limiters/sttLimiters.js

@@ -1,14 +1,16 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { limiterCache } = require('~/cache/cacheFactory');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const STT_IP_MAX = parseInt(process.env.STT_IP_MAX) || 100;
   const STT_IP_WINDOW = parseInt(process.env.STT_IP_WINDOW) || 1;
   const STT_USER_MAX = parseInt(process.env.STT_USER_MAX) || 50;
   const STT_USER_WINDOW = parseInt(process.env.STT_USER_WINDOW) || 1;
-  const STT_VIOLATION_SCORE = process.env.STT_VIOLATION_SCORE;
 
   const sttIpWindowMs = STT_IP_WINDOW * 60 * 1000;
   const sttIpMax = STT_IP_MAX;
@@ -25,12 +27,11 @@ const getEnvironmentVariables = () => {
     sttUserWindowMs,
     sttUserMax,
     sttUserWindowInMinutes,
-    sttViolationScore: STT_VIOLATION_SCORE,
   };
 };
 
 const createSTTHandler = (ip = true) => {
-  const { sttIpMax, sttIpWindowInMinutes, sttUserMax, sttUserWindowInMinutes, sttViolationScore } =
+  const { sttIpMax, sttIpWindowInMinutes, sttUserMax, sttUserWindowInMinutes } =
     getEnvironmentVariables();
 
   return async (req, res) => {
@@ -42,7 +43,7 @@ const createSTTHandler = (ip = true) => {
       windowInMinutes: ip ? sttIpWindowInMinutes : sttUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, sttViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many STT requests. Try again later' });
   };
 };
@@ -54,7 +55,6 @@ const createSTTLimiters = () => {
     windowMs: sttIpWindowMs,
     max: sttIpMax,
     handler: createSTTHandler(),
-    store: limiterCache('stt_ip_limiter'),
   };
 
   const userLimiterOptions = {
@@ -64,9 +64,23 @@ const createSTTLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-    store: limiterCache('stt_user_limiter'),
   };
 
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for STT rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'stt_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'stt_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
   const sttIpLimiter = rateLimit(ipLimiterOptions);
   const sttUserLimiter = rateLimit(userLimiterOptions);
 

api/server/middleware/limiters/toolCallLimiter.js

@@ -1,9 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { limiterCache } = require('~/cache/cacheFactory');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
-
-const { TOOL_CALL_VIOLATION_SCORE: score } = process.env;
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const handler = async (req, res) => {
   const type = ViolationTypes.TOOL_CALL_LIMIT;
@@ -14,7 +15,7 @@ const handler = async (req, res) => {
     windowInMinutes: 1,
   };
 
-  await logViolation(req, res, type, errorMessage, score);
+  await logViolation(req, res, type, errorMessage, 0);
   res.status(429).json({ message: 'Too many tool call requests. Try again later' });
 };
 
@@ -25,9 +26,17 @@ const limiterOptions = {
   keyGenerator: function (req) {
     return req.user?.id;
   },
-  store: limiterCache('tool_call_limiter'),
 };
 
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for tool call rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'tool_call_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
 const toolCallLimiter = rateLimit(limiterOptions);
 
 module.exports = toolCallLimiter;

api/server/middleware/limiters/ttsLimiters.js

@@ -1,14 +1,16 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
-const { limiterCache } = require('~/cache/cacheFactory');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const TTS_IP_MAX = parseInt(process.env.TTS_IP_MAX) || 100;
   const TTS_IP_WINDOW = parseInt(process.env.TTS_IP_WINDOW) || 1;
   const TTS_USER_MAX = parseInt(process.env.TTS_USER_MAX) || 50;
   const TTS_USER_WINDOW = parseInt(process.env.TTS_USER_WINDOW) || 1;
-  const TTS_VIOLATION_SCORE = process.env.TTS_VIOLATION_SCORE;
 
   const ttsIpWindowMs = TTS_IP_WINDOW * 60 * 1000;
   const ttsIpMax = TTS_IP_MAX;
@@ -25,12 +27,11 @@ const getEnvironmentVariables = () => {
     ttsUserWindowMs,
     ttsUserMax,
     ttsUserWindowInMinutes,
-    ttsViolationScore: TTS_VIOLATION_SCORE,
   };
 };
 
 const createTTSHandler = (ip = true) => {
-  const { ttsIpMax, ttsIpWindowInMinutes, ttsUserMax, ttsUserWindowInMinutes, ttsViolationScore } =
+  const { ttsIpMax, ttsIpWindowInMinutes, ttsUserMax, ttsUserWindowInMinutes } =
     getEnvironmentVariables();
 
   return async (req, res) => {
@@ -42,7 +43,7 @@ const createTTSHandler = (ip = true) => {
       windowInMinutes: ip ? ttsIpWindowInMinutes : ttsUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, ttsViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many TTS requests. Try again later' });
   };
 };
@@ -54,19 +55,32 @@ const createTTSLimiters = () => {
     windowMs: ttsIpWindowMs,
     max: ttsIpMax,
     handler: createTTSHandler(),
-    store: limiterCache('tts_ip_limiter'),
   };
 
   const userLimiterOptions = {
     windowMs: ttsUserWindowMs,
     max: ttsUserMax,
     handler: createTTSHandler(false),
-    store: limiterCache('tts_user_limiter'),
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
   };
 
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for TTS rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'tts_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'tts_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
   const ttsIpLimiter = rateLimit(ipLimiterOptions);
   const ttsUserLimiter = rateLimit(userLimiterOptions);
 

api/server/middleware/limiters/uploadLimiters.js

@@ -1,14 +1,16 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { limiterCache } = require('~/cache/cacheFactory');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const FILE_UPLOAD_IP_MAX = parseInt(process.env.FILE_UPLOAD_IP_MAX) || 100;
   const FILE_UPLOAD_IP_WINDOW = parseInt(process.env.FILE_UPLOAD_IP_WINDOW) || 15;
   const FILE_UPLOAD_USER_MAX = parseInt(process.env.FILE_UPLOAD_USER_MAX) || 50;
   const FILE_UPLOAD_USER_WINDOW = parseInt(process.env.FILE_UPLOAD_USER_WINDOW) || 15;
-  const FILE_UPLOAD_VIOLATION_SCORE = process.env.FILE_UPLOAD_VIOLATION_SCORE;
 
   const fileUploadIpWindowMs = FILE_UPLOAD_IP_WINDOW * 60 * 1000;
   const fileUploadIpMax = FILE_UPLOAD_IP_MAX;
@@ -25,7 +27,6 @@ const getEnvironmentVariables = () => {
     fileUploadUserWindowMs,
     fileUploadUserMax,
     fileUploadUserWindowInMinutes,
-    fileUploadViolationScore: FILE_UPLOAD_VIOLATION_SCORE,
   };
 };
 
@@ -35,7 +36,6 @@ const createFileUploadHandler = (ip = true) => {
     fileUploadIpWindowInMinutes,
     fileUploadUserMax,
     fileUploadUserWindowInMinutes,
-    fileUploadViolationScore,
   } = getEnvironmentVariables();
 
   return async (req, res) => {
@@ -47,7 +47,7 @@ const createFileUploadHandler = (ip = true) => {
       windowInMinutes: ip ? fileUploadIpWindowInMinutes : fileUploadUserWindowInMinutes,
     };
 
-    await logViolation(req, res, type, errorMessage, fileUploadViolationScore);
+    await logViolation(req, res, type, errorMessage);
     res.status(429).json({ message: 'Too many file upload requests. Try again later' });
   };
 };
@@ -60,7 +60,6 @@ const createFileLimiters = () => {
     windowMs: fileUploadIpWindowMs,
     max: fileUploadIpMax,
     handler: createFileUploadHandler(),
-    store: limiterCache('file_upload_ip_limiter'),
   };
 
   const userLimiterOptions = {
@@ -70,9 +69,23 @@ const createFileLimiters = () => {
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-    store: limiterCache('file_upload_user_limiter'),
   };
 
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for file upload rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'file_upload_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'file_upload_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
   const fileUploadIpLimiter = rateLimit(ipLimiterOptions);
   const fileUploadUserLimiter = rateLimit(userLimiterOptions);
 

api/server/middleware/limiters/verifyEmailLimiter.js

@@ -1,8 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts } = require('~/server/utils');
-const { limiterCache } = require('~/cache/cacheFactory');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const {
   VERIFY_EMAIL_WINDOW = 2,
@@ -31,9 +33,17 @@ const limiterOptions = {
   max,
   handler,
   keyGenerator: removePorts,
-  store: limiterCache('verify_email_limiter'),
 };
 
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for verify email rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'verify_email_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
 const verifyEmailLimiter = rateLimit(limiterOptions);
 
 module.exports = verifyEmailLimiter;

api/server/middleware/roles/access.js

@@ -0,0 +1,78 @@
+const { getRoleByName } = require('~/models/Role');
+const { logger } = require('~/config');
+
+/**
+ * Core function to check if a user has one or more required permissions
+ *
+ * @param {object} user - The user object
+ * @param {PermissionTypes} permissionType - The type of permission to check
+ * @param {Permissions[]} permissions - The list of specific permissions to check
+ * @param {Record<Permissions, string[]>} [bodyProps] - An optional object where keys are permissions and values are arrays of properties to check
+ * @param {object} [checkObject] - The object to check properties against
+ * @returns {Promise<boolean>} Whether the user has the required permissions
+ */
+const checkAccess = async (user, permissionType, permissions, bodyProps = {}, checkObject = {}) => {
+  if (!user) {
+    return false;
+  }
+
+  const role = await getRoleByName(user.role);
+  if (role && role.permissions && role.permissions[permissionType]) {
+    const hasAnyPermission = permissions.some((permission) => {
+      if (role.permissions[permissionType][permission]) {
+        return true;
+      }
+
+      if (bodyProps[permission] && checkObject) {
+        return bodyProps[permission].some((prop) =>
+          Object.prototype.hasOwnProperty.call(checkObject, prop),
+        );
+      }
+
+      return false;
+    });
+
+    return hasAnyPermission;
+  }
+
+  return false;
+};
+
+/**
+ * Middleware to check if a user has one or more required permissions, optionally based on `req.body` properties.
+ *
+ * @param {PermissionTypes} permissionType - The type of permission to check.
+ * @param {Permissions[]} permissions - The list of specific permissions to check.
+ * @param {Record<Permissions, string[]>} [bodyProps] - An optional object where keys are permissions and values are arrays of `req.body` properties to check.
+ * @returns {(req: ServerRequest, res: ServerResponse, next: NextFunction) => Promise<void>} Express middleware function.
+ */
+const generateCheckAccess = (permissionType, permissions, bodyProps = {}) => {
+  return async (req, res, next) => {
+    try {
+      const hasAccess = await checkAccess(
+        req.user,
+        permissionType,
+        permissions,
+        bodyProps,
+        req.body,
+      );
+
+      if (hasAccess) {
+        return next();
+      }
+
+      logger.warn(
+        `[${permissionType}] Forbidden: Insufficient permissions for User ${req.user.id}: ${permissions.join(', ')}`,
+      );
+      return res.status(403).json({ message: 'Forbidden: Insufficient permissions' });
+    } catch (error) {
+      logger.error(error);
+      return res.status(500).json({ message: `Server error: ${error.message}` });
+    }
+  };
+};
+
+module.exports = {
+  checkAccess,
+  generateCheckAccess,
+};

api/server/middleware/roles/index.js

@@ -1,5 +1,8 @@
 const checkAdmin = require('./admin');
+const { checkAccess, generateCheckAccess } = require('./access');
 
 module.exports = {
   checkAdmin,
+  checkAccess,
+  generateCheckAccess,
 };

api/server/middleware/uaParser.js

@@ -1,6 +1,5 @@
 const uap = require('ua-parser-js');
-const { ViolationTypes } = require('librechat-data-provider');
-const { handleError } = require('@librechat/api');
+const { handleError } = require('../utils');
 const { logViolation } = require('../../cache');
 
 /**
@@ -22,7 +21,7 @@ async function uaParser(req, res, next) {
   const ua = uap(req.headers['user-agent']);
 
   if (!ua.browser.name) {
-    const type = ViolationTypes.NON_BROWSER;
+    const type = 'non_browser';
     await logViolation(req, res, type, { type }, score);
     return handleError(res, { message: 'Illegal request' });
   }

api/server/middleware/validate/convoAccess.js

@@ -1,8 +1,8 @@
-const { isEnabled } = require('@librechat/api');
 const { Constants, ViolationTypes, Time } = require('librechat-data-provider');
 const { searchConversation } = require('~/models/Conversation');
 const denyRequest = require('~/server/middleware/denyRequest');
 const { logViolation, getLogStores } = require('~/cache');
+const { isEnabled } = require('~/server/utils');
 
 const { USE_REDIS, CONVO_ACCESS_VIOLATION_SCORE: score = 0 } = process.env ?? {};