feat: implement search parameter updates

* refactor: streamline model preset handling in conversation setup

* refactor: integrate navigation and location hooks in chat functions and event handlers, prevent cache from fetching on final event handling

* fix: prevent adding code interpreter non-image output to file list on message attachment event, fix all unhandled edge cases when this is done (treating the file download as an image attachment, undefined fields, message tokenCount issues, use of `startsWith` on undefined "text") although it is now prevent altogether

* chore: remove unused jailbreak prop from MinimalIcon component in EndpointIcon

* feat: add new SVG icons (MobileSidebar, Sidebar, XAIcon), fix: xAI styling in dark vs. light modes, adjust styling of Landing icons

* fix: open conversation in new tab on navigation with ctrl/meta key

* refactor: update Nav & Header to use close/open sidebar buttons, as well as redesign "New Chat"/"Bookmarks" buttons to the top of the Nav, matching the latest design of ChatGPT for simplicity and to free up space

* chore: remove unused isToggleHovering state and simplify opacity logic in Nav component

* style: match mobile nav to mobile header

.env.example

@@ -142,7 +142,7 @@ GOOGLE_KEY=user_provided
 # GOOGLE_AUTH_HEADER=true
 
 # Gemini API (AI Studio)
-# GOOGLE_MODELS=gemini-2.0-flash-exp,gemini-2.0-flash-thinking-exp-1219,gemini-exp-1121,gemini-exp-1114,gemini-1.5-flash-latest,gemini-1.0-pro,gemini-1.0-pro-001,gemini-1.0-pro-latest,gemini-1.0-pro-vision-latest,gemini-1.5-pro-latest,gemini-pro,gemini-pro-vision
+# GOOGLE_MODELS=gemini-2.5-pro-exp-03-25,gemini-2.0-flash-exp,gemini-2.0-flash-thinking-exp-1219,gemini-exp-1121,gemini-exp-1114,gemini-1.5-flash-latest,gemini-1.0-pro,gemini-1.0-pro-001,gemini-1.0-pro-latest,gemini-1.0-pro-vision-latest,gemini-1.5-pro-latest,gemini-pro,gemini-pro-vision
 
 # Vertex AI
 # GOOGLE_MODELS=gemini-1.5-flash-preview-0514,gemini-1.5-pro-preview-0514,gemini-1.0-pro-vision-001,gemini-1.0-pro-002,gemini-1.0-pro-001,gemini-pro-vision,gemini-1.0-pro
@@ -231,6 +231,14 @@ AZURE_AI_SEARCH_SEARCH_OPTION_QUERY_TYPE=
 AZURE_AI_SEARCH_SEARCH_OPTION_TOP=
 AZURE_AI_SEARCH_SEARCH_OPTION_SELECT=
 
+# OpenAI Image Tools Customization
+#----------------
+# IMAGE_GEN_OAI_DESCRIPTION_WITH_FILES=Custom description for image generation tool when files are present
+# IMAGE_GEN_OAI_DESCRIPTION_NO_FILES=Custom description for image generation tool when no files are present
+# IMAGE_EDIT_OAI_DESCRIPTION=Custom description for image editing tool
+# IMAGE_GEN_OAI_PROMPT_DESCRIPTION=Custom prompt description for image generation tool
+# IMAGE_EDIT_OAI_PROMPT_DESCRIPTION=Custom prompt description for image editing tool
+
 # DALL·E
 #----------------
 # DALLE_API_KEY=
@@ -364,7 +372,7 @@ ILLEGAL_MODEL_REQ_SCORE=5
 # Balance                #
 #========================#
 
-CHECK_BALANCE=false
+# CHECK_BALANCE=false
 # START_BALANCE=20000 # note: the number of tokens that will be credited after registration.
 
 #========================#
@@ -432,15 +440,19 @@ OPENID_NAME_CLAIM=
 
 OPENID_BUTTON_LABEL=
 OPENID_IMAGE_URL=
+# Set to true to automatically redirect to the OpenID provider when a user visits the login page
+# This will bypass the login form completely for users, only use this if OpenID is your only authentication method
+OPENID_AUTO_REDIRECT=false
 
 # LDAP
 LDAP_URL=
 LDAP_BIND_DN=
 LDAP_BIND_CREDENTIALS=
 LDAP_USER_SEARCH_BASE=
-LDAP_SEARCH_FILTER=mail={{username}}
+#LDAP_SEARCH_FILTER="mail="
 LDAP_CA_CERT_PATH=
 # LDAP_TLS_REJECT_UNAUTHORIZED=
+# LDAP_STARTTLS=
 # LDAP_LOGIN_USES_USERNAME=true
 # LDAP_ID=
 # LDAP_USERNAME=
@@ -473,6 +485,24 @@ FIREBASE_STORAGE_BUCKET=
 FIREBASE_MESSAGING_SENDER_ID=
 FIREBASE_APP_ID=
 
+#========================#
+# S3 AWS Bucket          #
+#========================#
+
+AWS_ENDPOINT_URL=
+AWS_ACCESS_KEY_ID=
+AWS_SECRET_ACCESS_KEY=
+AWS_REGION=
+AWS_BUCKET_NAME=
+
+#========================#
+# Azure Blob Storage     #
+#========================#
+
+AZURE_STORAGE_CONNECTION_STRING=
+AZURE_STORAGE_PUBLIC_ACCESS=false
+AZURE_CONTAINER_NAME=files
+
 #========================#
 # Shared Links           #
 #========================#

.github/CONTRIBUTING.md

@@ -24,22 +24,40 @@ Project maintainers have the right and responsibility to remove, edit, or reject
 
 ## To contribute to this project, please adhere to the following guidelines:
 
-## 1. Development notes
+## 1. Development Setup
 
-1. Before starting work, make sure your main branch has the latest commits with `npm run update`
-2. Run linting command to find errors: `npm run lint`. Alternatively, ensure husky pre-commit checks are functioning.
+1. Use Node.JS 20.x.
+2. Install typescript globally: `npm i -g typescript`.
+3. Run `npm ci` to install dependencies.
+4. Build the data provider: `npm run build:data-provider`.
+5. Build MCP: `npm run build:mcp`.
+6. Build data schemas: `npm run build:data-schemas`.
+7. Setup and run unit tests:
+    - Copy `.env.test`: `cp api/test/.env.test.example api/test/.env.test`.
+    - Run backend unit tests: `npm run test:api`.
+    - Run frontend unit tests: `npm run test:client`.
+8. Setup and run integration tests:
+    - Build client: `cd client && npm run build`.
+    - Create `.env`: `cp .env.example .env`.
+    - Install [MongoDB Community Edition](https://www.mongodb.com/docs/manual/administration/install-community/), ensure that `mongosh` connects to your local instance.
+    - Run: `npx install playwright`, then `npx playwright install`.
+    - Copy `config.local`: `cp e2e/config.local.example.ts e2e/config.local.ts`.
+    - Copy `librechat.yaml`: `cp librechat.example.yaml librechat.yaml`.
+    - Run: `npm run e2e`.
+
+## 2. Development Notes
+
+1. Before starting work, make sure your main branch has the latest commits with `npm run update`.
+3. Run linting command to find errors: `npm run lint`. Alternatively, ensure husky pre-commit checks are functioning.
 3. After your changes, reinstall packages in your current branch using `npm run reinstall` and ensure everything still works. 
     - Restart the ESLint server ("ESLint: Restart ESLint Server" in VS Code command bar) and your IDE after reinstalling or updating.
 4. Clear web app localStorage and cookies before and after changes.
-5. For frontend changes:
-    - Install typescript globally: `npm i -g typescript`.
-    - Compile typescript before and after changes to check for introduced errors: `cd client && tsc --noEmit`.
-6. Run tests locally:
-    - Backend unit tests: `npm run test:api`
-    - Frontend unit tests: `npm run test:client`
-    - Integration tests: `npm run e2e` (requires playwright installed, `npx install playwright`)
+5. For frontend changes, compile typescript before and after changes to check for introduced errors: `cd client && npm run build`.
+6. Run backend unit tests: `npm run test:api`.
+7. Run frontend unit tests: `npm run test:client`.
+8. Run integration tests: `npm run e2e`.
 
-## 2. Git Workflow
+## 3. Git Workflow
 
 We utilize a GitFlow workflow to manage changes to this project's codebase. Follow these general steps when contributing code:
 
@@ -49,7 +67,7 @@ We utilize a GitFlow workflow to manage changes to this project's codebase. Foll
 4. Submit a pull request with a clear and concise description of your changes and the reasons behind them.
 5. We will review your pull request, provide feedback as needed, and eventually merge the approved changes into the main branch.
 
-## 3. Commit Message Format
+## 4. Commit Message Format
 
 We follow the [semantic format](https://gist.github.com/joshbuchea/6f47e86d2510bce28f8e7f42ae84c716) for commit messages.
 
@@ -76,7 +94,7 @@ feat: add hat wobble
 ```
 
 
-## 4. Pull Request Process
+## 5. Pull Request Process
 
 When submitting a pull request, please follow these guidelines:
 
@@ -91,7 +109,7 @@ Ensure that your changes meet the following criteria:
 - The commit history is clean and easy to follow. You can use `git rebase` or `git merge --squash` to clean your commit history before submitting the pull request.
 - The pull request description clearly outlines the changes and the reasons behind them. Be sure to include the steps to test the pull request.
 
-## 5. Naming Conventions
+## 6. Naming Conventions
 
 Apply the following naming conventions to branches, labels, and other Git-related entities:
 
@@ -100,7 +118,7 @@ Apply the following naming conventions to branches, labels, and other Git-relate
 - **JS/TS:** Directories and file names: Descriptive and camelCase. First letter uppercased for React files (e.g., `helperFunction.ts, ReactComponent.tsx`).
 - **Docs:** Directories and file names: Descriptive and snake_case (e.g., `config_files.md`).
 
-## 6. TypeScript Conversion
+## 7. TypeScript Conversion
 
 1. **Original State**: The project was initially developed entirely in JavaScript (JS).
 
@@ -126,7 +144,7 @@ Apply the following naming conventions to branches, labels, and other Git-relate
       
    - **Current Stance**: At present, this backend transition is of lower priority and might not be pursued.
 
-## 7. Module Import Conventions
+## 8. Module Import Conventions
 
 - `npm` packages first, 
      - from shortest line (top) to longest (bottom)

.github/ISSUE_TEMPLATE/BUG-REPORT.yml

@@ -79,6 +79,8 @@ body:
 
         For UI-related issues, browser console logs can be very helpful. You can provide these as screenshots or paste the text here.
       render: shell
+    validations:
+      required: true
   - type: textarea
     id: screenshots
     attributes:

.gitignore

@@ -37,6 +37,10 @@ client/public/main.js
 client/public/main.js.map
 client/public/main.js.LICENSE.txt
 
+# Azure Blob Storage Emulator (Azurite)
+__azurite**
+__blobstorage__/**/*
+
 # Dependency directorys
 # Deployed apps should consider commenting these lines out:
 # see https://npmjs.org/doc/faq.html#Should-I-check-my-node_modules-folder-into-git
@@ -48,6 +52,9 @@ bower_components/
 *.d.ts
 !vite-env.d.ts
 
+# Cline
+.clineignore
+
 # Floobits
 .floo
 .floobit

Dockerfile

@@ -3,7 +3,15 @@
 # Base node image
 FROM node:20-alpine AS node
 
-RUN apk --no-cache add curl
+# Install jemalloc
+RUN apk add --no-cache jemalloc
+
+# Set environment variable to use jemalloc
+ENV LD_PRELOAD=/usr/lib/libjemalloc.so.2
+
+# Add `uv` for extended MCP support
+COPY --from=ghcr.io/astral-sh/uv:0.6.13 /uv /uvx /bin/
+RUN uv --version
 
 RUN mkdir -p /app && chown node:node /app
 WORKDIR /app
@@ -38,4 +46,4 @@ CMD ["npm", "run", "backend"]
 # WORKDIR /usr/share/nginx/html
 # COPY --from=node /app/client/dist /usr/share/nginx/html
 # COPY client/nginx.conf /etc/nginx/conf.d/default.conf
-# ENTRYPOINT ["nginx", "-g", "daemon off;"]
+# ENTRYPOINT ["nginx", "-g", "daemon off;"]

Dockerfile.multi

@@ -3,6 +3,10 @@
 
 # Base for all builds
 FROM node:20-alpine AS base-min
+# Install jemalloc
+RUN apk add --no-cache jemalloc
+# Set environment variable to use jemalloc
+ENV LD_PRELOAD=/usr/lib/libjemalloc.so.2
 WORKDIR /app
 RUN apk --no-cache add curl
 RUN npm config set fetch-retry-maxtimeout 600000 && \
@@ -50,6 +54,9 @@ RUN npm run build
 
 # API setup (including client dist)
 FROM base-min AS api-build
+# Add `uv` for extended MCP support
+COPY --from=ghcr.io/astral-sh/uv:0.6.13 /uv /uvx /bin/
+RUN uv --version
 WORKDIR /app
 # Install only production deps
 RUN npm ci --omit=dev

README.md

@@ -74,6 +74,11 @@
 - 🪄 **Generative UI with Code Artifacts**:  
   - [Code Artifacts](https://youtu.be/GfTj7O4gmd0?si=WJbdnemZpJzBrJo3) allow creation of React, HTML, and Mermaid diagrams directly in chat
 
+- 🎨 **Image Generation & Editing**
+  - Text-to-image and image-to-image with [GPT-Image-1](https://www.librechat.ai/docs/features/image_gen#1--openai-image-tools-recommended)
+  - Text-to-image with [DALL-E (3/2)](https://www.librechat.ai/docs/features/image_gen#2--dalle-legacy), [Stable Diffusion](https://www.librechat.ai/docs/features/image_gen#3--stable-diffusion-local), [Flux](https://www.librechat.ai/docs/features/image_gen#4--flux), or any [MCP server](https://www.librechat.ai/docs/features/image_gen#5--model-context-protocol-mcp)
+  - Produce stunning visuals from prompts or refine existing images with a single instruction
+
 - 💾 **Presets & Context Management**:  
   - Create, Save, & Share Custom Presets  
   - Switch between AI Endpoints and Presets mid-chat

api/app/clients/AnthropicClient.js

@@ -2,12 +2,14 @@ const Anthropic = require('@anthropic-ai/sdk');
 const { HttpsProxyAgent } = require('https-proxy-agent');
 const {
   Constants,
+  ErrorTypes,
   EModelEndpoint,
+  parseTextParts,
   anthropicSettings,
   getResponseSender,
   validateVisionModel,
 } = require('librechat-data-provider');
-const { SplitStreamHandler: _Handler, GraphEvents } = require('@librechat/agents');
+const { SplitStreamHandler: _Handler } = require('@librechat/agents');
 const {
   truncateText,
   formatMessage,
@@ -24,10 +26,11 @@ const {
 const { getModelMaxTokens, getModelMaxOutputTokens, matchModelName } = require('~/utils');
 const { spendTokens, spendStructuredTokens } = require('~/models/spendTokens');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
+const { createFetch, createStreamEventHandlers } = require('./generators');
 const Tokenizer = require('~/server/services/Tokenizer');
-const { logger, sendEvent } = require('~/config');
 const { sleep } = require('~/server/utils');
 const BaseClient = require('./BaseClient');
+const { logger } = require('~/config');
 
 const HUMAN_PROMPT = '\n\nHuman:';
 const AI_PROMPT = '\n\nAssistant:';
@@ -147,12 +150,17 @@ class AnthropicClient extends BaseClient {
     this.maxPromptTokens =
       this.options.maxPromptTokens || this.maxContextTokens - this.maxResponseTokens;
 
-    if (this.maxPromptTokens + this.maxResponseTokens > this.maxContextTokens) {
-      throw new Error(
-        `maxPromptTokens + maxOutputTokens (${this.maxPromptTokens} + ${this.maxResponseTokens} = ${
-          this.maxPromptTokens + this.maxResponseTokens
-        }) must be less than or equal to maxContextTokens (${this.maxContextTokens})`,
-      );
+    const reservedTokens = this.maxPromptTokens + this.maxResponseTokens;
+    if (reservedTokens > this.maxContextTokens) {
+      const info = `Total Possible Tokens + Max Output Tokens must be less than or equal to Max Context Tokens: ${this.maxPromptTokens} (total possible output) + ${this.maxResponseTokens} (max output) = ${reservedTokens}/${this.maxContextTokens} (max context)`;
+      const errorMessage = `{ "type": "${ErrorTypes.INPUT_LENGTH}", "info": "${info}" }`;
+      logger.warn(info);
+      throw new Error(errorMessage);
+    } else if (this.maxResponseTokens === this.maxContextTokens) {
+      const info = `Max Output Tokens must be less than Max Context Tokens: ${this.maxResponseTokens} (max output) = ${this.maxContextTokens} (max context)`;
+      const errorMessage = `{ "type": "${ErrorTypes.INPUT_LENGTH}", "info": "${info}" }`;
+      logger.warn(info);
+      throw new Error(errorMessage);
     }
 
     this.sender =
@@ -177,7 +185,10 @@ class AnthropicClient extends BaseClient {
   getClient(requestOptions) {
     /** @type {Anthropic.ClientOptions} */
     const options = {
-      fetch: this.fetch,
+      fetch: createFetch({
+        directEndpoint: this.options.directEndpoint,
+        reverseProxyUrl: this.options.reverseProxyUrl,
+      }),
       apiKey: this.apiKey,
     };
 
@@ -407,6 +418,9 @@ class AnthropicClient extends BaseClient {
             this.contextHandlers?.processFile(file);
             continue;
           }
+          if (file.metadata?.fileIdentifier) {
+            continue;
+          }
 
           orderedMessages[i].tokenCount += this.calculateImageTokenCost({
             width: file.width,
@@ -689,6 +703,9 @@ class AnthropicClient extends BaseClient {
     return (msg) => {
       if (msg.text != null && msg.text && msg.text.startsWith(':::thinking')) {
         msg.text = msg.text.replace(/:::thinking.*?:::/gs, '').trim();
+      } else if (msg.content != null) {
+        msg.text = parseTextParts(msg.content, true);
+        delete msg.content;
       }
 
       return msg;
@@ -785,14 +802,11 @@ class AnthropicClient extends BaseClient {
     }
 
     logger.debug('[AnthropicClient]', { ...requestOptions });
+    const handlers = createStreamEventHandlers(this.options.res);
     this.streamHandler = new SplitStreamHandler({
       accumulate: true,
       runId: this.responseMessageId,
-      handlers: {
-        [GraphEvents.ON_RUN_STEP]: (event) => sendEvent(this.options.res, event),
-        [GraphEvents.ON_MESSAGE_DELTA]: (event) => sendEvent(this.options.res, event),
-        [GraphEvents.ON_REASONING_DELTA]: (event) => sendEvent(this.options.res, event),
-      },
+      handlers,
     });
 
     let intermediateReply = this.streamHandler.tokens;

api/app/clients/BaseClient.js

@@ -5,14 +5,15 @@ const {
   isAgentsEndpoint,
   isParamEndpoint,
   EModelEndpoint,
+  ContentTypes,
   excludedKeys,
   ErrorTypes,
   Constants,
 } = require('librechat-data-provider');
 const { getMessages, saveMessage, updateMessage, saveConvo, getConvo } = require('~/models');
-const { addSpaceIfNeeded, isEnabled } = require('~/server/utils');
+const { checkBalance } = require('~/models/balanceMethods');
 const { truncateToolCallOutputs } = require('./prompts');
-const checkBalance = require('~/models/checkBalance');
+const { addSpaceIfNeeded } = require('~/server/utils');
 const { getFiles } = require('~/models/File');
 const TextStream = require('./TextStream');
 const { logger } = require('~/config');
@@ -27,15 +28,10 @@ class BaseClient {
       month: 'long',
       day: 'numeric',
     });
-    this.fetch = this.fetch.bind(this);
     /** @type {boolean} */
     this.skipSaveConvo = false;
     /** @type {boolean} */
     this.skipSaveUserMessage = false;
-    /** @type {ClientDatabaseSavePromise} */
-    this.userMessagePromise;
-    /** @type {ClientDatabaseSavePromise} */
-    this.responsePromise;
     /** @type {string} */
     this.user;
     /** @type {string} */
@@ -365,17 +361,14 @@ class BaseClient {
    *  context: TMessage[],
    *  remainingContextTokens: number,
    *  messagesToRefine: TMessage[],
-   *  summaryIndex: number,
-   * }>} An object with four properties: `context`, `summaryIndex`, `remainingContextTokens`, and `messagesToRefine`.
+   * }>} An object with three properties: `context`, `remainingContextTokens`, and `messagesToRefine`.
    *    `context` is an array of messages that fit within the token limit.
-   *    `summaryIndex` is the index of the first message in the `messagesToRefine` array.
    *    `remainingContextTokens` is the number of tokens remaining within the limit after adding the messages to the context.
    *    `messagesToRefine` is an array of messages that were not added to the context because they would have exceeded the token limit.
    */
   async getMessagesWithinTokenLimit({ messages: _messages, maxContextTokens, instructions }) {
     // Every reply is primed with <|start|>assistant<|message|>, so we
     // start with 3 tokens for the label after all messages have been counted.
-    let summaryIndex = -1;
     let currentTokenCount = 3;
     const instructionsTokenCount = instructions?.tokenCount ?? 0;
     let remainingContextTokens =
@@ -408,14 +401,12 @@ class BaseClient {
     }
 
     const prunedMemory = messages;
-    summaryIndex = prunedMemory.length - 1;
     remainingContextTokens -= currentTokenCount;
 
     return {
       context: context.reverse(),
       remainingContextTokens,
       messagesToRefine: prunedMemory,
-      summaryIndex,
     };
   }
 
@@ -458,7 +449,7 @@ class BaseClient {
 
     let orderedWithInstructions = this.addInstructions(orderedMessages, instructions);
 
-    let { context, remainingContextTokens, messagesToRefine, summaryIndex } =
+    let { context, remainingContextTokens, messagesToRefine } =
       await this.getMessagesWithinTokenLimit({
         messages: orderedWithInstructions,
         instructions,
@@ -528,7 +519,7 @@ class BaseClient {
     }
 
     // Make sure to only continue summarization logic if the summary message was generated
-    shouldSummarize = summaryMessage && shouldSummarize;
+    shouldSummarize = summaryMessage != null && shouldSummarize === true;
 
     logger.debug('[BaseClient] Context Count (2/2)', {
       remainingContextTokens,
@@ -538,17 +529,18 @@ class BaseClient {
     /** @type {Record<string, number> | undefined} */
     let tokenCountMap;
     if (buildTokenMap) {
-      tokenCountMap = orderedWithInstructions.reduce((map, message, index) => {
+      const currentPayload = shouldSummarize ? orderedWithInstructions : context;
+      tokenCountMap = currentPayload.reduce((map, message, index) => {
         const { messageId } = message;
         if (!messageId) {
           return map;
         }
 
-        if (shouldSummarize && index === summaryIndex && !usePrevSummary) {
+        if (shouldSummarize && index === messagesToRefine.length - 1 && !usePrevSummary) {
           map.summaryMessage = { ...summaryMessage, messageId, tokenCount: summaryTokenCount };
         }
 
-        map[messageId] = orderedWithInstructions[index].tokenCount;
+        map[messageId] = currentPayload[index].tokenCount;
         return map;
       }, {});
     }
@@ -567,6 +559,8 @@ class BaseClient {
   }
 
   async sendMessage(message, opts = {}) {
+    /** @type {Promise<TMessage>} */
+    let userMessagePromise;
     const { user, head, isEdited, conversationId, responseMessageId, saveOptions, userMessage } =
       await this.handleStartMethods(message, opts);
 
@@ -628,17 +622,18 @@ class BaseClient {
     }
 
     if (!isEdited && !this.skipSaveUserMessage) {
-      this.userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
+      userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
       this.savedMessageIds.add(userMessage.messageId);
       if (typeof opts?.getReqData === 'function') {
         opts.getReqData({
-          userMessagePromise: this.userMessagePromise,
+          userMessagePromise,
         });
       }
     }
 
+    const balance = this.options.req?.app?.locals?.balance;
     if (
-      isEnabled(process.env.CHECK_BALANCE) &&
+      balance?.enabled &&
       supportsBalanceCheck[this.options.endpointType ?? this.options.endpoint]
     ) {
       await checkBalance({
@@ -657,7 +652,9 @@ class BaseClient {
 
     /** @type {string|string[]|undefined} */
     const completion = await this.sendCompletion(payload, opts);
-    this.abortController.requestCompleted = true;
+    if (this.abortController) {
+      this.abortController.requestCompleted = true;
+    }
 
     /** @type {TMessage} */
     const responseMessage = {
@@ -678,7 +675,8 @@ class BaseClient {
       responseMessage.text = addSpaceIfNeeded(generation) + completion;
     } else if (
       Array.isArray(completion) &&
-      isParamEndpoint(this.options.endpoint, this.options.endpointType)
+      (this.clientName === EModelEndpoint.agents ||
+        isParamEndpoint(this.options.endpoint, this.options.endpointType))
     ) {
       responseMessage.text = '';
       responseMessage.content = completion;
@@ -704,7 +702,13 @@ class BaseClient {
       if (usage != null && Number(usage[this.outputTokensKey]) > 0) {
         responseMessage.tokenCount = usage[this.outputTokensKey];
         completionTokens = responseMessage.tokenCount;
-        await this.updateUserMessageTokenCount({ usage, tokenCountMap, userMessage, opts });
+        await this.updateUserMessageTokenCount({
+          usage,
+          tokenCountMap,
+          userMessage,
+          userMessagePromise,
+          opts,
+        });
       } else {
         responseMessage.tokenCount = this.getTokenCountForResponse(responseMessage);
         completionTokens = responseMessage.tokenCount;
@@ -713,8 +717,8 @@ class BaseClient {
       await this.recordTokenUsage({ promptTokens, completionTokens, usage });
     }
 
-    if (this.userMessagePromise) {
-      await this.userMessagePromise;
+    if (userMessagePromise) {
+      await userMessagePromise;
     }
 
     if (this.artifactPromises) {
@@ -729,7 +733,11 @@ class BaseClient {
       }
     }
 
-    this.responsePromise = this.saveMessageToDatabase(responseMessage, saveOptions, user);
+    responseMessage.databasePromise = this.saveMessageToDatabase(
+      responseMessage,
+      saveOptions,
+      user,
+    );
     this.savedMessageIds.add(responseMessage.messageId);
     delete responseMessage.tokenCount;
     return responseMessage;
@@ -750,9 +758,16 @@ class BaseClient {
    * @param {StreamUsage} params.usage
    * @param {Record<string, number>} params.tokenCountMap
    * @param {TMessage} params.userMessage
+   * @param {Promise<TMessage>} params.userMessagePromise
    * @param {object} params.opts
    */
-  async updateUserMessageTokenCount({ usage, tokenCountMap, userMessage, opts }) {
+  async updateUserMessageTokenCount({
+    usage,
+    tokenCountMap,
+    userMessage,
+    userMessagePromise,
+    opts,
+  }) {
     /** @type {boolean} */
     const shouldUpdateCount =
       this.calculateCurrentTokenCount != null &&
@@ -788,7 +803,7 @@ class BaseClient {
       Note: we update the user message to be sure it gets the calculated token count;
       though `AskController` saves the user message, EditController does not
     */
-    await this.userMessagePromise;
+    await userMessagePromise;
     await this.updateMessageInDatabase({
       messageId: userMessage.messageId,
       tokenCount: userMessageTokenCount,
@@ -854,7 +869,7 @@ class BaseClient {
     }
 
     const savedMessage = await saveMessage(
-      this.options.req,
+      this.options?.req,
       {
         ...message,
         endpoint: this.options.endpoint,
@@ -878,16 +893,17 @@ class BaseClient {
     const existingConvo =
       this.fetchedConvo === true
         ? null
-        : await getConvo(this.options.req?.user?.id, message.conversationId);
+        : await getConvo(this.options?.req?.user?.id, message.conversationId);
 
     const unsetFields = {};
+    const exceptions = new Set(['spec', 'iconURL']);
     if (existingConvo != null) {
       this.fetchedConvo = true;
       for (const key in existingConvo) {
         if (!key) {
           continue;
         }
-        if (excludedKeys.has(key)) {
+        if (excludedKeys.has(key) && !exceptions.has(key)) {
           continue;
         }
 
@@ -897,7 +913,7 @@ class BaseClient {
       }
     }
 
-    const conversation = await saveConvo(this.options.req, fieldsToKeep, {
+    const conversation = await saveConvo(this.options?.req, fieldsToKeep, {
       context: 'api/app/clients/BaseClient.js - saveMessageToDatabase #saveConvo',
       unsetFields,
     });
@@ -1021,11 +1037,17 @@ class BaseClient {
     const processValue = (value) => {
       if (Array.isArray(value)) {
         for (let item of value) {
-          if (!item || !item.type || item.type === 'image_url') {
+          if (
+            !item ||
+            !item.type ||
+            item.type === ContentTypes.THINK ||
+            item.type === ContentTypes.ERROR ||
+            item.type === ContentTypes.IMAGE_URL
+          ) {
             continue;
           }
 
-          if (item.type === 'tool_call' && item.tool_call != null) {
+          if (item.type === ContentTypes.TOOL_CALL && item.tool_call != null) {
             const toolName = item.tool_call?.name || '';
             if (toolName != null && toolName && typeof toolName === 'string') {
               numTokens += this.getTokenCount(toolName);
@@ -1121,9 +1143,13 @@ class BaseClient {
         return message;
       }
 
-      const files = await getFiles({
-        file_id: { $in: fileIds },
-      });
+      const files = await getFiles(
+        {
+          file_id: { $in: fileIds },
+        },
+        {},
+        {},
+      );
 
       await this.addImageURLs(message, files, this.visionMode);
 

api/app/clients/ChatGPTClient.js

@@ -1,4 +1,4 @@
-const Keyv = require('keyv');
+const { Keyv } = require('keyv');
 const crypto = require('crypto');
 const { CohereClient } = require('cohere-ai');
 const { fetchEventSource } = require('@waylaidwanderer/fetch-event-source');
@@ -339,7 +339,7 @@ class ChatGPTClient extends BaseClient {
     opts.body = JSON.stringify(modelOptions);
 
     if (modelOptions.stream) {
-      // eslint-disable-next-line no-async-promise-executor
+
       return new Promise(async (resolve, reject) => {
         try {
           let done = false;

api/app/clients/GoogleClient.js

@@ -9,6 +9,7 @@ const {
   validateVisionModel,
   getResponseSender,
   endpointSettings,
+  parseTextParts,
   EModelEndpoint,
   ContentTypes,
   VisionModes,
@@ -198,7 +199,11 @@ class GoogleClient extends BaseClient {
    */
   checkVisionRequest(attachments) {
     /* Validation vision request */
-    this.defaultVisionModel = this.options.visionModel ?? 'gemini-pro-vision';
+    this.defaultVisionModel =
+      this.options.visionModel ??
+      (!EXCLUDED_GENAI_MODELS.test(this.modelOptions.model)
+        ? this.modelOptions.model
+        : 'gemini-pro-vision');
     const availableModels = this.options.modelsConfig?.[EModelEndpoint.google];
     this.isVisionModel = validateVisionModel({ model: this.modelOptions.model, availableModels });
 
@@ -313,6 +318,9 @@ class GoogleClient extends BaseClient {
           this.contextHandlers?.processFile(file);
           continue;
         }
+        if (file.metadata?.fileIdentifier) {
+          continue;
+        }
       }
 
       this.augmentedPrompt = await this.contextHandlers.createContext();
@@ -770,6 +778,22 @@ class GoogleClient extends BaseClient {
     return this.usage;
   }
 
+  getMessageMapMethod() {
+    /**
+     * @param {TMessage} msg
+     */
+    return (msg) => {
+      if (msg.text != null && msg.text && msg.text.startsWith(':::thinking')) {
+        msg.text = msg.text.replace(/:::thinking.*?:::/gs, '').trim();
+      } else if (msg.content != null) {
+        msg.text = parseTextParts(msg.content, true);
+        delete msg.content;
+      }
+
+      return msg;
+    };
+  }
+
   /**
    * Calculates the correct token count for the current user message based on the token count map and API usage.
    * Edge case: If the calculation results in a negative value, it returns the original estimate.

api/app/clients/OpenAIClient.js

@@ -1,10 +1,11 @@
-const OpenAI = require('openai');
 const { OllamaClient } = require('./OllamaClient');
 const { HttpsProxyAgent } = require('https-proxy-agent');
-const { SplitStreamHandler, GraphEvents } = require('@librechat/agents');
+const { SplitStreamHandler, CustomOpenAIClient: OpenAI } = require('@librechat/agents');
 const {
   Constants,
   ImageDetail,
+  ContentTypes,
+  parseTextParts,
   EModelEndpoint,
   resolveHeaders,
   KnownEndpoints,
@@ -30,17 +31,18 @@ const {
   createContextHandlers,
 } = require('./prompts');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
+const { createFetch, createStreamEventHandlers } = require('./generators');
 const { addSpaceIfNeeded, isEnabled, sleep } = require('~/server/utils');
 const Tokenizer = require('~/server/services/Tokenizer');
 const { spendTokens } = require('~/models/spendTokens');
 const { handleOpenAIErrors } = require('./tools/util');
 const { createLLM, RunManager } = require('./llm');
-const { logger, sendEvent } = require('~/config');
 const ChatGPTClient = require('./ChatGPTClient');
 const { summaryBuffer } = require('./memory');
 const { runTitleChain } = require('./chains');
 const { tokenSplit } = require('./document');
 const BaseClient = require('./BaseClient');
+const { logger } = require('~/config');
 
 class OpenAIClient extends BaseClient {
   constructor(apiKey, options = {}) {
@@ -106,7 +108,7 @@ class OpenAIClient extends BaseClient {
       this.checkVisionRequest(this.options.attachments);
     }
 
-    const omniPattern = /\b(o1|o3)\b/i;
+    const omniPattern = /\b(o\d)\b/i;
     this.isOmni = omniPattern.test(this.modelOptions.model);
 
     const { OPENAI_FORCE_PROMPT } = process.env ?? {};
@@ -225,10 +227,6 @@ class OpenAIClient extends BaseClient {
       logger.debug('Using Azure endpoint');
     }
 
-    if (this.useOpenRouter) {
-      this.completionsUrl = 'https://openrouter.ai/api/v1/chat/completions';
-    }
-
     return this;
   }
 
@@ -457,6 +455,9 @@ class OpenAIClient extends BaseClient {
             this.contextHandlers?.processFile(file);
             continue;
           }
+          if (file.metadata?.fileIdentifier) {
+            continue;
+          }
 
           orderedMessages[i].tokenCount += this.calculateImageTokenCost({
             width: file.width,
@@ -505,8 +506,24 @@ class OpenAIClient extends BaseClient {
     if (promptPrefix && this.isOmni === true) {
       const lastUserMessageIndex = payload.findLastIndex((message) => message.role === 'user');
       if (lastUserMessageIndex !== -1) {
-        payload[lastUserMessageIndex].content =
-          `${promptPrefix}\n${payload[lastUserMessageIndex].content}`;
+        if (Array.isArray(payload[lastUserMessageIndex].content)) {
+          const firstTextPartIndex = payload[lastUserMessageIndex].content.findIndex(
+            (part) => part.type === ContentTypes.TEXT,
+          );
+          if (firstTextPartIndex !== -1) {
+            const firstTextPart = payload[lastUserMessageIndex].content[firstTextPartIndex];
+            payload[lastUserMessageIndex].content[firstTextPartIndex].text =
+              `${promptPrefix}\n${firstTextPart.text}`;
+          } else {
+            payload[lastUserMessageIndex].content.unshift({
+              type: ContentTypes.TEXT,
+              text: promptPrefix,
+            });
+          }
+        } else {
+          payload[lastUserMessageIndex].content =
+            `${promptPrefix}\n${payload[lastUserMessageIndex].content}`;
+        }
       }
     }
 
@@ -595,7 +612,7 @@ class OpenAIClient extends BaseClient {
         return result.trim();
       }
 
-      logger.debug('[OpenAIClient] sendCompletion: result', result);
+      logger.debug('[OpenAIClient] sendCompletion: result', { ...result });
 
       if (this.isChatCompletion) {
         reply = result.choices[0].message.content;
@@ -804,7 +821,7 @@ ${convo}
 
         const completionTokens = this.getTokenCount(title);
 
-        this.recordTokenUsage({ promptTokens, completionTokens, context: 'title' });
+        await this.recordTokenUsage({ promptTokens, completionTokens, context: 'title' });
       } catch (e) {
         logger.error(
           '[OpenAIClient] There was an issue generating the title with the completion method',
@@ -1107,6 +1124,9 @@ ${convo}
     return (msg) => {
       if (msg.text != null && msg.text && msg.text.startsWith(':::thinking')) {
         msg.text = msg.text.replace(/:::thinking.*?:::/gs, '').trim();
+      } else if (msg.content != null) {
+        msg.text = parseTextParts(msg.content, true);
+        delete msg.content;
       }
 
       return msg;
@@ -1158,10 +1178,6 @@ ${convo}
         opts.httpAgent = new HttpsProxyAgent(this.options.proxy);
       }
 
-      if (this.isVisionModel) {
-        modelOptions.max_tokens = 4000;
-      }
-
       /** @type {TAzureConfig | undefined} */
       const azureConfig = this.options?.req?.app?.locals?.[EModelEndpoint.azureOpenAI];
 
@@ -1224,6 +1240,9 @@ ${convo}
         modelOptions.max_completion_tokens = modelOptions.max_tokens;
         delete modelOptions.max_tokens;
       }
+      if (this.isOmni === true && modelOptions.temperature != null) {
+        delete modelOptions.temperature;
+      }
 
       if (process.env.OPENAI_ORGANIZATION) {
         opts.organization = process.env.OPENAI_ORGANIZATION;
@@ -1232,7 +1251,10 @@ ${convo}
       let chatCompletion;
       /** @type {OpenAI} */
       const openai = new OpenAI({
-        fetch: this.fetch,
+        fetch: createFetch({
+          directEndpoint: this.options.directEndpoint,
+          reverseProxyUrl: this.options.reverseProxyUrl,
+        }),
         apiKey: this.apiKey,
         ...opts,
       });
@@ -1262,22 +1284,47 @@ ${convo}
       }
 
       if (this.options.addParams && typeof this.options.addParams === 'object') {
+        const addParams = { ...this.options.addParams };
         modelOptions = {
           ...modelOptions,
-          ...this.options.addParams,
+          ...addParams,
         };
         logger.debug('[OpenAIClient] chatCompletion: added params', {
-          addParams: this.options.addParams,
+          addParams: addParams,
           modelOptions,
         });
       }
 
+      /** Note: OpenAI Web Search models do not support any known parameters besdies `max_tokens` */
+      if (modelOptions.model && /gpt-4o.*search/.test(modelOptions.model)) {
+        const searchExcludeParams = [
+          'frequency_penalty',
+          'presence_penalty',
+          'temperature',
+          'top_p',
+          'top_k',
+          'stop',
+          'logit_bias',
+          'seed',
+          'response_format',
+          'n',
+          'logprobs',
+          'user',
+        ];
+
+        this.options.dropParams = this.options.dropParams || [];
+        this.options.dropParams = [
+          ...new Set([...this.options.dropParams, ...searchExcludeParams]),
+        ];
+      }
+
       if (this.options.dropParams && Array.isArray(this.options.dropParams)) {
-        this.options.dropParams.forEach((param) => {
+        const dropParams = [...this.options.dropParams];
+        dropParams.forEach((param) => {
           delete modelOptions[param];
         });
         logger.debug('[OpenAIClient] chatCompletion: dropped params', {
-          dropParams: this.options.dropParams,
+          dropParams: dropParams,
           modelOptions,
         });
       }
@@ -1300,14 +1347,6 @@ ${convo}
       let streamResolve;
 
       if (
-        this.isOmni === true &&
-        (this.azure || /o1(?!-(?:mini|preview)).*$/.test(modelOptions.model)) &&
-        !/o3-.*$/.test(this.modelOptions.model) &&
-        modelOptions.stream
-      ) {
-        delete modelOptions.stream;
-        delete modelOptions.stop;
-      } else if (
         (!this.isOmni || /^o1-(mini|preview)/i.test(modelOptions.model)) &&
         modelOptions.reasoning_effort != null
       ) {
@@ -1327,15 +1366,12 @@ ${convo}
         delete modelOptions.reasoning_effort;
       }
 
+      const handlers = createStreamEventHandlers(this.options.res);
       this.streamHandler = new SplitStreamHandler({
         reasoningKey,
         accumulate: true,
         runId: this.responseMessageId,
-        handlers: {
-          [GraphEvents.ON_RUN_STEP]: (event) => sendEvent(this.options.res, event),
-          [GraphEvents.ON_MESSAGE_DELTA]: (event) => sendEvent(this.options.res, event),
-          [GraphEvents.ON_REASONING_DELTA]: (event) => sendEvent(this.options.res, event),
-        },
+        handlers,
       });
 
       intermediateReply = this.streamHandler.tokens;
@@ -1439,6 +1475,11 @@ ${convo}
           });
       }
 
+      if (openai.abortHandler && abortController.signal) {
+        abortController.signal.removeEventListener('abort', openai.abortHandler);
+        openai.abortHandler = undefined;
+      }
+
       if (!chatCompletion && UnexpectedRoleError) {
         throw new Error(
           'OpenAI error: Invalid final message: OpenAI expects final message to include role=assistant',

api/app/clients/PluginsClient.js

@@ -5,9 +5,8 @@ const { addImages, buildErrorInput, buildPromptPrefix } = require('./output_pars
 const { initializeCustomAgent, initializeFunctionsAgent } = require('./agents');
 const { processFileURL } = require('~/server/services/Files/process');
 const { EModelEndpoint } = require('librechat-data-provider');
+const { checkBalance } = require('~/models/balanceMethods');
 const { formatLangChainMessages } = require('./prompts');
-const checkBalance = require('~/models/checkBalance');
-const { isEnabled } = require('~/server/utils');
 const { extractBaseURL } = require('~/utils');
 const { loadTools } = require('./tools/util');
 const { logger } = require('~/config');
@@ -253,12 +252,14 @@ class PluginsClient extends OpenAIClient {
       await this.recordTokenUsage(responseMessage);
     }
 
-    this.responsePromise = this.saveMessageToDatabase(responseMessage, saveOptions, user);
+    const databasePromise = this.saveMessageToDatabase(responseMessage, saveOptions, user);
     delete responseMessage.tokenCount;
-    return { ...responseMessage, ...result };
+    return { ...responseMessage, ...result, databasePromise };
   }
 
   async sendMessage(message, opts = {}) {
+    /** @type {Promise<TMessage>} */
+    let userMessagePromise;
     /** @type {{ filteredTools: string[], includedTools: string[] }} */
     const { filteredTools = [], includedTools = [] } = this.options.req.app.locals;
 
@@ -328,15 +329,16 @@ class PluginsClient extends OpenAIClient {
     }
 
     if (!this.skipSaveUserMessage) {
-      this.userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
+      userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
       if (typeof opts?.getReqData === 'function') {
         opts.getReqData({
-          userMessagePromise: this.userMessagePromise,
+          userMessagePromise,
         });
       }
     }
 
-    if (isEnabled(process.env.CHECK_BALANCE)) {
+    const balance = this.options.req?.app?.locals?.balance;
+    if (balance?.enabled) {
       await checkBalance({
         req: this.options.req,
         res: this.options.res,

api/app/clients/callbacks/createStartHandler.js

@@ -1,8 +1,8 @@
 const { promptTokensEstimate } = require('openai-chat-tokens');
 const { EModelEndpoint, supportsBalanceCheck } = require('librechat-data-provider');
 const { formatFromLangChain } = require('~/app/clients/prompts');
-const checkBalance = require('~/models/checkBalance');
-const { isEnabled } = require('~/server/utils');
+const { getBalanceConfig } = require('~/server/services/Config');
+const { checkBalance } = require('~/models/balanceMethods');
 const { logger } = require('~/config');
 
 const createStartHandler = ({
@@ -49,8 +49,8 @@ const createStartHandler = ({
     prelimPromptTokens += tokenBuffer;
 
     try {
-      // TODO: if plugins extends to non-OpenAI models, this will need to be updated
-      if (isEnabled(process.env.CHECK_BALANCE) && supportsBalanceCheck[EModelEndpoint.openAI]) {
+      const balance = await getBalanceConfig();
+      if (balance?.enabled && supportsBalanceCheck[EModelEndpoint.openAI]) {
         const generations =
           initialMessageCount && messages.length > initialMessageCount
             ? messages.slice(initialMessageCount)

api/app/clients/generators.js

@@ -0,0 +1,71 @@
+const fetch = require('node-fetch');
+const { GraphEvents } = require('@librechat/agents');
+const { logger, sendEvent } = require('~/config');
+const { sleep } = require('~/server/utils');
+
+/**
+ * Makes a function to make HTTP request and logs the process.
+ * @param {Object} params
+ * @param {boolean} [params.directEndpoint] - Whether to use a direct endpoint.
+ * @param {string} [params.reverseProxyUrl] - The reverse proxy URL to use for the request.
+ * @returns {Promise<Response>} - A promise that resolves to the response of the fetch request.
+ */
+function createFetch({ directEndpoint = false, reverseProxyUrl = '' }) {
+  /**
+   * Makes an HTTP request and logs the process.
+   * @param {RequestInfo} url - The URL to make the request to. Can be a string or a Request object.
+   * @param {RequestInit} [init] - Optional init options for the request.
+   * @returns {Promise<Response>} - A promise that resolves to the response of the fetch request.
+   */
+  return async (_url, init) => {
+    let url = _url;
+    if (directEndpoint) {
+      url = reverseProxyUrl;
+    }
+    logger.debug(`Making request to ${url}`);
+    if (typeof Bun !== 'undefined') {
+      return await fetch(url, init);
+    }
+    return await fetch(url, init);
+  };
+}
+
+// Add this at the module level outside the class
+/**
+ * Creates event handlers for stream events that don't capture client references
+ * @param {Object} res - The response object to send events to
+ * @returns {Object} Object containing handler functions
+ */
+function createStreamEventHandlers(res) {
+  return {
+    [GraphEvents.ON_RUN_STEP]: (event) => {
+      if (res) {
+        sendEvent(res, event);
+      }
+    },
+    [GraphEvents.ON_MESSAGE_DELTA]: (event) => {
+      if (res) {
+        sendEvent(res, event);
+      }
+    },
+    [GraphEvents.ON_REASONING_DELTA]: (event) => {
+      if (res) {
+        sendEvent(res, event);
+      }
+    },
+  };
+}
+
+function createHandleLLMNewToken(streamRate) {
+  return async () => {
+    if (streamRate) {
+      await sleep(streamRate);
+    }
+  };
+}
+
+module.exports = {
+  createFetch,
+  createHandleLLMNewToken,
+  createStreamEventHandlers,
+};

api/app/clients/llm/createLLM.js

@@ -34,6 +34,7 @@ function createLLM({
   let credentials = { openAIApiKey };
   let configuration = {
     apiKey: openAIApiKey,
+    ...(configOptions.basePath && { baseURL: configOptions.basePath }),
   };
 
   /**  @type {AzureOptions} */

api/app/clients/prompts/formatMessages.js

@@ -211,7 +211,7 @@ const formatAgentMessages = (payload) => {
       } else if (part.type === ContentTypes.THINK) {
         hasReasoning = true;
         continue;
-      } else if (part.type === ContentTypes.ERROR) {
+      } else if (part.type === ContentTypes.ERROR || part.type === ContentTypes.AGENT_UPDATE) {
         continue;
       } else {
         currentContent.push(part);

api/app/clients/specs/BaseClient.test.js

@@ -32,7 +32,7 @@ jest.mock('~/models', () => ({
 
 const { getConvo, saveConvo } = require('~/models');
 
-jest.mock('@langchain/openai', () => {
+jest.mock('@librechat/agents', () => {
   return {
     ChatOpenAI: jest.fn().mockImplementation(() => {
       return {};
@@ -164,7 +164,7 @@ describe('BaseClient', () => {
     const result = await TestClient.getMessagesWithinTokenLimit({ messages });
 
     expect(result.context).toEqual(expectedContext);
-    expect(result.summaryIndex).toEqual(expectedIndex);
+    expect(result.messagesToRefine.length - 1).toEqual(expectedIndex);
     expect(result.remainingContextTokens).toBe(expectedRemainingContextTokens);
     expect(result.messagesToRefine).toEqual(expectedMessagesToRefine);
   });
@@ -200,7 +200,7 @@ describe('BaseClient', () => {
     const result = await TestClient.getMessagesWithinTokenLimit({ messages });
 
     expect(result.context).toEqual(expectedContext);
-    expect(result.summaryIndex).toEqual(expectedIndex);
+    expect(result.messagesToRefine.length - 1).toEqual(expectedIndex);
     expect(result.remainingContextTokens).toBe(expectedRemainingContextTokens);
     expect(result.messagesToRefine).toEqual(expectedMessagesToRefine);
   });

api/app/clients/specs/OpenAIClient.test.js

@@ -1,9 +1,7 @@
 jest.mock('~/cache/getLogStores');
 require('dotenv').config();
-const OpenAI = require('openai');
-const getLogStores = require('~/cache/getLogStores');
 const { fetchEventSource } = require('@waylaidwanderer/fetch-event-source');
-const { genAzureChatCompletion } = require('~/utils/azureUtils');
+const getLogStores = require('~/cache/getLogStores');
 const OpenAIClient = require('../OpenAIClient');
 jest.mock('meilisearch');
 
@@ -36,19 +34,21 @@ jest.mock('~/models', () => ({
   updateFileUsage: jest.fn(),
 }));
 
-jest.mock('@langchain/openai', () => {
-  return {
-    ChatOpenAI: jest.fn().mockImplementation(() => {
-      return {};
-    }),
-  };
+// Import the actual module but mock specific parts
+const agents = jest.requireActual('@librechat/agents');
+const { CustomOpenAIClient } = agents;
+
+// Also mock ChatOpenAI to prevent real API calls
+agents.ChatOpenAI = jest.fn().mockImplementation(() => {
+  return {};
+});
+agents.AzureChatOpenAI = jest.fn().mockImplementation(() => {
+  return {};
 });
 
-jest.mock('openai');
-
-jest.spyOn(OpenAI, 'constructor').mockImplementation(function (...options) {
-  // We can add additional logic here if needed
-  return new OpenAI(...options);
+// Mock only the CustomOpenAIClient constructor
+jest.spyOn(CustomOpenAIClient, 'constructor').mockImplementation(function (...options) {
+  return new CustomOpenAIClient(...options);
 });
 
 const finalChatCompletion = jest.fn().mockResolvedValue({
@@ -120,7 +120,13 @@ const create = jest.fn().mockResolvedValue({
   ],
 });
 
-OpenAI.mockImplementation(() => ({
+// Mock the implementation of CustomOpenAIClient instances
+jest.spyOn(CustomOpenAIClient.prototype, 'constructor').mockImplementation(function () {
+  return this;
+});
+
+// Create a mock for the CustomOpenAIClient class
+const mockCustomOpenAIClient = jest.fn().mockImplementation(() => ({
   beta: {
     chat: {
       completions: {
@@ -135,11 +141,14 @@ OpenAI.mockImplementation(() => ({
   },
 }));
 
-describe('OpenAIClient', () => {
-  const mockSet = jest.fn();
-  const mockCache = { set: mockSet };
+CustomOpenAIClient.mockImplementation = mockCustomOpenAIClient;
 
+describe('OpenAIClient', () => {
   beforeEach(() => {
+    const mockCache = {
+      get: jest.fn().mockResolvedValue({}),
+      set: jest.fn(),
+    };
     getLogStores.mockReturnValue(mockCache);
   });
   let client;
@@ -558,41 +567,6 @@ describe('OpenAIClient', () => {
       expect(requestBody).toHaveProperty('model');
       expect(requestBody.model).toBe(model);
     });
-
-    it('[Azure OpenAI] should call chatCompletion and OpenAI.stream with correct args', async () => {
-      // Set a default model
-      process.env.AZURE_OPENAI_DEFAULT_MODEL = 'gpt4-turbo';
-
-      const onProgress = jest.fn().mockImplementation(() => ({}));
-      client.azure = defaultAzureOptions;
-      const chatCompletion = jest.spyOn(client, 'chatCompletion');
-      await client.sendMessage('Hi mom!', {
-        replaceOptions: true,
-        ...defaultOptions,
-        modelOptions: { model: 'gpt4-turbo', stream: true },
-        onProgress,
-        azure: defaultAzureOptions,
-      });
-
-      expect(chatCompletion).toHaveBeenCalled();
-      expect(chatCompletion.mock.calls.length).toBe(1);
-
-      const chatCompletionArgs = chatCompletion.mock.calls[0][0];
-      const { payload } = chatCompletionArgs;
-
-      expect(payload[0].role).toBe('user');
-      expect(payload[0].content).toBe('Hi mom!');
-
-      // Azure OpenAI does not use the model property, and will error if it's passed
-      // This check ensures the model property is not present
-      const streamArgs = stream.mock.calls[0][0];
-      expect(streamArgs).not.toHaveProperty('model');
-
-      // Check if the baseURL is correct
-      const constructorArgs = OpenAI.mock.calls[0][0];
-      const expectedURL = genAzureChatCompletion(defaultAzureOptions).split('/chat')[0];
-      expect(constructorArgs.baseURL).toBe(expectedURL);
-    });
   });
 
   describe('checkVisionRequest functionality', () => {

api/app/clients/tools/index.js

@@ -10,6 +10,7 @@ const StructuredACS = require('./structured/AzureAISearch');
 const StructuredSD = require('./structured/StableDiffusion');
 const GoogleSearchAPI = require('./structured/GoogleSearch');
 const TraversaalSearch = require('./structured/TraversaalSearch');
+const createOpenAIImageTools = require('./structured/OpenAIImageTools');
 const TavilySearchResults = require('./structured/TavilySearchResults');
 
 /** @type {Record<string, TPlugin | undefined>} */
@@ -40,4 +41,5 @@ module.exports = {
   StructuredWolfram,
   createYouTubeTools,
   TavilySearchResults,
+  createOpenAIImageTools,
 };

api/app/clients/tools/manifest.json

@@ -44,6 +44,20 @@
       }
     ]
   },
+  {
+    "name": "OpenAI Image Tools",
+    "pluginKey": "image_gen_oai",
+    "toolkit": true,
+    "description": "Image Generation and Editing using OpenAI's latest state-of-the-art models",
+    "icon": "/assets/image_gen_oai.png",
+    "authConfig": [
+      {
+        "authField": "IMAGE_GEN_OAI_API_KEY",
+        "label": "OpenAI Image Tools API Key",
+        "description": "Your OpenAI API Key for Image Generation and Editing"
+      }
+    ]
+  },
   {
     "name": "Wolfram",
     "pluginKey": "wolfram",

api/app/clients/tools/structured/DALLE3.js

@@ -172,7 +172,7 @@ Error Message: ${error.message}`);
         {
           type: ContentTypes.IMAGE_URL,
           image_url: {
-            url: `data:image/jpeg;base64,${base64}`,
+            url: `data:image/png;base64,${base64}`,
           },
         },
       ];

api/app/clients/tools/structured/OpenAIImageTools.js

@@ -0,0 +1,518 @@
+const { z } = require('zod');
+const axios = require('axios');
+const { v4 } = require('uuid');
+const OpenAI = require('openai');
+const FormData = require('form-data');
+const { tool } = require('@langchain/core/tools');
+const { HttpsProxyAgent } = require('https-proxy-agent');
+const { ContentTypes, EImageOutputType } = require('librechat-data-provider');
+const { getStrategyFunctions } = require('~/server/services/Files/strategies');
+const { logAxiosError, extractBaseURL } = require('~/utils');
+const { getFiles } = require('~/models/File');
+const { logger } = require('~/config');
+
+/** Default descriptions for image generation tool  */
+const DEFAULT_IMAGE_GEN_DESCRIPTION = `
+Generates high-quality, original images based solely on text, not using any uploaded reference images.
+
+When to use \`image_gen_oai\`:
+- To create entirely new images from detailed text descriptions that do NOT reference any image files.
+
+When NOT to use \`image_gen_oai\`:
+- If the user has uploaded any images and requests modifications, enhancements, or remixing based on those uploads → use \`image_edit_oai\` instead.
+
+Generated image IDs will be returned in the response, so you can refer to them in future requests made to \`image_edit_oai\`.
+`.trim();
+
+/** Default description for image editing tool  */
+const DEFAULT_IMAGE_EDIT_DESCRIPTION =
+  `Generates high-quality, original images based on text and one or more uploaded/referenced images.
+
+When to use \`image_edit_oai\`:
+- The user wants to modify, extend, or remix one **or more** uploaded images, either:
+  - Previously generated, or in the current request (both to be included in the \`image_ids\` array).
+- Always when the user refers to uploaded images for editing, enhancement, remixing, style transfer, or combining elements.
+- Any current or existing images are to be used as visual guides.
+- If there are any files in the current request, they are more likely than not expected as references for image edit requests.
+
+When NOT to use \`image_edit_oai\`:
+- Brand-new generations that do not rely on an existing image → use \`image_gen_oai\` instead.
+
+Both generated and referenced image IDs will be returned in the response, so you can refer to them in future requests made to \`image_edit_oai\`.
+`.trim();
+
+/** Default prompt descriptions  */
+const DEFAULT_IMAGE_GEN_PROMPT_DESCRIPTION = `Describe the image you want in detail. 
+      Be highly specific—break your idea into layers: 
+      (1) main concept and subject,
+      (2) composition and position,
+      (3) lighting and mood,
+      (4) style, medium, or camera details,
+      (5) important features (age, expression, clothing, etc.),
+      (6) background.
+      Use positive, descriptive language and specify what should be included, not what to avoid. 
+      List number and characteristics of people/objects, and mention style/technical requirements (e.g., "DSLR photo, 85mm lens, golden hour").
+      Do not reference any uploaded images—use for new image creation from text only.`;
+
+const DEFAULT_IMAGE_EDIT_PROMPT_DESCRIPTION = `Describe the changes, enhancements, or new ideas to apply to the uploaded image(s).
+      Be highly specific—break your request into layers: 
+      (1) main concept or transformation,
+      (2) specific edits/replacements or composition guidance,
+      (3) desired style, mood, or technique,
+      (4) features/items to keep, change, or add (such as objects, people, clothing, lighting, etc.).
+      Use positive, descriptive language and clarify what should be included or changed, not what to avoid.
+      Always base this prompt on the most recently uploaded reference images.`;
+
+const displayMessage =
+  'The tool displayed an image. All generated images are already plainly visible, so don\'t repeat the descriptions in detail. Do not list download links as they are available in the UI already. The user may download the images by clicking on them, but do not mention anything about downloading to the user.';
+
+/**
+ * Replaces unwanted characters from the input string
+ * @param {string} inputString - The input string to process
+ * @returns {string} - The processed string
+ */
+function replaceUnwantedChars(inputString) {
+  return inputString
+    .replace(/\r\n|\r|\n/g, ' ')
+    .replace(/"/g, '')
+    .trim();
+}
+
+function returnValue(value) {
+  if (typeof value === 'string') {
+    return [value, {}];
+  } else if (typeof value === 'object') {
+    if (Array.isArray(value)) {
+      return value;
+    }
+    return [displayMessage, value];
+  }
+  return value;
+}
+
+const getImageGenDescription = () => {
+  return process.env.IMAGE_GEN_OAI_DESCRIPTION || DEFAULT_IMAGE_GEN_DESCRIPTION;
+};
+
+const getImageEditDescription = () => {
+  return process.env.IMAGE_EDIT_OAI_DESCRIPTION || DEFAULT_IMAGE_EDIT_DESCRIPTION;
+};
+
+const getImageGenPromptDescription = () => {
+  return process.env.IMAGE_GEN_OAI_PROMPT_DESCRIPTION || DEFAULT_IMAGE_GEN_PROMPT_DESCRIPTION;
+};
+
+const getImageEditPromptDescription = () => {
+  return process.env.IMAGE_EDIT_OAI_PROMPT_DESCRIPTION || DEFAULT_IMAGE_EDIT_PROMPT_DESCRIPTION;
+};
+
+/**
+ * Creates OpenAI Image tools (generation and editing)
+ * @param {Object} fields - Configuration fields
+ * @param {ServerRequest} fields.req - Whether the tool is being used in an agent context
+ * @param {boolean} fields.isAgent - Whether the tool is being used in an agent context
+ * @param {string} fields.IMAGE_GEN_OAI_API_KEY - The OpenAI API key
+ * @param {boolean} [fields.override] - Whether to override the API key check, necessary for app initialization
+ * @param {MongoFile[]} [fields.imageFiles] - The images to be used for editing
+ * @returns {Array} - Array of image tools
+ */
+function createOpenAIImageTools(fields = {}) {
+  /** @type {boolean} Used to initialize the Tool without necessary variables. */
+  const override = fields.override ?? false;
+  /** @type {boolean} */
+  if (!override && !fields.isAgent) {
+    throw new Error('This tool is only available for agents.');
+  }
+  const { req } = fields;
+  const imageOutputType = req?.app.locals.imageOutputType || EImageOutputType.PNG;
+  const appFileStrategy = req?.app.locals.fileStrategy;
+
+  const getApiKey = () => {
+    const apiKey = process.env.IMAGE_GEN_OAI_API_KEY ?? '';
+    if (!apiKey && !override) {
+      throw new Error('Missing IMAGE_GEN_OAI_API_KEY environment variable.');
+    }
+    return apiKey;
+  };
+
+  let apiKey = fields.IMAGE_GEN_OAI_API_KEY ?? getApiKey();
+  const closureConfig = { apiKey };
+
+  let baseURL = 'https://api.openai.com/v1/';
+  if (!override && process.env.IMAGE_GEN_OAI_BASEURL) {
+    baseURL = extractBaseURL(process.env.IMAGE_GEN_OAI_BASEURL);
+    closureConfig.baseURL = baseURL;
+  }
+
+  // Note: Azure may not yet support the latest image generation models
+  if (
+    !override &&
+    process.env.IMAGE_GEN_OAI_AZURE_API_VERSION &&
+    process.env.IMAGE_GEN_OAI_BASEURL
+  ) {
+    baseURL = process.env.IMAGE_GEN_OAI_BASEURL;
+    closureConfig.baseURL = baseURL;
+    closureConfig.defaultQuery = { 'api-version': process.env.IMAGE_GEN_OAI_AZURE_API_VERSION };
+    closureConfig.defaultHeaders = {
+      'api-key': process.env.IMAGE_GEN_OAI_API_KEY,
+      'Content-Type': 'application/json',
+    };
+    closureConfig.apiKey = process.env.IMAGE_GEN_OAI_API_KEY;
+  }
+
+  const imageFiles = fields.imageFiles ?? [];
+
+  /**
+   * Image Generation Tool
+   */
+  const imageGenTool = tool(
+    async (
+      {
+        prompt,
+        background = 'auto',
+        n = 1,
+        output_compression = 100,
+        quality = 'auto',
+        size = 'auto',
+      },
+      runnableConfig,
+    ) => {
+      if (!prompt) {
+        throw new Error('Missing required field: prompt');
+      }
+      const clientConfig = { ...closureConfig };
+      if (process.env.PROXY) {
+        clientConfig.httpAgent = new HttpsProxyAgent(process.env.PROXY);
+      }
+
+      /** @type {OpenAI} */
+      const openai = new OpenAI(clientConfig);
+      let output_format = imageOutputType;
+      if (
+        background === 'transparent' &&
+        output_format !== EImageOutputType.PNG &&
+        output_format !== EImageOutputType.WEBP
+      ) {
+        logger.warn(
+          '[ImageGenOAI] Transparent background requires PNG or WebP format, defaulting to PNG',
+        );
+        output_format = EImageOutputType.PNG;
+      }
+
+      let resp;
+      try {
+        const derivedSignal = runnableConfig?.signal
+          ? AbortSignal.any([runnableConfig.signal])
+          : undefined;
+        resp = await openai.images.generate(
+          {
+            model: 'gpt-image-1',
+            prompt: replaceUnwantedChars(prompt),
+            n: Math.min(Math.max(1, n), 10),
+            background,
+            output_format,
+            output_compression:
+              output_format === EImageOutputType.WEBP || output_format === EImageOutputType.JPEG
+                ? output_compression
+                : undefined,
+            quality,
+            size,
+          },
+          {
+            signal: derivedSignal,
+          },
+        );
+      } catch (error) {
+        const message = '[image_gen_oai] Problem generating the image:';
+        logAxiosError({ error, message });
+        return returnValue(`Something went wrong when trying to generate the image. The OpenAI API may be unavailable:
+Error Message: ${error.message}`);
+      }
+
+      if (!resp) {
+        return returnValue(
+          'Something went wrong when trying to generate the image. The OpenAI API may be unavailable',
+        );
+      }
+
+      // For gpt-image-1, the response contains base64-encoded images
+      // TODO: handle cost in `resp.usage`
+      const base64Image = resp.data[0].b64_json;
+
+      if (!base64Image) {
+        return returnValue(
+          'No image data returned from OpenAI API. There may be a problem with the API or your configuration.',
+        );
+      }
+
+      const content = [
+        {
+          type: ContentTypes.IMAGE_URL,
+          image_url: {
+            url: `data:image/${output_format};base64,${base64Image}`,
+          },
+        },
+      ];
+
+      const file_ids = [v4()];
+      const response = [
+        {
+          type: ContentTypes.TEXT,
+          text: displayMessage + `\n\ngenerated_image_id: "${file_ids[0]}"`,
+        },
+      ];
+      return [response, { content, file_ids }];
+    },
+    {
+      name: 'image_gen_oai',
+      description: getImageGenDescription(),
+      schema: z.object({
+        prompt: z.string().max(32000).describe(getImageGenPromptDescription()),
+        background: z
+          .enum(['transparent', 'opaque', 'auto'])
+          .optional()
+          .describe(
+            'Sets transparency for the background. Must be one of transparent, opaque or auto (default). When transparent, the output format should be png or webp.',
+          ),
+        /*
+        n: z
+          .number()
+          .int()
+          .min(1)
+          .max(10)
+          .optional()
+          .describe('The number of images to generate. Must be between 1 and 10.'),
+        output_compression: z
+          .number()
+          .int()
+          .min(0)
+          .max(100)
+          .optional()
+          .describe('The compression level (0-100%) for webp or jpeg formats. Defaults to 100.'),
+           */
+        quality: z
+          .enum(['auto', 'high', 'medium', 'low'])
+          .optional()
+          .describe('The quality of the image. One of auto (default), high, medium, or low.'),
+        size: z
+          .enum(['auto', '1024x1024', '1536x1024', '1024x1536'])
+          .optional()
+          .describe(
+            'The size of the generated image. One of 1024x1024, 1536x1024 (landscape), 1024x1536 (portrait), or auto (default).',
+          ),
+      }),
+      responseFormat: 'content_and_artifact',
+    },
+  );
+
+  /**
+   * Image Editing Tool
+   */
+  const imageEditTool = tool(
+    async ({ prompt, image_ids, quality = 'auto', size = 'auto' }, runnableConfig) => {
+      if (!prompt) {
+        throw new Error('Missing required field: prompt');
+      }
+
+      const clientConfig = { ...closureConfig };
+      if (process.env.PROXY) {
+        clientConfig.httpAgent = new HttpsProxyAgent(process.env.PROXY);
+      }
+
+      const formData = new FormData();
+      formData.append('model', 'gpt-image-1');
+      formData.append('prompt', replaceUnwantedChars(prompt));
+      // TODO: `mask` support
+      // TODO: more than 1 image support
+      // formData.append('n', n.toString());
+      formData.append('quality', quality);
+      formData.append('size', size);
+
+      /** @type {Record<FileSources, undefined | NodeStreamDownloader<File>>} */
+      const streamMethods = {};
+
+      const requestFilesMap = Object.fromEntries(imageFiles.map((f) => [f.file_id, { ...f }]));
+
+      const orderedFiles = new Array(image_ids.length);
+      const idsToFetch = [];
+      const indexOfMissing = Object.create(null);
+
+      for (let i = 0; i < image_ids.length; i++) {
+        const id = image_ids[i];
+        const file = requestFilesMap[id];
+
+        if (file) {
+          orderedFiles[i] = file;
+        } else {
+          idsToFetch.push(id);
+          indexOfMissing[id] = i;
+        }
+      }
+
+      if (idsToFetch.length) {
+        const fetchedFiles = await getFiles(
+          {
+            user: req.user.id,
+            file_id: { $in: idsToFetch },
+            height: { $exists: true },
+            width: { $exists: true },
+          },
+          {},
+          {},
+        );
+
+        for (const file of fetchedFiles) {
+          requestFilesMap[file.file_id] = file;
+          orderedFiles[indexOfMissing[file.file_id]] = file;
+        }
+      }
+      for (const imageFile of orderedFiles) {
+        if (!imageFile) {
+          continue;
+        }
+        /** @type {NodeStream<File>} */
+        let stream;
+        /** @type {NodeStreamDownloader<File>} */
+        let getDownloadStream;
+        const source = imageFile.source || appFileStrategy;
+        if (!source) {
+          throw new Error('No source found for image file');
+        }
+        if (streamMethods[source]) {
+          getDownloadStream = streamMethods[source];
+        } else {
+          ({ getDownloadStream } = getStrategyFunctions(source));
+          streamMethods[source] = getDownloadStream;
+        }
+        if (!getDownloadStream) {
+          throw new Error(`No download stream method found for source: ${source}`);
+        }
+        stream = await getDownloadStream(req, imageFile.filepath);
+        if (!stream) {
+          throw new Error('Failed to get download stream for image file');
+        }
+        formData.append('image[]', stream, {
+          filename: imageFile.filename,
+          contentType: imageFile.type,
+        });
+      }
+
+      /** @type {import('axios').RawAxiosHeaders} */
+      let headers = {
+        ...formData.getHeaders(),
+      };
+
+      if (process.env.IMAGE_GEN_OAI_AZURE_API_VERSION && process.env.IMAGE_GEN_OAI_BASEURL) {
+        headers['api-key'] = apiKey;
+      } else {
+        headers['Authorization'] = `Bearer ${apiKey}`;
+      }
+
+      try {
+        const derivedSignal = runnableConfig?.signal
+          ? AbortSignal.any([runnableConfig.signal])
+          : undefined;
+
+        /** @type {import('axios').AxiosRequestConfig} */
+        const axiosConfig = {
+          headers,
+          ...clientConfig,
+          signal: derivedSignal,
+          baseURL,
+        };
+
+        if (process.env.IMAGE_GEN_OAI_AZURE_API_VERSION && process.env.IMAGE_GEN_OAI_BASEURL) {
+          axiosConfig.params = {
+            'api-version': process.env.IMAGE_GEN_OAI_AZURE_API_VERSION,
+            ...axiosConfig.params,
+          };
+        }
+        const response = await axios.post('/images/edits', formData, axiosConfig);
+
+        if (!response.data || !response.data.data || !response.data.data.length) {
+          return returnValue(
+            'No image data returned from OpenAI API. There may be a problem with the API or your configuration.',
+          );
+        }
+
+        const base64Image = response.data.data[0].b64_json;
+        if (!base64Image) {
+          return returnValue(
+            'No image data returned from OpenAI API. There may be a problem with the API or your configuration.',
+          );
+        }
+
+        const content = [
+          {
+            type: ContentTypes.IMAGE_URL,
+            image_url: {
+              url: `data:image/${imageOutputType};base64,${base64Image}`,
+            },
+          },
+        ];
+
+        const file_ids = [v4()];
+        const textResponse = [
+          {
+            type: ContentTypes.TEXT,
+            text:
+              displayMessage +
+              `\n\ngenerated_image_id: "${file_ids[0]}"\nreferenced_image_ids: ["${image_ids.join('", "')}"]`,
+          },
+        ];
+        return [textResponse, { content, file_ids }];
+      } catch (error) {
+        const message = '[image_edit_oai] Problem editing the image:';
+        logAxiosError({ error, message });
+        return returnValue(`Something went wrong when trying to edit the image. The OpenAI API may be unavailable:
+Error Message: ${error.message || 'Unknown error'}`);
+      }
+    },
+    {
+      name: 'image_edit_oai',
+      description: getImageEditDescription(),
+      schema: z.object({
+        image_ids: z
+          .array(z.string())
+          .min(1)
+          .describe(
+            `
+IDs (image ID strings) of previously generated or uploaded images that should guide the edit.
+
+Guidelines:
+- If the user's request depends on any prior image(s), copy their image IDs into the \`image_ids\` array (in the same order the user refers to them).  
+- Never invent or hallucinate IDs; only use IDs that are still visible in the conversation context.
+- If no earlier image is relevant, omit the field entirely.
+`.trim(),
+          ),
+        prompt: z.string().max(32000).describe(getImageEditPromptDescription()),
+        /*
+        n: z
+          .number()
+          .int()
+          .min(1)
+          .max(10)
+          .optional()
+          .describe('The number of images to generate. Must be between 1 and 10. Defaults to 1.'),
+        */
+        quality: z
+          .enum(['auto', 'high', 'medium', 'low'])
+          .optional()
+          .describe(
+            'The quality of the image. One of auto (default), high, medium, or low. High/medium/low only supported for gpt-image-1.',
+          ),
+        size: z
+          .enum(['auto', '1024x1024', '1536x1024', '1024x1536', '256x256', '512x512'])
+          .optional()
+          .describe(
+            'The size of the generated images. For gpt-image-1: auto (default), 1024x1024, 1536x1024, 1024x1536. For dall-e-2: 256x256, 512x512, 1024x1024.',
+          ),
+      }),
+      responseFormat: 'content_and_artifact',
+    },
+  );
+
+  return [imageGenTool, imageEditTool];
+}
+
+module.exports = createOpenAIImageTools;

api/app/clients/tools/util/handleTools.js

@@ -1,7 +1,7 @@
-const { Tools, Constants } = require('librechat-data-provider');
 const { SerpAPI } = require('@langchain/community/tools/serpapi');
 const { Calculator } = require('@langchain/community/tools/calculator');
 const { createCodeExecutionTool, EnvVar } = require('@librechat/agents');
+const { Tools, Constants, EToolResources } = require('librechat-data-provider');
 const { getUserPluginAuthValue } = require('~/server/services/PluginService');
 const {
   availableTools,
@@ -18,9 +18,11 @@ const {
   StructuredWolfram,
   createYouTubeTools,
   TavilySearchResults,
+  createOpenAIImageTools,
 } = require('../');
 const { primeFiles: primeCodeFiles } = require('~/server/services/Files/Code/process');
 const { createFileSearchTool, primeFiles: primeSearchFiles } = require('./fileSearch');
+const { loadAuthValues } = require('~/server/services/Tools/credentials');
 const { createMCPTool } = require('~/server/services/MCP');
 const { loadSpecs } = require('./loadSpecs');
 const { logger } = require('~/config');
@@ -90,45 +92,6 @@ const validateTools = async (user, tools = []) => {
   }
 };
 
-const loadAuthValues = async ({ userId, authFields, throwError = true }) => {
-  let authValues = {};
-
-  /**
-   * Finds the first non-empty value for the given authentication field, supporting alternate fields.
-   * @param {string[]} fields Array of strings representing the authentication fields. Supports alternate fields delimited by "||".
-   * @returns {Promise<{ authField: string, authValue: string} | null>} An object containing the authentication field and value, or null if not found.
-   */
-  const findAuthValue = async (fields) => {
-    for (const field of fields) {
-      let value = process.env[field];
-      if (value) {
-        return { authField: field, authValue: value };
-      }
-      try {
-        value = await getUserPluginAuthValue(userId, field, throwError);
-      } catch (err) {
-        if (field === fields[fields.length - 1] && !value) {
-          throw err;
-        }
-      }
-      if (value) {
-        return { authField: field, authValue: value };
-      }
-    }
-    return null;
-  };
-
-  for (let authField of authFields) {
-    const fields = authField.split('||');
-    const result = await findAuthValue(fields);
-    if (result) {
-      authValues[result.authField] = result.authValue;
-    }
-  }
-
-  return authValues;
-};
-
 /** @typedef {typeof import('@langchain/core/tools').Tool} ToolConstructor */
 /** @typedef {import('@langchain/core/tools').Tool} Tool */
 
@@ -161,7 +124,7 @@ const getAuthFields = (toolKey) => {
  *
  * @param {object} object
  * @param {string} object.user
- * @param {Agent} [object.agent]
+ * @param {Pick<Agent, 'id' | 'provider' | 'model'>} [object.agent]
  * @param {string} [object.model]
  * @param {EModelEndpoint} [object.endpoint]
  * @param {LoadToolOptions} [object.options]
@@ -195,7 +158,7 @@ const loadTools = async ({
   };
 
   const customConstructors = {
-    serpapi: async () => {
+    serpapi: async (_toolContextMap) => {
       const authFields = getAuthFields('serpapi');
       let envVar = authFields[0] ?? '';
       let apiKey = process.env[envVar];
@@ -208,11 +171,40 @@ const loadTools = async ({
         gl: 'us',
       });
     },
-    youtube: async () => {
+    youtube: async (_toolContextMap) => {
       const authFields = getAuthFields('youtube');
       const authValues = await loadAuthValues({ userId: user, authFields });
       return createYouTubeTools(authValues);
     },
+    image_gen_oai: async (toolContextMap) => {
+      const authFields = getAuthFields('image_gen_oai');
+      const authValues = await loadAuthValues({ userId: user, authFields });
+      const imageFiles = options.tool_resources?.[EToolResources.image_edit]?.files ?? [];
+      let toolContext = '';
+      for (let i = 0; i < imageFiles.length; i++) {
+        const file = imageFiles[i];
+        if (!file) {
+          continue;
+        }
+        if (i === 0) {
+          toolContext =
+            'Image files provided in this request (their image IDs listed in order of appearance) available for image editing:';
+        }
+        toolContext += `\n\t- ${file.file_id}`;
+        if (i === imageFiles.length - 1) {
+          toolContext += `\n\nInclude any you need in the \`image_ids\` array when calling \`${EToolResources.image_edit}_oai\`. You may also include previously referenced or generated image IDs.`;
+        }
+      }
+      if (toolContext) {
+        toolContextMap.image_edit_oai = toolContext;
+      }
+      return createOpenAIImageTools({
+        ...authValues,
+        isAgent: !!agent,
+        req: options.req,
+        imageFiles,
+      });
+    },
   };
 
   const requestedTools = {};
@@ -238,6 +230,7 @@ const loadTools = async ({
     serpapi: { location: 'Austin,Texas,United States', hl: 'en', gl: 'us' },
   };
 
+  /** @type {Record<string, string>} */
   const toolContextMap = {};
   const remainingTools = [];
   const appTools = options.req?.app?.locals?.availableTools ?? {};
@@ -284,7 +277,7 @@ const loadTools = async ({
     }
 
     if (customConstructors[tool]) {
-      requestedTools[tool] = customConstructors[tool];
+      requestedTools[tool] = async () => customConstructors[tool](toolContextMap);
       continue;
     }
 
@@ -348,7 +341,6 @@ const loadTools = async ({
 
 module.exports = {
   loadToolWithAuth,
-  loadAuthValues,
   validateTools,
   loadTools,
 };

api/app/clients/tools/util/index.js

@@ -1,9 +1,8 @@
-const { validateTools, loadTools, loadAuthValues } = require('./handleTools');
+const { validateTools, loadTools } = require('./handleTools');
 const handleOpenAIErrors = require('./handleOpenAIErrors');
 
 module.exports = {
   handleOpenAIErrors,
-  loadAuthValues,
   validateTools,
   loadTools,
 };

api/cache/clearPendingReq.js

@@ -1,7 +1,8 @@
+const { Time, CacheKeys } = require('librechat-data-provider');
+const { isEnabled } = require('~/server/utils');
 const getLogStores = require('./getLogStores');
-const { isEnabled } = require('../server/utils');
+
 const { USE_REDIS, LIMIT_CONCURRENT_MESSAGES } = process.env ?? {};
-const ttl = 1000 * 60 * 1;
 
 /**
  * Clear or decrement pending requests from the cache.
@@ -28,7 +29,7 @@ const clearPendingReq = async ({ userId, cache: _cache }) => {
     return;
   }
 
-  const namespace = 'pending_req';
+  const namespace = CacheKeys.PENDING_REQ;
   const cache = _cache ?? getLogStores(namespace);
 
   if (!cache) {
@@ -39,7 +40,7 @@ const clearPendingReq = async ({ userId, cache: _cache }) => {
   const currentReq = +((await cache.get(key)) ?? 0);
 
   if (currentReq && currentReq >= 1) {
-    await cache.set(key, currentReq - 1, ttl);
+    await cache.set(key, currentReq - 1, Time.ONE_MINUTE);
   } else {
     await cache.delete(key);
   }

api/cache/getLogStores.js

@@ -1,4 +1,4 @@
-const Keyv = require('keyv');
+const { Keyv } = require('keyv');
 const { CacheKeys, ViolationTypes, Time } = require('librechat-data-provider');
 const { logFile, violationFile } = require('./keyvFiles');
 const { math, isEnabled } = require('~/server/utils');
@@ -19,7 +19,7 @@ const createViolationInstance = (namespace) => {
 // Serve cache from memory so no need to clear it on startup/exit
 const pending_req = isRedisEnabled
   ? new Keyv({ store: keyvRedis })
-  : new Keyv({ namespace: 'pending_req' });
+  : new Keyv({ namespace: CacheKeys.PENDING_REQ });
 
 const config = isRedisEnabled
   ? new Keyv({ store: keyvRedis })
@@ -49,6 +49,10 @@ const genTitle = isRedisEnabled
   ? new Keyv({ store: keyvRedis, ttl: Time.TWO_MINUTES })
   : new Keyv({ namespace: CacheKeys.GEN_TITLE, ttl: Time.TWO_MINUTES });
 
+const s3ExpiryInterval = isRedisEnabled
+  ? new Keyv({ store: keyvRedis, ttl: Time.THIRTY_MINUTES })
+  : new Keyv({ namespace: CacheKeys.S3_EXPIRY_INTERVAL, ttl: Time.THIRTY_MINUTES });
+
 const modelQueries = isEnabled(process.env.USE_REDIS)
   ? new Keyv({ store: keyvRedis })
   : new Keyv({ namespace: CacheKeys.MODEL_QUERIES });
@@ -60,7 +64,7 @@ const abortKeys = isRedisEnabled
 const namespaces = {
   [CacheKeys.ROLES]: roles,
   [CacheKeys.CONFIG_STORE]: config,
-  pending_req,
+  [CacheKeys.PENDING_REQ]: pending_req,
   [ViolationTypes.BAN]: new Keyv({ store: keyvMongo, namespace: CacheKeys.BANS, ttl: duration }),
   [CacheKeys.ENCODED_DOMAINS]: new Keyv({
     store: keyvMongo,
@@ -89,6 +93,7 @@ const namespaces = {
   [CacheKeys.ABORT_KEYS]: abortKeys,
   [CacheKeys.TOKEN_CONFIG]: tokenConfig,
   [CacheKeys.GEN_TITLE]: genTitle,
+  [CacheKeys.S3_EXPIRY_INTERVAL]: s3ExpiryInterval,
   [CacheKeys.MODEL_QUERIES]: modelQueries,
   [CacheKeys.AUDIO_RUNS]: audioRuns,
   [CacheKeys.MESSAGES]: messages,

api/cache/ioredisClient.js

@@ -0,0 +1,92 @@
+const fs = require('fs');
+const Redis = require('ioredis');
+const { isEnabled } = require('~/server/utils');
+const logger = require('~/config/winston');
+
+const { REDIS_URI, USE_REDIS, USE_REDIS_CLUSTER, REDIS_CA, REDIS_MAX_LISTENERS } = process.env;
+
+/** @type {import('ioredis').Redis | import('ioredis').Cluster} */
+let ioredisClient;
+const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 40;
+
+function mapURI(uri) {
+  const regex =
+    /^(?:(?<scheme>\w+):\/\/)?(?:(?<user>[^:@]+)(?::(?<password>[^@]+))?@)?(?<host>[\w.-]+)(?::(?<port>\d{1,5}))?$/;
+  const match = uri.match(regex);
+
+  if (match) {
+    const { scheme, user, password, host, port } = match.groups;
+
+    return {
+      scheme: scheme || 'none',
+      user: user || null,
+      password: password || null,
+      host: host || null,
+      port: port || null,
+    };
+  } else {
+    const parts = uri.split(':');
+    if (parts.length === 2) {
+      return {
+        scheme: 'none',
+        user: null,
+        password: null,
+        host: parts[0],
+        port: parts[1],
+      };
+    }
+
+    return {
+      scheme: 'none',
+      user: null,
+      password: null,
+      host: uri,
+      port: null,
+    };
+  }
+}
+
+if (REDIS_URI && isEnabled(USE_REDIS)) {
+  let redisOptions = null;
+
+  if (REDIS_CA) {
+    const ca = fs.readFileSync(REDIS_CA);
+    redisOptions = { tls: { ca } };
+  }
+
+  if (isEnabled(USE_REDIS_CLUSTER)) {
+    const hosts = REDIS_URI.split(',').map((item) => {
+      var value = mapURI(item);
+
+      return {
+        host: value.host,
+        port: value.port,
+      };
+    });
+    ioredisClient = new Redis.Cluster(hosts, { redisOptions });
+  } else {
+    ioredisClient = new Redis(REDIS_URI, redisOptions);
+  }
+
+  ioredisClient.on('ready', () => {
+    logger.info('IoRedis connection ready');
+  });
+  ioredisClient.on('reconnecting', () => {
+    logger.info('IoRedis connection reconnecting');
+  });
+  ioredisClient.on('end', () => {
+    logger.info('IoRedis connection ended');
+  });
+  ioredisClient.on('close', () => {
+    logger.info('IoRedis connection closed');
+  });
+  ioredisClient.on('error', (err) => logger.error('IoRedis connection error:', err));
+  ioredisClient.setMaxListeners(redis_max_listeners);
+  logger.info(
+    '[Optional] IoRedis initialized for rate limiters. If you have issues, disable Redis or restart the server.',
+  );
+} else {
+  logger.info('[Optional] IoRedis not initialized for rate limiters.');
+}
+
+module.exports = ioredisClient;

api/cache/keyvFiles.js

@@ -1,11 +1,9 @@
 const { KeyvFile } = require('keyv-file');
 
-const logFile = new KeyvFile({ filename: './data/logs.json' });
-const pendingReqFile = new KeyvFile({ filename: './data/pendingReqCache.json' });
-const violationFile = new KeyvFile({ filename: './data/violations.json' });
+const logFile = new KeyvFile({ filename: './data/logs.json' }).setMaxListeners(20);
+const violationFile = new KeyvFile({ filename: './data/violations.json' }).setMaxListeners(20);
 
 module.exports = {
   logFile,
-  pendingReqFile,
   violationFile,
 };

api/cache/keyvMongo.js

@@ -1,9 +1,272 @@
-const KeyvMongo = require('@keyv/mongo');
+// api/cache/keyvMongo.js
+const mongoose = require('mongoose');
+const EventEmitter = require('events');
+const { GridFSBucket } = require('mongodb');
 const { logger } = require('~/config');
 
-const { MONGO_URI } = process.env ?? {};
+const storeMap = new Map();
+
+class KeyvMongoCustom extends EventEmitter {
+  constructor(url, options = {}) {
+    super();
+
+    url = url || {};
+    if (typeof url === 'string') {
+      url = { url };
+    }
+    if (url.uri) {
+      url = { url: url.uri, ...url };
+    }
+
+    this.opts = {
+      url: 'mongodb://127.0.0.1:27017',
+      collection: 'keyv',
+      ...url,
+      ...options,
+    };
+
+    this.ttlSupport = false;
+
+    // Filter valid options
+    const keyvMongoKeys = new Set([
+      'url',
+      'collection',
+      'namespace',
+      'serialize',
+      'deserialize',
+      'uri',
+      'useGridFS',
+      'dialect',
+    ]);
+    this.opts = Object.fromEntries(Object.entries(this.opts).filter(([k]) => keyvMongoKeys.has(k)));
+  }
+
+  // Helper to access the store WITHOUT storing a promise on the instance
+  _getClient() {
+    const storeKey = `${this.opts.collection}:${this.opts.useGridFS ? 'gridfs' : 'collection'}`;
+
+    // If we already have the store initialized, return it directly
+    if (storeMap.has(storeKey)) {
+      return Promise.resolve(storeMap.get(storeKey));
+    }
+
+    // Check mongoose connection state
+    if (mongoose.connection.readyState !== 1) {
+      return Promise.reject(
+        new Error('Mongoose connection not ready. Ensure connectDb() is called first.'),
+      );
+    }
+
+    try {
+      const db = mongoose.connection.db;
+      let client;
+
+      if (this.opts.useGridFS) {
+        const bucket = new GridFSBucket(db, {
+          readPreference: this.opts.readPreference,
+          bucketName: this.opts.collection,
+        });
+        const store = db.collection(`${this.opts.collection}.files`);
+        client = { bucket, store, db };
+      } else {
+        const collection = this.opts.collection || 'keyv';
+        const store = db.collection(collection);
+        client = { store, db };
+      }
+
+      storeMap.set(storeKey, client);
+      return Promise.resolve(client);
+    } catch (error) {
+      this.emit('error', error);
+      return Promise.reject(error);
+    }
+  }
+
+  async get(key) {
+    const client = await this._getClient();
+
+    if (this.opts.useGridFS) {
+      await client.store.updateOne(
+        {
+          filename: key,
+        },
+        {
+          $set: {
+            'metadata.lastAccessed': new Date(),
+          },
+        },
+      );
+
+      const stream = client.bucket.openDownloadStreamByName(key);
+
+      return new Promise((resolve) => {
+        const resp = [];
+        stream.on('error', () => {
+          resolve(undefined);
+        });
+
+        stream.on('end', () => {
+          const data = Buffer.concat(resp).toString('utf8');
+          resolve(data);
+        });
+
+        stream.on('data', (chunk) => {
+          resp.push(chunk);
+        });
+      });
+    }
+
+    const document = await client.store.findOne({ key: { $eq: key } });
+
+    if (!document) {
+      return undefined;
+    }
+
+    return document.value;
+  }
+
+  async getMany(keys) {
+    const client = await this._getClient();
+
+    if (this.opts.useGridFS) {
+      const promises = [];
+      for (const key of keys) {
+        promises.push(this.get(key));
+      }
+
+      const values = await Promise.allSettled(promises);
+      const data = [];
+      for (const value of values) {
+        data.push(value.value);
+      }
+
+      return data;
+    }
+
+    const values = await client.store
+      .find({ key: { $in: keys } })
+      .project({ _id: 0, value: 1, key: 1 })
+      .toArray();
+
+    const results = [...keys];
+    let i = 0;
+    for (const key of keys) {
+      const rowIndex = values.findIndex((row) => row.key === key);
+      results[i] = rowIndex > -1 ? values[rowIndex].value : undefined;
+      i++;
+    }
+
+    return results;
+  }
+
+  async set(key, value, ttl) {
+    const client = await this._getClient();
+    const expiresAt = typeof ttl === 'number' ? new Date(Date.now() + ttl) : null;
+
+    if (this.opts.useGridFS) {
+      const stream = client.bucket.openUploadStream(key, {
+        metadata: {
+          expiresAt,
+          lastAccessed: new Date(),
+        },
+      });
+
+      return new Promise((resolve) => {
+        stream.on('finish', () => {
+          resolve(stream);
+        });
+        stream.end(value);
+      });
+    }
+
+    await client.store.updateOne(
+      { key: { $eq: key } },
+      { $set: { key, value, expiresAt } },
+      { upsert: true },
+    );
+  }
+
+  async delete(key) {
+    if (typeof key !== 'string') {
+      return false;
+    }
+
+    const client = await this._getClient();
+
+    if (this.opts.useGridFS) {
+      try {
+        const bucket = new GridFSBucket(client.db, {
+          bucketName: this.opts.collection,
+        });
+        const files = await bucket.find({ filename: key }).toArray();
+        await client.bucket.delete(files[0]._id);
+        return true;
+      } catch {
+        return false;
+      }
+    }
+
+    const object = await client.store.deleteOne({ key: { $eq: key } });
+    return object.deletedCount > 0;
+  }
+
+  async deleteMany(keys) {
+    const client = await this._getClient();
+
+    if (this.opts.useGridFS) {
+      const bucket = new GridFSBucket(client.db, {
+        bucketName: this.opts.collection,
+      });
+      const files = await bucket.find({ filename: { $in: keys } }).toArray();
+      if (files.length === 0) {
+        return false;
+      }
+
+      await Promise.all(files.map(async (file) => client.bucket.delete(file._id)));
+      return true;
+    }
+
+    const object = await client.store.deleteMany({ key: { $in: keys } });
+    return object.deletedCount > 0;
+  }
+
+  async clear() {
+    const client = await this._getClient();
+
+    if (this.opts.useGridFS) {
+      try {
+        await client.bucket.drop();
+      } catch (error) {
+        // Throw error if not "namespace not found" error
+        if (!(error.code === 26)) {
+          throw error;
+        }
+      }
+    }
+
+    await client.store.deleteMany({
+      key: { $regex: this.namespace ? `^${this.namespace}:*` : '' },
+    });
+  }
+
+  async has(key) {
+    const client = await this._getClient();
+    const filter = { [this.opts.useGridFS ? 'filename' : 'key']: { $eq: key } };
+    const document = await client.store.countDocuments(filter, { limit: 1 });
+    return document !== 0;
+  }
+
+  // No-op disconnect
+  async disconnect() {
+    // This is a no-op since we don't want to close the shared mongoose connection
+    return true;
+  }
+}
+
+const keyvMongo = new KeyvMongoCustom({
+  collection: 'logs',
+});
 
-const keyvMongo = new KeyvMongo(MONGO_URI, { collection: 'logs' });
 keyvMongo.on('error', (err) => logger.error('KeyvMongo connection error:', err));
 
 module.exports = keyvMongo;

api/cache/keyvRedis.js

@@ -1,6 +1,6 @@
 const fs = require('fs');
 const ioredis = require('ioredis');
-const KeyvRedis = require('@keyv/redis');
+const KeyvRedis = require('@keyv/redis').default;
 const { isEnabled } = require('~/server/utils');
 const logger = require('~/config/winston');
 
@@ -9,7 +9,7 @@ const { REDIS_URI, USE_REDIS, USE_REDIS_CLUSTER, REDIS_CA, REDIS_KEY_PREFIX, RED
 
 let keyvRedis;
 const redis_prefix = REDIS_KEY_PREFIX || '';
-const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 10;
+const redis_max_listeners = Number(REDIS_MAX_LISTENERS) || 40;
 
 function mapURI(uri) {
   const regex =
@@ -50,6 +50,7 @@ function mapURI(uri) {
 
 if (REDIS_URI && isEnabled(USE_REDIS)) {
   let redisOptions = null;
+  /** @type {import('@keyv/redis').KeyvRedisOptions} */
   let keyvOpts = {
     useRedisSets: false,
     keyPrefix: redis_prefix,
@@ -74,13 +75,25 @@ if (REDIS_URI && isEnabled(USE_REDIS)) {
   } else {
     keyvRedis = new KeyvRedis(REDIS_URI, keyvOpts);
   }
+  keyvRedis.on('ready', () => {
+    logger.info('KeyvRedis connection ready');
+  });
+  keyvRedis.on('reconnecting', () => {
+    logger.info('KeyvRedis connection reconnecting');
+  });
+  keyvRedis.on('end', () => {
+    logger.info('KeyvRedis connection ended');
+  });
+  keyvRedis.on('close', () => {
+    logger.info('KeyvRedis connection closed');
+  });
   keyvRedis.on('error', (err) => logger.error('KeyvRedis connection error:', err));
   keyvRedis.setMaxListeners(redis_max_listeners);
   logger.info(
-    '[Optional] Redis initialized. Note: Redis support is experimental. If you have issues, disable it. Cache needs to be flushed for values to refresh.',
+    '[Optional] Redis initialized. If you have issues, or seeing older values, disable it or flush cache to refresh values.',
   );
 } else {
-  logger.info('[Optional] Redis not initialized. Note: Redis support is experimental.');
+  logger.info('[Optional] Redis not initialized.');
 }
 
 module.exports = keyvRedis;

api/cache/redis.js

@@ -1,4 +0,0 @@
-const Redis = require('ioredis');
-const { REDIS_URI } = process.env ?? {};
-const redis = new Redis.Cluster(REDIS_URI);
-module.exports = redis;

api/config/index.js

@@ -1,31 +1,35 @@
+const axios = require('axios');
 const { EventSource } = require('eventsource');
 const { Time, CacheKeys } = require('librechat-data-provider');
+const { MCPManager, FlowStateManager } = require('librechat-mcp');
 const logger = require('./winston');
 
 global.EventSource = EventSource;
 
+/** @type {MCPManager} */
 let mcpManager = null;
 let flowManager = null;
 
 /**
- * @returns {Promise<MCPManager>}
+ * @param {string} [userId] - Optional user ID, to avoid disconnecting the current user.
+ * @returns {MCPManager}
  */
-async function getMCPManager() {
+function getMCPManager(userId) {
   if (!mcpManager) {
-    const { MCPManager } = await import('librechat-mcp');
     mcpManager = MCPManager.getInstance(logger);
+  } else {
+    mcpManager.checkIdleConnections(userId);
   }
   return mcpManager;
 }
 
 /**
- * @param {(key: string) => Keyv} getLogStores
- * @returns {Promise<FlowStateManager>}
+ * @param {Keyv} flowsCache
+ * @returns {FlowStateManager}
  */
-async function getFlowStateManager(getLogStores) {
+function getFlowStateManager(flowsCache) {
   if (!flowManager) {
-    const { FlowStateManager } = await import('librechat-mcp');
-    flowManager = new FlowStateManager(getLogStores(CacheKeys.FLOWS), {
+    flowManager = new FlowStateManager(flowsCache, {
       ttl: Time.ONE_MINUTE * 3,
       logger,
     });
@@ -47,9 +51,46 @@ const sendEvent = (res, event) => {
   res.write(`event: message\ndata: ${JSON.stringify(event)}\n\n`);
 };
 
+/**
+ * Creates and configures an Axios instance with optional proxy settings.
+ *
+ * @typedef {import('axios').AxiosInstance} AxiosInstance
+ * @typedef {import('axios').AxiosProxyConfig} AxiosProxyConfig
+ *
+ * @returns {AxiosInstance} A configured Axios instance
+ * @throws {Error} If there's an issue creating the Axios instance or parsing the proxy URL
+ */
+function createAxiosInstance() {
+  const instance = axios.create();
+
+  if (process.env.proxy) {
+    try {
+      const url = new URL(process.env.proxy);
+
+      /** @type {AxiosProxyConfig} */
+      const proxyConfig = {
+        host: url.hostname.replace(/^\[|\]$/g, ''),
+        protocol: url.protocol.replace(':', ''),
+      };
+
+      if (url.port) {
+        proxyConfig.port = parseInt(url.port, 10);
+      }
+
+      instance.defaults.proxy = proxyConfig;
+    } catch (error) {
+      console.error('Error parsing proxy URL:', error);
+      throw new Error(`Invalid proxy URL: ${process.env.proxy}`);
+    }
+  }
+
+  return instance;
+}
+
 module.exports = {
   logger,
   sendEvent,
   getMCPManager,
+  createAxiosInstance,
   getFlowStateManager,
 };

api/config/index.spec.js

@@ -0,0 +1,126 @@
+const axios = require('axios');
+const { createAxiosInstance } = require('./index');
+
+// Mock axios
+jest.mock('axios', () => ({
+  interceptors: {
+    request: { use: jest.fn(), eject: jest.fn() },
+    response: { use: jest.fn(), eject: jest.fn() },
+  },
+  create: jest.fn().mockReturnValue({
+    defaults: {
+      proxy: null,
+    },
+    get: jest.fn().mockResolvedValue({ data: {} }),
+    post: jest.fn().mockResolvedValue({ data: {} }),
+    put: jest.fn().mockResolvedValue({ data: {} }),
+    delete: jest.fn().mockResolvedValue({ data: {} }),
+  }),
+  get: jest.fn().mockResolvedValue({ data: {} }),
+  post: jest.fn().mockResolvedValue({ data: {} }),
+  put: jest.fn().mockResolvedValue({ data: {} }),
+  delete: jest.fn().mockResolvedValue({ data: {} }),
+  reset: jest.fn().mockImplementation(function () {
+    this.get.mockClear();
+    this.post.mockClear();
+    this.put.mockClear();
+    this.delete.mockClear();
+    this.create.mockClear();
+  }),
+}));
+
+describe('createAxiosInstance', () => {
+  const originalEnv = process.env;
+
+  beforeEach(() => {
+    // Reset mocks
+    jest.clearAllMocks();
+    // Create a clean copy of process.env
+    process.env = { ...originalEnv };
+    // Default: no proxy
+    delete process.env.proxy;
+  });
+
+  afterAll(() => {
+    // Restore original process.env
+    process.env = originalEnv;
+  });
+
+  test('creates an axios instance without proxy when no proxy env is set', () => {
+    const instance = createAxiosInstance();
+
+    expect(axios.create).toHaveBeenCalledTimes(1);
+    expect(instance.defaults.proxy).toBeNull();
+  });
+
+  test('configures proxy correctly with hostname and protocol', () => {
+    process.env.proxy = 'http://example.com';
+
+    const instance = createAxiosInstance();
+
+    expect(axios.create).toHaveBeenCalledTimes(1);
+    expect(instance.defaults.proxy).toEqual({
+      host: 'example.com',
+      protocol: 'http',
+    });
+  });
+
+  test('configures proxy correctly with hostname, protocol and port', () => {
+    process.env.proxy = 'https://proxy.example.com:8080';
+
+    const instance = createAxiosInstance();
+
+    expect(axios.create).toHaveBeenCalledTimes(1);
+    expect(instance.defaults.proxy).toEqual({
+      host: 'proxy.example.com',
+      protocol: 'https',
+      port: 8080,
+    });
+  });
+
+  test('handles proxy URLs with authentication', () => {
+    process.env.proxy = 'http://user:pass@proxy.example.com:3128';
+
+    const instance = createAxiosInstance();
+
+    expect(axios.create).toHaveBeenCalledTimes(1);
+    expect(instance.defaults.proxy).toEqual({
+      host: 'proxy.example.com',
+      protocol: 'http',
+      port: 3128,
+      // Note: The current implementation doesn't handle auth - if needed, add this functionality
+    });
+  });
+
+  test('throws error when proxy URL is invalid', () => {
+    process.env.proxy = 'invalid-url';
+
+    expect(() => createAxiosInstance()).toThrow('Invalid proxy URL');
+    expect(axios.create).toHaveBeenCalledTimes(1);
+  });
+
+  // If you want to test the actual URL parsing more thoroughly
+  test('handles edge case proxy URLs correctly', () => {
+    // IPv6 address
+    process.env.proxy = 'http://[::1]:8080';
+
+    let instance = createAxiosInstance();
+
+    expect(instance.defaults.proxy).toEqual({
+      host: '::1',
+      protocol: 'http',
+      port: 8080,
+    });
+
+    // URL with path (which should be ignored for proxy config)
+    process.env.proxy = 'http://proxy.example.com:8080/some/path';
+
+    instance = createAxiosInstance();
+
+    expect(instance.defaults.proxy).toEqual({
+      host: 'proxy.example.com',
+      protocol: 'http',
+      port: 8080,
+    });
+  });
+});

api/config/meiliLogger.js

@@ -4,7 +4,11 @@ require('winston-daily-rotate-file');
 
 const logDir = path.join(__dirname, '..', 'logs');
 
-const { NODE_ENV } = process.env;
+const { NODE_ENV, DEBUG_LOGGING = false } = process.env;
+
+const useDebugLogging =
+  (typeof DEBUG_LOGGING === 'string' && DEBUG_LOGGING?.toLowerCase() === 'true') ||
+  DEBUG_LOGGING === true;
 
 const levels = {
   error: 0,
@@ -36,9 +40,10 @@ const fileFormat = winston.format.combine(
   winston.format.splat(),
 );
 
+const logLevel = useDebugLogging ? 'debug' : 'error';
 const transports = [
   new winston.transports.DailyRotateFile({
-    level: 'debug',
+    level: logLevel,
     filename: `${logDir}/meiliSync-%DATE%.log`,
     datePattern: 'YYYY-MM-DD',
     zippedArchive: true,
@@ -48,14 +53,6 @@ const transports = [
   }),
 ];
 
-// if (NODE_ENV !== 'production') {
-//   transports.push(
-//     new winston.transports.Console({
-//       format: winston.format.combine(winston.format.colorize(), winston.format.simple()),
-//     }),
-//   );
-// }
-
 const consoleFormat = winston.format.combine(
   winston.format.colorize({ all: true }),
   winston.format.timestamp({ format: 'YYYY-MM-DD HH:mm:ss' }),

api/config/winston.js

@@ -5,7 +5,7 @@ const { redactFormat, redactMessage, debugTraverse, jsonTruncateFormat } = requi
 
 const logDir = path.join(__dirname, '..', 'logs');
 
-const { NODE_ENV, DEBUG_LOGGING = true, DEBUG_CONSOLE = false, CONSOLE_JSON = false } = process.env;
+const { NODE_ENV, DEBUG_LOGGING = true, CONSOLE_JSON = false, DEBUG_CONSOLE = false } = process.env;
 
 const useConsoleJson =
   (typeof CONSOLE_JSON === 'string' && CONSOLE_JSON?.toLowerCase() === 'true') ||
@@ -15,6 +15,10 @@ const useDebugConsole =
   (typeof DEBUG_CONSOLE === 'string' && DEBUG_CONSOLE?.toLowerCase() === 'true') ||
   DEBUG_CONSOLE === true;
 
+const useDebugLogging =
+  (typeof DEBUG_LOGGING === 'string' && DEBUG_LOGGING?.toLowerCase() === 'true') ||
+  DEBUG_LOGGING === true;
+
 const levels = {
   error: 0,
   warn: 1,
@@ -57,28 +61,9 @@ const transports = [
     maxFiles: '14d',
     format: fileFormat,
   }),
-  // new winston.transports.DailyRotateFile({
-  //   level: 'info',
-  //   filename: `${logDir}/info-%DATE%.log`,
-  //   datePattern: 'YYYY-MM-DD',
-  //   zippedArchive: true,
-  //   maxSize: '20m',
-  //   maxFiles: '14d',
-  // }),
 ];
 
-// if (NODE_ENV !== 'production') {
-//   transports.push(
-//     new winston.transports.Console({
-//       format: winston.format.combine(winston.format.colorize(), winston.format.simple()),
-//     }),
-//   );
-// }
-
-if (
-  (typeof DEBUG_LOGGING === 'string' && DEBUG_LOGGING?.toLowerCase() === 'true') ||
-  DEBUG_LOGGING === true
-) {
+if (useDebugLogging) {
   transports.push(
     new winston.transports.DailyRotateFile({
       level: 'debug',
@@ -107,10 +92,16 @@ const consoleFormat = winston.format.combine(
   }),
 );
 
+// Determine console log level
+let consoleLogLevel = 'info';
+if (useDebugConsole) {
+  consoleLogLevel = 'debug';
+}
+
 if (useDebugConsole) {
   transports.push(
     new winston.transports.Console({
-      level: 'debug',
+      level: consoleLogLevel,
       format: useConsoleJson
         ? winston.format.combine(fileFormat, jsonTruncateFormat(), winston.format.json())
         : winston.format.combine(fileFormat, debugTraverse),
@@ -119,14 +110,14 @@ if (useDebugConsole) {
 } else if (useConsoleJson) {
   transports.push(
     new winston.transports.Console({
-      level: 'info',
+      level: consoleLogLevel,
       format: winston.format.combine(fileFormat, jsonTruncateFormat(), winston.format.json()),
     }),
   );
 } else {
   transports.push(
     new winston.transports.Console({
-      level: 'info',
+      level: consoleLogLevel,
       format: consoleFormat,
     }),
   );

api/jest.config.js

@@ -5,7 +5,6 @@ module.exports = {
   coverageDirectory: 'coverage',
   setupFiles: [
     './test/jestSetup.js',
-    './test/__mocks__/KeyvMongo.js',
     './test/__mocks__/logger.js',
     './test/__mocks__/fetchEventSource.js',
   ],

api/lib/utils/reduceHits.js

@@ -1,59 +0,0 @@
-const mergeSort = require('./mergeSort');
-const { cleanUpPrimaryKeyValue } = require('./misc');
-
-function reduceMessages(hits) {
-  const counts = {};
-
-  for (const hit of hits) {
-    if (!counts[hit.conversationId]) {
-      counts[hit.conversationId] = 1;
-    } else {
-      counts[hit.conversationId]++;
-    }
-  }
-
-  const result = [];
-
-  for (const [conversationId, count] of Object.entries(counts)) {
-    result.push({
-      conversationId,
-      count,
-    });
-  }
-
-  return mergeSort(result, (a, b) => b.count - a.count);
-}
-
-function reduceHits(hits, titles = []) {
-  const counts = {};
-  const titleMap = {};
-  const convos = [...hits, ...titles];
-
-  for (const convo of convos) {
-    const currentId = cleanUpPrimaryKeyValue(convo.conversationId);
-    if (!counts[currentId]) {
-      counts[currentId] = 1;
-    } else {
-      counts[currentId]++;
-    }
-
-    if (convo.title) {
-      // titleMap[currentId] = convo._formatted.title;
-      titleMap[currentId] = convo.title;
-    }
-  }
-
-  const result = [];
-
-  for (const [conversationId, count] of Object.entries(counts)) {
-    result.push({
-      conversationId,
-      count,
-      title: titleMap[conversationId] ? titleMap[conversationId] : null,
-    });
-  }
-
-  return mergeSort(result, (a, b) => b.count - a.count);
-}
-
-module.exports = { reduceMessages, reduceHits };

api/models/Agent.js

@@ -1,6 +1,8 @@
 const mongoose = require('mongoose');
-const { SystemRoles } = require('librechat-data-provider');
-const { GLOBAL_PROJECT_NAME } = require('librechat-data-provider').Constants;
+const { agentSchema } = require('@librechat/data-schemas');
+const { SystemRoles, Tools } = require('librechat-data-provider');
+const { GLOBAL_PROJECT_NAME, EPHEMERAL_AGENT_ID, mcp_delimiter } =
+  require('librechat-data-provider').Constants;
 const { CONFIG_STORE, STARTUP_CONFIG } = require('librechat-data-provider').CacheKeys;
 const {
   getProjectByName,
@@ -9,7 +11,6 @@ const {
   removeAgentFromAllProjects,
 } = require('./Project');
 const getLogStores = require('~/cache/getLogStores');
-const { agentSchema } = require('@librechat/data-schemas');
 
 const Agent = mongoose.model('agent', agentSchema);
 
@@ -39,13 +40,69 @@ const getAgent = async (searchParameter) => await Agent.findOne(searchParameter)
  * @param {Object} params
  * @param {ServerRequest} params.req
  * @param {string} params.agent_id
+ * @param {string} params.endpoint
+ * @param {import('@librechat/agents').ClientOptions} [params.model_parameters]
+ * @returns {Agent|null} The agent document as a plain object, or null if not found.
+ */
+const loadEphemeralAgent = ({ req, agent_id, endpoint, model_parameters: _m }) => {
+  const { model, ...model_parameters } = _m;
+  /** @type {Record<string, FunctionTool>} */
+  const availableTools = req.app.locals.availableTools;
+  const mcpServers = new Set(req.body.ephemeralAgent?.mcp);
+  /** @type {string[]} */
+  const tools = [];
+  if (req.body.ephemeralAgent?.execute_code === true) {
+    tools.push(Tools.execute_code);
+  }
+
+  if (mcpServers.size > 0) {
+    for (const toolName of Object.keys(availableTools)) {
+      if (!toolName.includes(mcp_delimiter)) {
+        continue;
+      }
+      const mcpServer = toolName.split(mcp_delimiter)?.[1];
+      if (mcpServer && mcpServers.has(mcpServer)) {
+        tools.push(toolName);
+      }
+    }
+  }
+
+  const instructions = req.body.promptPrefix;
+  return {
+    id: agent_id,
+    instructions,
+    provider: endpoint,
+    model_parameters,
+    model,
+    tools,
+  };
+};
+
+/**
+ * Load an agent based on the provided ID
+ *
+ * @param {Object} params
+ * @param {ServerRequest} params.req
+ * @param {string} params.agent_id
+ * @param {string} params.endpoint
+ * @param {import('@librechat/agents').ClientOptions} [params.model_parameters]
  * @returns {Promise<Agent|null>} The agent document as a plain object, or null if not found.
  */
-const loadAgent = async ({ req, agent_id }) => {
+const loadAgent = async ({ req, agent_id, endpoint, model_parameters }) => {
+  if (!agent_id) {
+    return null;
+  }
+  if (agent_id === EPHEMERAL_AGENT_ID) {
+    return loadEphemeralAgent({ req, agent_id, endpoint, model_parameters });
+  }
   const agent = await getAgent({
     id: agent_id,
   });
 
+  if (!agent) {
+    return null;
+  }
+
   if (agent.author.toString() === req.user.id) {
     return agent;
   }
@@ -96,9 +153,11 @@ const updateAgent = async (searchParameter, updateData) => {
  */
 const addAgentResourceFile = async ({ agent_id, tool_resource, file_id }) => {
   const searchParameter = { id: agent_id };
-
+  let agent = await getAgent(searchParameter);
+  if (!agent) {
+    throw new Error('Agent not found for adding resource file');
+  }
   const fileIdsPath = `tool_resources.${tool_resource}.file_ids`;
-
   await Agent.updateOne(
     {
       id: agent_id,
@@ -111,7 +170,12 @@ const addAgentResourceFile = async ({ agent_id, tool_resource, file_id }) => {
     },
   );
 
-  const updateData = { $addToSet: { [fileIdsPath]: file_id } };
+  const updateData = {
+    $addToSet: {
+      tools: tool_resource,
+      [fileIdsPath]: file_id,
+    },
+  };
 
   const updatedAgent = await updateAgent(searchParameter, updateData);
   if (updatedAgent) {
@@ -122,16 +186,17 @@ const addAgentResourceFile = async ({ agent_id, tool_resource, file_id }) => {
 };
 
 /**
- * Removes multiple resource files from an agent in a single update.
+ * Removes multiple resource files from an agent using atomic operations.
  * @param {object} params
  * @param {string} params.agent_id
  * @param {Array<{tool_resource: string, file_id: string}>} params.files
  * @returns {Promise<Agent>} The updated agent.
+ * @throws {Error} If the agent is not found or update fails.
  */
 const removeAgentResourceFiles = async ({ agent_id, files }) => {
   const searchParameter = { id: agent_id };
 
-  // associate each tool resource with the respective file ids array
+  // Group files to remove by resource
   const filesByResource = files.reduce((acc, { tool_resource, file_id }) => {
     if (!acc[tool_resource]) {
       acc[tool_resource] = [];
@@ -140,42 +205,35 @@ const removeAgentResourceFiles = async ({ agent_id, files }) => {
     return acc;
   }, {});
 
-  // build the update aggregation pipeline wich removes file ids from tool resources array
-  // and eventually deletes empty tool resources
-  const updateData = [];
-  Object.entries(filesByResource).forEach(([resource, fileIds]) => {
-    const toolResourcePath = `tool_resources.${resource}`;
-    const fileIdsPath = `${toolResourcePath}.file_ids`;
-
-    // file ids removal stage
-    updateData.push({
-      $set: {
-        [fileIdsPath]: {
-          $filter: {
-            input: `$${fileIdsPath}`,
-            cond: { $not: [{ $in: ['$$this', fileIds] }] },
-          },
-        },
-      },
-    });
-
-    // empty tool resource deletion stage
-    updateData.push({
-      $set: {
-        [toolResourcePath]: {
-          $cond: [{ $eq: [`$${fileIdsPath}`, []] }, '$$REMOVE', `$${toolResourcePath}`],
-        },
-      },
-    });
-  });
-
-  // return the updated agent or throw if no agent matches
-  const updatedAgent = await updateAgent(searchParameter, updateData);
-  if (updatedAgent) {
-    return updatedAgent;
-  } else {
-    throw new Error('Agent not found for removing resource files');
+  // Step 1: Atomically remove file IDs using $pull
+  const pullOps = {};
+  const resourcesToCheck = new Set();
+  for (const [resource, fileIds] of Object.entries(filesByResource)) {
+    const fileIdsPath = `tool_resources.${resource}.file_ids`;
+    pullOps[fileIdsPath] = { $in: fileIds };
+    resourcesToCheck.add(resource);
   }
+
+  const updatePullData = { $pull: pullOps };
+  const agentAfterPull = await Agent.findOneAndUpdate(searchParameter, updatePullData, {
+    new: true,
+  }).lean();
+
+  if (!agentAfterPull) {
+    // Agent might have been deleted concurrently, or never existed.
+    // Check if it existed before trying to throw.
+    const agentExists = await getAgent(searchParameter);
+    if (!agentExists) {
+      throw new Error('Agent not found for removing resource files');
+    }
+    // If it existed but findOneAndUpdate returned null, something else went wrong.
+    throw new Error('Failed to update agent during file removal (pull step)');
+  }
+
+  // Return the agent state directly after the $pull operation.
+  // Skipping the $unset step for now to simplify and test core $pull atomicity.
+  // Empty arrays might remain, but the removal itself should be correct.
+  return agentAfterPull;
 };
 
 /**

api/models/Agent.spec.js

@@ -33,6 +33,50 @@ describe('Agent Resource File Operations', () => {
     return agent;
   };
 
+  test('should add tool_resource to tools if missing', async () => {
+    const agent = await createBasicAgent();
+    const fileId = uuidv4();
+    const toolResource = 'file_search';
+
+    const updatedAgent = await addAgentResourceFile({
+      agent_id: agent.id,
+      tool_resource: toolResource,
+      file_id: fileId,
+    });
+
+    expect(updatedAgent.tools).toContain(toolResource);
+    expect(Array.isArray(updatedAgent.tools)).toBe(true);
+    // Should not duplicate
+    const count = updatedAgent.tools.filter((t) => t === toolResource).length;
+    expect(count).toBe(1);
+  });
+
+  test('should not duplicate tool_resource in tools if already present', async () => {
+    const agent = await createBasicAgent();
+    const fileId1 = uuidv4();
+    const fileId2 = uuidv4();
+    const toolResource = 'file_search';
+
+    // First add
+    await addAgentResourceFile({
+      agent_id: agent.id,
+      tool_resource: toolResource,
+      file_id: fileId1,
+    });
+
+    // Second add (should not duplicate)
+    const updatedAgent = await addAgentResourceFile({
+      agent_id: agent.id,
+      tool_resource: toolResource,
+      file_id: fileId2,
+    });
+
+    expect(updatedAgent.tools).toContain(toolResource);
+    expect(Array.isArray(updatedAgent.tools)).toBe(true);
+    const count = updatedAgent.tools.filter((t) => t === toolResource).length;
+    expect(count).toBe(1);
+  });
+
   test('should handle concurrent file additions', async () => {
     const agent = await createBasicAgent();
     const fileIds = Array.from({ length: 10 }, () => uuidv4());
@@ -157,4 +201,134 @@ describe('Agent Resource File Operations', () => {
       expect(updatedAgent.tool_resources[tool].file_ids).toHaveLength(5);
     });
   });
+
+  test('should handle concurrent duplicate additions', async () => {
+    const agent = await createBasicAgent();
+    const fileId = uuidv4();
+
+    // Concurrent additions of the same file
+    const additionPromises = Array.from({ length: 5 }).map(() =>
+      addAgentResourceFile({
+        agent_id: agent.id,
+        tool_resource: 'test_tool',
+        file_id: fileId,
+      }),
+    );
+
+    await Promise.all(additionPromises);
+
+    const updatedAgent = await Agent.findOne({ id: agent.id });
+    expect(updatedAgent.tool_resources.test_tool.file_ids).toBeDefined();
+    // Should only contain one instance of the fileId
+    expect(updatedAgent.tool_resources.test_tool.file_ids).toHaveLength(1);
+    expect(updatedAgent.tool_resources.test_tool.file_ids[0]).toBe(fileId);
+  });
+
+  test('should handle concurrent add and remove of the same file', async () => {
+    const agent = await createBasicAgent();
+    const fileId = uuidv4();
+
+    // First, ensure the file exists (or test might be trivial if remove runs first)
+    await addAgentResourceFile({
+      agent_id: agent.id,
+      tool_resource: 'test_tool',
+      file_id: fileId,
+    });
+
+    // Concurrent add (which should be ignored) and remove
+    const operations = [
+      addAgentResourceFile({
+        agent_id: agent.id,
+        tool_resource: 'test_tool',
+        file_id: fileId,
+      }),
+      removeAgentResourceFiles({
+        agent_id: agent.id,
+        files: [{ tool_resource: 'test_tool', file_id: fileId }],
+      }),
+    ];
+
+    await Promise.all(operations);
+
+    const updatedAgent = await Agent.findOne({ id: agent.id });
+    // The final state should ideally be that the file is removed,
+    // but the key point is consistency (not duplicated or error state).
+    // Depending on execution order, the file might remain if the add operation's
+    // findOneAndUpdate runs after the remove operation completes.
+    // A more robust check might be that the length is <= 1.
+    // Given the remove uses an update pipeline, it might be more likely to win.
+    // The final state depends on race condition timing (add or remove might "win").
+    // The critical part is that the state is consistent (no duplicates, no errors).
+    // Assert that the fileId is either present exactly once or not present at all.
+    expect(updatedAgent.tool_resources.test_tool.file_ids).toBeDefined();
+    const finalFileIds = updatedAgent.tool_resources.test_tool.file_ids;
+    const count = finalFileIds.filter((id) => id === fileId).length;
+    expect(count).toBeLessThanOrEqual(1); // Should be 0 or 1, never more
+    // Optional: Check overall length is consistent with the count
+    if (count === 0) {
+      expect(finalFileIds).toHaveLength(0);
+    } else {
+      expect(finalFileIds).toHaveLength(1);
+      expect(finalFileIds[0]).toBe(fileId);
+    }
+  });
+
+  test('should handle concurrent duplicate removals', async () => {
+    const agent = await createBasicAgent();
+    const fileId = uuidv4();
+
+    // Add the file first
+    await addAgentResourceFile({
+      agent_id: agent.id,
+      tool_resource: 'test_tool',
+      file_id: fileId,
+    });
+
+    // Concurrent removals of the same file
+    const removalPromises = Array.from({ length: 5 }).map(() =>
+      removeAgentResourceFiles({
+        agent_id: agent.id,
+        files: [{ tool_resource: 'test_tool', file_id: fileId }],
+      }),
+    );
+
+    await Promise.all(removalPromises);
+
+    const updatedAgent = await Agent.findOne({ id: agent.id });
+    // Check if the array is empty or the tool resource itself is removed
+    const fileIds = updatedAgent.tool_resources?.test_tool?.file_ids ?? [];
+    expect(fileIds).toHaveLength(0);
+    expect(fileIds).not.toContain(fileId);
+  });
+
+  test('should handle concurrent removals of different files', async () => {
+    const agent = await createBasicAgent();
+    const fileIds = Array.from({ length: 10 }, () => uuidv4());
+
+    // Add all files first
+    await Promise.all(
+      fileIds.map((fileId) =>
+        addAgentResourceFile({
+          agent_id: agent.id,
+          tool_resource: 'test_tool',
+          file_id: fileId,
+        }),
+      ),
+    );
+
+    // Concurrently remove all files
+    const removalPromises = fileIds.map((fileId) =>
+      removeAgentResourceFiles({
+        agent_id: agent.id,
+        files: [{ tool_resource: 'test_tool', file_id: fileId }],
+      }),
+    );
+
+    await Promise.all(removalPromises);
+
+    const updatedAgent = await Agent.findOne({ id: agent.id });
+    // Check if the array is empty or the tool resource itself is removed
+    const finalFileIds = updatedAgent.tool_resources?.test_tool?.file_ids ?? [];
+    expect(finalFileIds).toHaveLength(0);
+  });
 });

api/models/Balance.js

@@ -1,44 +1,4 @@
 const mongoose = require('mongoose');
 const { balanceSchema } = require('@librechat/data-schemas');
-const { getMultiplier } = require('./tx');
-const { logger } = require('~/config');
-
-balanceSchema.statics.check = async function ({
-  user,
-  model,
-  endpoint,
-  valueKey,
-  tokenType,
-  amount,
-  endpointTokenConfig,
-}) {
-  const multiplier = getMultiplier({ valueKey, tokenType, model, endpoint, endpointTokenConfig });
-  const tokenCost = amount * multiplier;
-  const { tokenCredits: balance } = (await this.findOne({ user }, 'tokenCredits').lean()) ?? {};
-
-  logger.debug('[Balance.check]', {
-    user,
-    model,
-    endpoint,
-    valueKey,
-    tokenType,
-    amount,
-    balance,
-    multiplier,
-    endpointTokenConfig: !!endpointTokenConfig,
-  });
-
-  if (!balance) {
-    return {
-      canSpend: false,
-      balance: 0,
-      tokenCost,
-    };
-  }
-
-  logger.debug('[Balance.check]', { tokenCost });
-
-  return { canSpend: balance >= tokenCost, balance, tokenCost };
-};
 
 module.exports = mongoose.model('Balance', balanceSchema);

api/models/Banner.js

@@ -28,4 +28,4 @@ const getBanner = async (user) => {
   }
 };
 
-module.exports = { getBanner };
+module.exports = { Banner, getBanner };

api/models/Conversation.js

@@ -15,19 +15,6 @@ const searchConversation = async (conversationId) => {
     throw new Error('Error searching conversation');
   }
 };
-/**
- * Searches for a conversation by conversationId and returns associated file ids.
- * @param {string} conversationId - The conversation's ID.
- * @returns {Promise<string[] | null>}
- */
-const getConvoFiles = async (conversationId) => {
-  try {
-    return (await Conversation.findOne({ conversationId }, 'files').lean())?.files ?? [];
-  } catch (error) {
-    logger.error('[getConvoFiles] Error getting conversation files', error);
-    throw new Error('Error getting conversation files');
-  }
-};
 
 /**
  * Retrieves a single conversation for a given user and conversation ID.
@@ -73,6 +60,20 @@ const deleteNullOrEmptyConversations = async () => {
   }
 };
 
+/**
+ * Searches for a conversation by conversationId and returns associated file ids.
+ * @param {string} conversationId - The conversation's ID.
+ * @returns {Promise<string[] | null>}
+ */
+const getConvoFiles = async (conversationId) => {
+  try {
+    return (await Conversation.findOne({ conversationId }, 'files').lean())?.files ?? [];
+  } catch (error) {
+    logger.error('[getConvoFiles] Error getting conversation files', error);
+    throw new Error('Error getting conversation files');
+  }
+};
+
 module.exports = {
   Conversation,
   getConvoFiles,
@@ -87,11 +88,13 @@ module.exports = {
    */
   saveConvo: async (req, { conversationId, newConversationId, ...convo }, metadata) => {
     try {
-      if (metadata && metadata?.context) {
+      if (metadata?.context) {
         logger.debug(`[saveConvo] ${metadata.context}`);
       }
+
       const messages = await getMessages({ conversationId }, '_id');
       const update = { ...convo, messages, user: req.user.id };
+
       if (newConversationId) {
         update.conversationId = newConversationId;
       }
@@ -147,75 +150,102 @@ module.exports = {
       throw new Error('Failed to save conversations in bulk.');
     }
   },
-  getConvosByPage: async (user, pageNumber = 1, pageSize = 25, isArchived = false, tags) => {
-    const query = { user };
+  getConvosByCursor: async (
+    user,
+    { cursor, limit = 25, isArchived = false, tags, search, order = 'desc' } = {},
+  ) => {
+    const filters = [{ user }];
+
     if (isArchived) {
-      query.isArchived = true;
+      filters.push({ isArchived: true });
     } else {
-      query.$or = [{ isArchived: false }, { isArchived: { $exists: false } }];
-    }
-    if (Array.isArray(tags) && tags.length > 0) {
-      query.tags = { $in: tags };
+      filters.push({ $or: [{ isArchived: false }, { isArchived: { $exists: false } }] });
     }
 
-    query.$and = [{ $or: [{ expiredAt: null }, { expiredAt: { $exists: false } }] }];
+    if (Array.isArray(tags) && tags.length > 0) {
+      filters.push({ tags: { $in: tags } });
+    }
+
+    filters.push({ $or: [{ expiredAt: null }, { expiredAt: { $exists: false } }] });
+
+    if (search) {
+      try {
+        const meiliResults = await Conversation.meiliSearch(search);
+        const matchingIds = Array.isArray(meiliResults.hits)
+          ? meiliResults.hits.map((result) => result.conversationId)
+          : [];
+        if (!matchingIds.length) {
+          return { conversations: [], nextCursor: null };
+        }
+        filters.push({ conversationId: { $in: matchingIds } });
+      } catch (error) {
+        logger.error('[getConvosByCursor] Error during meiliSearch', error);
+        return { message: 'Error during meiliSearch' };
+      }
+    }
+
+    if (cursor) {
+      filters.push({ updatedAt: { $lt: new Date(cursor) } });
+    }
+
+    const query = filters.length === 1 ? filters[0] : { $and: filters };
 
     try {
-      const totalConvos = (await Conversation.countDocuments(query)) || 1;
-      const totalPages = Math.ceil(totalConvos / pageSize);
       const convos = await Conversation.find(query)
-        .sort({ updatedAt: -1 })
-        .skip((pageNumber - 1) * pageSize)
-        .limit(pageSize)
+        .select(
+          'conversationId endpoint title createdAt updatedAt user model agent_id assistant_id spec iconURL',
+        )
+        .sort({ updatedAt: order === 'asc' ? 1 : -1 })
+        .limit(limit + 1)
         .lean();
-      return { conversations: convos, pages: totalPages, pageNumber, pageSize };
+
+      let nextCursor = null;
+      if (convos.length > limit) {
+        const lastConvo = convos.pop();
+        nextCursor = lastConvo.updatedAt.toISOString();
+      }
+
+      return { conversations: convos, nextCursor };
     } catch (error) {
-      logger.error('[getConvosByPage] Error getting conversations', error);
+      logger.error('[getConvosByCursor] Error getting conversations', error);
       return { message: 'Error getting conversations' };
     }
   },
-  getConvosQueried: async (user, convoIds, pageNumber = 1, pageSize = 25) => {
+  getConvosQueried: async (user, convoIds, cursor = null, limit = 25) => {
     try {
-      if (!convoIds || convoIds.length === 0) {
-        return { conversations: [], pages: 1, pageNumber, pageSize };
+      if (!convoIds?.length) {
+        return { conversations: [], nextCursor: null, convoMap: {} };
+      }
+
+      const conversationIds = convoIds.map((convo) => convo.conversationId);
+
+      const results = await Conversation.find({
+        user,
+        conversationId: { $in: conversationIds },
+        $or: [{ expiredAt: { $exists: false } }, { expiredAt: null }],
+      }).lean();
+
+      results.sort((a, b) => new Date(b.updatedAt) - new Date(a.updatedAt));
+
+      let filtered = results;
+      if (cursor && cursor !== 'start') {
+        const cursorDate = new Date(cursor);
+        filtered = results.filter((convo) => new Date(convo.updatedAt) < cursorDate);
+      }
+
+      const limited = filtered.slice(0, limit + 1);
+      let nextCursor = null;
+      if (limited.length > limit) {
+        const lastConvo = limited.pop();
+        nextCursor = lastConvo.updatedAt.toISOString();
       }
 
-      const cache = {};
       const convoMap = {};
-      const promises = [];
-
-      convoIds.forEach((convo) =>
-        promises.push(
-          Conversation.findOne({
-            user,
-            conversationId: convo.conversationId,
-            $or: [{ expiredAt: { $exists: false } }, { expiredAt: null }],
-          }).lean(),
-        ),
-      );
-
-      const results = (await Promise.all(promises)).filter(Boolean);
-
-      results.forEach((convo, i) => {
-        const page = Math.floor(i / pageSize) + 1;
-        if (!cache[page]) {
-          cache[page] = [];
-        }
-        cache[page].push(convo);
+      limited.forEach((convo) => {
         convoMap[convo.conversationId] = convo;
       });
 
-      const totalPages = Math.ceil(results.length / pageSize);
-      cache.pages = totalPages;
-      cache.pageSize = pageSize;
-      return {
-        cache,
-        conversations: cache[pageNumber] || [],
-        pages: totalPages || 1,
-        pageNumber,
-        pageSize,
-        convoMap,
-      };
+      return { conversations: limited, nextCursor, convoMap };
     } catch (error) {
       logger.error('[getConvosQueried] Error getting conversations', error);
       return { message: 'Error fetching conversations' };
@@ -256,10 +286,26 @@ module.exports = {
    * logger.error(result); // { n: 5, ok: 1, deletedCount: 5, messages: { n: 10, ok: 1, deletedCount: 10 } }
    */
   deleteConvos: async (user, filter) => {
-    let toRemove = await Conversation.find({ ...filter, user }).select('conversationId');
-    const ids = toRemove.map((instance) => instance.conversationId);
-    let deleteCount = await Conversation.deleteMany({ ...filter, user });
-    deleteCount.messages = await deleteMessages({ conversationId: { $in: ids } });
-    return deleteCount;
+    try {
+      const userFilter = { ...filter, user };
+
+      const conversations = await Conversation.find(userFilter).select('conversationId');
+      const conversationIds = conversations.map((c) => c.conversationId);
+
+      if (!conversationIds.length) {
+        throw new Error('Conversation not found or already deleted.');
+      }
+
+      const deleteConvoResult = await Conversation.deleteMany(userFilter);
+
+      const deleteMessagesResult = await deleteMessages({
+        conversationId: { $in: conversationIds },
+      });
+
+      return { ...deleteConvoResult, messages: deleteMessagesResult };
+    } catch (error) {
+      logger.error('[deleteConvos] Error deleting conversations and messages', error);
+      throw error;
+    }
   },
 };

api/models/File.js

@@ -1,5 +1,7 @@
 const mongoose = require('mongoose');
+const { EToolResources } = require('librechat-data-provider');
 const { fileSchema } = require('@librechat/data-schemas');
+const { logger } = require('~/config');
 
 const File = mongoose.model('File', fileSchema);
 
@@ -7,7 +9,7 @@ const File = mongoose.model('File', fileSchema);
  * Finds a file by its file_id with additional query options.
  * @param {string} file_id - The unique identifier of the file.
  * @param {object} options - Query options for filtering, projection, etc.
- * @returns {Promise<IMongoFile>} A promise that resolves to the file document or null.
+ * @returns {Promise<MongoFile>} A promise that resolves to the file document or null.
  */
 const findFileById = async (file_id, options = {}) => {
   return await File.findOne({ file_id, ...options }).lean();
@@ -17,18 +19,57 @@ const findFileById = async (file_id, options = {}) => {
  * Retrieves files matching a given filter, sorted by the most recently updated.
  * @param {Object} filter - The filter criteria to apply.
  * @param {Object} [_sortOptions] - Optional sort parameters.
- * @returns {Promise<Array<IMongoFile>>} A promise that resolves to an array of file documents.
+ * @param {Object|String} [selectFields={ text: 0 }] - Fields to include/exclude in the query results.
+ *                                                   Default excludes the 'text' field.
+ * @returns {Promise<Array<MongoFile>>} A promise that resolves to an array of file documents.
  */
-const getFiles = async (filter, _sortOptions) => {
+const getFiles = async (filter, _sortOptions, selectFields = { text: 0 }) => {
   const sortOptions = { updatedAt: -1, ..._sortOptions };
-  return await File.find(filter).sort(sortOptions).lean();
+  return await File.find(filter).select(selectFields).sort(sortOptions).lean();
+};
+
+/**
+ * Retrieves tool files (files that are embedded or have a fileIdentifier) from an array of file IDs
+ * @param {string[]} fileIds - Array of file_id strings to search for
+ * @param {Set<EToolResources>} toolResourceSet - Optional filter for tool resources
+ * @returns {Promise<Array<MongoFile>>} Files that match the criteria
+ */
+const getToolFilesByIds = async (fileIds, toolResourceSet) => {
+  if (!fileIds || !fileIds.length) {
+    return [];
+  }
+
+  try {
+    const filter = {
+      file_id: { $in: fileIds },
+    };
+
+    if (toolResourceSet.size) {
+      filter.$or = [];
+    }
+
+    if (toolResourceSet.has(EToolResources.file_search)) {
+      filter.$or.push({ embedded: true });
+    }
+    if (toolResourceSet.has(EToolResources.execute_code)) {
+      filter.$or.push({ 'metadata.fileIdentifier': { $exists: true } });
+    }
+
+    const selectFields = { text: 0 };
+    const sortOptions = { updatedAt: -1 };
+
+    return await getFiles(filter, sortOptions, selectFields);
+  } catch (error) {
+    logger.error('[getToolFilesByIds] Error retrieving tool files:', error);
+    throw new Error('Error retrieving tool files');
+  }
 };
 
 /**
  * Creates a new file with a TTL of 1 hour.
- * @param {IMongoFile} data - The file data to be created, must contain file_id.
+ * @param {MongoFile} data - The file data to be created, must contain file_id.
  * @param {boolean} disableTTL - Whether to disable the TTL.
- * @returns {Promise<IMongoFile>} A promise that resolves to the created file document.
+ * @returns {Promise<MongoFile>} A promise that resolves to the created file document.
  */
 const createFile = async (data, disableTTL) => {
   const fileData = {
@@ -48,8 +89,8 @@ const createFile = async (data, disableTTL) => {
 
 /**
  * Updates a file identified by file_id with new data and removes the TTL.
- * @param {IMongoFile} data - The data to update, must contain file_id.
- * @returns {Promise<IMongoFile>} A promise that resolves to the updated file document.
+ * @param {MongoFile} data - The data to update, must contain file_id.
+ * @returns {Promise<MongoFile>} A promise that resolves to the updated file document.
  */
 const updateFile = async (data) => {
   const { file_id, ...update } = data;
@@ -62,8 +103,8 @@ const updateFile = async (data) => {
 
 /**
  * Increments the usage of a file identified by file_id.
- * @param {IMongoFile} data - The data to update, must contain file_id and the increment value for usage.
- * @returns {Promise<IMongoFile>} A promise that resolves to the updated file document.
+ * @param {MongoFile} data - The data to update, must contain file_id and the increment value for usage.
+ * @returns {Promise<MongoFile>} A promise that resolves to the updated file document.
  */
 const updateFileUsage = async (data) => {
   const { file_id, inc = 1 } = data;
@@ -77,7 +118,7 @@ const updateFileUsage = async (data) => {
 /**
  * Deletes a file identified by file_id.
  * @param {string} file_id - The unique identifier of the file to delete.
- * @returns {Promise<IMongoFile>} A promise that resolves to the deleted file document or null.
+ * @returns {Promise<MongoFile>} A promise that resolves to the deleted file document or null.
  */
 const deleteFile = async (file_id) => {
   return await File.findOneAndDelete({ file_id }).lean();
@@ -86,7 +127,7 @@ const deleteFile = async (file_id) => {
 /**
  * Deletes a file identified by a filter.
  * @param {object} filter - The filter criteria to apply.
- * @returns {Promise<IMongoFile>} A promise that resolves to the deleted file document or null.
+ * @returns {Promise<MongoFile>} A promise that resolves to the deleted file document or null.
  */
 const deleteFileByFilter = async (filter) => {
   return await File.findOneAndDelete(filter).lean();
@@ -105,14 +146,38 @@ const deleteFiles = async (file_ids, user) => {
   return await File.deleteMany(deleteQuery);
 };
 
+/**
+ * Batch updates files with new signed URLs in MongoDB
+ *
+ * @param {MongoFile[]} updates - Array of updates in the format { file_id, filepath }
+ * @returns {Promise<void>}
+ */
+async function batchUpdateFiles(updates) {
+  if (!updates || updates.length === 0) {
+    return;
+  }
+
+  const bulkOperations = updates.map((update) => ({
+    updateOne: {
+      filter: { file_id: update.file_id },
+      update: { $set: { filepath: update.filepath } },
+    },
+  }));
+
+  const result = await File.bulkWrite(bulkOperations);
+  logger.info(`Updated ${result.modifiedCount} files with new S3 URLs`);
+}
+
 module.exports = {
   File,
   findFileById,
   getFiles,
+  getToolFilesByIds,
   createFile,
   updateFile,
   updateFileUsage,
   deleteFile,
   deleteFiles,
   deleteFileByFilter,
+  batchUpdateFiles,
 };

api/models/Message.js

@@ -61,6 +61,14 @@ async function saveMessage(req, params, metadata) {
       update.expiredAt = null;
     }
 
+    if (update.tokenCount != null && isNaN(update.tokenCount)) {
+      logger.warn(
+        `Resetting invalid \`tokenCount\` for message \`${params.messageId}\`: ${update.tokenCount}`,
+      );
+      logger.info(`---\`saveMessage\` context: ${metadata?.context}`);
+      update.tokenCount = 0;
+    }
+
     const message = await Message.findOneAndUpdate(
       { messageId: params.messageId, user: req.user.id },
       update,
@@ -71,7 +79,44 @@ async function saveMessage(req, params, metadata) {
   } catch (err) {
     logger.error('Error saving message:', err);
     logger.info(`---\`saveMessage\` context: ${metadata?.context}`);
-    throw err;
+
+    // Check if this is a duplicate key error (MongoDB error code 11000)
+    if (err.code === 11000 && err.message.includes('duplicate key error')) {
+      // Log the duplicate key error but don't crash the application
+      logger.warn(`Duplicate messageId detected: ${params.messageId}. Continuing execution.`);
+
+      try {
+        // Try to find the existing message with this ID
+        const existingMessage = await Message.findOne({
+          messageId: params.messageId,
+          user: req.user.id,
+        });
+
+        // If we found it, return it
+        if (existingMessage) {
+          return existingMessage.toObject();
+        }
+
+        // If we can't find it (unlikely but possible in race conditions)
+        return {
+          ...params,
+          messageId: params.messageId,
+          user: req.user.id,
+        };
+      } catch (findError) {
+        // If the findOne also fails, log it but don't crash
+        logger.warn(
+          `Could not retrieve existing message with ID ${params.messageId}: ${findError.message}`,
+        );
+        return {
+          ...params,
+          messageId: params.messageId,
+          user: req.user.id,
+        };
+      }
+    }
+
+    throw err; // Re-throw other errors
   }
 }
 

api/models/Role.js

@@ -4,13 +4,8 @@ const {
   SystemRoles,
   roleDefaults,
   PermissionTypes,
+  permissionsSchema,
   removeNullishValues,
-  agentPermissionsSchema,
-  promptPermissionsSchema,
-  runCodePermissionsSchema,
-  bookmarkPermissionsSchema,
-  multiConvoPermissionsSchema,
-  temporaryChatPermissionsSchema,
 } = require('librechat-data-provider');
 const getLogStores = require('~/cache/getLogStores');
 const { roleSchema } = require('@librechat/data-schemas');
@@ -20,15 +15,16 @@ const Role = mongoose.model('Role', roleSchema);
 
 /**
  * Retrieve a role by name and convert the found role document to a plain object.
- * If the role with the given name doesn't exist and the name is a system defined role, create it and return the lean version.
+ * If the role with the given name doesn't exist and the name is a system defined role,
+ * create it and return the lean version.
  *
  * @param {string} roleName - The name of the role to find or create.
  * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
  * @returns {Promise<Object>} A plain object representing the role document.
  */
 const getRoleByName = async function (roleName, fieldsToSelect = null) {
+  const cache = getLogStores(CacheKeys.ROLES);
   try {
-    const cache = getLogStores(CacheKeys.ROLES);
     const cachedRole = await cache.get(roleName);
     if (cachedRole) {
       return cachedRole;
@@ -40,8 +36,7 @@ const getRoleByName = async function (roleName, fieldsToSelect = null) {
     let role = await query.lean().exec();
 
     if (!role && SystemRoles[roleName]) {
-      role = roleDefaults[roleName];
-      role = await new Role(role).save();
+      role = await new Role(roleDefaults[roleName]).save();
       await cache.set(roleName, role);
       return role.toObject();
     }
@@ -60,8 +55,8 @@ const getRoleByName = async function (roleName, fieldsToSelect = null) {
  * @returns {Promise<TRole>} Updated role document.
  */
 const updateRoleByName = async function (roleName, updates) {
+  const cache = getLogStores(CacheKeys.ROLES);
   try {
-    const cache = getLogStores(CacheKeys.ROLES);
     const role = await Role.findOneAndUpdate(
       { name: roleName },
       { $set: updates },
@@ -77,29 +72,20 @@ const updateRoleByName = async function (roleName, updates) {
   }
 };
 
-const permissionSchemas = {
-  [PermissionTypes.AGENTS]: agentPermissionsSchema,
-  [PermissionTypes.PROMPTS]: promptPermissionsSchema,
-  [PermissionTypes.BOOKMARKS]: bookmarkPermissionsSchema,
-  [PermissionTypes.MULTI_CONVO]: multiConvoPermissionsSchema,
-  [PermissionTypes.TEMPORARY_CHAT]: temporaryChatPermissionsSchema,
-  [PermissionTypes.RUN_CODE]: runCodePermissionsSchema,
-};
-
 /**
  * Updates access permissions for a specific role and multiple permission types.
- * @param {SystemRoles} roleName - The role to update.
+ * @param {string} roleName - The role to update.
  * @param {Object.<PermissionTypes, Object.<Permissions, boolean>>} permissionsUpdate - Permissions to update and their values.
  */
 async function updateAccessPermissions(roleName, permissionsUpdate) {
+  // Filter and clean the permission updates based on our schema definition.
   const updates = {};
   for (const [permissionType, permissions] of Object.entries(permissionsUpdate)) {
-    if (permissionSchemas[permissionType]) {
+    if (permissionsSchema.shape && permissionsSchema.shape[permissionType]) {
       updates[permissionType] = removeNullishValues(permissions);
     }
   }
-
-  if (Object.keys(updates).length === 0) {
+  if (!Object.keys(updates).length) {
     return;
   }
 
@@ -109,26 +95,75 @@ async function updateAccessPermissions(roleName, permissionsUpdate) {
       return;
     }
 
-    const updatedPermissions = {};
+    const currentPermissions = role.permissions || {};
+    const updatedPermissions = { ...currentPermissions };
     let hasChanges = false;
 
+    const unsetFields = {};
+    const permissionTypes = Object.keys(permissionsSchema.shape || {});
+    for (const permType of permissionTypes) {
+      if (role[permType] && typeof role[permType] === 'object') {
+        logger.info(
+          `Migrating '${roleName}' role from old schema: found '${permType}' at top level`,
+        );
+
+        updatedPermissions[permType] = {
+          ...updatedPermissions[permType],
+          ...role[permType],
+        };
+
+        unsetFields[permType] = 1;
+        hasChanges = true;
+      }
+    }
+
+    // Process the current updates
     for (const [permissionType, permissions] of Object.entries(updates)) {
-      const currentPermissions = role[permissionType] || {};
-      updatedPermissions[permissionType] = { ...currentPermissions };
+      const currentTypePermissions = currentPermissions[permissionType] || {};
+      updatedPermissions[permissionType] = { ...currentTypePermissions };
 
       for (const [permission, value] of Object.entries(permissions)) {
-        if (currentPermissions[permission] !== value) {
+        if (currentTypePermissions[permission] !== value) {
           updatedPermissions[permissionType][permission] = value;
           hasChanges = true;
           logger.info(
-            `Updating '${roleName}' role ${permissionType} '${permission}' permission from ${currentPermissions[permission]} to: ${value}`,
+            `Updating '${roleName}' role permission '${permissionType}' '${permission}' from ${currentTypePermissions[permission]} to: ${value}`,
           );
         }
       }
     }
 
     if (hasChanges) {
-      await updateRoleByName(roleName, updatedPermissions);
+      const updateObj = { permissions: updatedPermissions };
+
+      if (Object.keys(unsetFields).length > 0) {
+        logger.info(
+          `Unsetting old schema fields for '${roleName}' role: ${Object.keys(unsetFields).join(', ')}`,
+        );
+
+        try {
+          await Role.updateOne(
+            { name: roleName },
+            {
+              $set: updateObj,
+              $unset: unsetFields,
+            },
+          );
+
+          const cache = getLogStores(CacheKeys.ROLES);
+          const updatedRole = await Role.findOne({ name: roleName }).select('-__v').lean().exec();
+          await cache.set(roleName, updatedRole);
+
+          logger.info(`Updated role '${roleName}' and removed old schema fields`);
+        } catch (updateError) {
+          logger.error(`Error during role migration update: ${updateError.message}`);
+          throw updateError;
+        }
+      } else {
+        // Standard update if no migration needed
+        await updateRoleByName(roleName, updateObj);
+      }
+
       logger.info(`Updated '${roleName}' role permissions`);
     } else {
       logger.info(`No changes needed for '${roleName}' role permissions`);
@@ -146,34 +181,111 @@ async function updateAccessPermissions(roleName, permissionsUpdate) {
  * @returns {Promise<void>}
  */
 const initializeRoles = async function () {
-  const defaultRoles = [SystemRoles.ADMIN, SystemRoles.USER];
-
-  for (const roleName of defaultRoles) {
+  for (const roleName of [SystemRoles.ADMIN, SystemRoles.USER]) {
     let role = await Role.findOne({ name: roleName });
+    const defaultPerms = roleDefaults[roleName].permissions;
 
     if (!role) {
-      // Create new role if it doesn't exist
+      // Create new role if it doesn't exist.
       role = new Role(roleDefaults[roleName]);
     } else {
-      // Add missing permission types
-      let isUpdated = false;
-      for (const permType of Object.values(PermissionTypes)) {
-        if (!role[permType]) {
-          role[permType] = roleDefaults[roleName][permType];
-          isUpdated = true;
+      // Ensure role.permissions is defined.
+      role.permissions = role.permissions || {};
+      // For each permission type in defaults, add it if missing.
+      for (const permType of Object.keys(defaultPerms)) {
+        if (role.permissions[permType] == null) {
+          role.permissions[permType] = defaultPerms[permType];
         }
       }
-      if (isUpdated) {
-        await role.save();
-      }
     }
     await role.save();
   }
 };
+
+/**
+ * Migrates roles from old schema to new schema structure.
+ * This can be called directly to fix existing roles.
+ *
+ * @param {string} [roleName] - Optional specific role to migrate. If not provided, migrates all roles.
+ * @returns {Promise<number>} Number of roles migrated.
+ */
+const migrateRoleSchema = async function (roleName) {
+  try {
+    // Get roles to migrate
+    let roles;
+    if (roleName) {
+      const role = await Role.findOne({ name: roleName });
+      roles = role ? [role] : [];
+    } else {
+      roles = await Role.find({});
+    }
+
+    logger.info(`Migrating ${roles.length} roles to new schema structure`);
+    let migratedCount = 0;
+
+    for (const role of roles) {
+      const permissionTypes = Object.keys(permissionsSchema.shape || {});
+      const unsetFields = {};
+      let hasOldSchema = false;
+
+      // Check for old schema fields
+      for (const permType of permissionTypes) {
+        if (role[permType] && typeof role[permType] === 'object') {
+          hasOldSchema = true;
+
+          // Ensure permissions object exists
+          role.permissions = role.permissions || {};
+
+          // Migrate permissions from old location to new
+          role.permissions[permType] = {
+            ...role.permissions[permType],
+            ...role[permType],
+          };
+
+          // Mark field for removal
+          unsetFields[permType] = 1;
+        }
+      }
+
+      if (hasOldSchema) {
+        try {
+          logger.info(`Migrating role '${role.name}' from old schema structure`);
+
+          // Simple update operation
+          await Role.updateOne(
+            { _id: role._id },
+            {
+              $set: { permissions: role.permissions },
+              $unset: unsetFields,
+            },
+          );
+
+          // Refresh cache
+          const cache = getLogStores(CacheKeys.ROLES);
+          const updatedRole = await Role.findById(role._id).lean().exec();
+          await cache.set(role.name, updatedRole);
+
+          migratedCount++;
+          logger.info(`Migrated role '${role.name}'`);
+        } catch (error) {
+          logger.error(`Failed to migrate role '${role.name}': ${error.message}`);
+        }
+      }
+    }
+
+    logger.info(`Migration complete: ${migratedCount} roles migrated`);
+    return migratedCount;
+  } catch (error) {
+    logger.error(`Role schema migration failed: ${error.message}`);
+    throw error;
+  }
+};
+
 module.exports = {
   Role,
   getRoleByName,
   initializeRoles,
   updateRoleByName,
   updateAccessPermissions,
+  migrateRoleSchema,
 };

api/models/Role.spec.js

@@ -2,22 +2,21 @@ const mongoose = require('mongoose');
 const { MongoMemoryServer } = require('mongodb-memory-server');
 const {
   SystemRoles,
-  PermissionTypes,
-  roleDefaults,
   Permissions,
+  roleDefaults,
+  PermissionTypes,
 } = require('librechat-data-provider');
-const { updateAccessPermissions, initializeRoles } = require('~/models/Role');
+const { Role, getRoleByName, updateAccessPermissions, initializeRoles } = require('~/models/Role');
 const getLogStores = require('~/cache/getLogStores');
-const { Role } = require('~/models/Role');
 
 // Mock the cache
-jest.mock('~/cache/getLogStores', () => {
-  return jest.fn().mockReturnValue({
+jest.mock('~/cache/getLogStores', () =>
+  jest.fn().mockReturnValue({
     get: jest.fn(),
     set: jest.fn(),
     del: jest.fn(),
-  });
-});
+  }),
+);
 
 let mongoServer;
 
@@ -41,10 +40,12 @@ describe('updateAccessPermissions', () => {
   it('should update permissions when changes are needed', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: {
+          CREATE: true,
+          USE: true,
+          SHARED_GLOBAL: false,
+        },
       },
     }).save();
 
@@ -56,8 +57,8 @@ describe('updateAccessPermissions', () => {
       },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: true,
       SHARED_GLOBAL: true,
@@ -67,10 +68,12 @@ describe('updateAccessPermissions', () => {
   it('should not update permissions when no changes are needed', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: {
+          CREATE: true,
+          USE: true,
+          SHARED_GLOBAL: false,
+        },
       },
     }).save();
 
@@ -82,8 +85,8 @@ describe('updateAccessPermissions', () => {
       },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: true,
       SHARED_GLOBAL: false,
@@ -92,11 +95,8 @@ describe('updateAccessPermissions', () => {
 
   it('should handle non-existent roles', async () => {
     await updateAccessPermissions('NON_EXISTENT_ROLE', {
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-      },
+      [PermissionTypes.PROMPTS]: { CREATE: true },
     });
-
     const role = await Role.findOne({ name: 'NON_EXISTENT_ROLE' });
     expect(role).toBeNull();
   });
@@ -104,21 +104,21 @@ describe('updateAccessPermissions', () => {
   it('should update only specified permissions', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: {
+          CREATE: true,
+          USE: true,
+          SHARED_GLOBAL: false,
+        },
       },
     }).save();
 
     await updateAccessPermissions(SystemRoles.USER, {
-      [PermissionTypes.PROMPTS]: {
-        SHARED_GLOBAL: true,
-      },
+      [PermissionTypes.PROMPTS]: { SHARED_GLOBAL: true },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: true,
       SHARED_GLOBAL: true,
@@ -128,21 +128,21 @@ describe('updateAccessPermissions', () => {
   it('should handle partial updates', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: {
+          CREATE: true,
+          USE: true,
+          SHARED_GLOBAL: false,
+        },
       },
     }).save();
 
     await updateAccessPermissions(SystemRoles.USER, {
-      [PermissionTypes.PROMPTS]: {
-        USE: false,
-      },
+      [PermissionTypes.PROMPTS]: { USE: false },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: false,
       SHARED_GLOBAL: false,
@@ -152,13 +152,9 @@ describe('updateAccessPermissions', () => {
   it('should update multiple permission types at once', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
-      },
-      [PermissionTypes.BOOKMARKS]: {
-        USE: true,
+      permissions: {
+        [PermissionTypes.PROMPTS]: { CREATE: true, USE: true, SHARED_GLOBAL: false },
+        [PermissionTypes.BOOKMARKS]: { USE: true },
       },
     }).save();
 
@@ -167,24 +163,20 @@ describe('updateAccessPermissions', () => {
       [PermissionTypes.BOOKMARKS]: { USE: false },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: false,
       SHARED_GLOBAL: true,
     });
-    expect(updatedRole[PermissionTypes.BOOKMARKS]).toEqual({
-      USE: false,
-    });
+    expect(updatedRole.permissions[PermissionTypes.BOOKMARKS]).toEqual({ USE: false });
   });
 
   it('should handle updates for a single permission type', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: { CREATE: true, USE: true, SHARED_GLOBAL: false },
       },
     }).save();
 
@@ -192,8 +184,8 @@ describe('updateAccessPermissions', () => {
       [PermissionTypes.PROMPTS]: { USE: false, SHARED_GLOBAL: true },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: false,
       SHARED_GLOBAL: true,
@@ -203,33 +195,25 @@ describe('updateAccessPermissions', () => {
   it('should update MULTI_CONVO permissions', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.MULTI_CONVO]: {
-        USE: false,
+      permissions: {
+        [PermissionTypes.MULTI_CONVO]: { USE: false },
       },
     }).save();
 
     await updateAccessPermissions(SystemRoles.USER, {
-      [PermissionTypes.MULTI_CONVO]: {
-        USE: true,
-      },
+      [PermissionTypes.MULTI_CONVO]: { USE: true },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.MULTI_CONVO]).toEqual({
-      USE: true,
-    });
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.MULTI_CONVO]).toEqual({ USE: true });
   });
 
   it('should update MULTI_CONVO permissions along with other permission types', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        CREATE: true,
-        USE: true,
-        SHARED_GLOBAL: false,
-      },
-      [PermissionTypes.MULTI_CONVO]: {
-        USE: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: { CREATE: true, USE: true, SHARED_GLOBAL: false },
+        [PermissionTypes.MULTI_CONVO]: { USE: false },
       },
     }).save();
 
@@ -238,35 +222,29 @@ describe('updateAccessPermissions', () => {
       [PermissionTypes.MULTI_CONVO]: { USE: true },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.PROMPTS]).toEqual({
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.PROMPTS]).toEqual({
       CREATE: true,
       USE: true,
       SHARED_GLOBAL: true,
     });
-    expect(updatedRole[PermissionTypes.MULTI_CONVO]).toEqual({
-      USE: true,
-    });
+    expect(updatedRole.permissions[PermissionTypes.MULTI_CONVO]).toEqual({ USE: true });
   });
 
   it('should not update MULTI_CONVO permissions when no changes are needed', async () => {
     await new Role({
       name: SystemRoles.USER,
-      [PermissionTypes.MULTI_CONVO]: {
-        USE: true,
+      permissions: {
+        [PermissionTypes.MULTI_CONVO]: { USE: true },
       },
     }).save();
 
     await updateAccessPermissions(SystemRoles.USER, {
-      [PermissionTypes.MULTI_CONVO]: {
-        USE: true,
-      },
+      [PermissionTypes.MULTI_CONVO]: { USE: true },
     });
 
-    const updatedRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-    expect(updatedRole[PermissionTypes.MULTI_CONVO]).toEqual({
-      USE: true,
-    });
+    const updatedRole = await getRoleByName(SystemRoles.USER);
+    expect(updatedRole.permissions[PermissionTypes.MULTI_CONVO]).toEqual({ USE: true });
   });
 });
 
@@ -278,65 +256,69 @@ describe('initializeRoles', () => {
   it('should create default roles if they do not exist', async () => {
     await initializeRoles();
 
-    const adminRole = await Role.findOne({ name: SystemRoles.ADMIN }).lean();
-    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
+    const adminRole = await getRoleByName(SystemRoles.ADMIN);
+    const userRole = await getRoleByName(SystemRoles.USER);
 
     expect(adminRole).toBeTruthy();
     expect(userRole).toBeTruthy();
 
-    // Check if all permission types exist
+    // Check if all permission types exist in the permissions field
     Object.values(PermissionTypes).forEach((permType) => {
-      expect(adminRole[permType]).toBeDefined();
-      expect(userRole[permType]).toBeDefined();
+      expect(adminRole.permissions[permType]).toBeDefined();
+      expect(userRole.permissions[permType]).toBeDefined();
     });
 
-    // Check if permissions match defaults (example for ADMIN role)
-    expect(adminRole[PermissionTypes.PROMPTS].SHARED_GLOBAL).toBe(true);
-    expect(adminRole[PermissionTypes.BOOKMARKS].USE).toBe(true);
-    expect(adminRole[PermissionTypes.AGENTS].CREATE).toBe(true);
+    // Example: Check default values for ADMIN role
+    expect(adminRole.permissions[PermissionTypes.PROMPTS].SHARED_GLOBAL).toBe(true);
+    expect(adminRole.permissions[PermissionTypes.BOOKMARKS].USE).toBe(true);
+    expect(adminRole.permissions[PermissionTypes.AGENTS].CREATE).toBe(true);
   });
 
   it('should not modify existing permissions for existing roles', async () => {
     const customUserRole = {
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: {
-        [Permissions.USE]: false,
-        [Permissions.CREATE]: true,
-        [Permissions.SHARED_GLOBAL]: true,
-      },
-      [PermissionTypes.BOOKMARKS]: {
-        [Permissions.USE]: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: {
+          [Permissions.USE]: false,
+          [Permissions.CREATE]: true,
+          [Permissions.SHARED_GLOBAL]: true,
+        },
+        [PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
       },
     };
 
     await new Role(customUserRole).save();
-
     await initializeRoles();
 
-    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-
-    expect(userRole[PermissionTypes.PROMPTS]).toEqual(customUserRole[PermissionTypes.PROMPTS]);
-    expect(userRole[PermissionTypes.BOOKMARKS]).toEqual(customUserRole[PermissionTypes.BOOKMARKS]);
-    expect(userRole[PermissionTypes.AGENTS]).toBeDefined();
+    const userRole = await getRoleByName(SystemRoles.USER);
+    expect(userRole.permissions[PermissionTypes.PROMPTS]).toEqual(
+      customUserRole.permissions[PermissionTypes.PROMPTS],
+    );
+    expect(userRole.permissions[PermissionTypes.BOOKMARKS]).toEqual(
+      customUserRole.permissions[PermissionTypes.BOOKMARKS],
+    );
+    expect(userRole.permissions[PermissionTypes.AGENTS]).toBeDefined();
   });
 
   it('should add new permission types to existing roles', async () => {
     const partialUserRole = {
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: roleDefaults[SystemRoles.USER][PermissionTypes.PROMPTS],
-      [PermissionTypes.BOOKMARKS]: roleDefaults[SystemRoles.USER][PermissionTypes.BOOKMARKS],
+      permissions: {
+        [PermissionTypes.PROMPTS]:
+          roleDefaults[SystemRoles.USER].permissions[PermissionTypes.PROMPTS],
+        [PermissionTypes.BOOKMARKS]:
+          roleDefaults[SystemRoles.USER].permissions[PermissionTypes.BOOKMARKS],
+      },
     };
 
     await new Role(partialUserRole).save();
-
     await initializeRoles();
 
-    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-
-    expect(userRole[PermissionTypes.AGENTS]).toBeDefined();
-    expect(userRole[PermissionTypes.AGENTS].CREATE).toBeDefined();
-    expect(userRole[PermissionTypes.AGENTS].USE).toBeDefined();
-    expect(userRole[PermissionTypes.AGENTS].SHARED_GLOBAL).toBeDefined();
+    const userRole = await getRoleByName(SystemRoles.USER);
+    expect(userRole.permissions[PermissionTypes.AGENTS]).toBeDefined();
+    expect(userRole.permissions[PermissionTypes.AGENTS].CREATE).toBeDefined();
+    expect(userRole.permissions[PermissionTypes.AGENTS].USE).toBeDefined();
+    expect(userRole.permissions[PermissionTypes.AGENTS].SHARED_GLOBAL).toBeDefined();
   });
 
   it('should handle multiple runs without duplicating or modifying data', async () => {
@@ -349,72 +331,73 @@ describe('initializeRoles', () => {
     expect(adminRoles).toHaveLength(1);
     expect(userRoles).toHaveLength(1);
 
-    const adminRole = adminRoles[0].toObject();
-    const userRole = userRoles[0].toObject();
-
-    // Check if all permission types exist
+    const adminPerms = adminRoles[0].toObject().permissions;
+    const userPerms = userRoles[0].toObject().permissions;
     Object.values(PermissionTypes).forEach((permType) => {
-      expect(adminRole[permType]).toBeDefined();
-      expect(userRole[permType]).toBeDefined();
+      expect(adminPerms[permType]).toBeDefined();
+      expect(userPerms[permType]).toBeDefined();
     });
   });
 
   it('should update roles with missing permission types from roleDefaults', async () => {
     const partialAdminRole = {
       name: SystemRoles.ADMIN,
-      [PermissionTypes.PROMPTS]: {
-        [Permissions.USE]: false,
-        [Permissions.CREATE]: false,
-        [Permissions.SHARED_GLOBAL]: false,
+      permissions: {
+        [PermissionTypes.PROMPTS]: {
+          [Permissions.USE]: false,
+          [Permissions.CREATE]: false,
+          [Permissions.SHARED_GLOBAL]: false,
+        },
+        [PermissionTypes.BOOKMARKS]:
+          roleDefaults[SystemRoles.ADMIN].permissions[PermissionTypes.BOOKMARKS],
       },
-      [PermissionTypes.BOOKMARKS]: roleDefaults[SystemRoles.ADMIN][PermissionTypes.BOOKMARKS],
     };
 
     await new Role(partialAdminRole).save();
-
     await initializeRoles();
 
-    const adminRole = await Role.findOne({ name: SystemRoles.ADMIN }).lean();
-
-    expect(adminRole[PermissionTypes.PROMPTS]).toEqual(partialAdminRole[PermissionTypes.PROMPTS]);
-    expect(adminRole[PermissionTypes.AGENTS]).toBeDefined();
-    expect(adminRole[PermissionTypes.AGENTS].CREATE).toBeDefined();
-    expect(adminRole[PermissionTypes.AGENTS].USE).toBeDefined();
-    expect(adminRole[PermissionTypes.AGENTS].SHARED_GLOBAL).toBeDefined();
+    const adminRole = await getRoleByName(SystemRoles.ADMIN);
+    expect(adminRole.permissions[PermissionTypes.PROMPTS]).toEqual(
+      partialAdminRole.permissions[PermissionTypes.PROMPTS],
+    );
+    expect(adminRole.permissions[PermissionTypes.AGENTS]).toBeDefined();
+    expect(adminRole.permissions[PermissionTypes.AGENTS].CREATE).toBeDefined();
+    expect(adminRole.permissions[PermissionTypes.AGENTS].USE).toBeDefined();
+    expect(adminRole.permissions[PermissionTypes.AGENTS].SHARED_GLOBAL).toBeDefined();
   });
 
   it('should include MULTI_CONVO permissions when creating default roles', async () => {
     await initializeRoles();
 
-    const adminRole = await Role.findOne({ name: SystemRoles.ADMIN }).lean();
-    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
+    const adminRole = await getRoleByName(SystemRoles.ADMIN);
+    const userRole = await getRoleByName(SystemRoles.USER);
 
-    expect(adminRole[PermissionTypes.MULTI_CONVO]).toBeDefined();
-    expect(userRole[PermissionTypes.MULTI_CONVO]).toBeDefined();
-
-    // Check if MULTI_CONVO permissions match defaults
-    expect(adminRole[PermissionTypes.MULTI_CONVO].USE).toBe(
-      roleDefaults[SystemRoles.ADMIN][PermissionTypes.MULTI_CONVO].USE,
+    expect(adminRole.permissions[PermissionTypes.MULTI_CONVO]).toBeDefined();
+    expect(userRole.permissions[PermissionTypes.MULTI_CONVO]).toBeDefined();
+    expect(adminRole.permissions[PermissionTypes.MULTI_CONVO].USE).toBe(
+      roleDefaults[SystemRoles.ADMIN].permissions[PermissionTypes.MULTI_CONVO].USE,
     );
-    expect(userRole[PermissionTypes.MULTI_CONVO].USE).toBe(
-      roleDefaults[SystemRoles.USER][PermissionTypes.MULTI_CONVO].USE,
+    expect(userRole.permissions[PermissionTypes.MULTI_CONVO].USE).toBe(
+      roleDefaults[SystemRoles.USER].permissions[PermissionTypes.MULTI_CONVO].USE,
     );
   });
 
   it('should add MULTI_CONVO permissions to existing roles without them', async () => {
     const partialUserRole = {
       name: SystemRoles.USER,
-      [PermissionTypes.PROMPTS]: roleDefaults[SystemRoles.USER][PermissionTypes.PROMPTS],
-      [PermissionTypes.BOOKMARKS]: roleDefaults[SystemRoles.USER][PermissionTypes.BOOKMARKS],
+      permissions: {
+        [PermissionTypes.PROMPTS]:
+          roleDefaults[SystemRoles.USER].permissions[PermissionTypes.PROMPTS],
+        [PermissionTypes.BOOKMARKS]:
+          roleDefaults[SystemRoles.USER].permissions[PermissionTypes.BOOKMARKS],
+      },
     };
 
     await new Role(partialUserRole).save();
-
     await initializeRoles();
 
-    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
-
-    expect(userRole[PermissionTypes.MULTI_CONVO]).toBeDefined();
-    expect(userRole[PermissionTypes.MULTI_CONVO].USE).toBeDefined();
+    const userRole = await getRoleByName(SystemRoles.USER);
+    expect(userRole.permissions[PermissionTypes.MULTI_CONVO]).toBeDefined();
+    expect(userRole.permissions[PermissionTypes.MULTI_CONVO].USE).toBeDefined();
   });
 });

api/models/Share.js

@@ -52,6 +52,14 @@ function anonymizeMessages(messages, newConvoId) {
     const newMessageId = anonymizeMessageId(message.messageId);
     idMap.set(message.messageId, newMessageId);
 
+    const anonymizedAttachments = message.attachments?.map((attachment) => {
+      return {
+        ...attachment,
+        messageId: newMessageId,
+        conversationId: newConvoId,
+      };
+    });
+
     return {
       ...message,
       messageId: newMessageId,
@@ -61,6 +69,7 @@ function anonymizeMessages(messages, newConvoId) {
       model: message.model?.startsWith('asst_')
         ? anonymizeAssistantId(message.model)
         : message.model,
+      attachments: anonymizedAttachments,
     };
   });
 }

api/models/Transaction.js

@@ -1,11 +1,144 @@
 const mongoose = require('mongoose');
-const { isEnabled } = require('~/server/utils/handleText');
 const { transactionSchema } = require('@librechat/data-schemas');
+const { getBalanceConfig } = require('~/server/services/Config');
 const { getMultiplier, getCacheMultiplier } = require('./tx');
 const { logger } = require('~/config');
 const Balance = require('./Balance');
+
 const cancelRate = 1.15;
 
+/**
+ * Updates a user's token balance based on a transaction using optimistic concurrency control
+ * without schema changes. Compatible with DocumentDB.
+ * @async
+ * @function
+ * @param {Object} params - The function parameters.
+ * @param {string|mongoose.Types.ObjectId} params.user - The user ID.
+ * @param {number} params.incrementValue - The value to increment the balance by (can be negative).
+ * @param {import('mongoose').UpdateQuery<import('@librechat/data-schemas').IBalance>['$set']} [params.setValues] - Optional additional fields to set.
+ * @returns {Promise<Object>} Returns the updated balance document (lean).
+ * @throws {Error} Throws an error if the update fails after multiple retries.
+ */
+const updateBalance = async ({ user, incrementValue, setValues }) => {
+  let maxRetries = 10; // Number of times to retry on conflict
+  let delay = 50; // Initial retry delay in ms
+  let lastError = null;
+
+  for (let attempt = 1; attempt <= maxRetries; attempt++) {
+    let currentBalanceDoc;
+    try {
+      // 1. Read the current document state
+      currentBalanceDoc = await Balance.findOne({ user }).lean();
+      const currentCredits = currentBalanceDoc ? currentBalanceDoc.tokenCredits : 0;
+
+      // 2. Calculate the desired new state
+      const potentialNewCredits = currentCredits + incrementValue;
+      const newCredits = Math.max(0, potentialNewCredits); // Ensure balance doesn't go below zero
+
+      // 3. Prepare the update payload
+      const updatePayload = {
+        $set: {
+          tokenCredits: newCredits,
+          ...(setValues || {}), // Merge other values to set
+        },
+      };
+
+      // 4. Attempt the conditional update or upsert
+      let updatedBalance = null;
+      if (currentBalanceDoc) {
+        // --- Document Exists: Perform Conditional Update ---
+        // Try to update only if the tokenCredits match the value we read (currentCredits)
+        updatedBalance = await Balance.findOneAndUpdate(
+          {
+            user: user,
+            tokenCredits: currentCredits, // Optimistic lock: condition based on the read value
+          },
+          updatePayload,
+          {
+            new: true, // Return the modified document
+            // lean: true, // .lean() is applied after query execution in Mongoose >= 6
+          },
+        ).lean(); // Use lean() for plain JS object
+
+        if (updatedBalance) {
+          // Success! The update was applied based on the expected current state.
+          return updatedBalance;
+        }
+        // If updatedBalance is null, it means tokenCredits changed between read and write (conflict).
+        lastError = new Error(`Concurrency conflict for user ${user} on attempt ${attempt}.`);
+        // Proceed to retry logic below.
+      } else {
+        // --- Document Does Not Exist: Perform Conditional Upsert ---
+        // Try to insert the document, but only if it still doesn't exist.
+        // Using tokenCredits: {$exists: false} helps prevent race conditions where
+        // another process creates the doc between our findOne and findOneAndUpdate.
+        try {
+          updatedBalance = await Balance.findOneAndUpdate(
+            {
+              user: user,
+              // Attempt to match only if the document doesn't exist OR was just created
+              // without tokenCredits (less likely but possible). A simple { user } filter
+              // might also work, relying on the retry for conflicts.
+              // Let's use a simpler filter and rely on retry for races.
+              // tokenCredits: { $exists: false } // This condition might be too strict if doc exists with 0 credits
+            },
+            updatePayload,
+            {
+              upsert: true, // Create if doesn't exist
+              new: true, // Return the created/updated document
+              // setDefaultsOnInsert: true, // Ensure schema defaults are applied on insert
+              // lean: true,
+            },
+          ).lean();
+
+          if (updatedBalance) {
+            // Upsert succeeded (likely created the document)
+            return updatedBalance;
+          }
+          // If null, potentially a rare race condition during upsert. Retry should handle it.
+          lastError = new Error(
+            `Upsert race condition suspected for user ${user} on attempt ${attempt}.`,
+          );
+        } catch (error) {
+          if (error.code === 11000) {
+            // E11000 duplicate key error on index
+            // This means another process created the document *just* before our upsert.
+            // It's a concurrency conflict during creation. We should retry.
+            lastError = error; // Store the error
+            // Proceed to retry logic below.
+          } else {
+            // Different error, rethrow
+            throw error;
+          }
+        }
+      } // End if/else (document exists?)
+    } catch (error) {
+      // Catch errors from findOne or unexpected findOneAndUpdate errors
+      logger.error(`[updateBalance] Error during attempt ${attempt} for user ${user}:`, error);
+      lastError = error; // Store the error
+      // Consider stopping retries for non-transient errors, but for now, we retry.
+    }
+
+    // If we reached here, it means the update failed (conflict or error), wait and retry
+    if (attempt < maxRetries) {
+      const jitter = Math.random() * delay * 0.5; // Add jitter to delay
+      await new Promise((resolve) => setTimeout(resolve, delay + jitter));
+      delay = Math.min(delay * 2, 2000); // Exponential backoff with cap
+    }
+  } // End for loop (retries)
+
+  // If loop finishes without success, throw the last encountered error or a generic one
+  logger.error(
+    `[updateBalance] Failed to update balance for user ${user} after ${maxRetries} attempts.`,
+  );
+  throw (
+    lastError ||
+    new Error(
+      `Failed to update balance for user ${user} after maximum retries due to persistent conflicts.`,
+    )
+  );
+};
+
 /** Method to calculate and set the tokenValue for a transaction */
 transactionSchema.methods.calculateTokenValue = function () {
   if (!this.valueKey || !this.tokenType) {
@@ -21,6 +154,39 @@ transactionSchema.methods.calculateTokenValue = function () {
   }
 };
 
+/**
+ * New static method to create an auto-refill transaction that does NOT trigger a balance update.
+ * @param {object} txData - Transaction data.
+ * @param {string} txData.user - The user ID.
+ * @param {string} txData.tokenType - The type of token.
+ * @param {string} txData.context - The context of the transaction.
+ * @param {number} txData.rawAmount - The raw amount of tokens.
+ * @returns {Promise<object>} - The created transaction.
+ */
+transactionSchema.statics.createAutoRefillTransaction = async function (txData) {
+  if (txData.rawAmount != null && isNaN(txData.rawAmount)) {
+    return;
+  }
+  const transaction = new this(txData);
+  transaction.endpointTokenConfig = txData.endpointTokenConfig;
+  transaction.calculateTokenValue();
+  await transaction.save();
+
+  const balanceResponse = await updateBalance({
+    user: transaction.user,
+    incrementValue: txData.rawAmount,
+    setValues: { lastRefill: new Date() },
+  });
+  const result = {
+    rate: transaction.rate,
+    user: transaction.user.toString(),
+    balance: balanceResponse.tokenCredits,
+  };
+  logger.debug('[Balance.check] Auto-refill performed', result);
+  result.transaction = transaction;
+  return result;
+};
+
 /**
  * Static method to create a transaction and update the balance
  * @param {txData} txData - Transaction data.
@@ -37,27 +203,22 @@ transactionSchema.statics.create = async function (txData) {
 
   await transaction.save();
 
-  if (!isEnabled(process.env.CHECK_BALANCE)) {
+  const balance = await getBalanceConfig();
+  if (!balance?.enabled) {
     return;
   }
 
-  let balance = await Balance.findOne({ user: transaction.user }).lean();
   let incrementValue = transaction.tokenValue;
 
-  if (balance && balance?.tokenCredits + incrementValue < 0) {
-    incrementValue = -balance.tokenCredits;
-  }
-
-  balance = await Balance.findOneAndUpdate(
-    { user: transaction.user },
-    { $inc: { tokenCredits: incrementValue } },
-    { upsert: true, new: true },
-  ).lean();
+  const balanceResponse = await updateBalance({
+    user: transaction.user,
+    incrementValue,
+  });
 
   return {
     rate: transaction.rate,
     user: transaction.user.toString(),
-    balance: balance.tokenCredits,
+    balance: balanceResponse.tokenCredits,
     [transaction.tokenType]: incrementValue,
   };
 };
@@ -78,27 +239,22 @@ transactionSchema.statics.createStructured = async function (txData) {
 
   await transaction.save();
 
-  if (!isEnabled(process.env.CHECK_BALANCE)) {
+  const balance = await getBalanceConfig();
+  if (!balance?.enabled) {
     return;
   }
 
-  let balance = await Balance.findOne({ user: transaction.user }).lean();
   let incrementValue = transaction.tokenValue;
 
-  if (balance && balance?.tokenCredits + incrementValue < 0) {
-    incrementValue = -balance.tokenCredits;
-  }
-
-  balance = await Balance.findOneAndUpdate(
-    { user: transaction.user },
-    { $inc: { tokenCredits: incrementValue } },
-    { upsert: true, new: true },
-  ).lean();
+  const balanceResponse = await updateBalance({
+    user: transaction.user,
+    incrementValue,
+  });
 
   return {
     rate: transaction.rate,
     user: transaction.user.toString(),
-    balance: balance.tokenCredits,
+    balance: balanceResponse.tokenCredits,
     [transaction.tokenType]: incrementValue,
   };
 };

api/models/Transaction.spec.js

@@ -1,9 +1,13 @@
 const mongoose = require('mongoose');
 const { MongoMemoryServer } = require('mongodb-memory-server');
+const { spendTokens, spendStructuredTokens } = require('./spendTokens');
+const { getBalanceConfig } = require('~/server/services/Config');
+const { getMultiplier, getCacheMultiplier } = require('./tx');
 const { Transaction } = require('./Transaction');
 const Balance = require('./Balance');
-const { spendTokens, spendStructuredTokens } = require('./spendTokens');
-const { getMultiplier, getCacheMultiplier } = require('./tx');
+
+// Mock the custom config module so we can control the balance flag.
+jest.mock('~/server/services/Config');
 
 let mongoServer;
 
@@ -20,6 +24,8 @@ afterAll(async () => {
 
 beforeEach(async () => {
   await mongoose.connection.dropDatabase();
+  // Default: enable balance updates in tests.
+  getBalanceConfig.mockResolvedValue({ enabled: true });
 });
 
 describe('Regular Token Spending Tests', () => {
@@ -44,34 +50,22 @@ describe('Regular Token Spending Tests', () => {
     };
 
     // Act
-    process.env.CHECK_BALANCE = 'true';
     await spendTokens(txData, tokenUsage);
 
     // Assert
-    console.log('Initial Balance:', initialBalance);
-
     const updatedBalance = await Balance.findOne({ user: userId });
-    console.log('Updated Balance:', updatedBalance.tokenCredits);
-
     const promptMultiplier = getMultiplier({ model, tokenType: 'prompt' });
     const completionMultiplier = getMultiplier({ model, tokenType: 'completion' });
-
-    const expectedPromptCost = tokenUsage.promptTokens * promptMultiplier;
-    const expectedCompletionCost = tokenUsage.completionTokens * completionMultiplier;
-    const expectedTotalCost = expectedPromptCost + expectedCompletionCost;
+    const expectedTotalCost = 100 * promptMultiplier + 50 * completionMultiplier;
     const expectedBalance = initialBalance - expectedTotalCost;
 
-    expect(updatedBalance.tokenCredits).toBeLessThan(initialBalance);
     expect(updatedBalance.tokenCredits).toBeCloseTo(expectedBalance, 0);
-
-    console.log('Expected Total Cost:', expectedTotalCost);
-    console.log('Actual Balance Decrease:', initialBalance - updatedBalance.tokenCredits);
   });
 
   test('spendTokens should handle zero completion tokens', async () => {
     // Arrange
     const userId = new mongoose.Types.ObjectId();
-    const initialBalance = 10000000; // $10.00
+    const initialBalance = 10000000;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
 
     const model = 'gpt-3.5-turbo';
@@ -89,24 +83,19 @@ describe('Regular Token Spending Tests', () => {
     };
 
     // Act
-    process.env.CHECK_BALANCE = 'true';
     await spendTokens(txData, tokenUsage);
 
     // Assert
     const updatedBalance = await Balance.findOne({ user: userId });
-
     const promptMultiplier = getMultiplier({ model, tokenType: 'prompt' });
-    const expectedCost = tokenUsage.promptTokens * promptMultiplier;
+    const expectedCost = 100 * promptMultiplier;
     expect(updatedBalance.tokenCredits).toBeCloseTo(initialBalance - expectedCost, 0);
-
-    console.log('Initial Balance:', initialBalance);
-    console.log('Updated Balance:', updatedBalance.tokenCredits);
-    console.log('Expected Cost:', expectedCost);
   });
 
   test('spendTokens should handle undefined token counts', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
-    const initialBalance = 10000000; // $10.00
+    const initialBalance = 10000000;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
 
     const model = 'gpt-3.5-turbo';
@@ -120,14 +109,17 @@ describe('Regular Token Spending Tests', () => {
 
     const tokenUsage = {};
 
+    // Act
     const result = await spendTokens(txData, tokenUsage);
 
+    // Assert: No transaction should be created
     expect(result).toBeUndefined();
   });
 
   test('spendTokens should handle only prompt tokens', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
-    const initialBalance = 10000000; // $10.00
+    const initialBalance = 10000000;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
 
     const model = 'gpt-3.5-turbo';
@@ -141,14 +133,44 @@ describe('Regular Token Spending Tests', () => {
 
     const tokenUsage = { promptTokens: 100 };
 
+    // Act
     await spendTokens(txData, tokenUsage);
 
+    // Assert
     const updatedBalance = await Balance.findOne({ user: userId });
-
     const promptMultiplier = getMultiplier({ model, tokenType: 'prompt' });
     const expectedCost = 100 * promptMultiplier;
     expect(updatedBalance.tokenCredits).toBeCloseTo(initialBalance - expectedCost, 0);
   });
+
+  test('spendTokens should not update balance when balance feature is disabled', async () => {
+    // Arrange: Override the config to disable balance updates.
+    getBalanceConfig.mockResolvedValue({ balance: { enabled: false } });
+    const userId = new mongoose.Types.ObjectId();
+    const initialBalance = 10000000;
+    await Balance.create({ user: userId, tokenCredits: initialBalance });
+
+    const model = 'gpt-3.5-turbo';
+    const txData = {
+      user: userId,
+      conversationId: 'test-conversation-id',
+      model,
+      context: 'test',
+      endpointTokenConfig: null,
+    };
+
+    const tokenUsage = {
+      promptTokens: 100,
+      completionTokens: 50,
+    };
+
+    // Act
+    await spendTokens(txData, tokenUsage);
+
+    // Assert: Balance should remain unchanged.
+    const updatedBalance = await Balance.findOne({ user: userId });
+    expect(updatedBalance.tokenCredits).toBe(initialBalance);
+  });
 });
 
 describe('Structured Token Spending Tests', () => {
@@ -164,7 +186,7 @@ describe('Structured Token Spending Tests', () => {
       conversationId: 'c23a18da-706c-470a-ac28-ec87ed065199',
       model,
       context: 'message',
-      endpointTokenConfig: null, // We'll use the default rates
+      endpointTokenConfig: null,
     };
 
     const tokenUsage = {
@@ -176,28 +198,15 @@ describe('Structured Token Spending Tests', () => {
       completionTokens: 5,
     };
 
-    // Get the actual multipliers
     const promptMultiplier = getMultiplier({ model, tokenType: 'prompt' });
     const completionMultiplier = getMultiplier({ model, tokenType: 'completion' });
     const writeMultiplier = getCacheMultiplier({ model, cacheType: 'write' });
     const readMultiplier = getCacheMultiplier({ model, cacheType: 'read' });
 
-    console.log('Multipliers:', {
-      promptMultiplier,
-      completionMultiplier,
-      writeMultiplier,
-      readMultiplier,
-    });
-
     // Act
-    process.env.CHECK_BALANCE = 'true';
     const result = await spendStructuredTokens(txData, tokenUsage);
 
-    // Assert
-    console.log('Initial Balance:', initialBalance);
-    console.log('Updated Balance:', result.completion.balance);
-    console.log('Transaction Result:', result);
-
+    // Calculate expected costs.
     const expectedPromptCost =
       tokenUsage.promptTokens.input * promptMultiplier +
       tokenUsage.promptTokens.write * writeMultiplier +
@@ -206,37 +215,21 @@ describe('Structured Token Spending Tests', () => {
     const expectedTotalCost = expectedPromptCost + expectedCompletionCost;
     const expectedBalance = initialBalance - expectedTotalCost;
 
-    console.log('Expected Cost:', expectedTotalCost);
-    console.log('Expected Balance:', expectedBalance);
-
+    // Assert
     expect(result.completion.balance).toBeLessThan(initialBalance);
-
-    // Allow for a small difference (e.g., 100 token credits, which is $0.0001)
     const allowedDifference = 100;
     expect(Math.abs(result.completion.balance - expectedBalance)).toBeLessThan(allowedDifference);
-
-    // Check if the decrease is approximately as expected
     const balanceDecrease = initialBalance - result.completion.balance;
     expect(balanceDecrease).toBeCloseTo(expectedTotalCost, 0);
 
-    // Check token values
-    const expectedPromptTokenValue = -(
-      tokenUsage.promptTokens.input * promptMultiplier +
-      tokenUsage.promptTokens.write * writeMultiplier +
-      tokenUsage.promptTokens.read * readMultiplier
-    );
-    const expectedCompletionTokenValue = -tokenUsage.completionTokens * completionMultiplier;
-
+    const expectedPromptTokenValue = -expectedPromptCost;
+    const expectedCompletionTokenValue = -expectedCompletionCost;
     expect(result.prompt.prompt).toBeCloseTo(expectedPromptTokenValue, 1);
     expect(result.completion.completion).toBe(expectedCompletionTokenValue);
-
-    console.log('Expected prompt tokenValue:', expectedPromptTokenValue);
-    console.log('Actual prompt tokenValue:', result.prompt.prompt);
-    console.log('Expected completion tokenValue:', expectedCompletionTokenValue);
-    console.log('Actual completion tokenValue:', result.completion.completion);
   });
 
   test('should handle zero completion tokens in structured spending', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
     const initialBalance = 17613154.55;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
@@ -258,15 +251,17 @@ describe('Structured Token Spending Tests', () => {
       completionTokens: 0,
     };
 
-    process.env.CHECK_BALANCE = 'true';
+    // Act
     const result = await spendStructuredTokens(txData, tokenUsage);
 
+    // Assert
     expect(result.prompt).toBeDefined();
     expect(result.completion).toBeUndefined();
     expect(result.prompt.prompt).toBeLessThan(0);
   });
 
   test('should handle only prompt tokens in structured spending', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
     const initialBalance = 17613154.55;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
@@ -287,15 +282,17 @@ describe('Structured Token Spending Tests', () => {
       },
     };
 
-    process.env.CHECK_BALANCE = 'true';
+    // Act
     const result = await spendStructuredTokens(txData, tokenUsage);
 
+    // Assert
     expect(result.prompt).toBeDefined();
     expect(result.completion).toBeUndefined();
     expect(result.prompt.prompt).toBeLessThan(0);
   });
 
   test('should handle undefined token counts in structured spending', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
     const initialBalance = 17613154.55;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
@@ -310,9 +307,10 @@ describe('Structured Token Spending Tests', () => {
 
     const tokenUsage = {};
 
-    process.env.CHECK_BALANCE = 'true';
+    // Act
     const result = await spendStructuredTokens(txData, tokenUsage);
 
+    // Assert
     expect(result).toEqual({
       prompt: undefined,
       completion: undefined,
@@ -320,6 +318,7 @@ describe('Structured Token Spending Tests', () => {
   });
 
   test('should handle incomplete context for completion tokens', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
     const initialBalance = 17613154.55;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
@@ -341,15 +340,18 @@ describe('Structured Token Spending Tests', () => {
       completionTokens: 50,
     };
 
-    process.env.CHECK_BALANCE = 'true';
+    // Act
     const result = await spendStructuredTokens(txData, tokenUsage);
 
-    expect(result.completion.completion).toBeCloseTo(-50 * 15 * 1.15, 0); // Assuming multiplier is 15 and cancelRate is 1.15
+    // Assert:
+    // (Assuming a multiplier for completion of 15 and a cancel rate of 1.15 as noted in the original test.)
+    expect(result.completion.completion).toBeCloseTo(-50 * 15 * 1.15, 0);
   });
 });
 
 describe('NaN Handling Tests', () => {
   test('should skip transaction creation when rawAmount is NaN', async () => {
+    // Arrange
     const userId = new mongoose.Types.ObjectId();
     const initialBalance = 10000000;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
@@ -365,9 +367,11 @@ describe('NaN Handling Tests', () => {
       tokenType: 'prompt',
     };
 
+    // Act
     const result = await Transaction.create(txData);
-    expect(result).toBeUndefined();
 
+    // Assert: No transaction should be created and balance remains unchanged.
+    expect(result).toBeUndefined();
     const balance = await Balance.findOne({ user: userId });
     expect(balance.tokenCredits).toBe(initialBalance);
   });

api/models/balanceMethods.js

@@ -0,0 +1,156 @@
+const { ViolationTypes } = require('librechat-data-provider');
+const { Transaction } = require('./Transaction');
+const { logViolation } = require('~/cache');
+const { getMultiplier } = require('./tx');
+const { logger } = require('~/config');
+const Balance = require('./Balance');
+
+function isInvalidDate(date) {
+  return isNaN(date);
+}
+
+/**
+ * Simple check method that calculates token cost and returns balance info.
+ * The auto-refill logic has been moved to balanceMethods.js to prevent circular dependencies.
+ */
+const checkBalanceRecord = async function ({
+  user,
+  model,
+  endpoint,
+  valueKey,
+  tokenType,
+  amount,
+  endpointTokenConfig,
+}) {
+  const multiplier = getMultiplier({ valueKey, tokenType, model, endpoint, endpointTokenConfig });
+  const tokenCost = amount * multiplier;
+
+  // Retrieve the balance record
+  let record = await Balance.findOne({ user }).lean();
+  if (!record) {
+    logger.debug('[Balance.check] No balance record found for user', { user });
+    return {
+      canSpend: false,
+      balance: 0,
+      tokenCost,
+    };
+  }
+  let balance = record.tokenCredits;
+
+  logger.debug('[Balance.check] Initial state', {
+    user,
+    model,
+    endpoint,
+    valueKey,
+    tokenType,
+    amount,
+    balance,
+    multiplier,
+    endpointTokenConfig: !!endpointTokenConfig,
+  });
+
+  // Only perform auto-refill if spending would bring the balance to 0 or below
+  if (balance - tokenCost <= 0 && record.autoRefillEnabled && record.refillAmount > 0) {
+    const lastRefillDate = new Date(record.lastRefill);
+    const now = new Date();
+    if (
+      isInvalidDate(lastRefillDate) ||
+      now >=
+        addIntervalToDate(lastRefillDate, record.refillIntervalValue, record.refillIntervalUnit)
+    ) {
+      try {
+        /** @type {{ rate: number, user: string, balance: number, transaction: import('@librechat/data-schemas').ITransaction}} */
+        const result = await Transaction.createAutoRefillTransaction({
+          user: user,
+          tokenType: 'credits',
+          context: 'autoRefill',
+          rawAmount: record.refillAmount,
+        });
+        balance = result.balance;
+      } catch (error) {
+        logger.error('[Balance.check] Failed to record transaction for auto-refill', error);
+      }
+    }
+  }
+
+  logger.debug('[Balance.check] Token cost', { tokenCost });
+  return { canSpend: balance >= tokenCost, balance, tokenCost };
+};
+
+/**
+ * Adds a time interval to a given date.
+ * @param {Date} date - The starting date.
+ * @param {number} value - The numeric value of the interval.
+ * @param {'seconds'|'minutes'|'hours'|'days'|'weeks'|'months'} unit - The unit of time.
+ * @returns {Date} A new Date representing the starting date plus the interval.
+ */
+const addIntervalToDate = (date, value, unit) => {
+  const result = new Date(date);
+  switch (unit) {
+    case 'seconds':
+      result.setSeconds(result.getSeconds() + value);
+      break;
+    case 'minutes':
+      result.setMinutes(result.getMinutes() + value);
+      break;
+    case 'hours':
+      result.setHours(result.getHours() + value);
+      break;
+    case 'days':
+      result.setDate(result.getDate() + value);
+      break;
+    case 'weeks':
+      result.setDate(result.getDate() + value * 7);
+      break;
+    case 'months':
+      result.setMonth(result.getMonth() + value);
+      break;
+    default:
+      break;
+  }
+  return result;
+};
+
+/**
+ * Checks the balance for a user and determines if they can spend a certain amount.
+ * If the user cannot spend the amount, it logs a violation and denies the request.
+ *
+ * @async
+ * @function
+ * @param {Object} params - The function parameters.
+ * @param {Express.Request} params.req - The Express request object.
+ * @param {Express.Response} params.res - The Express response object.
+ * @param {Object} params.txData - The transaction data.
+ * @param {string} params.txData.user - The user ID or identifier.
+ * @param {('prompt' | 'completion')} params.txData.tokenType - The type of token.
+ * @param {number} params.txData.amount - The amount of tokens.
+ * @param {string} params.txData.model - The model name or identifier.
+ * @param {string} [params.txData.endpointTokenConfig] - The token configuration for the endpoint.
+ * @returns {Promise<boolean>} Throws error if the user cannot spend the amount.
+ * @throws {Error} Throws an error if there's an issue with the balance check.
+ */
+const checkBalance = async ({ req, res, txData }) => {
+  const { canSpend, balance, tokenCost } = await checkBalanceRecord(txData);
+  if (canSpend) {
+    return true;
+  }
+
+  const type = ViolationTypes.TOKEN_BALANCE;
+  const errorMessage = {
+    type,
+    balance,
+    tokenCost,
+    promptTokens: txData.amount,
+  };
+
+  if (txData.generations && txData.generations.length > 0) {
+    errorMessage.generations = txData.generations;
+  }
+
+  await logViolation(req, res, type, errorMessage, 0);
+  throw new Error(JSON.stringify(errorMessage));
+};
+
+module.exports = {
+  checkBalance,
+};

api/models/checkBalance.js

@@ -1,45 +0,0 @@
-const { ViolationTypes } = require('librechat-data-provider');
-const { logViolation } = require('~/cache');
-const Balance = require('./Balance');
-/**
- * Checks the balance for a user and determines if they can spend a certain amount.
- * If the user cannot spend the amount, it logs a violation and denies the request.
- *
- * @async
- * @function
- * @param {Object} params - The function parameters.
- * @param {Express.Request} params.req - The Express request object.
- * @param {Express.Response} params.res - The Express response object.
- * @param {Object} params.txData - The transaction data.
- * @param {string} params.txData.user - The user ID or identifier.
- * @param {('prompt' | 'completion')} params.txData.tokenType - The type of token.
- * @param {number} params.txData.amount - The amount of tokens.
- * @param {string} params.txData.model - The model name or identifier.
- * @param {string} [params.txData.endpointTokenConfig] - The token configuration for the endpoint.
- * @returns {Promise<boolean>} Returns true if the user can spend the amount, otherwise denies the request.
- * @throws {Error} Throws an error if there's an issue with the balance check.
- */
-const checkBalance = async ({ req, res, txData }) => {
-  const { canSpend, balance, tokenCost } = await Balance.check(txData);
-
-  if (canSpend) {
-    return true;
-  }
-
-  const type = ViolationTypes.TOKEN_BALANCE;
-  const errorMessage = {
-    type,
-    balance,
-    tokenCost,
-    promptTokens: txData.amount,
-  };
-
-  if (txData.generations && txData.generations.length > 0) {
-    errorMessage.generations = txData.generations;
-  }
-
-  await logViolation(req, res, type, errorMessage, 0);
-  throw new Error(JSON.stringify(errorMessage));
-};
-
-module.exports = checkBalance;

api/models/plugins/mongoMeili.js

@@ -1,6 +1,7 @@
 const _ = require('lodash');
 const mongoose = require('mongoose');
 const { MeiliSearch } = require('meilisearch');
+const { parseTextParts, ContentTypes } = require('librechat-data-provider');
 const { cleanUpPrimaryKeyValue } = require('~/lib/utils/misc');
 const logger = require('~/config/meiliLogger');
 
@@ -238,10 +239,7 @@ const createMeiliMongooseModel = function ({ index, attributesToIndex }) {
       }
 
       if (object.content && Array.isArray(object.content)) {
-        object.text = object.content
-          .filter((item) => item.type === 'text' && item.text && item.text.value)
-          .map((item) => item.text.value)
-          .join(' ');
+        object.text = parseTextParts(object.content);
         delete object.content;
       }
 

api/models/spendTokens.js

@@ -36,7 +36,7 @@ const spendTokens = async (txData, tokenUsage) => {
       prompt = await Transaction.create({
         ...txData,
         tokenType: 'prompt',
-        rawAmount: -Math.max(promptTokens, 0),
+        rawAmount: promptTokens === 0 ? 0 : -Math.max(promptTokens, 0),
       });
     }
 
@@ -44,7 +44,7 @@ const spendTokens = async (txData, tokenUsage) => {
       completion = await Transaction.create({
         ...txData,
         tokenType: 'completion',
-        rawAmount: -Math.max(completionTokens, 0),
+        rawAmount: completionTokens === 0 ? 0 : -Math.max(completionTokens, 0),
       });
     }
 

api/models/spendTokens.spec.js

@@ -1,17 +1,10 @@
 const mongoose = require('mongoose');
+const { MongoMemoryServer } = require('mongodb-memory-server');
+const { Transaction } = require('./Transaction');
+const Balance = require('./Balance');
+const { spendTokens, spendStructuredTokens } = require('./spendTokens');
 
-jest.mock('./Transaction', () => ({
-  Transaction: {
-    create: jest.fn(),
-    createStructured: jest.fn(),
-  },
-}));
-
-jest.mock('./Balance', () => ({
-  findOne: jest.fn(),
-  findOneAndUpdate: jest.fn(),
-}));
-
+// Mock the logger to prevent console output during tests
 jest.mock('~/config', () => ({
   logger: {
     debug: jest.fn(),
@@ -19,19 +12,46 @@ jest.mock('~/config', () => ({
   },
 }));
 
-// Import after mocking
-const { spendTokens, spendStructuredTokens } = require('./spendTokens');
-const { Transaction } = require('./Transaction');
-const Balance = require('./Balance');
+// Mock the Config service
+const { getBalanceConfig } = require('~/server/services/Config');
+jest.mock('~/server/services/Config');
+
 describe('spendTokens', () => {
-  beforeEach(() => {
-    jest.clearAllMocks();
-    process.env.CHECK_BALANCE = 'true';
+  let mongoServer;
+  let userId;
+
+  beforeAll(async () => {
+    mongoServer = await MongoMemoryServer.create();
+    const mongoUri = mongoServer.getUri();
+    await mongoose.connect(mongoUri);
+  });
+
+  afterAll(async () => {
+    await mongoose.disconnect();
+    await mongoServer.stop();
+  });
+
+  beforeEach(async () => {
+    // Clear collections before each test
+    await Transaction.deleteMany({});
+    await Balance.deleteMany({});
+
+    // Create a new user ID for each test
+    userId = new mongoose.Types.ObjectId();
+
+    // Mock the balance config to be enabled by default
+    getBalanceConfig.mockResolvedValue({ enabled: true });
   });
 
   it('should create transactions for both prompt and completion tokens', async () => {
+    // Create a balance for the user
+    await Balance.create({
+      user: userId,
+      tokenCredits: 10000,
+    });
+
     const txData = {
-      user: new mongoose.Types.ObjectId(),
+      user: userId,
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
@@ -41,31 +61,35 @@ describe('spendTokens', () => {
       completionTokens: 50,
     };
 
-    Transaction.create.mockResolvedValueOnce({ tokenType: 'prompt', rawAmount: -100 });
-    Transaction.create.mockResolvedValueOnce({ tokenType: 'completion', rawAmount: -50 });
-    Balance.findOne.mockResolvedValue({ tokenCredits: 10000 });
-    Balance.findOneAndUpdate.mockResolvedValue({ tokenCredits: 9850 });
-
     await spendTokens(txData, tokenUsage);
 
-    expect(Transaction.create).toHaveBeenCalledTimes(2);
-    expect(Transaction.create).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tokenType: 'prompt',
-        rawAmount: -100,
-      }),
-    );
-    expect(Transaction.create).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tokenType: 'completion',
-        rawAmount: -50,
-      }),
-    );
+    // Verify transactions were created
+    const transactions = await Transaction.find({ user: userId }).sort({ tokenType: 1 });
+    expect(transactions).toHaveLength(2);
+
+    // Check completion transaction
+    expect(transactions[0].tokenType).toBe('completion');
+    expect(transactions[0].rawAmount).toBe(-50);
+
+    // Check prompt transaction
+    expect(transactions[1].tokenType).toBe('prompt');
+    expect(transactions[1].rawAmount).toBe(-100);
+
+    // Verify balance was updated
+    const balance = await Balance.findOne({ user: userId });
+    expect(balance).toBeDefined();
+    expect(balance.tokenCredits).toBeLessThan(10000); // Balance should be reduced
   });
 
   it('should handle zero completion tokens', async () => {
+    // Create a balance for the user
+    await Balance.create({
+      user: userId,
+      tokenCredits: 10000,
+    });
+
     const txData = {
-      user: new mongoose.Types.ObjectId(),
+      user: userId,
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
@@ -75,31 +99,26 @@ describe('spendTokens', () => {
       completionTokens: 0,
     };
 
-    Transaction.create.mockResolvedValueOnce({ tokenType: 'prompt', rawAmount: -100 });
-    Transaction.create.mockResolvedValueOnce({ tokenType: 'completion', rawAmount: -0 });
-    Balance.findOne.mockResolvedValue({ tokenCredits: 10000 });
-    Balance.findOneAndUpdate.mockResolvedValue({ tokenCredits: 9850 });
-
     await spendTokens(txData, tokenUsage);
 
-    expect(Transaction.create).toHaveBeenCalledTimes(2);
-    expect(Transaction.create).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tokenType: 'prompt',
-        rawAmount: -100,
-      }),
-    );
-    expect(Transaction.create).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tokenType: 'completion',
-        rawAmount: -0, // Changed from 0 to -0
-      }),
-    );
+    // Verify transactions were created
+    const transactions = await Transaction.find({ user: userId }).sort({ tokenType: 1 });
+    expect(transactions).toHaveLength(2);
+
+    // Check completion transaction
+    expect(transactions[0].tokenType).toBe('completion');
+    // In JavaScript -0 and 0 are different but functionally equivalent
+    // Use Math.abs to handle both 0 and -0
+    expect(Math.abs(transactions[0].rawAmount)).toBe(0);
+
+    // Check prompt transaction
+    expect(transactions[1].tokenType).toBe('prompt');
+    expect(transactions[1].rawAmount).toBe(-100);
   });
 
   it('should handle undefined token counts', async () => {
     const txData = {
-      user: new mongoose.Types.ObjectId(),
+      user: userId,
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
@@ -108,13 +127,22 @@ describe('spendTokens', () => {
 
     await spendTokens(txData, tokenUsage);
 
-    expect(Transaction.create).not.toHaveBeenCalled();
+    // Verify no transactions were created
+    const transactions = await Transaction.find({ user: userId });
+    expect(transactions).toHaveLength(0);
   });
 
-  it('should not update balance when CHECK_BALANCE is false', async () => {
-    process.env.CHECK_BALANCE = 'false';
+  it('should not update balance when the balance feature is disabled', async () => {
+    // Override configuration: disable balance updates
+    getBalanceConfig.mockResolvedValue({ enabled: false });
+    // Create a balance for the user
+    await Balance.create({
+      user: userId,
+      tokenCredits: 10000,
+    });
+
     const txData = {
-      user: new mongoose.Types.ObjectId(),
+      user: userId,
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
@@ -124,19 +152,529 @@ describe('spendTokens', () => {
       completionTokens: 50,
     };
 
-    Transaction.create.mockResolvedValueOnce({ tokenType: 'prompt', rawAmount: -100 });
-    Transaction.create.mockResolvedValueOnce({ tokenType: 'completion', rawAmount: -50 });
+    await spendTokens(txData, tokenUsage);
+
+    // Verify transactions were created
+    const transactions = await Transaction.find({ user: userId });
+    expect(transactions).toHaveLength(2);
+
+    // Verify balance was not updated (should still be 10000)
+    const balance = await Balance.findOne({ user: userId });
+    expect(balance.tokenCredits).toBe(10000);
+  });
+
+  it('should not allow balance to go below zero when spending tokens', async () => {
+    // Create a balance with a low amount
+    await Balance.create({
+      user: userId,
+      tokenCredits: 5000,
+    });
+
+    const txData = {
+      user: userId,
+      conversationId: 'test-convo',
+      model: 'gpt-4', // Using a more expensive model
+      context: 'test',
+    };
+
+    // Spending more tokens than the user has balance for
+    const tokenUsage = {
+      promptTokens: 1000,
+      completionTokens: 500,
+    };
 
     await spendTokens(txData, tokenUsage);
 
-    expect(Transaction.create).toHaveBeenCalledTimes(2);
-    expect(Balance.findOne).not.toHaveBeenCalled();
-    expect(Balance.findOneAndUpdate).not.toHaveBeenCalled();
+    // Verify transactions were created
+    const transactions = await Transaction.find({ user: userId }).sort({ tokenType: 1 });
+    expect(transactions).toHaveLength(2);
+
+    // Verify balance was reduced to exactly 0, not negative
+    const balance = await Balance.findOne({ user: userId });
+    expect(balance).toBeDefined();
+    expect(balance.tokenCredits).toBe(0);
+
+    // Check that the transaction records show the adjusted values
+    const transactionResults = await Promise.all(
+      transactions.map((t) =>
+        Transaction.create({
+          ...txData,
+          tokenType: t.tokenType,
+          rawAmount: t.rawAmount,
+        }),
+      ),
+    );
+
+    // The second transaction should have an adjusted value since balance is already 0
+    expect(transactionResults[1]).toEqual(
+      expect.objectContaining({
+        balance: 0,
+      }),
+    );
+  });
+
+  it('should handle multiple transactions in sequence with low balance and not increase balance', async () => {
+    // This test is specifically checking for the issue reported in production
+    // where the balance increases after a transaction when it should remain at 0
+    // Create a balance with a very low amount
+    await Balance.create({
+      user: userId,
+      tokenCredits: 100,
+    });
+
+    // First transaction - should reduce balance to 0
+    const txData1 = {
+      user: userId,
+      conversationId: 'test-convo-1',
+      model: 'gpt-4',
+      context: 'test',
+    };
+
+    const tokenUsage1 = {
+      promptTokens: 100,
+      completionTokens: 50,
+    };
+
+    await spendTokens(txData1, tokenUsage1);
+
+    // Check balance after first transaction
+    let balance = await Balance.findOne({ user: userId });
+    expect(balance.tokenCredits).toBe(0);
+
+    // Second transaction - should keep balance at 0, not make it negative or increase it
+    const txData2 = {
+      user: userId,
+      conversationId: 'test-convo-2',
+      model: 'gpt-4',
+      context: 'test',
+    };
+
+    const tokenUsage2 = {
+      promptTokens: 200,
+      completionTokens: 100,
+    };
+
+    await spendTokens(txData2, tokenUsage2);
+
+    // Check balance after second transaction - should still be 0
+    balance = await Balance.findOne({ user: userId });
+    expect(balance.tokenCredits).toBe(0);
+
+    // Verify all transactions were created
+    const transactions = await Transaction.find({ user: userId });
+    expect(transactions).toHaveLength(4); // 2 transactions (prompt+completion) for each call
+
+    // Let's examine the actual transaction records to see what's happening
+    const transactionDetails = await Transaction.find({ user: userId }).sort({ createdAt: 1 });
+
+    // Log the transaction details for debugging
+    console.log('Transaction details:');
+    transactionDetails.forEach((tx, i) => {
+      console.log(`Transaction ${i + 1}:`, {
+        tokenType: tx.tokenType,
+        rawAmount: tx.rawAmount,
+        tokenValue: tx.tokenValue,
+        model: tx.model,
+      });
+    });
+
+    // Check the return values from Transaction.create directly
+    // This is to verify that the incrementValue is not becoming positive
+    const directResult = await Transaction.create({
+      user: userId,
+      conversationId: 'test-convo-3',
+      model: 'gpt-4',
+      tokenType: 'completion',
+      rawAmount: -100,
+      context: 'test',
+    });
+
+    console.log('Direct Transaction.create result:', directResult);
+
+    // The completion value should never be positive
+    expect(directResult.completion).not.toBeGreaterThan(0);
+  });
+
+  it('should ensure tokenValue is always negative for spending tokens', async () => {
+    // Create a balance for the user
+    await Balance.create({
+      user: userId,
+      tokenCredits: 10000,
+    });
+
+    // Test with various models to check multiplier calculations
+    const models = ['gpt-3.5-turbo', 'gpt-4', 'claude-3-5-sonnet'];
+
+    for (const model of models) {
+      const txData = {
+        user: userId,
+        conversationId: `test-convo-${model}`,
+        model,
+        context: 'test',
+      };
+
+      const tokenUsage = {
+        promptTokens: 100,
+        completionTokens: 50,
+      };
+
+      await spendTokens(txData, tokenUsage);
+
+      // Get the transactions for this model
+      const transactions = await Transaction.find({
+        user: userId,
+        model,
+      });
+
+      // Verify tokenValue is negative for all transactions
+      transactions.forEach((tx) => {
+        console.log(`Model ${model}, Type ${tx.tokenType}: tokenValue = ${tx.tokenValue}`);
+        expect(tx.tokenValue).toBeLessThan(0);
+      });
+    }
+  });
+
+  it('should handle structured transactions in sequence with low balance', async () => {
+    // Create a balance with a very low amount
+    await Balance.create({
+      user: userId,
+      tokenCredits: 100,
+    });
+
+    // First transaction - should reduce balance to 0
+    const txData1 = {
+      user: userId,
+      conversationId: 'test-convo-1',
+      model: 'claude-3-5-sonnet',
+      context: 'test',
+    };
+
+    const tokenUsage1 = {
+      promptTokens: {
+        input: 10,
+        write: 100,
+        read: 5,
+      },
+      completionTokens: 50,
+    };
+
+    await spendStructuredTokens(txData1, tokenUsage1);
+
+    // Check balance after first transaction
+    let balance = await Balance.findOne({ user: userId });
+    expect(balance.tokenCredits).toBe(0);
+
+    // Second transaction - should keep balance at 0, not make it negative or increase it
+    const txData2 = {
+      user: userId,
+      conversationId: 'test-convo-2',
+      model: 'claude-3-5-sonnet',
+      context: 'test',
+    };
+
+    const tokenUsage2 = {
+      promptTokens: {
+        input: 20,
+        write: 200,
+        read: 10,
+      },
+      completionTokens: 100,
+    };
+
+    await spendStructuredTokens(txData2, tokenUsage2);
+
+    // Check balance after second transaction - should still be 0
+    balance = await Balance.findOne({ user: userId });
+    expect(balance.tokenCredits).toBe(0);
+
+    // Verify all transactions were created
+    const transactions = await Transaction.find({ user: userId });
+    expect(transactions).toHaveLength(4); // 2 transactions (prompt+completion) for each call
+
+    // Let's examine the actual transaction records to see what's happening
+    const transactionDetails = await Transaction.find({ user: userId }).sort({ createdAt: 1 });
+
+    // Log the transaction details for debugging
+    console.log('Structured transaction details:');
+    transactionDetails.forEach((tx, i) => {
+      console.log(`Transaction ${i + 1}:`, {
+        tokenType: tx.tokenType,
+        rawAmount: tx.rawAmount,
+        tokenValue: tx.tokenValue,
+        inputTokens: tx.inputTokens,
+        writeTokens: tx.writeTokens,
+        readTokens: tx.readTokens,
+        model: tx.model,
+      });
+    });
+  });
+
+  it('should not allow balance to go below zero when spending structured tokens', async () => {
+    // Create a balance with a low amount
+    await Balance.create({
+      user: userId,
+      tokenCredits: 5000,
+    });
+
+    const txData = {
+      user: userId,
+      conversationId: 'test-convo',
+      model: 'claude-3-5-sonnet', // Using a model that supports structured tokens
+      context: 'test',
+    };
+
+    // Spending more tokens than the user has balance for
+    const tokenUsage = {
+      promptTokens: {
+        input: 100,
+        write: 1000,
+        read: 50,
+      },
+      completionTokens: 500,
+    };
+
+    const result = await spendStructuredTokens(txData, tokenUsage);
+
+    // Verify transactions were created
+    const transactions = await Transaction.find({ user: userId }).sort({ tokenType: 1 });
+    expect(transactions).toHaveLength(2);
+
+    // Verify balance was reduced to exactly 0, not negative
+    const balance = await Balance.findOne({ user: userId });
+    expect(balance).toBeDefined();
+    expect(balance.tokenCredits).toBe(0);
+
+    // The result should show the adjusted values
+    expect(result).toEqual({
+      prompt: expect.objectContaining({
+        user: userId.toString(),
+        balance: expect.any(Number),
+      }),
+      completion: expect.objectContaining({
+        user: userId.toString(),
+        balance: 0, // Final balance should be 0
+      }),
+    });
+  });
+
+  it('should handle multiple concurrent transactions correctly with a high balance', async () => {
+    // Create a balance with a high amount
+    const initialBalance = 10000000;
+    await Balance.create({
+      user: userId,
+      tokenCredits: initialBalance,
+    });
+
+    // Simulate the recordCollectedUsage function from the production code
+    const conversationId = 'test-concurrent-convo';
+    const context = 'message';
+    const model = 'gpt-4';
+
+    const amount = 50;
+    // Create `amount` of usage records to simulate multiple transactions
+    const collectedUsage = Array.from({ length: amount }, (_, i) => ({
+      model,
+      input_tokens: 100 + i * 10, // Increasing input tokens
+      output_tokens: 50 + i * 5, // Increasing output tokens
+      input_token_details: {
+        cache_creation: i % 2 === 0 ? 20 : 0, // Some have cache creation
+        cache_read: i % 3 === 0 ? 10 : 0, // Some have cache read
+      },
+    }));
+
+    // Process all transactions concurrently to simulate race conditions
+    const promises = [];
+    let expectedTotalSpend = 0;
+
+    for (let i = 0; i < collectedUsage.length; i++) {
+      const usage = collectedUsage[i];
+      if (!usage) {
+        continue;
+      }
+
+      const cache_creation = Number(usage.input_token_details?.cache_creation) || 0;
+      const cache_read = Number(usage.input_token_details?.cache_read) || 0;
+
+      const txMetadata = {
+        context,
+        conversationId,
+        user: userId,
+        model: usage.model,
+      };
+
+      // Calculate expected spend for this transaction
+      const promptTokens = usage.input_tokens;
+      const completionTokens = usage.output_tokens;
+
+      // For regular transactions
+      if (cache_creation === 0 && cache_read === 0) {
+        // Add to expected spend using the correct multipliers from tx.js
+        // For gpt-4, the multipliers are: prompt=30, completion=60
+        expectedTotalSpend += promptTokens * 30; // gpt-4 prompt rate is 30
+        expectedTotalSpend += completionTokens * 60; // gpt-4 completion rate is 60
+
+        promises.push(
+          spendTokens(txMetadata, {
+            promptTokens,
+            completionTokens,
+          }),
+        );
+      } else {
+        // For structured transactions with cache operations
+        // The multipliers for claude models with cache operations are different
+        // But since we're using gpt-4 in the test, we need to use appropriate values
+        expectedTotalSpend += promptTokens * 30; // Base prompt rate for gpt-4
+        // Since gpt-4 doesn't have cache multipliers defined, we'll use the prompt rate
+        expectedTotalSpend += cache_creation * 30; // Write rate (using prompt rate as fallback)
+        expectedTotalSpend += cache_read * 30; // Read rate (using prompt rate as fallback)
+        expectedTotalSpend += completionTokens * 60; // Completion rate for gpt-4
+
+        promises.push(
+          spendStructuredTokens(txMetadata, {
+            promptTokens: {
+              input: promptTokens,
+              write: cache_creation,
+              read: cache_read,
+            },
+            completionTokens,
+          }),
+        );
+      }
+    }
+
+    // Wait for all transactions to complete
+    await Promise.all(promises);
+
+    // Verify final balance
+    const finalBalance = await Balance.findOne({ user: userId });
+    expect(finalBalance).toBeDefined();
+
+    // The final balance should be the initial balance minus the expected total spend
+    const expectedFinalBalance = initialBalance - expectedTotalSpend;
+
+    console.log('Initial balance:', initialBalance);
+    console.log('Expected total spend:', expectedTotalSpend);
+    console.log('Expected final balance:', expectedFinalBalance);
+    console.log('Actual final balance:', finalBalance.tokenCredits);
+
+    // Allow for small rounding differences
+    expect(finalBalance.tokenCredits).toBeCloseTo(expectedFinalBalance, 0);
+
+    // Verify all transactions were created
+    const transactions = await Transaction.find({
+      user: userId,
+      conversationId,
+    });
+
+    // We should have 2 transactions (prompt + completion) for each usage record
+    // Some might be structured, some regular
+    expect(transactions.length).toBeGreaterThanOrEqual(collectedUsage.length);
+
+    // Log transaction details for debugging
+    console.log('Transaction summary:');
+    let totalTokenValue = 0;
+    transactions.forEach((tx) => {
+      console.log(`${tx.tokenType}: rawAmount=${tx.rawAmount}, tokenValue=${tx.tokenValue}`);
+      totalTokenValue += tx.tokenValue;
+    });
+    console.log('Total token value from transactions:', totalTokenValue);
+
+    // The difference between expected and actual is significant
+    // This is likely due to the multipliers being different in the test environment
+    // Let's adjust our expectation based on the actual transactions
+    const actualSpend = initialBalance - finalBalance.tokenCredits;
+    console.log('Actual spend:', actualSpend);
+
+    // Instead of checking the exact balance, let's verify that:
+    // 1. The balance was reduced (tokens were spent)
+    expect(finalBalance.tokenCredits).toBeLessThan(initialBalance);
+    // 2. The total token value from transactions matches the actual spend
+    expect(Math.abs(totalTokenValue)).toBeCloseTo(actualSpend, -3); // Allow for larger differences
+  });
+
+  // Add this new test case
+  it('should handle multiple concurrent balance increases correctly', async () => {
+    // Start with zero balance
+    const initialBalance = 0;
+    await Balance.create({
+      user: userId,
+      tokenCredits: initialBalance,
+    });
+
+    const numberOfRefills = 25;
+    const refillAmount = 1000;
+
+    const promises = [];
+    for (let i = 0; i < numberOfRefills; i++) {
+      promises.push(
+        Transaction.createAutoRefillTransaction({
+          user: userId,
+          tokenType: 'credits',
+          context: 'concurrent-refill-test',
+          rawAmount: refillAmount,
+        }),
+      );
+    }
+
+    // Wait for all refill transactions to complete
+    const results = await Promise.all(promises);
+
+    // Verify final balance
+    const finalBalance = await Balance.findOne({ user: userId });
+    expect(finalBalance).toBeDefined();
+
+    // The final balance should be the initial balance plus the sum of all refills
+    const expectedFinalBalance = initialBalance + numberOfRefills * refillAmount;
+
+    console.log('Initial balance (Increase Test):', initialBalance);
+    console.log(`Performed ${numberOfRefills} refills of ${refillAmount} each.`);
+    console.log('Expected final balance (Increase Test):', expectedFinalBalance);
+    console.log('Actual final balance (Increase Test):', finalBalance.tokenCredits);
+
+    // Use toBeCloseTo for safety, though toBe should work for integer math
+    expect(finalBalance.tokenCredits).toBeCloseTo(expectedFinalBalance, 0);
+
+    // Verify all transactions were created
+    const transactions = await Transaction.find({
+      user: userId,
+      context: 'concurrent-refill-test',
+    });
+
+    // We should have one transaction for each refill attempt
+    expect(transactions.length).toBe(numberOfRefills);
+
+    // Optional: Verify the sum of increments from the results matches the balance change
+    const totalIncrementReported = results.reduce((sum, result) => {
+      // Assuming createAutoRefillTransaction returns an object with the increment amount
+      // Adjust this based on the actual return structure.
+      // Let's assume it returns { balance: newBalance, transaction: { rawAmount: ... } }
+      // Or perhaps we check the transaction.rawAmount directly
+      return sum + (result?.transaction?.rawAmount || 0);
+    }, 0);
+    console.log('Total increment reported by results:', totalIncrementReported);
+    expect(totalIncrementReported).toBe(expectedFinalBalance - initialBalance);
+
+    // Optional: Check the sum of tokenValue from saved transactions
+    let totalTokenValueFromDb = 0;
+    transactions.forEach((tx) => {
+      // For refills, rawAmount is positive, and tokenValue might be calculated based on it
+      // Let's assume tokenValue directly reflects the increment for simplicity here
+      // If calculation is involved, adjust accordingly
+      totalTokenValueFromDb += tx.rawAmount; // Or tx.tokenValue if that holds the increment
+    });
+    console.log('Total rawAmount from DB transactions:', totalTokenValueFromDb);
+    expect(totalTokenValueFromDb).toBeCloseTo(expectedFinalBalance - initialBalance, 0);
   });
 
   it('should create structured transactions for both prompt and completion tokens', async () => {
+    // Create a balance for the user
+    await Balance.create({
+      user: userId,
+      tokenCredits: 10000,
+    });
+
     const txData = {
-      user: new mongoose.Types.ObjectId(),
+      user: userId,
       conversationId: 'test-convo',
       model: 'claude-3-5-sonnet',
       context: 'test',
@@ -150,48 +688,37 @@ describe('spendTokens', () => {
       completionTokens: 50,
     };
 
-    Transaction.createStructured.mockResolvedValueOnce({
-      rate: 3.75,
-      user: txData.user.toString(),
-      balance: 9570,
-      prompt: -430,
-    });
-    Transaction.create.mockResolvedValueOnce({
-      rate: 15,
-      user: txData.user.toString(),
-      balance: 8820,
-      completion: -750,
-    });
-
     const result = await spendStructuredTokens(txData, tokenUsage);
 
-    expect(Transaction.createStructured).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tokenType: 'prompt',
-        inputTokens: -10,
-        writeTokens: -100,
-        readTokens: -5,
-      }),
-    );
-    expect(Transaction.create).toHaveBeenCalledWith(
-      expect.objectContaining({
-        tokenType: 'completion',
-        rawAmount: -50,
-      }),
-    );
+    // Verify transactions were created
+    const transactions = await Transaction.find({ user: userId }).sort({ tokenType: 1 });
+    expect(transactions).toHaveLength(2);
+
+    // Check completion transaction
+    expect(transactions[0].tokenType).toBe('completion');
+    expect(transactions[0].rawAmount).toBe(-50);
+
+    // Check prompt transaction
+    expect(transactions[1].tokenType).toBe('prompt');
+    expect(transactions[1].inputTokens).toBe(-10);
+    expect(transactions[1].writeTokens).toBe(-100);
+    expect(transactions[1].readTokens).toBe(-5);
+
+    // Verify result contains transaction info
     expect(result).toEqual({
       prompt: expect.objectContaining({
-        rate: 3.75,
-        user: txData.user.toString(),
-        balance: 9570,
-        prompt: -430,
+        user: userId.toString(),
+        prompt: expect.any(Number),
       }),
       completion: expect.objectContaining({
-        rate: 15,
-        user: txData.user.toString(),
-        balance: 8820,
-        completion: -750,
+        user: userId.toString(),
+        completion: expect.any(Number),
       }),
     });
+
+    // Verify balance was updated
+    const balance = await Balance.findOne({ user: userId });
+    expect(balance).toBeDefined();
+    expect(balance.tokenCredits).toBeLessThan(10000); // Balance should be reduced
   });
 });

api/models/tx.js

@@ -61,6 +61,7 @@ const bedrockValues = {
   'amazon.nova-micro-v1:0': { prompt: 0.035, completion: 0.14 },
   'amazon.nova-lite-v1:0': { prompt: 0.06, completion: 0.24 },
   'amazon.nova-pro-v1:0': { prompt: 0.8, completion: 3.2 },
+  'deepseek.r1': { prompt: 1.35, completion: 5.4 },
 };
 
 /**
@@ -75,10 +76,15 @@ const tokenValues = Object.assign(
     '4k': { prompt: 1.5, completion: 2 },
     '16k': { prompt: 3, completion: 4 },
     'gpt-3.5-turbo-1106': { prompt: 1, completion: 2 },
+    'o4-mini': { prompt: 1.1, completion: 4.4 },
     'o3-mini': { prompt: 1.1, completion: 4.4 },
+    o3: { prompt: 10, completion: 40 },
     'o1-mini': { prompt: 1.1, completion: 4.4 },
     'o1-preview': { prompt: 15, completion: 60 },
     o1: { prompt: 15, completion: 60 },
+    'gpt-4.1-nano': { prompt: 0.1, completion: 0.4 },
+    'gpt-4.1-mini': { prompt: 0.4, completion: 1.6 },
+    'gpt-4.1': { prompt: 2, completion: 8 },
     'gpt-4.5': { prompt: 75, completion: 150 },
     'gpt-4o-mini': { prompt: 0.15, completion: 0.6 },
     'gpt-4o': { prompt: 2.5, completion: 10 },
@@ -106,8 +112,10 @@ const tokenValues = Object.assign(
   so this was from https://artificialanalysis.ai/models/command-light/providers */
     command: { prompt: 0.38, completion: 0.38 },
     'gemini-2.0-flash-lite': { prompt: 0.075, completion: 0.3 },
-    'gemini-2.0-flash': { prompt: 0.1, completion: 0.7 },
+    'gemini-2.0-flash': { prompt: 0.1, completion: 0.4 },
     'gemini-2.0': { prompt: 0, completion: 0 }, // https://ai.google.dev/pricing
+    'gemini-2.5-pro-preview-03-25': { prompt: 1.25, completion: 10 },
+    'gemini-2.5': { prompt: 0, completion: 0 }, // Free for a period of time
     'gemini-1.5-flash-8b': { prompt: 0.075, completion: 0.3 },
     'gemini-1.5-flash': { prompt: 0.15, completion: 0.6 },
     'gemini-1.5': { prompt: 2.5, completion: 10 },
@@ -120,7 +128,17 @@ const tokenValues = Object.assign(
     'grok-2-1212': { prompt: 2.0, completion: 10.0 },
     'grok-2-latest': { prompt: 2.0, completion: 10.0 },
     'grok-2': { prompt: 2.0, completion: 10.0 },
+    'grok-3-mini-fast': { prompt: 0.4, completion: 4 },
+    'grok-3-mini': { prompt: 0.3, completion: 0.5 },
+    'grok-3-fast': { prompt: 5.0, completion: 25.0 },
+    'grok-3': { prompt: 3.0, completion: 15.0 },
     'grok-beta': { prompt: 5.0, completion: 15.0 },
+    'mistral-large': { prompt: 2.0, completion: 6.0 },
+    'pixtral-large': { prompt: 2.0, completion: 6.0 },
+    'mistral-saba': { prompt: 0.2, completion: 0.6 },
+    codestral: { prompt: 0.3, completion: 0.9 },
+    'ministral-8b': { prompt: 0.1, completion: 0.1 },
+    'ministral-3b': { prompt: 0.04, completion: 0.04 },
   },
   bedrockValues,
 );
@@ -162,6 +180,14 @@ const getValueKey = (model, endpoint) => {
     return 'gpt-3.5-turbo-1106';
   } else if (modelName.includes('gpt-3.5')) {
     return '4k';
+  } else if (modelName.includes('o4-mini')) {
+    return 'o4-mini';
+  } else if (modelName.includes('o4')) {
+    return 'o4';
+  } else if (modelName.includes('o3-mini')) {
+    return 'o3-mini';
+  } else if (modelName.includes('o3')) {
+    return 'o3';
   } else if (modelName.includes('o1-preview')) {
     return 'o1-preview';
   } else if (modelName.includes('o1-mini')) {
@@ -170,6 +196,12 @@ const getValueKey = (model, endpoint) => {
     return 'o1';
   } else if (modelName.includes('gpt-4.5')) {
     return 'gpt-4.5';
+  } else if (modelName.includes('gpt-4.1-nano')) {
+    return 'gpt-4.1-nano';
+  } else if (modelName.includes('gpt-4.1-mini')) {
+    return 'gpt-4.1-mini';
+  } else if (modelName.includes('gpt-4.1')) {
+    return 'gpt-4.1';
   } else if (modelName.includes('gpt-4o-2024-05-13')) {
     return 'gpt-4o-2024-05-13';
   } else if (modelName.includes('gpt-4o-mini')) {

api/models/tx.spec.js

@@ -60,6 +60,30 @@ describe('getValueKey', () => {
     expect(getValueKey('gpt-4.5-0125')).toBe('gpt-4.5');
   });
 
+  it('should return "gpt-4.1" for model type of "gpt-4.1"', () => {
+    expect(getValueKey('gpt-4.1-preview')).toBe('gpt-4.1');
+    expect(getValueKey('gpt-4.1-2024-08-06')).toBe('gpt-4.1');
+    expect(getValueKey('gpt-4.1-2024-08-06-0718')).toBe('gpt-4.1');
+    expect(getValueKey('openai/gpt-4.1')).toBe('gpt-4.1');
+    expect(getValueKey('openai/gpt-4.1-2024-08-06')).toBe('gpt-4.1');
+    expect(getValueKey('gpt-4.1-turbo')).toBe('gpt-4.1');
+    expect(getValueKey('gpt-4.1-0125')).toBe('gpt-4.1');
+  });
+
+  it('should return "gpt-4.1-mini" for model type of "gpt-4.1-mini"', () => {
+    expect(getValueKey('gpt-4.1-mini-preview')).toBe('gpt-4.1-mini');
+    expect(getValueKey('gpt-4.1-mini-2024-08-06')).toBe('gpt-4.1-mini');
+    expect(getValueKey('openai/gpt-4.1-mini')).toBe('gpt-4.1-mini');
+    expect(getValueKey('gpt-4.1-mini-0125')).toBe('gpt-4.1-mini');
+  });
+
+  it('should return "gpt-4.1-nano" for model type of "gpt-4.1-nano"', () => {
+    expect(getValueKey('gpt-4.1-nano-preview')).toBe('gpt-4.1-nano');
+    expect(getValueKey('gpt-4.1-nano-2024-08-06')).toBe('gpt-4.1-nano');
+    expect(getValueKey('openai/gpt-4.1-nano')).toBe('gpt-4.1-nano');
+    expect(getValueKey('gpt-4.1-nano-0125')).toBe('gpt-4.1-nano');
+  });
+
   it('should return "gpt-4o" for model type of "gpt-4o"', () => {
     expect(getValueKey('gpt-4o-2024-08-06')).toBe('gpt-4o');
     expect(getValueKey('gpt-4o-2024-08-06-0718')).toBe('gpt-4o');
@@ -141,6 +165,15 @@ describe('getMultiplier', () => {
     );
   });
 
+  it('should return correct multipliers for o4-mini and o3', () => {
+    ['o4-mini', 'o3'].forEach((model) => {
+      const prompt = getMultiplier({ model, tokenType: 'prompt' });
+      const completion = getMultiplier({ model, tokenType: 'completion' });
+      expect(prompt).toBe(tokenValues[model].prompt);
+      expect(completion).toBe(tokenValues[model].completion);
+    });
+  });
+
   it('should return defaultRate if tokenType is provided but not found in tokenValues', () => {
     expect(getMultiplier({ valueKey: '8k', tokenType: 'unknownType' })).toBe(defaultRate);
   });
@@ -185,6 +218,52 @@ describe('getMultiplier', () => {
     );
   });
 
+  it('should return the correct multiplier for gpt-4.1', () => {
+    const valueKey = getValueKey('gpt-4.1-2024-08-06');
+    expect(getMultiplier({ valueKey, tokenType: 'prompt' })).toBe(tokenValues['gpt-4.1'].prompt);
+    expect(getMultiplier({ valueKey, tokenType: 'completion' })).toBe(
+      tokenValues['gpt-4.1'].completion,
+    );
+    expect(getMultiplier({ model: 'gpt-4.1-preview', tokenType: 'prompt' })).toBe(
+      tokenValues['gpt-4.1'].prompt,
+    );
+    expect(getMultiplier({ model: 'openai/gpt-4.1', tokenType: 'completion' })).toBe(
+      tokenValues['gpt-4.1'].completion,
+    );
+  });
+
+  it('should return the correct multiplier for gpt-4.1-mini', () => {
+    const valueKey = getValueKey('gpt-4.1-mini-2024-08-06');
+    expect(getMultiplier({ valueKey, tokenType: 'prompt' })).toBe(
+      tokenValues['gpt-4.1-mini'].prompt,
+    );
+    expect(getMultiplier({ valueKey, tokenType: 'completion' })).toBe(
+      tokenValues['gpt-4.1-mini'].completion,
+    );
+    expect(getMultiplier({ model: 'gpt-4.1-mini-preview', tokenType: 'prompt' })).toBe(
+      tokenValues['gpt-4.1-mini'].prompt,
+    );
+    expect(getMultiplier({ model: 'openai/gpt-4.1-mini', tokenType: 'completion' })).toBe(
+      tokenValues['gpt-4.1-mini'].completion,
+    );
+  });
+
+  it('should return the correct multiplier for gpt-4.1-nano', () => {
+    const valueKey = getValueKey('gpt-4.1-nano-2024-08-06');
+    expect(getMultiplier({ valueKey, tokenType: 'prompt' })).toBe(
+      tokenValues['gpt-4.1-nano'].prompt,
+    );
+    expect(getMultiplier({ valueKey, tokenType: 'completion' })).toBe(
+      tokenValues['gpt-4.1-nano'].completion,
+    );
+    expect(getMultiplier({ model: 'gpt-4.1-nano-preview', tokenType: 'prompt' })).toBe(
+      tokenValues['gpt-4.1-nano'].prompt,
+    );
+    expect(getMultiplier({ model: 'openai/gpt-4.1-nano', tokenType: 'completion' })).toBe(
+      tokenValues['gpt-4.1-nano'].completion,
+    );
+  });
+
   it('should return the correct multiplier for gpt-4o-mini', () => {
     const valueKey = getValueKey('gpt-4o-mini-2024-07-18');
     expect(getMultiplier({ valueKey, tokenType: 'prompt' })).toBe(
@@ -288,7 +367,7 @@ describe('AWS Bedrock Model Tests', () => {
 });
 
 describe('Deepseek Model Tests', () => {
-  const deepseekModels = ['deepseek-chat', 'deepseek-coder', 'deepseek-reasoner'];
+  const deepseekModels = ['deepseek-chat', 'deepseek-coder', 'deepseek-reasoner', 'deepseek.r1'];
 
   it('should return the correct prompt multipliers for all models', () => {
     const results = deepseekModels.map((model) => {
@@ -348,9 +427,11 @@ describe('getCacheMultiplier', () => {
 
   it('should derive the valueKey from the model if not provided', () => {
     expect(getCacheMultiplier({ cacheType: 'write', model: 'claude-3-5-sonnet-20240620' })).toBe(
-      3.75,
+      cacheTokenValues['claude-3-5-sonnet'].write,
+    );
+    expect(getCacheMultiplier({ cacheType: 'read', model: 'claude-3-haiku-20240307' })).toBe(
+      cacheTokenValues['claude-3-haiku'].read,
     );
-    expect(getCacheMultiplier({ cacheType: 'read', model: 'claude-3-haiku-20240307' })).toBe(0.03);
   });
 
   it('should return null if only model or cacheType is missing', () => {
@@ -371,10 +452,10 @@ describe('getCacheMultiplier', () => {
     };
     expect(
       getCacheMultiplier({ model: 'custom-model', cacheType: 'write', endpointTokenConfig }),
-    ).toBe(5);
+    ).toBe(endpointTokenConfig['custom-model'].write);
     expect(
       getCacheMultiplier({ model: 'custom-model', cacheType: 'read', endpointTokenConfig }),
-    ).toBe(1);
+    ).toBe(endpointTokenConfig['custom-model'].read);
   });
 
   it('should return null if model is not found in endpointTokenConfig', () => {
@@ -395,13 +476,13 @@ describe('getCacheMultiplier', () => {
         model: 'bedrock/anthropic.claude-3-5-sonnet-20240620-v1:0',
         cacheType: 'write',
       }),
-    ).toBe(3.75);
+    ).toBe(cacheTokenValues['claude-3-5-sonnet'].write);
     expect(
       getCacheMultiplier({
         model: 'bedrock/anthropic.claude-3-haiku-20240307-v1:0',
         cacheType: 'read',
       }),
-    ).toBe(0.03);
+    ).toBe(cacheTokenValues['claude-3-haiku'].read);
   });
 });
 
@@ -488,24 +569,92 @@ describe('Grok Model Tests - Pricing', () => {
     test('should return correct prompt and completion rates for Grok vision models', () => {
       const models = ['grok-2-vision-1212', 'grok-2-vision', 'grok-2-vision-latest'];
       models.forEach((model) => {
-        expect(getMultiplier({ model, tokenType: 'prompt' })).toBe(2.0);
-        expect(getMultiplier({ model, tokenType: 'completion' })).toBe(10.0);
+        expect(getMultiplier({ model, tokenType: 'prompt' })).toBe(
+          tokenValues['grok-2-vision'].prompt,
+        );
+        expect(getMultiplier({ model, tokenType: 'completion' })).toBe(
+          tokenValues['grok-2-vision'].completion,
+        );
       });
     });
 
     test('should return correct prompt and completion rates for Grok text models', () => {
       const models = ['grok-2-1212', 'grok-2', 'grok-2-latest'];
       models.forEach((model) => {
-        expect(getMultiplier({ model, tokenType: 'prompt' })).toBe(2.0);
-        expect(getMultiplier({ model, tokenType: 'completion' })).toBe(10.0);
+        expect(getMultiplier({ model, tokenType: 'prompt' })).toBe(tokenValues['grok-2'].prompt);
+        expect(getMultiplier({ model, tokenType: 'completion' })).toBe(
+          tokenValues['grok-2'].completion,
+        );
       });
     });
 
     test('should return correct prompt and completion rates for Grok beta models', () => {
-      expect(getMultiplier({ model: 'grok-vision-beta', tokenType: 'prompt' })).toBe(5.0);
-      expect(getMultiplier({ model: 'grok-vision-beta', tokenType: 'completion' })).toBe(15.0);
-      expect(getMultiplier({ model: 'grok-beta', tokenType: 'prompt' })).toBe(5.0);
-      expect(getMultiplier({ model: 'grok-beta', tokenType: 'completion' })).toBe(15.0);
+      expect(getMultiplier({ model: 'grok-vision-beta', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-vision-beta'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-vision-beta', tokenType: 'completion' })).toBe(
+        tokenValues['grok-vision-beta'].completion,
+      );
+      expect(getMultiplier({ model: 'grok-beta', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-beta'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-beta', tokenType: 'completion' })).toBe(
+        tokenValues['grok-beta'].completion,
+      );
+    });
+
+    test('should return correct prompt and completion rates for Grok 3 models', () => {
+      expect(getMultiplier({ model: 'grok-3', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-3', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3'].completion,
+      );
+      expect(getMultiplier({ model: 'grok-3-fast', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3-fast'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-3-fast', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3-fast'].completion,
+      );
+      expect(getMultiplier({ model: 'grok-3-mini', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3-mini'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-3-mini', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3-mini'].completion,
+      );
+      expect(getMultiplier({ model: 'grok-3-mini-fast', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3-mini-fast'].prompt,
+      );
+      expect(getMultiplier({ model: 'grok-3-mini-fast', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3-mini-fast'].completion,
+      );
+    });
+
+    test('should return correct prompt and completion rates for Grok 3 models with prefixes', () => {
+      expect(getMultiplier({ model: 'xai/grok-3', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3'].prompt,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3'].completion,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3-fast', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3-fast'].prompt,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3-fast', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3-fast'].completion,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3-mini', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3-mini'].prompt,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3-mini', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3-mini'].completion,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3-mini-fast', tokenType: 'prompt' })).toBe(
+        tokenValues['grok-3-mini-fast'].prompt,
+      );
+      expect(getMultiplier({ model: 'xai/grok-3-mini-fast', tokenType: 'completion' })).toBe(
+        tokenValues['grok-3-mini-fast'].completion,
+      );
     });
   });
 });

api/models/userMethods.js

@@ -1,6 +1,6 @@
 const bcrypt = require('bcryptjs');
+const { getBalanceConfig } = require('~/server/services/Config');
 const signPayload = require('~/server/services/signPayload');
-const { isEnabled } = require('~/server/utils/handleText');
 const Balance = require('./Balance');
 const User = require('./User');
 
@@ -13,11 +13,9 @@ const User = require('./User');
  */
 const getUserById = async function (userId, fieldsToSelect = null) {
   const query = User.findById(userId);
-
   if (fieldsToSelect) {
     query.select(fieldsToSelect);
   }
-
   return await query.lean();
 };
 
@@ -32,7 +30,6 @@ const findUser = async function (searchCriteria, fieldsToSelect = null) {
   if (fieldsToSelect) {
     query.select(fieldsToSelect);
   }
-
   return await query.lean();
 };
 
@@ -58,11 +55,12 @@ const updateUser = async function (userId, updateData) {
  * Creates a new user, optionally with a TTL of 1 week.
  * @param {MongoUser} data - The user data to be created, must contain user_id.
  * @param {boolean} [disableTTL=true] - Whether to disable the TTL. Defaults to `true`.
- * @param {boolean} [returnUser=false] - Whether to disable the TTL. Defaults to `true`.
- * @returns {Promise<ObjectId>} A promise that resolves to the created user document ID.
+ * @param {boolean} [returnUser=false] - Whether to return the created user object.
+ * @returns {Promise<ObjectId|MongoUser>} A promise that resolves to the created user document ID or user object.
  * @throws {Error} If a user with the same user_id already exists.
  */
 const createUser = async (data, disableTTL = true, returnUser = false) => {
+  const balance = await getBalanceConfig();
   const userData = {
     ...data,
     expiresAt: disableTTL ? null : new Date(Date.now() + 604800 * 1000), // 1 week in milliseconds
@@ -74,13 +72,27 @@ const createUser = async (data, disableTTL = true, returnUser = false) => {
 
   const user = await User.create(userData);
 
-  if (isEnabled(process.env.CHECK_BALANCE) && process.env.START_BALANCE) {
-    let incrementValue = parseInt(process.env.START_BALANCE);
-    await Balance.findOneAndUpdate(
-      { user: user._id },
-      { $inc: { tokenCredits: incrementValue } },
-      { upsert: true, new: true },
-    ).lean();
+  // If balance is enabled, create or update a balance record for the user using global.interfaceConfig.balance
+  if (balance?.enabled && balance?.startBalance) {
+    const update = {
+      $inc: { tokenCredits: balance.startBalance },
+    };
+
+    if (
+      balance.autoRefillEnabled &&
+      balance.refillIntervalValue != null &&
+      balance.refillIntervalUnit != null &&
+      balance.refillAmount != null
+    ) {
+      update.$set = {
+        autoRefillEnabled: true,
+        refillIntervalValue: balance.refillIntervalValue,
+        refillIntervalUnit: balance.refillIntervalUnit,
+        refillAmount: balance.refillAmount,
+      };
+    }
+
+    await Balance.findOneAndUpdate({ user: user._id }, update, { upsert: true, new: true }).lean();
   }
 
   if (returnUser) {
@@ -123,7 +135,7 @@ const expires = eval(SESSION_EXPIRY) ?? 1000 * 60 * 15;
 /**
  * Generates a JWT token for a given user.
  *
- * @param {MongoUser} user - ID of the user for whom the token is being generated.
+ * @param {MongoUser} user - The user for whom the token is being generated.
  * @returns {Promise<string>} A promise that resolves to a JWT token.
  */
 const generateToken = async (user) => {
@@ -146,7 +158,7 @@ const generateToken = async (user) => {
 /**
  * Compares the provided password with the user's password.
  *
- * @param {MongoUser} user - the user to compare password for.
+ * @param {MongoUser} user - The user to compare the password for.
  * @param {string} candidatePassword - The password to test against the user's password.
  * @returns {Promise<boolean>} A promise that resolves to a boolean indicating if the password matches.
  */

api/package.json

@@ -35,17 +35,20 @@
   "homepage": "https://librechat.ai",
   "dependencies": {
     "@anthropic-ai/sdk": "^0.37.0",
+    "@aws-sdk/client-s3": "^3.758.0",
+    "@aws-sdk/s3-request-presigner": "^3.758.0",
+    "@azure/identity": "^4.7.0",
     "@azure/search-documents": "^12.0.0",
+    "@azure/storage-blob": "^12.27.0",
     "@google/generative-ai": "^0.23.0",
     "@googleapis/youtube": "^20.0.0",
-    "@keyv/mongo": "^2.1.8",
-    "@keyv/redis": "^2.8.1",
-    "@langchain/community": "^0.3.34",
-    "@langchain/core": "^0.3.40",
-    "@langchain/google-genai": "^0.1.9",
-    "@langchain/google-vertexai": "^0.2.0",
+    "@keyv/redis": "^4.3.3",
+    "@langchain/community": "^0.3.39",
+    "@langchain/core": "^0.3.43",
+    "@langchain/google-genai": "^0.2.2",
+    "@langchain/google-vertexai": "^0.2.3",
     "@langchain/textsplitters": "^0.1.0",
-    "@librechat/agents": "^2.2.0",
+    "@librechat/agents": "^2.4.22",
     "@librechat/data-schemas": "*",
     "@waylaidwanderer/fetch-event-source": "^3.0.1",
     "axios": "^1.8.2",
@@ -72,8 +75,8 @@
     "ioredis": "^5.3.2",
     "js-yaml": "^4.1.0",
     "jsonwebtoken": "^9.0.0",
-    "keyv": "^4.5.4",
-    "keyv-file": "^0.2.0",
+    "keyv": "^5.3.2",
+    "keyv-file": "^5.1.2",
     "klona": "^2.0.6",
     "librechat-data-provider": "*",
     "librechat-mcp": "*",
@@ -82,7 +85,7 @@
     "memorystore": "^1.6.7",
     "mime": "^3.0.0",
     "module-alias": "^2.2.3",
-    "mongoose": "^8.9.5",
+    "mongoose": "^8.12.1",
     "multer": "^1.4.5-lts.1",
     "nanoid": "^3.3.7",
     "nodemailer": "^6.9.15",
@@ -99,7 +102,8 @@
     "passport-jwt": "^4.0.1",
     "passport-ldapauth": "^3.0.1",
     "passport-local": "^1.0.0",
-    "sharp": "^0.32.6",
+    "rate-limit-redis": "^4.2.0",
+    "sharp": "^0.33.5",
     "tiktoken": "^1.0.15",
     "traverse": "^0.6.7",
     "ua-parser-js": "^1.0.36",

api/server/cleanup.js

@@ -0,0 +1,387 @@
+const { logger } = require('~/config');
+
+// WeakMap to hold temporary data associated with requests
+const requestDataMap = new WeakMap();
+
+const FinalizationRegistry = global.FinalizationRegistry || null;
+
+/**
+ * FinalizationRegistry to clean up client objects when they are garbage collected.
+ * This is used to prevent memory leaks and ensure that client objects are
+ * properly disposed of when they are no longer needed.
+ * The registry holds a weak reference to the client object and a cleanup
+ * callback that is called when the client object is garbage collected.
+ * The callback can be used to perform any necessary cleanup operations,
+ * such as removing event listeners or freeing up resources.
+ */
+const clientRegistry = FinalizationRegistry
+  ? new FinalizationRegistry((heldValue) => {
+    try {
+      // This will run when the client is garbage collected
+      if (heldValue && heldValue.userId) {
+        logger.debug(`[FinalizationRegistry] Cleaning up client for user ${heldValue.userId}`);
+      } else {
+        logger.debug('[FinalizationRegistry] Cleaning up client');
+      }
+    } catch (e) {
+      // Ignore errors
+    }
+  })
+  : null;
+
+/**
+ * Cleans up the client object by removing references to its properties.
+ * This is useful for preventing memory leaks and ensuring that the client
+ * and its properties can be garbage collected when it is no longer needed.
+ */
+function disposeClient(client) {
+  if (!client) {
+    return;
+  }
+
+  try {
+    if (client.user) {
+      client.user = null;
+    }
+    if (client.apiKey) {
+      client.apiKey = null;
+    }
+    if (client.azure) {
+      client.azure = null;
+    }
+    if (client.conversationId) {
+      client.conversationId = null;
+    }
+    if (client.responseMessageId) {
+      client.responseMessageId = null;
+    }
+    if (client.message_file_map) {
+      client.message_file_map = null;
+    }
+    if (client.clientName) {
+      client.clientName = null;
+    }
+    if (client.sender) {
+      client.sender = null;
+    }
+    if (client.model) {
+      client.model = null;
+    }
+    if (client.maxContextTokens) {
+      client.maxContextTokens = null;
+    }
+    if (client.contextStrategy) {
+      client.contextStrategy = null;
+    }
+    if (client.currentDateString) {
+      client.currentDateString = null;
+    }
+    if (client.inputTokensKey) {
+      client.inputTokensKey = null;
+    }
+    if (client.outputTokensKey) {
+      client.outputTokensKey = null;
+    }
+    if (client.skipSaveUserMessage !== undefined) {
+      client.skipSaveUserMessage = null;
+    }
+    if (client.visionMode) {
+      client.visionMode = null;
+    }
+    if (client.continued !== undefined) {
+      client.continued = null;
+    }
+    if (client.fetchedConvo !== undefined) {
+      client.fetchedConvo = null;
+    }
+    if (client.previous_summary) {
+      client.previous_summary = null;
+    }
+    if (client.metadata) {
+      client.metadata = null;
+    }
+    if (client.isVisionModel) {
+      client.isVisionModel = null;
+    }
+    if (client.isChatCompletion !== undefined) {
+      client.isChatCompletion = null;
+    }
+    if (client.contextHandlers) {
+      client.contextHandlers = null;
+    }
+    if (client.augmentedPrompt) {
+      client.augmentedPrompt = null;
+    }
+    if (client.systemMessage) {
+      client.systemMessage = null;
+    }
+    if (client.azureEndpoint) {
+      client.azureEndpoint = null;
+    }
+    if (client.langchainProxy) {
+      client.langchainProxy = null;
+    }
+    if (client.isOmni !== undefined) {
+      client.isOmni = null;
+    }
+    if (client.runManager) {
+      client.runManager = null;
+    }
+    // Properties specific to AnthropicClient
+    if (client.message_start) {
+      client.message_start = null;
+    }
+    if (client.message_delta) {
+      client.message_delta = null;
+    }
+    if (client.isClaude3 !== undefined) {
+      client.isClaude3 = null;
+    }
+    if (client.useMessages !== undefined) {
+      client.useMessages = null;
+    }
+    if (client.isLegacyOutput !== undefined) {
+      client.isLegacyOutput = null;
+    }
+    if (client.supportsCacheControl !== undefined) {
+      client.supportsCacheControl = null;
+    }
+    // Properties specific to GoogleClient
+    if (client.serviceKey) {
+      client.serviceKey = null;
+    }
+    if (client.project_id) {
+      client.project_id = null;
+    }
+    if (client.client_email) {
+      client.client_email = null;
+    }
+    if (client.private_key) {
+      client.private_key = null;
+    }
+    if (client.access_token) {
+      client.access_token = null;
+    }
+    if (client.reverseProxyUrl) {
+      client.reverseProxyUrl = null;
+    }
+    if (client.authHeader) {
+      client.authHeader = null;
+    }
+    if (client.isGenerativeModel !== undefined) {
+      client.isGenerativeModel = null;
+    }
+    // Properties specific to OpenAIClient
+    if (client.ChatGPTClient) {
+      client.ChatGPTClient = null;
+    }
+    if (client.completionsUrl) {
+      client.completionsUrl = null;
+    }
+    if (client.shouldSummarize !== undefined) {
+      client.shouldSummarize = null;
+    }
+    if (client.isOllama !== undefined) {
+      client.isOllama = null;
+    }
+    if (client.FORCE_PROMPT !== undefined) {
+      client.FORCE_PROMPT = null;
+    }
+    if (client.isChatGptModel !== undefined) {
+      client.isChatGptModel = null;
+    }
+    if (client.isUnofficialChatGptModel !== undefined) {
+      client.isUnofficialChatGptModel = null;
+    }
+    if (client.useOpenRouter !== undefined) {
+      client.useOpenRouter = null;
+    }
+    if (client.startToken) {
+      client.startToken = null;
+    }
+    if (client.endToken) {
+      client.endToken = null;
+    }
+    if (client.userLabel) {
+      client.userLabel = null;
+    }
+    if (client.chatGptLabel) {
+      client.chatGptLabel = null;
+    }
+    if (client.modelLabel) {
+      client.modelLabel = null;
+    }
+    if (client.modelOptions) {
+      client.modelOptions = null;
+    }
+    if (client.defaultVisionModel) {
+      client.defaultVisionModel = null;
+    }
+    if (client.maxPromptTokens) {
+      client.maxPromptTokens = null;
+    }
+    if (client.maxResponseTokens) {
+      client.maxResponseTokens = null;
+    }
+    if (client.run) {
+      // Break circular references in run
+      if (client.run.Graph) {
+        client.run.Graph.resetValues();
+        client.run.Graph.handlerRegistry = null;
+        client.run.Graph.runId = null;
+        client.run.Graph.tools = null;
+        client.run.Graph.signal = null;
+        client.run.Graph.config = null;
+        client.run.Graph.toolEnd = null;
+        client.run.Graph.toolMap = null;
+        client.run.Graph.provider = null;
+        client.run.Graph.streamBuffer = null;
+        client.run.Graph.clientOptions = null;
+        client.run.Graph.graphState = null;
+        if (client.run.Graph.boundModel?.client) {
+          client.run.Graph.boundModel.client = null;
+        }
+        client.run.Graph.boundModel = null;
+        client.run.Graph.systemMessage = null;
+        client.run.Graph.reasoningKey = null;
+        client.run.Graph.messages = null;
+        client.run.Graph.contentData = null;
+        client.run.Graph.stepKeyIds = null;
+        client.run.Graph.contentIndexMap = null;
+        client.run.Graph.toolCallStepIds = null;
+        client.run.Graph.messageIdsByStepKey = null;
+        client.run.Graph.messageStepHasToolCalls = null;
+        client.run.Graph.prelimMessageIdsByStepKey = null;
+        client.run.Graph.currentTokenType = null;
+        client.run.Graph.lastToken = null;
+        client.run.Graph.tokenTypeSwitch = null;
+        client.run.Graph.indexTokenCountMap = null;
+        client.run.Graph.currentUsage = null;
+        client.run.Graph.tokenCounter = null;
+        client.run.Graph.maxContextTokens = null;
+        client.run.Graph.pruneMessages = null;
+        client.run.Graph.lastStreamCall = null;
+        client.run.Graph.startIndex = null;
+        client.run.Graph = null;
+      }
+      if (client.run.handlerRegistry) {
+        client.run.handlerRegistry = null;
+      }
+      if (client.run.graphRunnable) {
+        if (client.run.graphRunnable.channels) {
+          client.run.graphRunnable.channels = null;
+        }
+        if (client.run.graphRunnable.nodes) {
+          client.run.graphRunnable.nodes = null;
+        }
+        if (client.run.graphRunnable.lc_kwargs) {
+          client.run.graphRunnable.lc_kwargs = null;
+        }
+        if (client.run.graphRunnable.builder?.nodes) {
+          client.run.graphRunnable.builder.nodes = null;
+          client.run.graphRunnable.builder = null;
+        }
+        client.run.graphRunnable = null;
+      }
+      client.run = null;
+    }
+    if (client.sendMessage) {
+      client.sendMessage = null;
+    }
+    if (client.savedMessageIds) {
+      client.savedMessageIds.clear();
+      client.savedMessageIds = null;
+    }
+    if (client.currentMessages) {
+      client.currentMessages = null;
+    }
+    if (client.streamHandler) {
+      client.streamHandler = null;
+    }
+    if (client.contentParts) {
+      client.contentParts = null;
+    }
+    if (client.abortController) {
+      client.abortController = null;
+    }
+    if (client.collectedUsage) {
+      client.collectedUsage = null;
+    }
+    if (client.indexTokenCountMap) {
+      client.indexTokenCountMap = null;
+    }
+    if (client.agentConfigs) {
+      client.agentConfigs = null;
+    }
+    if (client.artifactPromises) {
+      client.artifactPromises = null;
+    }
+    if (client.usage) {
+      client.usage = null;
+    }
+    if (typeof client.dispose === 'function') {
+      client.dispose();
+    }
+    if (client.options) {
+      if (client.options.req) {
+        client.options.req = null;
+      }
+      if (client.options.res) {
+        client.options.res = null;
+      }
+      if (client.options.attachments) {
+        client.options.attachments = null;
+      }
+      if (client.options.agent) {
+        client.options.agent = null;
+      }
+    }
+    client.options = null;
+  } catch (e) {
+    // Ignore errors during disposal
+  }
+}
+
+function processReqData(data = {}, context) {
+  let {
+    abortKey,
+    userMessage,
+    userMessagePromise,
+    responseMessageId,
+    promptTokens,
+    conversationId,
+    userMessageId,
+  } = context;
+  for (const key in data) {
+    if (key === 'userMessage') {
+      userMessage = data[key];
+      userMessageId = data[key].messageId;
+    } else if (key === 'userMessagePromise') {
+      userMessagePromise = data[key];
+    } else if (key === 'responseMessageId') {
+      responseMessageId = data[key];
+    } else if (key === 'promptTokens') {
+      promptTokens = data[key];
+    } else if (key === 'abortKey') {
+      abortKey = data[key];
+    } else if (!conversationId && key === 'conversationId') {
+      conversationId = data[key];
+    }
+  }
+  return {
+    abortKey,
+    userMessage,
+    userMessagePromise,
+    responseMessageId,
+    promptTokens,
+    conversationId,
+    userMessageId,
+  };
+}
+
+module.exports = {
+  disposeClient,
+  requestDataMap,
+  clientRegistry,
+  processReqData,
+};

api/server/controllers/AskController.js

@@ -1,5 +1,15 @@
 const { getResponseSender, Constants } = require('librechat-data-provider');
-const { createAbortController, handleAbortError } = require('~/server/middleware');
+const {
+  handleAbortError,
+  createAbortController,
+  cleanupAbortController,
+} = require('~/server/middleware');
+const {
+  disposeClient,
+  processReqData,
+  clientRegistry,
+  requestDataMap,
+} = require('~/server/cleanup');
 const { sendMessage, createOnProgress } = require('~/server/utils');
 const { saveMessage } = require('~/models');
 const { logger } = require('~/config');
@@ -14,90 +24,162 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
     overrideParentMessageId = null,
   } = req.body;
 
+  let client = null;
+  let abortKey = null;
+  let cleanupHandlers = [];
+  let clientRef = null;
+
   logger.debug('[AskController]', {
     text,
     conversationId,
     ...endpointOption,
-    modelsConfig: endpointOption.modelsConfig ? 'exists' : '',
+    modelsConfig: endpointOption?.modelsConfig ? 'exists' : '',
   });
 
-  let userMessage;
-  let userMessagePromise;
-  let promptTokens;
-  let userMessageId;
-  let responseMessageId;
+  let userMessage = null;
+  let userMessagePromise = null;
+  let promptTokens = null;
+  let userMessageId = null;
+  let responseMessageId = null;
+  let getAbortData = null;
+
   const sender = getResponseSender({
     ...endpointOption,
     model: endpointOption.modelOptions.model,
     modelDisplayLabel,
   });
-  const newConvo = !conversationId;
-  const user = req.user.id;
+  const initialConversationId = conversationId;
+  const newConvo = !initialConversationId;
+  const userId = req.user.id;
 
-  const getReqData = (data = {}) => {
-    for (let key in data) {
-      if (key === 'userMessage') {
-        userMessage = data[key];
-        userMessageId = data[key].messageId;
-      } else if (key === 'userMessagePromise') {
-        userMessagePromise = data[key];
-      } else if (key === 'responseMessageId') {
-        responseMessageId = data[key];
-      } else if (key === 'promptTokens') {
-        promptTokens = data[key];
-      } else if (!conversationId && key === 'conversationId') {
-        conversationId = data[key];
-      }
-    }
+  let reqDataContext = {
+    userMessage,
+    userMessagePromise,
+    responseMessageId,
+    promptTokens,
+    conversationId,
+    userMessageId,
   };
 
-  let getText;
+  const updateReqData = (data = {}) => {
+    reqDataContext = processReqData(data, reqDataContext);
+    abortKey = reqDataContext.abortKey;
+    userMessage = reqDataContext.userMessage;
+    userMessagePromise = reqDataContext.userMessagePromise;
+    responseMessageId = reqDataContext.responseMessageId;
+    promptTokens = reqDataContext.promptTokens;
+    conversationId = reqDataContext.conversationId;
+    userMessageId = reqDataContext.userMessageId;
+  };
+
+  let { onProgress: progressCallback, getPartialText } = createOnProgress();
+
+  const performCleanup = () => {
+    logger.debug('[AskController] Performing cleanup');
+    if (Array.isArray(cleanupHandlers)) {
+      for (const handler of cleanupHandlers) {
+        try {
+          if (typeof handler === 'function') {
+            handler();
+          }
+        } catch (e) {
+          // Ignore
+        }
+      }
+    }
+
+    if (abortKey) {
+      logger.debug('[AskController] Cleaning up abort controller');
+      cleanupAbortController(abortKey);
+      abortKey = null;
+    }
+
+    if (client) {
+      disposeClient(client);
+      client = null;
+    }
+
+    reqDataContext = null;
+    userMessage = null;
+    userMessagePromise = null;
+    promptTokens = null;
+    getAbortData = null;
+    progressCallback = null;
+    endpointOption = null;
+    cleanupHandlers = null;
+    addTitle = null;
+
+    if (requestDataMap.has(req)) {
+      requestDataMap.delete(req);
+    }
+    logger.debug('[AskController] Cleanup completed');
+  };
 
   try {
-    const { client } = await initializeClient({ req, res, endpointOption });
-    const { onProgress: progressCallback, getPartialText } = createOnProgress();
+    ({ client } = await initializeClient({ req, res, endpointOption }));
+    if (clientRegistry && client) {
+      clientRegistry.register(client, { userId }, client);
+    }
 
-    getText = client.getStreamText != null ? client.getStreamText.bind(client) : getPartialText;
+    if (client) {
+      requestDataMap.set(req, { client });
+    }
 
-    const getAbortData = () => ({
-      sender,
-      conversationId,
-      userMessagePromise,
-      messageId: responseMessageId,
-      parentMessageId: overrideParentMessageId ?? userMessageId,
-      text: getText(),
-      userMessage,
-      promptTokens,
-    });
+    clientRef = new WeakRef(client);
 
-    const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
+    getAbortData = () => {
+      const currentClient = clientRef.deref();
+      const currentText =
+        currentClient?.getStreamText != null ? currentClient.getStreamText() : getPartialText();
 
-    res.on('close', () => {
+      return {
+        sender,
+        conversationId,
+        messageId: reqDataContext.responseMessageId,
+        parentMessageId: overrideParentMessageId ?? userMessageId,
+        text: currentText,
+        userMessage: userMessage,
+        userMessagePromise: userMessagePromise,
+        promptTokens: reqDataContext.promptTokens,
+      };
+    };
+
+    const { onStart, abortController } = createAbortController(
+      req,
+      res,
+      getAbortData,
+      updateReqData,
+    );
+
+    const closeHandler = () => {
       logger.debug('[AskController] Request closed');
-      if (!abortController) {
-        return;
-      } else if (abortController.signal.aborted) {
-        return;
-      } else if (abortController.requestCompleted) {
+      if (!abortController || abortController.signal.aborted || abortController.requestCompleted) {
         return;
       }
-
       abortController.abort();
       logger.debug('[AskController] Request aborted on close');
+    };
+
+    res.on('close', closeHandler);
+    cleanupHandlers.push(() => {
+      try {
+        res.removeListener('close', closeHandler);
+      } catch (e) {
+        // Ignore
+      }
     });
 
     const messageOptions = {
-      user,
+      user: userId,
       parentMessageId,
-      conversationId,
+      conversationId: reqDataContext.conversationId,
       overrideParentMessageId,
-      getReqData,
+      getReqData: updateReqData,
       onStart,
       abortController,
       progressCallback,
       progressOptions: {
         res,
-        // parentMessageId: overrideParentMessageId || userMessageId,
       },
     };
 
@@ -105,59 +187,94 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
     let response = await client.sendMessage(text, messageOptions);
     response.endpoint = endpointOption.endpoint;
 
-    const { conversation = {} } = await client.responsePromise;
+    const databasePromise = response.databasePromise;
+    delete response.databasePromise;
+
+    const { conversation: convoData = {} } = await databasePromise;
+    const conversation = { ...convoData };
     conversation.title =
       conversation && !conversation.title ? null : conversation?.title || 'New Chat';
 
-    if (client.options.attachments) {
-      userMessage.files = client.options.attachments;
-      conversation.model = endpointOption.modelOptions.model;
-      delete userMessage.image_urls;
+    const latestUserMessage = reqDataContext.userMessage;
+
+    if (client?.options?.attachments && latestUserMessage) {
+      latestUserMessage.files = client.options.attachments;
+      if (endpointOption?.modelOptions?.model) {
+        conversation.model = endpointOption.modelOptions.model;
+      }
+      delete latestUserMessage.image_urls;
     }
 
     if (!abortController.signal.aborted) {
+      const finalResponseMessage = { ...response };
+
       sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,
-        requestMessage: userMessage,
-        responseMessage: response,
+        requestMessage: latestUserMessage,
+        responseMessage: finalResponseMessage,
       });
       res.end();
 
-      if (!client.savedMessageIds.has(response.messageId)) {
+      if (client?.savedMessageIds && !client.savedMessageIds.has(response.messageId)) {
         await saveMessage(
           req,
-          { ...response, user },
+          { ...finalResponseMessage, user: userId },
           { context: 'api/server/controllers/AskController.js - response end' },
         );
       }
     }
 
-    if (!client.skipSaveUserMessage) {
-      await saveMessage(req, userMessage, {
+    if (!client?.skipSaveUserMessage && latestUserMessage) {
+      await saveMessage(req, latestUserMessage, {
         context: 'api/server/controllers/AskController.js - don\'t skip saving user message',
       });
     }
 
-    if (addTitle && parentMessageId === Constants.NO_PARENT && newConvo) {
+    if (typeof addTitle === 'function' && parentMessageId === Constants.NO_PARENT && newConvo) {
       addTitle(req, {
         text,
-        response,
+        response: { ...response },
         client,
-      });
+      })
+        .then(() => {
+          logger.debug('[AskController] Title generation started');
+        })
+        .catch((err) => {
+          logger.error('[AskController] Error in title generation', err);
+        })
+        .finally(() => {
+          logger.debug('[AskController] Title generation completed');
+          performCleanup();
+        });
+    } else {
+      performCleanup();
     }
   } catch (error) {
-    const partialText = getText && getText();
+    logger.error('[AskController] Error handling request', error);
+    let partialText = '';
+    try {
+      const currentClient = clientRef.deref();
+      partialText =
+        currentClient?.getStreamText != null ? currentClient.getStreamText() : getPartialText();
+    } catch (getTextError) {
+      logger.error('[AskController] Error calling getText() during error handling', getTextError);
+    }
+
     handleAbortError(res, req, error, {
       sender,
       partialText,
-      conversationId,
-      messageId: responseMessageId,
-      parentMessageId: overrideParentMessageId ?? userMessageId ?? parentMessageId,
-    }).catch((err) => {
-      logger.error('[AskController] Error in `handleAbortError`', err);
-    });
+      conversationId: reqDataContext.conversationId,
+      messageId: reqDataContext.responseMessageId,
+      parentMessageId: overrideParentMessageId ?? reqDataContext.userMessageId ?? parentMessageId,
+    })
+      .catch((err) => {
+        logger.error('[AskController] Error in `handleAbortError` during catch block', err);
+      })
+      .finally(() => {
+        performCleanup();
+      });
   }
 };
 

api/server/controllers/EditController.js

@@ -1,5 +1,15 @@
 const { getResponseSender } = require('librechat-data-provider');
-const { createAbortController, handleAbortError } = require('~/server/middleware');
+const {
+  handleAbortError,
+  createAbortController,
+  cleanupAbortController,
+} = require('~/server/middleware');
+const {
+  disposeClient,
+  processReqData,
+  clientRegistry,
+  requestDataMap,
+} = require('~/server/cleanup');
 const { sendMessage, createOnProgress } = require('~/server/utils');
 const { saveMessage } = require('~/models');
 const { logger } = require('~/config');
@@ -17,6 +27,11 @@ const EditController = async (req, res, next, initializeClient) => {
     overrideParentMessageId = null,
   } = req.body;
 
+  let client = null;
+  let abortKey = null;
+  let cleanupHandlers = [];
+  let clientRef = null; // Declare clientRef here
+
   logger.debug('[EditController]', {
     text,
     generation,
@@ -26,123 +41,204 @@ const EditController = async (req, res, next, initializeClient) => {
     modelsConfig: endpointOption.modelsConfig ? 'exists' : '',
   });
 
-  let userMessage;
-  let userMessagePromise;
-  let promptTokens;
+  let userMessage = null;
+  let userMessagePromise = null;
+  let promptTokens = null;
+  let getAbortData = null;
+
   const sender = getResponseSender({
     ...endpointOption,
     model: endpointOption.modelOptions.model,
     modelDisplayLabel,
   });
   const userMessageId = parentMessageId;
-  const user = req.user.id;
+  const userId = req.user.id;
 
-  const getReqData = (data = {}) => {
-    for (let key in data) {
-      if (key === 'userMessage') {
-        userMessage = data[key];
-      } else if (key === 'userMessagePromise') {
-        userMessagePromise = data[key];
-      } else if (key === 'responseMessageId') {
-        responseMessageId = data[key];
-      } else if (key === 'promptTokens') {
-        promptTokens = data[key];
-      }
-    }
+  let reqDataContext = { userMessage, userMessagePromise, responseMessageId, promptTokens };
+
+  const updateReqData = (data = {}) => {
+    reqDataContext = processReqData(data, reqDataContext);
+    abortKey = reqDataContext.abortKey;
+    userMessage = reqDataContext.userMessage;
+    userMessagePromise = reqDataContext.userMessagePromise;
+    responseMessageId = reqDataContext.responseMessageId;
+    promptTokens = reqDataContext.promptTokens;
   };
 
-  const { onProgress: progressCallback, getPartialText } = createOnProgress({
+  let { onProgress: progressCallback, getPartialText } = createOnProgress({
     generation,
   });
 
-  let getText;
+  const performCleanup = () => {
+    logger.debug('[EditController] Performing cleanup');
+    if (Array.isArray(cleanupHandlers)) {
+      for (const handler of cleanupHandlers) {
+        try {
+          if (typeof handler === 'function') {
+            handler();
+          }
+        } catch (e) {
+          // Ignore
+        }
+      }
+    }
+
+    if (abortKey) {
+      logger.debug('[AskController] Cleaning up abort controller');
+      cleanupAbortController(abortKey);
+      abortKey = null;
+    }
+
+    if (client) {
+      disposeClient(client);
+      client = null;
+    }
+
+    reqDataContext = null;
+    userMessage = null;
+    userMessagePromise = null;
+    promptTokens = null;
+    getAbortData = null;
+    progressCallback = null;
+    endpointOption = null;
+    cleanupHandlers = null;
+
+    if (requestDataMap.has(req)) {
+      requestDataMap.delete(req);
+    }
+    logger.debug('[EditController] Cleanup completed');
+  };
 
   try {
-    const { client } = await initializeClient({ req, res, endpointOption });
+    ({ client } = await initializeClient({ req, res, endpointOption }));
 
-    getText = client.getStreamText != null ? client.getStreamText.bind(client) : getPartialText;
+    if (clientRegistry && client) {
+      clientRegistry.register(client, { userId }, client);
+    }
 
-    const getAbortData = () => ({
-      conversationId,
-      userMessagePromise,
-      messageId: responseMessageId,
-      sender,
-      parentMessageId: overrideParentMessageId ?? userMessageId,
-      text: getText(),
-      userMessage,
-      promptTokens,
-    });
+    if (client) {
+      requestDataMap.set(req, { client });
+    }
 
-    const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
+    clientRef = new WeakRef(client);
 
-    res.on('close', () => {
+    getAbortData = () => {
+      const currentClient = clientRef.deref();
+      const currentText =
+        currentClient?.getStreamText != null ? currentClient.getStreamText() : getPartialText();
+
+      return {
+        sender,
+        conversationId,
+        messageId: reqDataContext.responseMessageId,
+        parentMessageId: overrideParentMessageId ?? userMessageId,
+        text: currentText,
+        userMessage: userMessage,
+        userMessagePromise: userMessagePromise,
+        promptTokens: reqDataContext.promptTokens,
+      };
+    };
+
+    const { onStart, abortController } = createAbortController(
+      req,
+      res,
+      getAbortData,
+      updateReqData,
+    );
+
+    const closeHandler = () => {
       logger.debug('[EditController] Request closed');
-      if (!abortController) {
-        return;
-      } else if (abortController.signal.aborted) {
-        return;
-      } else if (abortController.requestCompleted) {
+      if (!abortController || abortController.signal.aborted || abortController.requestCompleted) {
         return;
       }
-
       abortController.abort();
       logger.debug('[EditController] Request aborted on close');
+    };
+
+    res.on('close', closeHandler);
+    cleanupHandlers.push(() => {
+      try {
+        res.removeListener('close', closeHandler);
+      } catch (e) {
+        // Ignore
+      }
     });
 
     let response = await client.sendMessage(text, {
-      user,
+      user: userId,
       generation,
       isContinued,
       isEdited: true,
       conversationId,
       parentMessageId,
-      responseMessageId,
+      responseMessageId: reqDataContext.responseMessageId,
       overrideParentMessageId,
-      getReqData,
+      getReqData: updateReqData,
       onStart,
       abortController,
       progressCallback,
       progressOptions: {
         res,
-        // parentMessageId: overrideParentMessageId || userMessageId,
       },
     });
 
-    const { conversation = {} } = await client.responsePromise;
+    const databasePromise = response.databasePromise;
+    delete response.databasePromise;
+
+    const { conversation: convoData = {} } = await databasePromise;
+    const conversation = { ...convoData };
     conversation.title =
       conversation && !conversation.title ? null : conversation?.title || 'New Chat';
 
-    if (client.options.attachments) {
+    if (client?.options?.attachments && endpointOption?.modelOptions?.model) {
       conversation.model = endpointOption.modelOptions.model;
     }
 
     if (!abortController.signal.aborted) {
+      const finalUserMessage = reqDataContext.userMessage;
+      const finalResponseMessage = { ...response };
+
       sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,
-        requestMessage: userMessage,
-        responseMessage: response,
+        requestMessage: finalUserMessage,
+        responseMessage: finalResponseMessage,
       });
       res.end();
 
       await saveMessage(
         req,
-        { ...response, user },
+        { ...finalResponseMessage, user: userId },
         { context: 'api/server/controllers/EditController.js - response end' },
       );
     }
+
+    performCleanup();
   } catch (error) {
-    const partialText = getText();
+    logger.error('[EditController] Error handling request', error);
+    let partialText = '';
+    try {
+      const currentClient = clientRef.deref();
+      partialText =
+        currentClient?.getStreamText != null ? currentClient.getStreamText() : getPartialText();
+    } catch (getTextError) {
+      logger.error('[EditController] Error calling getText() during error handling', getTextError);
+    }
+
     handleAbortError(res, req, error, {
       sender,
       partialText,
       conversationId,
-      messageId: responseMessageId,
+      messageId: reqDataContext.responseMessageId,
       parentMessageId: overrideParentMessageId ?? userMessageId ?? parentMessageId,
-    }).catch((err) => {
-      logger.error('[EditController] Error in `handleAbortError`', err);
-    });
+    })
+      .catch((err) => {
+        logger.error('[EditController] Error in `handleAbortError` during catch block', err);
+      })
+      .finally(() => {
+        performCleanup();
+      });
   }
 };
 

api/server/controllers/PluginController.js

@@ -108,7 +108,7 @@ const getAvailableTools = async (req, res) => {
     const pluginManifest = availableTools;
     const customConfig = await getCustomConfig();
     if (customConfig?.mcpServers != null) {
-      const mcpManager = await getMCPManager();
+      const mcpManager = getMCPManager();
       await mcpManager.loadManifestTools(pluginManifest);
     }
 

api/server/controllers/TwoFactorController.js

@@ -1,22 +1,30 @@
 const {
-  verifyTOTP,
-  verifyBackupCode,
   generateTOTPSecret,
   generateBackupCodes,
+  verifyTOTP,
+  verifyBackupCode,
   getTOTPSecret,
 } = require('~/server/services/twoFactorService');
 const { updateUser, getUserById } = require('~/models');
 const { logger } = require('~/config');
-const { encryptV2 } = require('~/server/utils/crypto');
+const { encryptV3 } = require('~/server/utils/crypto');
 
-const enable2FAController = async (req, res) => {
-  const safeAppTitle = (process.env.APP_TITLE || 'LibreChat').replace(/\s+/g, '');
+const safeAppTitle = (process.env.APP_TITLE || 'LibreChat').replace(/\s+/g, '');
+
+/**
+ * Enable 2FA for the user by generating a new TOTP secret and backup codes.
+ * The secret is encrypted and stored, and 2FA is marked as disabled until confirmed.
+ */
+const enable2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     const secret = generateTOTPSecret();
     const { plainCodes, codeObjects } = await generateBackupCodes();
-    const encryptedSecret = await encryptV2(secret);
-    // Set twoFactorEnabled to false until the user confirms 2FA.
+
+    // Encrypt the secret with v3 encryption before saving.
+    const encryptedSecret = encryptV3(secret);
+
+    // Update the user record: store the secret & backup codes and set twoFactorEnabled to false.
     const user = await updateUser(userId, {
       totpSecret: encryptedSecret,
       backupCodes: codeObjects,
@@ -24,45 +32,50 @@ const enable2FAController = async (req, res) => {
     });
 
     const otpauthUrl = `otpauth://totp/${safeAppTitle}:${user.email}?secret=${secret}&issuer=${safeAppTitle}`;
-    res.status(200).json({
-      otpauthUrl,
-      backupCodes: plainCodes,
-    });
+
+    return res.status(200).json({ otpauthUrl, backupCodes: plainCodes });
   } catch (err) {
-    logger.error('[enable2FAController]', err);
-    res.status(500).json({ message: err.message });
+    logger.error('[enable2FA]', err);
+    return res.status(500).json({ message: err.message });
   }
 };
 
-const verify2FAController = async (req, res) => {
+/**
+ * Verify a 2FA code (either TOTP or backup code) during setup.
+ */
+const verify2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     const { token, backupCode } = req.body;
     const user = await getUserById(userId);
-    // Ensure that 2FA is enabled for this user.
+
     if (!user || !user.totpSecret) {
       return res.status(400).json({ message: '2FA not initiated' });
     }
 
-    // Retrieve the plain TOTP secret using getTOTPSecret.
     const secret = await getTOTPSecret(user.totpSecret);
+    let isVerified = false;
 
-    if (token && (await verifyTOTP(secret, token))) {
-      return res.status(200).json();
+    if (token) {
+      isVerified = await verifyTOTP(secret, token);
     } else if (backupCode) {
-      const verified = await verifyBackupCode({ user, backupCode });
-      if (verified) {
-        return res.status(200).json();
-      }
+      isVerified = await verifyBackupCode({ user, backupCode });
     }
-    return res.status(400).json({ message: 'Invalid token.' });
+
+    if (isVerified) {
+      return res.status(200).json();
+    }
+    return res.status(400).json({ message: 'Invalid token or backup code.' });
   } catch (err) {
-    logger.error('[verify2FAController]', err);
-    res.status(500).json({ message: err.message });
+    logger.error('[verify2FA]', err);
+    return res.status(500).json({ message: err.message });
   }
 };
 
-const confirm2FAController = async (req, res) => {
+/**
+ * Confirm and enable 2FA after a successful verification.
+ */
+const confirm2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     const { token } = req.body;
@@ -72,52 +85,54 @@ const confirm2FAController = async (req, res) => {
       return res.status(400).json({ message: '2FA not initiated' });
     }
 
-    // Retrieve the plain TOTP secret using getTOTPSecret.
     const secret = await getTOTPSecret(user.totpSecret);
-
     if (await verifyTOTP(secret, token)) {
-      // Upon successful verification, enable 2FA.
       await updateUser(userId, { twoFactorEnabled: true });
       return res.status(200).json();
     }
-
     return res.status(400).json({ message: 'Invalid token.' });
   } catch (err) {
-    logger.error('[confirm2FAController]', err);
-    res.status(500).json({ message: err.message });
+    logger.error('[confirm2FA]', err);
+    return res.status(500).json({ message: err.message });
   }
 };
 
-const disable2FAController = async (req, res) => {
+/**
+ * Disable 2FA by clearing the stored secret and backup codes.
+ */
+const disable2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     await updateUser(userId, { totpSecret: null, backupCodes: [], twoFactorEnabled: false });
-    res.status(200).json();
+    return res.status(200).json();
   } catch (err) {
-    logger.error('[disable2FAController]', err);
-    res.status(500).json({ message: err.message });
+    logger.error('[disable2FA]', err);
+    return res.status(500).json({ message: err.message });
   }
 };
 
-const regenerateBackupCodesController = async (req, res) => {
+/**
+ * Regenerate backup codes for the user.
+ */
+const regenerateBackupCodes = async (req, res) => {
   try {
     const userId = req.user.id;
     const { plainCodes, codeObjects } = await generateBackupCodes();
     await updateUser(userId, { backupCodes: codeObjects });
-    res.status(200).json({
+    return res.status(200).json({
       backupCodes: plainCodes,
       backupCodesHash: codeObjects,
     });
   } catch (err) {
-    logger.error('[regenerateBackupCodesController]', err);
-    res.status(500).json({ message: err.message });
+    logger.error('[regenerateBackupCodes]', err);
+    return res.status(500).json({ message: err.message });
   }
 };
 
 module.exports = {
-  enable2FAController,
-  verify2FAController,
-  confirm2FAController,
-  disable2FAController,
-  regenerateBackupCodesController,
+  enable2FA,
+  verify2FA,
+  confirm2FA,
+  disable2FA,
+  regenerateBackupCodes,
 };

api/server/controllers/UserController.js

@@ -1,6 +1,8 @@
+const { FileSources } = require('librechat-data-provider');
 const {
   Balance,
   getFiles,
+  updateUser,
   deleteFiles,
   deleteConvos,
   deletePresets,
@@ -12,6 +14,7 @@ const User = require('~/models/User');
 const { updateUserPluginAuth, deleteUserPluginAuth } = require('~/server/services/PluginService');
 const { updateUserPluginsService, deleteUserKey } = require('~/server/services/UserService');
 const { verifyEmail, resendVerificationEmail } = require('~/server/services/AuthService');
+const { needsRefresh, getNewS3URL } = require('~/server/services/Files/S3/crud');
 const { processDeleteRequest } = require('~/server/services/Files/process');
 const { deleteAllSharedLinks } = require('~/models/Share');
 const { deleteToolCalls } = require('~/models/ToolCall');
@@ -19,8 +22,23 @@ const { Transaction } = require('~/models/Transaction');
 const { logger } = require('~/config');
 
 const getUserController = async (req, res) => {
+  /** @type {MongoUser} */
   const userData = req.user.toObject != null ? req.user.toObject() : { ...req.user };
   delete userData.totpSecret;
+  if (req.app.locals.fileStrategy === FileSources.s3 && userData.avatar) {
+    const avatarNeedsRefresh = needsRefresh(userData.avatar, 3600);
+    if (!avatarNeedsRefresh) {
+      return res.status(200).send(userData);
+    }
+    const originalAvatar = userData.avatar;
+    try {
+      userData.avatar = await getNewS3URL(userData.avatar);
+      await updateUser(userData.id, { avatar: userData.avatar });
+    } catch (error) {
+      userData.avatar = originalAvatar;
+      logger.error('Error getting new S3 URL for avatar:', error);
+    }
+  }
   res.status(200).send(userData);
 };
 

api/server/controllers/agents/callbacks.js

@@ -10,8 +10,8 @@ const {
   ChatModelStreamHandler,
 } = require('@librechat/agents');
 const { processCodeOutput } = require('~/server/services/Files/Code/process');
+const { loadAuthValues } = require('~/server/services/Tools/credentials');
 const { saveBase64Image } = require('~/server/services/Files/process');
-const { loadAuthValues } = require('~/app/clients/tools/util');
 const { logger, sendEvent } = require('~/config');
 
 /** @typedef {import('@librechat/agents').Graph} Graph */
@@ -246,7 +246,11 @@ function createToolEndCallback({ req, res, artifactPromises }) {
     if (output.artifact.content) {
       /** @type {FormattedContent[]} */
       const content = output.artifact.content;
-      for (const part of content) {
+      for (let i = 0; i < content.length; i++) {
+        const part = content[i];
+        if (!part) {
+          continue;
+        }
         if (part.type !== 'image_url') {
           continue;
         }
@@ -254,8 +258,10 @@ function createToolEndCallback({ req, res, artifactPromises }) {
         artifactPromises.push(
           (async () => {
             const filename = `${output.name}_${output.tool_call_id}_img_${nanoid()}`;
+            const file_id = output.artifact.file_ids?.[i];
             const file = await saveBase64Image(url, {
               req,
+              file_id,
               filename,
               endpoint: metadata.provider,
               context: FileContext.image_generation,

api/server/controllers/agents/client.js

@@ -7,53 +7,78 @@
 // validateVisionModel,
 // mapModelToAzureConfig,
 // } = require('librechat-data-provider');
-const { Callback, createMetadataAggregator } = require('@librechat/agents');
+require('events').EventEmitter.defaultMaxListeners = 100;
+const {
+  Callback,
+  GraphEvents,
+  formatMessage,
+  formatAgentMessages,
+  formatContentStrings,
+  getTokenCountForMessage,
+  createMetadataAggregator,
+} = require('@librechat/agents');
 const {
   Constants,
   VisionModes,
-  openAISchema,
   ContentTypes,
   EModelEndpoint,
   KnownEndpoints,
-  anthropicSchema,
   isAgentsEndpoint,
+  AgentCapabilities,
   bedrockInputSchema,
   removeNullishValues,
 } = require('librechat-data-provider');
-const {
-  formatMessage,
-  addCacheControl,
-  formatAgentMessages,
-  formatContentStrings,
-  createContextHandlers,
-} = require('~/app/clients/prompts');
+const { getCustomEndpointConfig, checkCapability } = require('~/server/services/Config');
+const { addCacheControl, createContextHandlers } = require('~/app/clients/prompts');
 const { spendTokens, spendStructuredTokens } = require('~/models/spendTokens');
 const { getBufferString, HumanMessage } = require('@langchain/core/messages');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
-const { getCustomEndpointConfig } = require('~/server/services/Config');
+const initOpenAI = require('~/server/services/Endpoints/openAI/initialize');
 const Tokenizer = require('~/server/services/Tokenizer');
 const BaseClient = require('~/app/clients/BaseClient');
+const { logger, sendEvent } = require('~/config');
 const { createRun } = require('./run');
-const { logger } = require('~/config');
 
 /** @typedef {import('@librechat/agents').MessageContentComplex} MessageContentComplex */
 /** @typedef {import('@langchain/core/runnables').RunnableConfig} RunnableConfig */
 
-const providerParsers = {
-  [EModelEndpoint.openAI]: openAISchema.parse,
-  [EModelEndpoint.azureOpenAI]: openAISchema.parse,
-  [EModelEndpoint.anthropic]: anthropicSchema.parse,
-  [EModelEndpoint.bedrock]: bedrockInputSchema.parse,
+/**
+ * @param {ServerRequest} req
+ * @param {Agent} agent
+ * @param {string} endpoint
+ */
+const payloadParser = ({ req, agent, endpoint }) => {
+  if (isAgentsEndpoint(endpoint)) {
+    return { model: undefined };
+  } else if (endpoint === EModelEndpoint.bedrock) {
+    return bedrockInputSchema.parse(agent.model_parameters);
+  }
+  return req.body.endpointOption.model_parameters;
 };
 
 const legacyContentEndpoints = new Set([KnownEndpoints.groq, KnownEndpoints.deepseek]);
 
-const noSystemModelRegex = [/\bo1\b/gi];
+const noSystemModelRegex = [/\b(o\d)\b/gi];
 
 // const { processMemory, memoryInstructions } = require('~/server/services/Endpoints/agents/memory');
 // const { getFormattedMemories } = require('~/models/Memory');
 // const { getCurrentDateTime } = require('~/utils');
 
+function createTokenCounter(encoding) {
+  return (message) => {
+    const countTokens = (text) => Tokenizer.getTokenCount(text, encoding);
+    return getTokenCountForMessage(message, countTokens);
+  };
+}
+
+function logToolError(graph, error, toolId) {
+  logger.error(
+    '[api/server/controllers/agents/client.js #chatCompletion] Tool Error',
+    error,
+    toolId,
+  );
+}
+
 class AgentClient extends BaseClient {
   constructor(options = {}) {
     super(null, options);
@@ -99,6 +124,8 @@ class AgentClient extends BaseClient {
     this.outputTokensKey = 'output_tokens';
     /** @type {UsageMetadata} */
     this.usage;
+    /** @type {Record<string, number>} */
+    this.indexTokenCountMap = {};
   }
 
   /**
@@ -174,28 +201,19 @@ class AgentClient extends BaseClient {
   }
 
   getSaveOptions() {
-    const parseOptions = providerParsers[this.options.endpoint];
-    let runOptions =
-      this.options.endpoint === EModelEndpoint.agents
-        ? {
-          model: undefined,
-          // TODO:
-          // would need to be override settings; otherwise, model needs to be undefined
-          // model: this.override.model,
-          // instructions: this.override.instructions,
-          // additional_instructions: this.override.additional_instructions,
-        }
-        : {};
-
-    if (parseOptions) {
-      try {
-        runOptions = parseOptions(this.options.agent.model_parameters);
-      } catch (error) {
-        logger.error(
-          '[api/server/controllers/agents/client.js #getSaveOptions] Error parsing options',
-          error,
-        );
-      }
+    // TODO:
+    // would need to be override settings; otherwise, model needs to be undefined
+    // model: this.override.model,
+    // instructions: this.override.instructions,
+    // additional_instructions: this.override.additional_instructions,
+    let runOptions = {};
+    try {
+      runOptions = payloadParser(this.options);
+    } catch (error) {
+      logger.error(
+        '[api/server/controllers/agents/client.js #getSaveOptions] Error parsing options',
+        error,
+      );
     }
 
     return removeNullishValues(
@@ -223,14 +241,23 @@ class AgentClient extends BaseClient {
     };
   }
 
+  /**
+   *
+   * @param {TMessage} message
+   * @param {Array<MongoFile>} attachments
+   * @returns {Promise<Array<Partial<MongoFile>>>}
+   */
   async addImageURLs(message, attachments) {
-    const { files, image_urls } = await encodeAndFormat(
+    const { files, text, image_urls } = await encodeAndFormat(
       this.options.req,
       attachments,
       this.options.agent.provider,
       VisionModes.agents,
     );
     message.image_urls = image_urls.length ? image_urls : undefined;
+    if (text && text.length) {
+      message.ocr = text;
+    }
     return files;
   }
 
@@ -308,7 +335,21 @@ class AgentClient extends BaseClient {
         assistantName: this.options?.modelLabel,
       });
 
-      const needsTokenCount = this.contextStrategy && !orderedMessages[i].tokenCount;
+      if (message.ocr && i !== orderedMessages.length - 1) {
+        if (typeof formattedMessage.content === 'string') {
+          formattedMessage.content = message.ocr + '\n' + formattedMessage.content;
+        } else {
+          const textPart = formattedMessage.content.find((part) => part.type === 'text');
+          textPart
+            ? (textPart.text = message.ocr + '\n' + textPart.text)
+            : formattedMessage.content.unshift({ type: 'text', text: message.ocr });
+        }
+      } else if (message.ocr && i === orderedMessages.length - 1) {
+        systemContent = [systemContent, message.ocr].join('\n');
+      }
+
+      const needsTokenCount =
+        (this.contextStrategy && !orderedMessages[i].tokenCount) || message.ocr;
 
       /* If tokens were never counted, or, is a Vision request and the message has files, count again */
       if (needsTokenCount || (this.isVisionModel && (message.image_urls || message.files))) {
@@ -323,7 +364,9 @@ class AgentClient extends BaseClient {
             this.contextHandlers?.processFile(file);
             continue;
           }
-
+          if (file.metadata?.fileIdentifier) {
+            continue;
+          }
           // orderedMessages[i].tokenCount += this.calculateImageTokenCost({
           //   width: file.width,
           //   height: file.height,
@@ -354,6 +397,10 @@ class AgentClient extends BaseClient {
       }));
     }
 
+    for (let i = 0; i < messages.length; i++) {
+      this.indexTokenCountMap[i] = messages[i].tokenCount;
+    }
+
     const result = {
       tokenCountMap,
       prompt: payload,
@@ -438,6 +485,7 @@ class AgentClient extends BaseClient {
             err,
           );
         });
+        continue;
       }
       spendTokens(txMetadata, {
         promptTokens: usage.input_tokens,
@@ -505,6 +553,10 @@ class AgentClient extends BaseClient {
   }
 
   async chatCompletion({ payload, abortController = null }) {
+    /** @type {Partial<RunnableConfig> & { version: 'v1' | 'v2'; run_id?: string; streamMode: string }} */
+    let config;
+    /** @type {ReturnType<createRun>} */
+    let run;
     try {
       if (!abortController) {
         abortController = new AbortController();
@@ -599,39 +651,55 @@ class AgentClient extends BaseClient {
       //   });
       // }
 
-      /** @type {Partial<RunnableConfig> & { version: 'v1' | 'v2'; run_id?: string; streamMode: string }} */
-      const config = {
+      /** @type {TCustomConfig['endpoints']['agents']} */
+      const agentsEConfig = this.options.req.app.locals[EModelEndpoint.agents];
+
+      config = {
         configurable: {
           thread_id: this.conversationId,
           last_agent_index: this.agentConfigs?.size ?? 0,
+          user_id: this.user ?? this.options.req.user?.id,
           hide_sequential_outputs: this.options.agent.hide_sequential_outputs,
         },
-        recursionLimit: this.options.req.app.locals[EModelEndpoint.agents]?.recursionLimit,
+        recursionLimit: agentsEConfig?.recursionLimit,
         signal: abortController.signal,
         streamMode: 'values',
         version: 'v2',
       };
 
-      const initialMessages = formatAgentMessages(payload);
+      const toolSet = new Set((this.options.agent.tools ?? []).map((tool) => tool && tool.name));
+      let { messages: initialMessages, indexTokenCountMap } = formatAgentMessages(
+        payload,
+        this.indexTokenCountMap,
+        toolSet,
+      );
       if (legacyContentEndpoints.has(this.options.agent.endpoint)) {
-        formatContentStrings(initialMessages);
+        initialMessages = formatContentStrings(initialMessages);
       }
 
-      /** @type {ReturnType<createRun>} */
-      let run;
-
       /**
        *
        * @param {Agent} agent
        * @param {BaseMessage[]} messages
        * @param {number} [i]
        * @param {TMessageContentParts[]} [contentData]
+       * @param {Record<string, number>} [currentIndexCountMap]
        */
-      const runAgent = async (agent, _messages, i = 0, contentData = []) => {
+      const runAgent = async (agent, _messages, i = 0, contentData = [], _currentIndexCountMap) => {
         config.configurable.model = agent.model_parameters.model;
+        const currentIndexCountMap = _currentIndexCountMap ?? indexTokenCountMap;
         if (i > 0) {
           this.model = agent.model_parameters.model;
         }
+        if (agent.recursion_limit && typeof agent.recursion_limit === 'number') {
+          config.recursionLimit = agent.recursion_limit;
+        }
+        if (
+          agentsEConfig?.maxRecursionLimit &&
+          config.recursionLimit > agentsEConfig?.maxRecursionLimit
+        ) {
+          config.recursionLimit = agentsEConfig?.maxRecursionLimit;
+        }
         config.configurable.agent_id = agent.id;
         config.configurable.name = agent.name;
         config.configurable.agent_index = i;
@@ -694,27 +762,46 @@ class AgentClient extends BaseClient {
         }
 
         if (contentData.length) {
+          const agentUpdate = {
+            type: ContentTypes.AGENT_UPDATE,
+            [ContentTypes.AGENT_UPDATE]: {
+              index: contentData.length,
+              runId: this.responseMessageId,
+              agentId: agent.id,
+            },
+          };
+          const streamData = {
+            event: GraphEvents.ON_AGENT_UPDATE,
+            data: agentUpdate,
+          };
+          this.options.aggregateContent(streamData);
+          sendEvent(this.options.res, streamData);
+          contentData.push(agentUpdate);
           run.Graph.contentData = contentData;
         }
 
+        const encoding = this.getEncoding();
         await run.processStream({ messages }, config, {
           keepContent: i !== 0,
+          tokenCounter: createTokenCounter(encoding),
+          indexTokenCountMap: currentIndexCountMap,
+          maxContextTokens: agent.maxContextTokens,
           callbacks: {
-            [Callback.TOOL_ERROR]: (graph, error, toolId) => {
-              logger.error(
-                '[api/server/controllers/agents/client.js #chatCompletion] Tool Error',
-                error,
-                toolId,
-              );
-            },
+            [Callback.TOOL_ERROR]: logToolError,
           },
         });
+
+        config.signal = null;
       };
 
       await runAgent(this.options.agent, initialMessages);
-
       let finalContentStart = 0;
-      if (this.agentConfigs && this.agentConfigs.size > 0) {
+      if (
+        this.agentConfigs &&
+        this.agentConfigs.size > 0 &&
+        (await checkCapability(this.options.req, AgentCapabilities.chain))
+      ) {
+        const windowSize = 5;
         let latestMessage = initialMessages.pop().content;
         if (typeof latestMessage !== 'string') {
           latestMessage = latestMessage[0].text;
@@ -722,7 +809,18 @@ class AgentClient extends BaseClient {
         let i = 1;
         let runMessages = [];
 
-        const lastFiveMessages = initialMessages.slice(-5);
+        const windowIndexCountMap = {};
+        const windowMessages = initialMessages.slice(-windowSize);
+        let currentIndex = 4;
+        for (let i = initialMessages.length - 1; i >= 0; i--) {
+          windowIndexCountMap[currentIndex] = indexTokenCountMap[i];
+          currentIndex--;
+          if (currentIndex < 0) {
+            break;
+          }
+        }
+        const encoding = this.getEncoding();
+        const tokenCounter = createTokenCounter(encoding);
         for (const [agentId, agent] of this.agentConfigs) {
           if (abortController.signal.aborted === true) {
             break;
@@ -757,7 +855,9 @@ class AgentClient extends BaseClient {
           }
           try {
             const contextMessages = [];
-            for (const message of lastFiveMessages) {
+            const runIndexCountMap = {};
+            for (let i = 0; i < windowMessages.length; i++) {
+              const message = windowMessages[i];
               const messageType = message._getType();
               if (
                 (!agent.tools || agent.tools.length === 0) &&
@@ -765,11 +865,13 @@ class AgentClient extends BaseClient {
               ) {
                 continue;
               }
-
+              runIndexCountMap[contextMessages.length] = windowIndexCountMap[i];
               contextMessages.push(message);
             }
-            const currentMessages = [...contextMessages, new HumanMessage(bufferString)];
-            await runAgent(agent, currentMessages, i, contentData);
+            const bufferMessage = new HumanMessage(bufferString);
+            runIndexCountMap[contextMessages.length] = tokenCounter(bufferMessage);
+            const currentMessages = [...contextMessages, bufferMessage];
+            await runAgent(agent, currentMessages, i, contentData, runIndexCountMap);
           } catch (err) {
             logger.error(
               `[api/server/controllers/agents/client.js #chatCompletion] Error running agent ${agentId} (${i})`,
@@ -780,6 +882,7 @@ class AgentClient extends BaseClient {
         }
       }
 
+      /** Note: not implemented */
       if (config.configurable.hide_sequential_outputs !== true) {
         finalContentStart = 0;
       }
@@ -826,18 +929,27 @@ class AgentClient extends BaseClient {
    * @param {string} params.text
    * @param {string} params.conversationId
    */
-  async titleConvo({ text }) {
+  async titleConvo({ text, abortController }) {
     if (!this.run) {
       throw new Error('Run not initialized');
     }
     const { handleLLMEnd, collected: collectedMetadata } = createMetadataAggregator();
+    const endpoint = this.options.agent.endpoint;
+    const { req, res } = this.options;
     /** @type {import('@librechat/agents').ClientOptions} */
-    const clientOptions = {
+    let clientOptions = {
       maxTokens: 75,
     };
-    let endpointConfig = this.options.req.app.locals[this.options.agent.endpoint];
+    let endpointConfig = req.app.locals[endpoint];
     if (!endpointConfig) {
-      endpointConfig = await getCustomEndpointConfig(this.options.agent.endpoint);
+      try {
+        endpointConfig = await getCustomEndpointConfig(endpoint);
+      } catch (err) {
+        logger.error(
+          '[api/server/controllers/agents/client.js #titleConvo] Error getting custom endpoint config',
+          err,
+        );
+      }
     }
     if (
       endpointConfig &&
@@ -846,12 +958,35 @@ class AgentClient extends BaseClient {
     ) {
       clientOptions.model = endpointConfig.titleModel;
     }
+    if (
+      endpoint === EModelEndpoint.azureOpenAI &&
+      clientOptions.model &&
+      this.options.agent.model_parameters.model !== clientOptions.model
+    ) {
+      clientOptions =
+        (
+          await initOpenAI({
+            req,
+            res,
+            optionsOnly: true,
+            overrideModel: clientOptions.model,
+            overrideEndpoint: endpoint,
+            endpointOption: {
+              model_parameters: clientOptions,
+            },
+          })
+        )?.llmConfig ?? clientOptions;
+    }
+    if (/\b(o\d)\b/i.test(clientOptions.model) && clientOptions.maxTokens != null) {
+      delete clientOptions.maxTokens;
+    }
     try {
       const titleResult = await this.run.generateTitle({
         inputText: text,
         contentParts: this.contentParts,
         clientOptions,
         chainOptions: {
+          signal: abortController.signal,
           callbacks: [
             {
               handleLLMEnd,
@@ -877,7 +1012,7 @@ class AgentClient extends BaseClient {
         };
       });
 
-      this.recordCollectedUsage({
+      await this.recordCollectedUsage({
         model: clientOptions.model,
         context: 'title',
         collectedUsage,

api/server/controllers/agents/request.js

@@ -1,5 +1,10 @@
 const { Constants } = require('librechat-data-provider');
-const { createAbortController, handleAbortError } = require('~/server/middleware');
+const {
+  handleAbortError,
+  createAbortController,
+  cleanupAbortController,
+} = require('~/server/middleware');
+const { disposeClient, clientRegistry, requestDataMap } = require('~/server/cleanup');
 const { sendMessage } = require('~/server/utils');
 const { saveMessage } = require('~/models');
 const { logger } = require('~/config');
@@ -14,16 +19,22 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
   } = req.body;
 
   let sender;
+  let abortKey;
   let userMessage;
   let promptTokens;
   let userMessageId;
   let responseMessageId;
   let userMessagePromise;
+  let getAbortData;
+  let client = null;
+  // Initialize as an array
+  let cleanupHandlers = [];
 
   const newConvo = !conversationId;
-  const user = req.user.id;
+  const userId = req.user.id;
 
-  const getReqData = (data = {}) => {
+  // Create handler to avoid capturing the entire parent scope
+  let getReqData = (data = {}) => {
     for (let key in data) {
       if (key === 'userMessage') {
         userMessage = data[key];
@@ -36,30 +47,96 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
         promptTokens = data[key];
       } else if (key === 'sender') {
         sender = data[key];
+      } else if (key === 'abortKey') {
+        abortKey = data[key];
       } else if (!conversationId && key === 'conversationId') {
         conversationId = data[key];
       }
     }
   };
 
+  // Create a function to handle final cleanup
+  const performCleanup = () => {
+    logger.debug('[AgentController] Performing cleanup');
+    // Make sure cleanupHandlers is an array before iterating
+    if (Array.isArray(cleanupHandlers)) {
+      // Execute all cleanup handlers
+      for (const handler of cleanupHandlers) {
+        try {
+          if (typeof handler === 'function') {
+            handler();
+          }
+        } catch (e) {
+          // Ignore cleanup errors
+        }
+      }
+    }
+
+    // Clean up abort controller
+    if (abortKey) {
+      logger.debug('[AgentController] Cleaning up abort controller');
+      cleanupAbortController(abortKey);
+    }
+
+    // Dispose client properly
+    if (client) {
+      disposeClient(client);
+    }
+
+    // Clear all references
+    client = null;
+    getReqData = null;
+    userMessage = null;
+    getAbortData = null;
+    endpointOption.agent = null;
+    endpointOption = null;
+    cleanupHandlers = null;
+    userMessagePromise = null;
+
+    // Clear request data map
+    if (requestDataMap.has(req)) {
+      requestDataMap.delete(req);
+    }
+    logger.debug('[AgentController] Cleanup completed');
+  };
+
   try {
     /** @type {{ client: TAgentClient }} */
-    const { client } = await initializeClient({ req, res, endpointOption });
+    const result = await initializeClient({ req, res, endpointOption });
+    client = result.client;
 
-    const getAbortData = () => ({
-      sender,
-      userMessage,
-      promptTokens,
-      conversationId,
-      userMessagePromise,
-      messageId: responseMessageId,
-      content: client.getContentParts(),
-      parentMessageId: overrideParentMessageId ?? userMessageId,
-    });
+    // Register client with finalization registry if available
+    if (clientRegistry) {
+      clientRegistry.register(client, { userId }, client);
+    }
+
+    // Store request data in WeakMap keyed by req object
+    requestDataMap.set(req, { client });
+
+    // Use WeakRef to allow GC but still access content if it exists
+    const contentRef = new WeakRef(client.contentParts || []);
+
+    // Minimize closure scope - only capture small primitives and WeakRef
+    getAbortData = () => {
+      // Dereference WeakRef each time
+      const content = contentRef.deref();
+
+      return {
+        sender,
+        content: content || [],
+        userMessage,
+        promptTokens,
+        conversationId,
+        userMessagePromise,
+        messageId: responseMessageId,
+        parentMessageId: overrideParentMessageId ?? userMessageId,
+      };
+    };
 
     const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
 
-    res.on('close', () => {
+    // Simple handler to avoid capturing scope
+    const closeHandler = () => {
       logger.debug('[AgentController] Request closed');
       if (!abortController) {
         return;
@@ -71,10 +148,19 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
 
       abortController.abort();
       logger.debug('[AgentController] Request aborted on close');
+    };
+
+    res.on('close', closeHandler);
+    cleanupHandlers.push(() => {
+      try {
+        res.removeListener('close', closeHandler);
+      } catch (e) {
+        // Ignore
+      }
     });
 
     const messageOptions = {
-      user,
+      user: userId,
       onStart,
       getReqData,
       conversationId,
@@ -83,69 +169,103 @@ const AgentController = async (req, res, next, initializeClient, addTitle) => {
       overrideParentMessageId,
       progressOptions: {
         res,
-        // parentMessageId: overrideParentMessageId || userMessageId,
       },
     };
 
     let response = await client.sendMessage(text, messageOptions);
-    response.endpoint = endpointOption.endpoint;
 
-    const { conversation = {} } = await client.responsePromise;
+    // Extract what we need and immediately break reference
+    const messageId = response.messageId;
+    const endpoint = endpointOption.endpoint;
+    response.endpoint = endpoint;
+
+    // Store database promise locally
+    const databasePromise = response.databasePromise;
+    delete response.databasePromise;
+
+    // Resolve database-related data
+    const { conversation: convoData = {} } = await databasePromise;
+    const conversation = { ...convoData };
     conversation.title =
       conversation && !conversation.title ? null : conversation?.title || 'New Chat';
 
-    if (req.body.files && client.options.attachments) {
+    // Process files if needed
+    if (req.body.files && client.options?.attachments) {
       userMessage.files = [];
       const messageFiles = new Set(req.body.files.map((file) => file.file_id));
       for (let attachment of client.options.attachments) {
         if (messageFiles.has(attachment.file_id)) {
-          userMessage.files.push(attachment);
+          userMessage.files.push({ ...attachment });
         }
       }
       delete userMessage.image_urls;
     }
 
+    // Only send if not aborted
     if (!abortController.signal.aborted) {
+      // Create a new response object with minimal copies
+      const finalResponse = { ...response };
+
       sendMessage(res, {
         final: true,
         conversation,
         title: conversation.title,
         requestMessage: userMessage,
-        responseMessage: response,
+        responseMessage: finalResponse,
       });
       res.end();
 
-      if (!client.savedMessageIds.has(response.messageId)) {
+      // Save the message if needed
+      if (client.savedMessageIds && !client.savedMessageIds.has(messageId)) {
         await saveMessage(
           req,
-          { ...response, user },
+          { ...finalResponse, user: userId },
           { context: 'api/server/controllers/agents/request.js - response end' },
         );
       }
     }
 
+    // Save user message if needed
     if (!client.skipSaveUserMessage) {
       await saveMessage(req, userMessage, {
         context: 'api/server/controllers/agents/request.js - don\'t skip saving user message',
       });
     }
 
+    // Add title if needed - extract minimal data
     if (addTitle && parentMessageId === Constants.NO_PARENT && newConvo) {
       addTitle(req, {
         text,
-        response,
+        response: { ...response },
         client,
-      });
+      })
+        .then(() => {
+          logger.debug('[AgentController] Title generation started');
+        })
+        .catch((err) => {
+          logger.error('[AgentController] Error in title generation', err);
+        })
+        .finally(() => {
+          logger.debug('[AgentController] Title generation completed');
+          performCleanup();
+        });
+    } else {
+      performCleanup();
     }
   } catch (error) {
+    // Handle error without capturing much scope
     handleAbortError(res, req, error, {
       conversationId,
       sender,
       messageId: responseMessageId,
       parentMessageId: overrideParentMessageId ?? userMessageId ?? parentMessageId,
-    }).catch((err) => {
-      logger.error('[api/server/controllers/agents/request] Error in `handleAbortError`', err);
-    });
+    })
+      .catch((err) => {
+        logger.error('[api/server/controllers/agents/request] Error in `handleAbortError`', err);
+      })
+      .finally(() => {
+        performCleanup();
+      });
   }
 };
 

api/server/controllers/agents/run.js

@@ -11,6 +11,13 @@ const { providerEndpointMap, KnownEndpoints } = require('librechat-data-provider
  * @typedef {import('@librechat/agents').IState} IState
  */
 
+const customProviders = new Set([
+  Providers.XAI,
+  Providers.OLLAMA,
+  Providers.DEEPSEEK,
+  Providers.OPENROUTER,
+]);
+
 /**
  * Creates a new Run instance with custom handlers and configuration.
  *
@@ -43,6 +50,15 @@ async function createRun({
     agent.model_parameters,
   );
 
+  /** Resolves issues with new OpenAI usage field */
+  if (
+    customProviders.has(agent.provider) ||
+    (agent.provider === Providers.OPENAI && agent.endpoint !== agent.provider)
+  ) {
+    llmConfig.streamUsage = false;
+    llmConfig.usage = true;
+  }
+
   /** @type {'reasoning_content' | 'reasoning'} */
   let reasoningKey;
   if (
@@ -51,10 +67,6 @@ async function createRun({
   ) {
     reasoningKey = 'reasoning';
   }
-  if (/o1(?!-(?:mini|preview)).*$/.test(llmConfig.model)) {
-    llmConfig.streaming = false;
-    llmConfig.disableStreaming = true;
-  }
 
   /** @type {StandardGraphConfig} */
   const graphConfig = {
@@ -68,7 +80,7 @@ async function createRun({
   };
 
   // TEMPORARY FOR TESTING
-  if (agent.provider === Providers.ANTHROPIC) {
+  if (agent.provider === Providers.ANTHROPIC || agent.provider === Providers.BEDROCK) {
     graphConfig.streamBuffer = 2000;
   }
 

api/server/controllers/agents/v1.js

@@ -1,10 +1,12 @@
 const fs = require('fs').promises;
 const { nanoid } = require('nanoid');
 const {
-  FileContext,
-  Constants,
   Tools,
+  Constants,
+  FileContext,
+  FileSources,
   SystemRoles,
+  EToolResources,
   actionDelimiter,
 } = require('librechat-data-provider');
 const {
@@ -16,9 +18,10 @@ const {
 } = require('~/models/Agent');
 const { uploadImageBuffer, filterFile } = require('~/server/services/Files/process');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
+const { refreshS3Url } = require('~/server/services/Files/S3/crud');
 const { updateAction, getActions } = require('~/models/Action');
-const { getProjectByName } = require('~/models/Project');
 const { updateAgentProjects } = require('~/models/Agent');
+const { getProjectByName } = require('~/models/Project');
 const { deleteFileByFilter } = require('~/models/File');
 const { logger } = require('~/config');
 
@@ -101,6 +104,14 @@ const getAgentHandler = async (req, res) => {
       return res.status(404).json({ error: 'Agent not found' });
     }
 
+    if (agent.avatar && agent.avatar?.source === FileSources.s3) {
+      const originalUrl = agent.avatar.filepath;
+      agent.avatar.filepath = await refreshS3Url(agent.avatar);
+      if (originalUrl !== agent.avatar.filepath) {
+        await updateAgent({ id }, { avatar: agent.avatar });
+      }
+    }
+
     agent.author = agent.author.toString();
     agent.isCollaborative = !!agent.isCollaborative;
 
@@ -203,13 +214,25 @@ const duplicateAgentHandler = async (req, res) => {
     }
 
     const {
-      _id: __id,
       id: _id,
+      _id: __id,
       author: _author,
       createdAt: _createdAt,
       updatedAt: _updatedAt,
+      tool_resources: _tool_resources = {},
       ...cloneData
     } = agent;
+    cloneData.name = `${agent.name} (${new Date().toLocaleString('en-US', {
+      dateStyle: 'short',
+      timeStyle: 'short',
+      hour12: false,
+    })})`;
+
+    if (_tool_resources?.[EToolResources.ocr]) {
+      cloneData.tool_resources = {
+        [EToolResources.ocr]: _tool_resources[EToolResources.ocr],
+      };
+    }
 
     const newAgentId = `agent_${nanoid()}`;
     const newAgentData = Object.assign(cloneData, {

api/server/controllers/assistants/chatV1.js

@@ -19,7 +19,7 @@ const {
   addThreadMetadata,
   saveAssistantMessage,
 } = require('~/server/services/Threads');
-const { sendResponse, sendMessage, sleep, isEnabled, countTokens } = require('~/server/utils');
+const { sendResponse, sendMessage, sleep, countTokens } = require('~/server/utils');
 const { runAssistant, createOnTextProgress } = require('~/server/services/AssistantService');
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { formatMessage, createVisionPrompt } = require('~/app/clients/prompts');
@@ -27,7 +27,7 @@ const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
 const { createRunBody } = require('~/server/services/createRunBody');
 const { getTransactions } = require('~/models/Transaction');
-const checkBalance = require('~/models/checkBalance');
+const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
 const { getModelMaxTokens } = require('~/utils');
@@ -248,7 +248,8 @@ const chatV1 = async (req, res) => {
     }
 
     const checkBalanceBeforeRun = async () => {
-      if (!isEnabled(process.env.CHECK_BALANCE)) {
+      const balance = req.app?.locals?.balance;
+      if (!balance?.enabled) {
         return;
       }
       const transactions =

api/server/controllers/assistants/chatV2.js

@@ -18,14 +18,14 @@ const {
   saveAssistantMessage,
 } = require('~/server/services/Threads');
 const { runAssistant, createOnTextProgress } = require('~/server/services/AssistantService');
-const { sendMessage, sleep, isEnabled, countTokens } = require('~/server/utils');
 const { createErrorHandler } = require('~/server/controllers/assistants/errors');
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
+const { sendMessage, sleep, countTokens } = require('~/server/utils');
 const { createRunBody } = require('~/server/services/createRunBody');
 const { getTransactions } = require('~/models/Transaction');
-const checkBalance = require('~/models/checkBalance');
+const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
 const getLogStores = require('~/cache/getLogStores');
 const { getModelMaxTokens } = require('~/utils');
@@ -124,7 +124,8 @@ const chatV2 = async (req, res) => {
     }
 
     const checkBalanceBeforeRun = async () => {
-      if (!isEnabled(process.env.CHECK_BALANCE)) {
+      const balance = req.app?.locals?.balance;
+      if (!balance?.enabled) {
         return;
       }
       const transactions =

api/server/controllers/auth/TwoFactorAuthController.js

@@ -8,7 +8,10 @@ const { setAuthTokens } = require('~/server/services/AuthService');
 const { getUserById } = require('~/models/userMethods');
 const { logger } = require('~/config');
 
-const verify2FA = async (req, res) => {
+/**
+ * Verifies the 2FA code during login using a temporary token.
+ */
+const verify2FAWithTempToken = async (req, res) => {
   try {
     const { tempToken, token, backupCode } = req.body;
     if (!tempToken) {
@@ -23,26 +26,23 @@ const verify2FA = async (req, res) => {
     }
 
     const user = await getUserById(payload.userId);
-    // Ensure that the user exists and has 2FA enabled
     if (!user || !user.twoFactorEnabled) {
       return res.status(400).json({ message: '2FA is not enabled for this user' });
     }
 
-    // Retrieve (and decrypt if necessary) the TOTP secret.
     const secret = await getTOTPSecret(user.totpSecret);
-
-    let verified = false;
-    if (token && (await verifyTOTP(secret, token))) {
-      verified = true;
+    let isVerified = false;
+    if (token) {
+      isVerified = await verifyTOTP(secret, token);
     } else if (backupCode) {
-      verified = await verifyBackupCode({ user, backupCode });
+      isVerified = await verifyBackupCode({ user, backupCode });
     }
 
-    if (!verified) {
+    if (!isVerified) {
       return res.status(401).json({ message: 'Invalid 2FA code or backup code' });
     }
 
-    // Prepare user data for response.
+    // Prepare user data to return (omit sensitive fields).
     const userData = user.toObject ? user.toObject() : { ...user };
     delete userData.password;
     delete userData.__v;
@@ -52,9 +52,9 @@ const verify2FA = async (req, res) => {
     const authToken = await setAuthTokens(user._id, res);
     return res.status(200).json({ token: authToken, user: userData });
   } catch (err) {
-    logger.error('[verify2FA]', err);
+    logger.error('[verify2FAWithTempToken]', err);
     return res.status(500).json({ message: 'Something went wrong' });
   }
 };
 
-module.exports = { verify2FA };
+module.exports = { verify2FAWithTempToken };

api/server/controllers/tools.js

@@ -10,7 +10,8 @@ const {
 const { processFileURL, uploadImageBuffer } = require('~/server/services/Files/process');
 const { processCodeOutput } = require('~/server/services/Files/Code/process');
 const { createToolCall, getToolCallsByConvo } = require('~/models/ToolCall');
-const { loadAuthValues, loadTools } = require('~/app/clients/tools/util');
+const { loadAuthValues } = require('~/server/services/Tools/credentials');
+const { loadTools } = require('~/app/clients/tools/util');
 const { checkAccess } = require('~/server/middleware');
 const { getMessage } = require('~/models/Message');
 const { logger } = require('~/config');

api/server/index.js

@@ -88,8 +88,8 @@ const startServer = async () => {
   app.use('/api/actions', routes.actions);
   app.use('/api/keys', routes.keys);
   app.use('/api/user', routes.user);
-  app.use('/api/search', routes.search);
   app.use('/api/ask', routes.ask);
+  app.use('/api/search', routes.search);
   app.use('/api/edit', routes.edit);
   app.use('/api/messages', routes.messages);
   app.use('/api/convos', routes.convos);

api/server/middleware/abortMiddleware.js

@@ -1,3 +1,4 @@
+// abortMiddleware.js
 const { isAssistantsEndpoint, ErrorTypes } = require('librechat-data-provider');
 const { sendMessage, sendError, countTokens, isEnabled } = require('~/server/utils');
 const { truncateText, smartTruncateText } = require('~/app/clients/prompts');
@@ -8,6 +9,68 @@ const { saveMessage, getConvo } = require('~/models');
 const { abortRun } = require('./abortRun');
 const { logger } = require('~/config');
 
+const abortDataMap = new WeakMap();
+
+function cleanupAbortController(abortKey) {
+  if (!abortControllers.has(abortKey)) {
+    return false;
+  }
+
+  const { abortController } = abortControllers.get(abortKey);
+
+  if (!abortController) {
+    abortControllers.delete(abortKey);
+    return true;
+  }
+
+  // 1. Check if this controller has any composed signals and clean them up
+  try {
+    // This creates a temporary composed signal to use for cleanup
+    const composedSignal = AbortSignal.any([abortController.signal]);
+
+    // Get all event types - in practice, AbortSignal typically only uses 'abort'
+    const eventTypes = ['abort'];
+
+    // First, execute a dummy listener removal to handle potential composed signals
+    for (const eventType of eventTypes) {
+      const dummyHandler = () => {};
+      composedSignal.addEventListener(eventType, dummyHandler);
+      composedSignal.removeEventListener(eventType, dummyHandler);
+
+      const listeners = composedSignal.listeners?.(eventType) || [];
+      for (const listener of listeners) {
+        composedSignal.removeEventListener(eventType, listener);
+      }
+    }
+  } catch (e) {
+    logger.debug(`Error cleaning up composed signals: ${e}`);
+  }
+
+  // 2. Abort the controller if not already aborted
+  if (!abortController.signal.aborted) {
+    abortController.abort();
+  }
+
+  // 3. Remove from registry
+  abortControllers.delete(abortKey);
+
+  // 4. Clean up any data stored in the WeakMap
+  if (abortDataMap.has(abortController)) {
+    abortDataMap.delete(abortController);
+  }
+
+  // 5. Clean up function references on the controller
+  if (abortController.getAbortData) {
+    abortController.getAbortData = null;
+  }
+
+  if (abortController.abortCompletion) {
+    abortController.abortCompletion = null;
+  }
+
+  return true;
+}
+
 async function abortMessage(req, res) {
   let { abortKey, endpoint } = req.body;
 
@@ -29,24 +92,24 @@ async function abortMessage(req, res) {
   if (!abortController) {
     return res.status(204).send({ message: 'Request not found' });
   }
-  const finalEvent = await abortController.abortCompletion();
+
+  const finalEvent = await abortController.abortCompletion?.();
   logger.debug(
     `[abortMessage] ID: ${req.user.id} | ${req.user.email} | Aborted request: ` +
       JSON.stringify({ abortKey }),
   );
-  abortControllers.delete(abortKey);
+  cleanupAbortController(abortKey);
 
   if (res.headersSent && finalEvent) {
     return sendMessage(res, finalEvent);
   }
 
   res.setHeader('Content-Type', 'application/json');
-
   res.send(JSON.stringify(finalEvent));
 }
 
-const handleAbort = () => {
-  return async (req, res) => {
+const handleAbort = function () {
+  return async function (req, res) {
     try {
       if (isEnabled(process.env.LIMIT_CONCURRENT_MESSAGES)) {
         await clearPendingReq({ userId: req.user.id });
@@ -62,8 +125,48 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
   const abortController = new AbortController();
   const { endpointOption } = req.body;
 
+  // Store minimal data in WeakMap to avoid circular references
+  abortDataMap.set(abortController, {
+    getAbortDataFn: getAbortData,
+    userId: req.user.id,
+    endpoint: endpointOption.endpoint,
+    iconURL: endpointOption.iconURL,
+    model: endpointOption.modelOptions?.model || endpointOption.model_parameters?.model,
+  });
+
+  // Replace the direct function reference with a wrapper that uses WeakMap
   abortController.getAbortData = function () {
-    return getAbortData();
+    const data = abortDataMap.get(this);
+    if (!data || typeof data.getAbortDataFn !== 'function') {
+      return {};
+    }
+
+    try {
+      const result = data.getAbortDataFn();
+
+      // Create a copy without circular references
+      const cleanResult = { ...result };
+
+      // If userMessagePromise exists, break its reference to client
+      if (
+        cleanResult.userMessagePromise &&
+        typeof cleanResult.userMessagePromise.then === 'function'
+      ) {
+        // Create a new promise that fulfills with the same result but doesn't reference the original
+        const originalPromise = cleanResult.userMessagePromise;
+        cleanResult.userMessagePromise = new Promise((resolve, reject) => {
+          originalPromise.then(
+            (result) => resolve({ ...result }),
+            (error) => reject(error),
+          );
+        });
+      }
+
+      return cleanResult;
+    } catch (err) {
+      logger.error('[abortController.getAbortData] Error:', err);
+      return {};
+    }
   };
 
   /**
@@ -74,6 +177,7 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
     sendMessage(res, { message: userMessage, created: true });
 
     const abortKey = userMessage?.conversationId ?? req.user.id;
+    getReqData({ abortKey });
     const prevRequest = abortControllers.get(abortKey);
     const { overrideUserMessageId } = req?.body ?? {};
 
@@ -81,34 +185,74 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
       const data = prevRequest.abortController.getAbortData();
       getReqData({ userMessage: data?.userMessage });
       const addedAbortKey = `${abortKey}:${responseMessageId}`;
-      abortControllers.set(addedAbortKey, { abortController, ...endpointOption });
-      res.on('finish', function () {
-        abortControllers.delete(addedAbortKey);
-      });
+
+      // Store minimal options
+      const minimalOptions = {
+        endpoint: endpointOption.endpoint,
+        iconURL: endpointOption.iconURL,
+        model: endpointOption.modelOptions?.model || endpointOption.model_parameters?.model,
+      };
+
+      abortControllers.set(addedAbortKey, { abortController, ...minimalOptions });
+
+      // Use a simple function for cleanup to avoid capturing context
+      const cleanupHandler = () => {
+        try {
+          cleanupAbortController(addedAbortKey);
+        } catch (e) {
+          // Ignore cleanup errors
+        }
+      };
+
+      res.on('finish', cleanupHandler);
       return;
     }
 
-    abortControllers.set(abortKey, { abortController, ...endpointOption });
+    // Store minimal options
+    const minimalOptions = {
+      endpoint: endpointOption.endpoint,
+      iconURL: endpointOption.iconURL,
+      model: endpointOption.modelOptions?.model || endpointOption.model_parameters?.model,
+    };
 
-    res.on('finish', function () {
-      abortControllers.delete(abortKey);
-    });
+    abortControllers.set(abortKey, { abortController, ...minimalOptions });
+
+    // Use a simple function for cleanup to avoid capturing context
+    const cleanupHandler = () => {
+      try {
+        cleanupAbortController(abortKey);
+      } catch (e) {
+        // Ignore cleanup errors
+      }
+    };
+
+    res.on('finish', cleanupHandler);
   };
 
+  // Define abortCompletion without capturing the entire parent scope
   abortController.abortCompletion = async function () {
-    abortController.abort();
+    this.abort();
+
+    // Get data from WeakMap
+    const ctrlData = abortDataMap.get(this);
+    if (!ctrlData || !ctrlData.getAbortDataFn) {
+      return { final: true, conversation: {}, title: 'New Chat' };
+    }
+
+    // Get abort data using stored function
     const { conversationId, userMessage, userMessagePromise, promptTokens, ...responseData } =
-      getAbortData();
+      ctrlData.getAbortDataFn();
+
     const completionTokens = await countTokens(responseData?.text ?? '');
-    const user = req.user.id;
+    const user = ctrlData.userId;
 
     const responseMessage = {
       ...responseData,
       conversationId,
       finish_reason: 'incomplete',
-      endpoint: endpointOption.endpoint,
-      iconURL: endpointOption.iconURL,
-      model: endpointOption.modelOptions?.model ?? endpointOption.model_parameters?.model,
+      endpoint: ctrlData.endpoint,
+      iconURL: ctrlData.iconURL,
+      model: ctrlData.modelOptions?.model ?? ctrlData.model_parameters?.model,
       unfinished: false,
       error: false,
       isCreatedByUser: false,
@@ -130,10 +274,12 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
     if (userMessagePromise) {
       const resolved = await userMessagePromise;
       conversation = resolved?.conversation;
+      // Break reference to promise
+      resolved.conversation = null;
     }
 
     if (!conversation) {
-      conversation = await getConvo(req.user.id, conversationId);
+      conversation = await getConvo(user, conversationId);
     }
 
     return {
@@ -148,6 +294,13 @@ const createAbortController = (req, res, getAbortData, getReqData) => {
   return { abortController, onStart };
 };
 
+/**
+ * @param {ServerResponse} res
+ * @param {ServerRequest} req
+ * @param {Error | unknown} error
+ * @param {Partial<TMessage> & { partialText?: string }} data
+ * @returns { Promise<void> }
+ */
 const handleAbortError = async (res, req, error, data) => {
   if (error?.message?.includes('base64')) {
     logger.error('[handleAbortError] Error in base64 encoding', {
@@ -178,17 +331,30 @@ const handleAbortError = async (res, req, error, data) => {
     errorText = `{"type":"${ErrorTypes.NO_SYSTEM_MESSAGES}"}`;
   }
 
+  /**
+   * @param {string} partialText
+   * @returns {Promise<void>}
+   */
   const respondWithError = async (partialText) => {
+    const endpointOption = req.body?.endpointOption;
     let options = {
       sender,
       messageId,
       conversationId,
       parentMessageId,
       text: errorText,
-      shouldSaveMessage: true,
       user: req.user.id,
+      shouldSaveMessage: true,
+      spec: endpointOption?.spec,
+      iconURL: endpointOption?.iconURL,
+      modelLabel: endpointOption?.modelLabel,
+      model: endpointOption?.modelOptions?.model || req.body?.model,
     };
 
+    if (req.body?.agent_id) {
+      options.agent_id = req.body.agent_id;
+    }
+
     if (partialText) {
       options = {
         ...options,
@@ -198,11 +364,12 @@ const handleAbortError = async (res, req, error, data) => {
       };
     }
 
+    // Create a simple callback without capturing parent scope
     const callback = async () => {
-      if (abortControllers.has(conversationId)) {
-        const { abortController } = abortControllers.get(conversationId);
-        abortController.abort();
-        abortControllers.delete(conversationId);
+      try {
+        cleanupAbortController(conversationId);
+      } catch (e) {
+        // Ignore cleanup errors
       }
     };
 
@@ -223,6 +390,7 @@ const handleAbortError = async (res, req, error, data) => {
 
 module.exports = {
   handleAbort,
-  createAbortController,
   handleAbortError,
+  createAbortController,
+  cleanupAbortController,
 };

api/server/middleware/buildEndpointOption.js

@@ -1,6 +1,11 @@
-const { parseCompactConvo, EModelEndpoint, isAgentsEndpoint } = require('librechat-data-provider');
-const { getModelsConfig } = require('~/server/controllers/ModelController');
+const {
+  parseCompactConvo,
+  EModelEndpoint,
+  isAgentsEndpoint,
+  EndpointURLs,
+} = require('librechat-data-provider');
 const azureAssistants = require('~/server/services/Endpoints/azureAssistants');
+const { getModelsConfig } = require('~/server/controllers/ModelController');
 const assistants = require('~/server/services/Endpoints/assistants');
 const gptPlugins = require('~/server/services/Endpoints/gptPlugins');
 const { processFiles } = require('~/server/services/Files/process');
@@ -10,7 +15,6 @@ const openAI = require('~/server/services/Endpoints/openAI');
 const agents = require('~/server/services/Endpoints/agents');
 const custom = require('~/server/services/Endpoints/custom');
 const google = require('~/server/services/Endpoints/google');
-const { getConvoFiles } = require('~/models/Conversation');
 const { handleError } = require('~/server/utils');
 
 const buildFunction = {
@@ -78,8 +82,9 @@ async function buildEndpointOption(req, res, next) {
   }
 
   try {
-    const isAgents = isAgentsEndpoint(endpoint);
-    const endpointFn = buildFunction[endpointType ?? endpoint];
+    const isAgents =
+      isAgentsEndpoint(endpoint) || req.baseUrl.startsWith(EndpointURLs[EModelEndpoint.agents]);
+    const endpointFn = buildFunction[isAgents ? EModelEndpoint.agents : (endpointType ?? endpoint)];
     const builder = isAgents ? (...args) => endpointFn(req, ...args) : endpointFn;
 
     // TODO: use object params
@@ -87,16 +92,8 @@ async function buildEndpointOption(req, res, next) {
 
     // TODO: use `getModelsConfig` only when necessary
     const modelsConfig = await getModelsConfig(req);
-    const { resendFiles = true } = req.body.endpointOption;
     req.body.endpointOption.modelsConfig = modelsConfig;
-    if (isAgents && resendFiles && req.body.conversationId) {
-      const fileIds = await getConvoFiles(req.body.conversationId);
-      const requestFiles = req.body.files ?? [];
-      if (requestFiles.length || fileIds.length) {
-        req.body.endpointOption.attachments = processFiles(requestFiles, fileIds);
-      }
-    } else if (req.body.files) {
-      // hold the promise
+    if (req.body.files && !isAgents) {
       req.body.endpointOption.attachments = processFiles(req.body.files);
     }
     next();

api/server/middleware/checkBan.js

@@ -1,4 +1,4 @@
-const Keyv = require('keyv');
+const { Keyv } = require('keyv');
 const uap = require('ua-parser-js');
 const { ViolationTypes } = require('librechat-data-provider');
 const { isEnabled, removePorts } = require('~/server/utils');
@@ -41,7 +41,7 @@ const banResponse = async (req, res) => {
  * @function
  * @param {Object} req - Express request object.
  * @param {Object} res - Express response object.
- * @param {Function} next - Next middleware function.
+ * @param {import('express').NextFunction} next - Next middleware function.
  *
  * @returns {Promise<function|Object>} - Returns a Promise which when resolved calls next middleware if user or source IP is not banned. Otherwise calls `banResponse()` and sets ban details in `banCache`.
  */

api/server/middleware/concurrentLimiter.js

@@ -1,4 +1,4 @@
-const { Time } = require('librechat-data-provider');
+const { Time, CacheKeys } = require('librechat-data-provider');
 const clearPendingReq = require('~/cache/clearPendingReq');
 const { logViolation, getLogStores } = require('~/cache');
 const { isEnabled } = require('~/server/utils');
@@ -21,11 +21,11 @@ const {
  * @function
  * @param {Object} req - Express request object containing user information.
  * @param {Object} res - Express response object.
- * @param {function} next - Express next middleware function.
+ * @param {import('express').NextFunction} next - Next middleware function.
  * @throws {Error} Throws an error if the user exceeds the concurrent request limit.
  */
 const concurrentLimiter = async (req, res, next) => {
-  const namespace = 'pending_req';
+  const namespace = CacheKeys.PENDING_REQ;
   const cache = getLogStores(namespace);
   if (!cache) {
     return next();

api/server/middleware/index.js

@@ -8,12 +8,14 @@ const concurrentLimiter = require('./concurrentLimiter');
 const validateEndpoint = require('./validateEndpoint');
 const requireLocalAuth = require('./requireLocalAuth');
 const canDeleteAccount = require('./canDeleteAccount');
+const setBalanceConfig = require('./setBalanceConfig');
 const requireLdapAuth = require('./requireLdapAuth');
 const abortMiddleware = require('./abortMiddleware');
 const checkInviteUser = require('./checkInviteUser');
 const requireJwtAuth = require('./requireJwtAuth');
 const validateModel = require('./validateModel');
 const moderateText = require('./moderateText');
+const logHeaders = require('./logHeaders');
 const setHeaders = require('./setHeaders');
 const validate = require('./validate');
 const limiters = require('./limiters');
@@ -31,6 +33,7 @@ module.exports = {
   checkBan,
   uaParser,
   setHeaders,
+  logHeaders,
   moderateText,
   validateModel,
   requireJwtAuth,
@@ -39,6 +42,7 @@ module.exports = {
   requireLocalAuth,
   canDeleteAccount,
   validateEndpoint,
+  setBalanceConfig,
   concurrentLimiter,
   checkDomainAllowed,
   validateMessageReq,

api/server/middleware/limiters/importLimiters.js

@@ -1,6 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const IMPORT_IP_MAX = parseInt(process.env.IMPORT_IP_MAX) || 100;
@@ -48,21 +52,37 @@ const createImportLimiters = () => {
   const { importIpWindowMs, importIpMax, importUserWindowMs, importUserMax } =
     getEnvironmentVariables();
 
-  const importIpLimiter = rateLimit({
+  const ipLimiterOptions = {
     windowMs: importIpWindowMs,
     max: importIpMax,
     handler: createImportHandler(),
-  });
-
-  const importUserLimiter = rateLimit({
+  };
+  const userLimiterOptions = {
     windowMs: importUserWindowMs,
     max: importUserMax,
     handler: createImportHandler(false),
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-  });
+  };
 
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for import rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'import_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'import_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
+  const importIpLimiter = rateLimit(ipLimiterOptions);
+  const importUserLimiter = rateLimit(userLimiterOptions);
   return { importIpLimiter, importUserLimiter };
 };
 

api/server/middleware/limiters/loginLimiter.js

@@ -1,6 +1,9 @@
 const rateLimit = require('express-rate-limit');
-const { removePorts } = require('~/server/utils');
+const { RedisStore } = require('rate-limit-redis');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const { LOGIN_WINDOW = 5, LOGIN_MAX = 7, LOGIN_VIOLATION_SCORE: score } = process.env;
 const windowMs = LOGIN_WINDOW * 60 * 1000;
@@ -20,11 +23,22 @@ const handler = async (req, res) => {
   return res.status(429).json({ message });
 };
 
-const loginLimiter = rateLimit({
+const limiterOptions = {
   windowMs,
   max,
   handler,
   keyGenerator: removePorts,
-});
+};
+
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for login rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'login_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
+const loginLimiter = rateLimit(limiterOptions);
 
 module.exports = loginLimiter;

api/server/middleware/limiters/messageLimiters.js

@@ -1,6 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const denyRequest = require('~/server/middleware/denyRequest');
+const ioredisClient = require('~/cache/ioredisClient');
+const { isEnabled } = require('~/server/utils');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const {
   MESSAGE_IP_MAX = 40,
@@ -41,25 +45,47 @@ const createHandler = (ip = true) => {
 };
 
 /**
- * Message request rate limiter by IP
+ * Message request rate limiters
  */
-const messageIpLimiter = rateLimit({
+const ipLimiterOptions = {
   windowMs: ipWindowMs,
   max: ipMax,
   handler: createHandler(),
-});
+};
 
-/**
- * Message request rate limiter by userId
- */
-const messageUserLimiter = rateLimit({
+const userLimiterOptions = {
   windowMs: userWindowMs,
   max: userMax,
   handler: createHandler(false),
   keyGenerator: function (req) {
     return req.user?.id; // Use the user ID or NULL if not available
   },
-});
+};
+
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for message rate limiters.');
+  const sendCommand = (...args) => ioredisClient.call(...args);
+  const ipStore = new RedisStore({
+    sendCommand,
+    prefix: 'message_ip_limiter:',
+  });
+  const userStore = new RedisStore({
+    sendCommand,
+    prefix: 'message_user_limiter:',
+  });
+  ipLimiterOptions.store = ipStore;
+  userLimiterOptions.store = userStore;
+}
+
+/**
+ * Message request rate limiter by IP
+ */
+const messageIpLimiter = rateLimit(ipLimiterOptions);
+
+/**
+ * Message request rate limiter by userId
+ */
+const messageUserLimiter = rateLimit(userLimiterOptions);
 
 module.exports = {
   messageIpLimiter,

api/server/middleware/limiters/registerLimiter.js

@@ -1,6 +1,9 @@
 const rateLimit = require('express-rate-limit');
-const { removePorts } = require('~/server/utils');
+const { RedisStore } = require('rate-limit-redis');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const { REGISTER_WINDOW = 60, REGISTER_MAX = 5, REGISTRATION_VIOLATION_SCORE: score } = process.env;
 const windowMs = REGISTER_WINDOW * 60 * 1000;
@@ -20,11 +23,22 @@ const handler = async (req, res) => {
   return res.status(429).json({ message });
 };
 
-const registerLimiter = rateLimit({
+const limiterOptions = {
   windowMs,
   max,
   handler,
   keyGenerator: removePorts,
-});
+};
+
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for register rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'register_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
+const registerLimiter = rateLimit(limiterOptions);
 
 module.exports = registerLimiter;

api/server/middleware/limiters/resetPasswordLimiter.js

@@ -1,7 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts } = require('~/server/utils');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const {
   RESET_PASSWORD_WINDOW = 2,
@@ -25,11 +28,22 @@ const handler = async (req, res) => {
   return res.status(429).json({ message });
 };
 
-const resetPasswordLimiter = rateLimit({
+const limiterOptions = {
   windowMs,
   max,
   handler,
   keyGenerator: removePorts,
-});
+};
+
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for reset password rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'reset_password_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
+const resetPasswordLimiter = rateLimit(limiterOptions);
 
 module.exports = resetPasswordLimiter;

api/server/middleware/limiters/sttLimiters.js

@@ -1,6 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const STT_IP_MAX = parseInt(process.env.STT_IP_MAX) || 100;
@@ -47,20 +51,38 @@ const createSTTHandler = (ip = true) => {
 const createSTTLimiters = () => {
   const { sttIpWindowMs, sttIpMax, sttUserWindowMs, sttUserMax } = getEnvironmentVariables();
 
-  const sttIpLimiter = rateLimit({
+  const ipLimiterOptions = {
     windowMs: sttIpWindowMs,
     max: sttIpMax,
     handler: createSTTHandler(),
-  });
+  };
 
-  const sttUserLimiter = rateLimit({
+  const userLimiterOptions = {
     windowMs: sttUserWindowMs,
     max: sttUserMax,
     handler: createSTTHandler(false),
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-  });
+  };
+
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for STT rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'stt_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'stt_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
+  const sttIpLimiter = rateLimit(ipLimiterOptions);
+  const sttUserLimiter = rateLimit(userLimiterOptions);
 
   return { sttIpLimiter, sttUserLimiter };
 };

api/server/middleware/limiters/toolCallLimiter.js

@@ -1,25 +1,42 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
-const toolCallLimiter = rateLimit({
+const handler = async (req, res) => {
+  const type = ViolationTypes.TOOL_CALL_LIMIT;
+  const errorMessage = {
+    type,
+    max: 1,
+    limiter: 'user',
+    windowInMinutes: 1,
+  };
+
+  await logViolation(req, res, type, errorMessage, 0);
+  res.status(429).json({ message: 'Too many tool call requests. Try again later' });
+};
+
+const limiterOptions = {
   windowMs: 1000,
   max: 1,
-  handler: async (req, res) => {
-    const type = ViolationTypes.TOOL_CALL_LIMIT;
-    const errorMessage = {
-      type,
-      max: 1,
-      limiter: 'user',
-      windowInMinutes: 1,
-    };
-
-    await logViolation(req, res, type, errorMessage, 0);
-    res.status(429).json({ message: 'Too many tool call requests. Try again later' });
-  },
+  handler,
   keyGenerator: function (req) {
     return req.user?.id;
   },
-});
+};
+
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for tool call rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'tool_call_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
+const toolCallLimiter = rateLimit(limiterOptions);
 
 module.exports = toolCallLimiter;

api/server/middleware/limiters/ttsLimiters.js

@@ -1,6 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const TTS_IP_MAX = parseInt(process.env.TTS_IP_MAX) || 100;
@@ -47,20 +51,38 @@ const createTTSHandler = (ip = true) => {
 const createTTSLimiters = () => {
   const { ttsIpWindowMs, ttsIpMax, ttsUserWindowMs, ttsUserMax } = getEnvironmentVariables();
 
-  const ttsIpLimiter = rateLimit({
+  const ipLimiterOptions = {
     windowMs: ttsIpWindowMs,
     max: ttsIpMax,
     handler: createTTSHandler(),
-  });
+  };
 
-  const ttsUserLimiter = rateLimit({
+  const userLimiterOptions = {
     windowMs: ttsUserWindowMs,
     max: ttsUserMax,
     handler: createTTSHandler(false),
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-  });
+  };
+
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for TTS rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'tts_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'tts_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
+  const ttsIpLimiter = rateLimit(ipLimiterOptions);
+  const ttsUserLimiter = rateLimit(userLimiterOptions);
 
   return { ttsIpLimiter, ttsUserLimiter };
 };

api/server/middleware/limiters/uploadLimiters.js

@@ -1,6 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
+const ioredisClient = require('~/cache/ioredisClient');
 const logViolation = require('~/cache/logViolation');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
 
 const getEnvironmentVariables = () => {
   const FILE_UPLOAD_IP_MAX = parseInt(process.env.FILE_UPLOAD_IP_MAX) || 100;
@@ -52,20 +56,38 @@ const createFileLimiters = () => {
   const { fileUploadIpWindowMs, fileUploadIpMax, fileUploadUserWindowMs, fileUploadUserMax } =
     getEnvironmentVariables();
 
-  const fileUploadIpLimiter = rateLimit({
+  const ipLimiterOptions = {
     windowMs: fileUploadIpWindowMs,
     max: fileUploadIpMax,
     handler: createFileUploadHandler(),
-  });
+  };
 
-  const fileUploadUserLimiter = rateLimit({
+  const userLimiterOptions = {
     windowMs: fileUploadUserWindowMs,
     max: fileUploadUserMax,
     handler: createFileUploadHandler(false),
     keyGenerator: function (req) {
       return req.user?.id; // Use the user ID or NULL if not available
     },
-  });
+  };
+
+  if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+    logger.debug('Using Redis for file upload rate limiters.');
+    const sendCommand = (...args) => ioredisClient.call(...args);
+    const ipStore = new RedisStore({
+      sendCommand,
+      prefix: 'file_upload_ip_limiter:',
+    });
+    const userStore = new RedisStore({
+      sendCommand,
+      prefix: 'file_upload_user_limiter:',
+    });
+    ipLimiterOptions.store = ipStore;
+    userLimiterOptions.store = userStore;
+  }
+
+  const fileUploadIpLimiter = rateLimit(ipLimiterOptions);
+  const fileUploadUserLimiter = rateLimit(userLimiterOptions);
 
   return { fileUploadIpLimiter, fileUploadUserLimiter };
 };

api/server/middleware/limiters/verifyEmailLimiter.js

@@ -1,7 +1,10 @@
 const rateLimit = require('express-rate-limit');
+const { RedisStore } = require('rate-limit-redis');
 const { ViolationTypes } = require('librechat-data-provider');
-const { removePorts } = require('~/server/utils');
+const { removePorts, isEnabled } = require('~/server/utils');
+const ioredisClient = require('~/cache/ioredisClient');
 const { logViolation } = require('~/cache');
+const { logger } = require('~/config');
 
 const {
   VERIFY_EMAIL_WINDOW = 2,
@@ -25,11 +28,22 @@ const handler = async (req, res) => {
   return res.status(429).json({ message });
 };
 
-const verifyEmailLimiter = rateLimit({
+const limiterOptions = {
   windowMs,
   max,
   handler,
   keyGenerator: removePorts,
-});
+};
+
+if (isEnabled(process.env.USE_REDIS) && ioredisClient) {
+  logger.debug('Using Redis for verify email rate limiter.');
+  const store = new RedisStore({
+    sendCommand: (...args) => ioredisClient.call(...args),
+    prefix: 'verify_email_limiter:',
+  });
+  limiterOptions.store = store;
+}
+
+const verifyEmailLimiter = rateLimit(limiterOptions);
 
 module.exports = verifyEmailLimiter;

api/server/middleware/logHeaders.js

@@ -0,0 +1,32 @@
+const { logger } = require('~/config');
+
+/**
+ * Middleware to log Forwarded Headers
+ * @function
+ * @param {ServerRequest} req - Express request object containing user information.
+ * @param {ServerResponse} res - Express response object.
+ * @param {import('express').NextFunction} next - Next middleware function.
+ * @throws {Error} Throws an error if the user exceeds the concurrent request limit.
+ */
+const logHeaders = (req, res, next) => {
+  try {
+    const forwardedHeaders = {};
+    if (req.headers['x-forwarded-for']) {
+      forwardedHeaders['x-forwarded-for'] = req.headers['x-forwarded-for'];
+    }
+    if (req.headers['x-forwarded-host']) {
+      forwardedHeaders['x-forwarded-host'] = req.headers['x-forwarded-host'];
+    }
+    if (req.headers['x-forwarded-proto']) {
+      forwardedHeaders['x-forwarded-proto'] = req.headers['x-forwarded-proto'];
+    }
+    if (Object.keys(forwardedHeaders).length > 0) {
+      logger.debug('X-Forwarded headers detected in OAuth request:', forwardedHeaders);
+    }
+  } catch (error) {
+    logger.error('Error logging X-Forwarded headers:', error);
+  }
+  next();
+};
+
+module.exports = logHeaders;

api/server/middleware/moderateText.js

@@ -1,39 +1,41 @@
 const axios = require('axios');
 const { ErrorTypes } = require('librechat-data-provider');
+const { isEnabled } = require('~/server/utils');
 const denyRequest = require('./denyRequest');
 const { logger } = require('~/config');
 
 async function moderateText(req, res, next) {
-  if (process.env.OPENAI_MODERATION === 'true') {
-    try {
-      const { text } = req.body;
+  if (!isEnabled(process.env.OPENAI_MODERATION)) {
+    return next();
+  }
+  try {
+    const { text } = req.body;
 
-      const response = await axios.post(
-        process.env.OPENAI_MODERATION_REVERSE_PROXY || 'https://api.openai.com/v1/moderations',
-        {
-          input: text,
+    const response = await axios.post(
+      process.env.OPENAI_MODERATION_REVERSE_PROXY || 'https://api.openai.com/v1/moderations',
+      {
+        input: text,
+      },
+      {
+        headers: {
+          'Content-Type': 'application/json',
+          Authorization: `Bearer ${process.env.OPENAI_MODERATION_API_KEY}`,
         },
-        {
-          headers: {
-            'Content-Type': 'application/json',
-            Authorization: `Bearer ${process.env.OPENAI_MODERATION_API_KEY}`,
-          },
-        },
-      );
+      },
+    );
 
-      const results = response.data.results;
-      const flagged = results.some((result) => result.flagged);
+    const results = response.data.results;
+    const flagged = results.some((result) => result.flagged);
 
-      if (flagged) {
-        const type = ErrorTypes.MODERATION;
-        const errorMessage = { type };
-        return await denyRequest(req, res, errorMessage);
-      }
-    } catch (error) {
-      logger.error('Error in moderateText:', error);
-      const errorMessage = 'error in moderation check';
+    if (flagged) {
+      const type = ErrorTypes.MODERATION;
+      const errorMessage = { type };
       return await denyRequest(req, res, errorMessage);
     }
+  } catch (error) {
+    logger.error('Error in moderateText:', error);
+    const errorMessage = 'error in moderation check';
+    return await denyRequest(req, res, errorMessage);
   }
   next();
 }

api/server/middleware/roles/generateCheckAccess.js

@@ -17,9 +17,9 @@ const checkAccess = async (user, permissionType, permissions, bodyProps = {}, ch
   }
 
   const role = await getRoleByName(user.role);
-  if (role && role[permissionType]) {
+  if (role && role.permissions && role.permissions[permissionType]) {
     const hasAnyPermission = permissions.some((permission) => {
-      if (role[permissionType][permission]) {
+      if (role.permissions[permissionType][permission]) {
         return true;
       }
 

api/server/middleware/setBalanceConfig.js

@@ -0,0 +1,91 @@
+const { getBalanceConfig } = require('~/server/services/Config');
+const Balance = require('~/models/Balance');
+const { logger } = require('~/config');
+
+/**
+ * Middleware to synchronize user balance settings with current balance configuration.
+ * @function
+ * @param {Object} req - Express request object containing user information.
+ * @param {Object} res - Express response object.
+ * @param {import('express').NextFunction} next - Next middleware function.
+ */
+const setBalanceConfig = async (req, res, next) => {
+  try {
+    const balanceConfig = await getBalanceConfig();
+    if (!balanceConfig?.enabled) {
+      return next();
+    }
+    if (balanceConfig.startBalance == null) {
+      return next();
+    }
+
+    const userId = req.user._id;
+    const userBalanceRecord = await Balance.findOne({ user: userId }).lean();
+    const updateFields = buildUpdateFields(balanceConfig, userBalanceRecord);
+
+    if (Object.keys(updateFields).length === 0) {
+      return next();
+    }
+
+    await Balance.findOneAndUpdate(
+      { user: userId },
+      { $set: updateFields },
+      { upsert: true, new: true },
+    );
+
+    next();
+  } catch (error) {
+    logger.error('Error setting user balance:', error);
+    next(error);
+  }
+};
+
+/**
+ * Build an object containing fields that need updating
+ * @param {Object} config - The balance configuration
+ * @param {Object|null} userRecord - The user's current balance record, if any
+ * @returns {Object} Fields that need updating
+ */
+function buildUpdateFields(config, userRecord) {
+  const updateFields = {};
+
+  // Ensure user record has the required fields
+  if (!userRecord) {
+    updateFields.user = userRecord?.user;
+    updateFields.tokenCredits = config.startBalance;
+  }
+
+  if (userRecord?.tokenCredits == null && config.startBalance != null) {
+    updateFields.tokenCredits = config.startBalance;
+  }
+
+  const isAutoRefillConfigValid =
+    config.autoRefillEnabled &&
+    config.refillIntervalValue != null &&
+    config.refillIntervalUnit != null &&
+    config.refillAmount != null;
+
+  if (!isAutoRefillConfigValid) {
+    return updateFields;
+  }
+
+  if (userRecord?.autoRefillEnabled !== config.autoRefillEnabled) {
+    updateFields.autoRefillEnabled = config.autoRefillEnabled;
+  }
+
+  if (userRecord?.refillIntervalValue !== config.refillIntervalValue) {
+    updateFields.refillIntervalValue = config.refillIntervalValue;
+  }
+
+  if (userRecord?.refillIntervalUnit !== config.refillIntervalUnit) {
+    updateFields.refillIntervalUnit = config.refillIntervalUnit;
+  }
+
+  if (userRecord?.refillAmount !== config.refillAmount) {
+    updateFields.refillAmount = config.refillAmount;
+  }
+
+  return updateFields;
+}
+
+module.exports = setBalanceConfig;

api/server/routes/__tests__/config.spec.js

@@ -18,6 +18,7 @@ afterEach(() => {
   delete process.env.OPENID_ISSUER;
   delete process.env.OPENID_SESSION_SECRET;
   delete process.env.OPENID_BUTTON_LABEL;
+  delete process.env.OPENID_AUTO_REDIRECT;
   delete process.env.OPENID_AUTH_URL;
   delete process.env.GITHUB_CLIENT_ID;
   delete process.env.GITHUB_CLIENT_SECRET;

api/server/routes/actions.js

@@ -1,5 +1,6 @@
 const express = require('express');
 const jwt = require('jsonwebtoken');
+const { CacheKeys } = require('librechat-data-provider');
 const { getAccessToken } = require('~/server/services/TokenService');
 const { logger, getFlowStateManager } = require('~/config');
 const { getLogStores } = require('~/cache');
@@ -19,8 +20,8 @@ const JWT_SECRET = process.env.JWT_SECRET;
 router.get('/:action_id/oauth/callback', async (req, res) => {
   const { action_id } = req.params;
   const { code, state } = req.query;
-
-  const flowManager = await getFlowStateManager(getLogStores);
+  const flowsCache = getLogStores(CacheKeys.FLOWS);
+  const flowManager = getFlowStateManager(flowsCache);
   let identifier = action_id;
   try {
     let decodedState;

api/server/routes/agents/actions.js

@@ -58,7 +58,7 @@ router.post('/:agent_id', async (req, res) => {
     }
 
     let { domain } = metadata;
-    domain = await domainParser(req, domain, true);
+    domain = await domainParser(domain, true);
 
     if (!domain) {
       return res.status(400).json({ message: 'No domain provided' });
@@ -164,7 +164,7 @@ router.delete('/:agent_id/:action_id', async (req, res) => {
       return true;
     });
 
-    domain = await domainParser(req, domain, true);
+    domain = await domainParser(domain, true);
 
     if (!domain) {
       return res.status(400).json({ message: 'No domain provided' });

api/server/routes/agents/chat.js

@@ -2,7 +2,7 @@ const express = require('express');
 const { PermissionTypes, Permissions } = require('librechat-data-provider');
 const {
   setHeaders,
-  handleAbort,
+  moderateText,
   // validateModel,
   generateCheckAccess,
   validateConvoAccess,
@@ -14,28 +14,37 @@ const addTitle = require('~/server/services/Endpoints/agents/title');
 
 const router = express.Router();
 
-router.post('/abort', handleAbort());
+router.use(moderateText);
 
 const checkAgentAccess = generateCheckAccess(PermissionTypes.AGENTS, [Permissions.USE]);
 
+router.use(checkAgentAccess);
+router.use(validateConvoAccess);
+router.use(buildEndpointOption);
+router.use(setHeaders);
+
+const controller = async (req, res, next) => {
+  await AgentController(req, res, next, initializeClient, addTitle);
+};
+
 /**
- * @route POST /
+ * @route POST / (regular endpoint)
  * @desc Chat with an assistant
  * @access Public
  * @param {express.Request} req - The request object, containing the request data.
  * @param {express.Response} res - The response object, used to send back a response.
  * @returns {void}
  */
-router.post(
-  '/',
-  // validateModel,
-  checkAgentAccess,
-  validateConvoAccess,
-  buildEndpointOption,
-  setHeaders,
-  async (req, res, next) => {
-    await AgentController(req, res, next, initializeClient, addTitle);
-  },
-);
+router.post('/', controller);
+
+/**
+ * @route POST /:endpoint (ephemeral agents)
+ * @desc Chat with an assistant
+ * @access Public
+ * @param {express.Request} req - The request object, containing the request data.
+ * @param {express.Response} res - The response object, used to send back a response.
+ * @returns {void}
+ */
+router.post('/:endpoint', controller);
 
 module.exports = router;

api/server/routes/agents/index.js

@@ -1,21 +1,40 @@
 const express = require('express');
-const router = express.Router();
 const {
   uaParser,
   checkBan,
   requireJwtAuth,
-  // concurrentLimiter,
-  // messageIpLimiter,
-  // messageUserLimiter,
+  messageIpLimiter,
+  concurrentLimiter,
+  messageUserLimiter,
 } = require('~/server/middleware');
-
+const { isEnabled } = require('~/server/utils');
 const { v1 } = require('./v1');
 const chat = require('./chat');
 
+const { LIMIT_CONCURRENT_MESSAGES, LIMIT_MESSAGE_IP, LIMIT_MESSAGE_USER } = process.env ?? {};
+
+const router = express.Router();
+
 router.use(requireJwtAuth);
 router.use(checkBan);
 router.use(uaParser);
+
 router.use('/', v1);
-router.use('/chat', chat);
+
+const chatRouter = express.Router();
+if (isEnabled(LIMIT_CONCURRENT_MESSAGES)) {
+  chatRouter.use(concurrentLimiter);
+}
+
+if (isEnabled(LIMIT_MESSAGE_IP)) {
+  chatRouter.use(messageIpLimiter);
+}
+
+if (isEnabled(LIMIT_MESSAGE_USER)) {
+  chatRouter.use(messageUserLimiter);
+}
+
+chatRouter.use('/', chat);
+router.use('/chat', chatRouter);
 
 module.exports = router;

api/server/routes/ask/addToCache.js

@@ -1,4 +1,4 @@
-const Keyv = require('keyv');
+const { Keyv } = require('keyv');
 const { KeyvFile } = require('keyv-file');
 const { logger } = require('~/config');