WIP: fix tests

WIP: appConfig

fix: update memory configuration retrieval to use getAppConfig based on user role

fix: update comment for AppConfig interface to clarify purpose

.env.example

@@ -742,3 +742,16 @@ OPENWEATHER_API_KEY=
 # JINA_API_KEY=your_jina_api_key
 # or
 # COHERE_API_KEY=your_cohere_api_key
+
+#======================#
+# MCP Configuration    #
+#======================#
+
+# Treat 401/403 responses as OAuth requirement when no oauth metadata found
+# MCP_OAUTH_ON_AUTH_ERROR=true
+
+# Timeout for OAuth detection requests in milliseconds
+# MCP_OAUTH_DETECTION_TIMEOUT=5000
+
+# Cache connection status checks for this many milliseconds to avoid expensive verification
+# MCP_CONNECTION_CHECK_TTL=60000

.github/CONTRIBUTING.md

@@ -147,7 +147,7 @@ Apply the following naming conventions to branches, labels, and other Git-relate
 ## 8. Module Import Conventions
 
 - `npm` packages first, 
-     - from shortest line (top) to longest (bottom)
+     - from longest line (top) to shortest (bottom)
 
 - Followed by typescript types (pertains to data-provider and client workspaces)
      - longest line (top) to shortest (bottom)
@@ -157,6 +157,8 @@ Apply the following naming conventions to branches, labels, and other Git-relate
      - longest line (top) to shortest (bottom)
      - imports with alias `~` treated the same as relative import with respect to line length
 
+**Note:** ESLint will automatically enforce these import conventions when you run `npm run lint --fix` or through pre-commit hooks.
+
 ---
 
 Please ensure that you adapt this summary to fit the specific context and nuances of your project.

.github/workflows/data-provider.yml

@@ -1,4 +1,4 @@
-name: Node.js Package
+name: Publish `librechat-data-provider` to NPM
 
 on:
   push:
@@ -6,6 +6,12 @@ on:
       - main
     paths:
       - 'packages/data-provider/package.json'
+  workflow_dispatch:
+    inputs:
+      reason:
+        description: 'Reason for manual trigger'
+        required: false
+        default: 'Manual publish requested'
 
 jobs:
   build:
@@ -14,7 +20,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 16
+          node-version: 20
       - run: cd packages/data-provider && npm ci
       - run: cd packages/data-provider && npm run build
 
@@ -25,7 +31,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 16
+          node-version: 20
           registry-url: 'https://registry.npmjs.org'
       - run: cd packages/data-provider && npm ci
       - run: cd packages/data-provider && npm run build

.gitignore

@@ -137,3 +137,4 @@ helm/**/.values.yaml
 /.openai/
 /.tabnine/
 /.codeium
+*.local.md

Dockerfile

@@ -19,7 +19,12 @@ WORKDIR /app
 
 USER node
 
-COPY --chown=node:node . .
+COPY --chown=node:node package.json package-lock.json ./
+COPY --chown=node:node api/package.json ./api/package.json
+COPY --chown=node:node client/package.json ./client/package.json
+COPY --chown=node:node packages/data-provider/package.json ./packages/data-provider/package.json
+COPY --chown=node:node packages/data-schemas/package.json ./packages/data-schemas/package.json
+COPY --chown=node:node packages/api/package.json ./packages/api/package.json
 
 RUN \
     # Allow mounting of these files, which have no default
@@ -29,7 +34,11 @@ RUN \
     npm config set fetch-retry-maxtimeout 600000 ; \
     npm config set fetch-retries 5 ; \
     npm config set fetch-retry-mintimeout 15000 ; \
-    npm install --no-audit; \
+    npm ci --no-audit
+
+COPY --chown=node:node . .
+
+RUN \
     # React client build
     NODE_OPTIONS="--max-old-space-size=2048" npm run frontend; \
     npm prune --production; \
@@ -47,4 +56,4 @@ CMD ["npm", "run", "backend"]
 # WORKDIR /usr/share/nginx/html
 # COPY --from=node /app/client/dist /usr/share/nginx/html
 # COPY client/nginx.conf /etc/nginx/conf.d/default.conf
-# ENTRYPOINT ["nginx", "-g", "daemon off;"]
+# ENTRYPOINT ["nginx", "-g", "daemon off;"]

api/app/clients/BaseClient.js

@@ -11,6 +11,7 @@ const {
   Constants,
 } = require('librechat-data-provider');
 const { getMessages, saveMessage, updateMessage, saveConvo, getConvo } = require('~/models');
+const { getAppConfig } = require('~/server/services/Config');
 const { checkBalance } = require('~/models/balanceMethods');
 const { truncateToolCallOutputs } = require('./prompts');
 const { getFiles } = require('~/models/File');
@@ -37,6 +38,8 @@ class BaseClient {
     this.conversationId;
     /** @type {string} */
     this.responseMessageId;
+    /** @type {string} */
+    this.parentMessageId;
     /** @type {TAttachment[]} */
     this.attachments;
     /** The key for the usage object's input tokens
@@ -110,13 +113,15 @@ class BaseClient {
    * If a correction to the token usage is needed, the method should return an object with the corrected token counts.
    * Should only be used if `recordCollectedUsage` was not used instead.
    * @param {string} [model]
+   * @param {AppConfig['balance']} [balance]
    * @param {number} promptTokens
    * @param {number} completionTokens
    * @returns {Promise<void>}
    */
-  async recordTokenUsage({ model, promptTokens, completionTokens }) {
+  async recordTokenUsage({ model, balance, promptTokens, completionTokens }) {
     logger.debug('[BaseClient] `recordTokenUsage` not implemented.', {
       model,
+      balance,
       promptTokens,
       completionTokens,
     });
@@ -565,6 +570,7 @@ class BaseClient {
   }
 
   async sendMessage(message, opts = {}) {
+    const appConfig = await getAppConfig({ role: this.options.req?.user?.role });
     /** @type {Promise<TMessage>} */
     let userMessagePromise;
     const { user, head, isEdited, conversationId, responseMessageId, saveOptions, userMessage } =
@@ -614,15 +620,19 @@ class BaseClient {
       this.currentMessages.push(userMessage);
     }
 
+    /**
+     * When the userMessage is pushed to currentMessages, the parentMessage is the userMessageId.
+     * this only matters when buildMessages is utilizing the parentMessageId, and may vary on implementation
+     */
+    const parentMessageId = isEdited ? head : userMessage.messageId;
+    this.parentMessageId = parentMessageId;
     let {
       prompt: payload,
       tokenCountMap,
       promptTokens,
     } = await this.buildMessages(
       this.currentMessages,
-      // When the userMessage is pushed to currentMessages, the parentMessage is the userMessageId.
-      // this only matters when buildMessages is utilizing the parentMessageId, and may vary on implementation
-      isEdited ? head : userMessage.messageId,
+      parentMessageId,
       this.getBuildMessagesOptions(opts),
       opts,
     );
@@ -647,7 +657,7 @@ class BaseClient {
       }
     }
 
-    const balance = this.options.req?.app?.locals?.balance;
+    const balance = appConfig?.balance;
     if (
       balance?.enabled &&
       supportsBalanceCheck[this.options.endpointType ?? this.options.endpoint]
@@ -746,6 +756,7 @@ class BaseClient {
         completionTokens = responseMessage.tokenCount;
         await this.recordTokenUsage({
           usage,
+          balance,
           promptTokens,
           completionTokens,
           model: responseMessage.model,

api/app/clients/OpenAIClient.js

@@ -34,13 +34,14 @@ const {
 const { extractBaseURL, getModelMaxTokens, getModelMaxOutputTokens } = require('~/utils');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
 const { addSpaceIfNeeded, sleep } = require('~/server/utils');
+const { getAppConfig } = require('~/server/services/Config');
 const { spendTokens } = require('~/models/spendTokens');
 const { handleOpenAIErrors } = require('./tools/util');
-const { createLLM, RunManager } = require('./llm');
 const { summaryBuffer } = require('./memory');
 const { runTitleChain } = require('./chains');
 const { tokenSplit } = require('./document');
 const BaseClient = require('./BaseClient');
+const { createLLM } = require('./llm');
 const { logger } = require('~/config');
 
 class OpenAIClient extends BaseClient {
@@ -618,10 +619,6 @@ class OpenAIClient extends BaseClient {
     temperature = 0.2,
     max_tokens,
     streaming,
-    context,
-    tokenBuffer,
-    initialMessageCount,
-    conversationId,
   }) {
     const modelOptions = {
       modelName: modelName ?? model,
@@ -653,8 +650,10 @@ class OpenAIClient extends BaseClient {
     if (headers && typeof headers === 'object' && !Array.isArray(headers)) {
       configOptions.baseOptions = {
         headers: resolveHeaders({
-          ...headers,
-          ...configOptions?.baseOptions?.headers,
+          headers: {
+            ...headers,
+            ...configOptions?.baseOptions?.headers,
+          },
         }),
       };
     }
@@ -664,22 +663,12 @@ class OpenAIClient extends BaseClient {
       configOptions.httpsAgent = new HttpsProxyAgent(this.options.proxy);
     }
 
-    const { req, res, debug } = this.options;
-    const runManager = new RunManager({ req, res, debug, abortController: this.abortController });
-    this.runManager = runManager;
-
     const llm = createLLM({
       modelOptions,
       configOptions,
       openAIApiKey: this.apiKey,
       azure: this.azure,
       streaming,
-      callbacks: runManager.createCallbacks({
-        context,
-        tokenBuffer,
-        conversationId: this.conversationId ?? conversationId,
-        initialMessageCount,
-      }),
     });
 
     return llm;
@@ -700,6 +689,7 @@ class OpenAIClient extends BaseClient {
    *                            In case of failure, it will return the default title, "New Chat".
    */
   async titleConvo({ text, conversationId, responseText = '' }) {
+    const appConfig = await getAppConfig({ role: this.options.req?.user?.role });
     this.conversationId = conversationId;
 
     if (this.options.attachments) {
@@ -728,8 +718,7 @@ class OpenAIClient extends BaseClient {
       max_tokens: 16,
     };
 
-    /** @type {TAzureConfig | undefined} */
-    const azureConfig = this.options?.req?.app?.locals?.[EModelEndpoint.azureOpenAI];
+    const azureConfig = appConfig?.endpoints?.[EModelEndpoint.azureOpenAI];
 
     const resetTitleOptions = !!(
       (this.azure && azureConfig) ||
@@ -749,7 +738,7 @@ class OpenAIClient extends BaseClient {
         groupMap,
       });
 
-      this.options.headers = resolveHeaders(headers);
+      this.options.headers = resolveHeaders({ headers });
       this.options.reverseProxyUrl = baseURL ?? null;
       this.langchainProxy = extractBaseURL(this.options.reverseProxyUrl);
       this.apiKey = azureOptions.azureOpenAIApiKey;
@@ -1118,6 +1107,7 @@ ${convo}
   }
 
   async chatCompletion({ payload, onProgress, abortController = null }) {
+    const appConfig = await getAppConfig({ role: this.options.req?.user?.role });
     let error = null;
     let intermediateReply = [];
     const errorCallback = (err) => (error = err);
@@ -1163,8 +1153,7 @@ ${convo}
         opts.fetchOptions.agent = new HttpsProxyAgent(this.options.proxy);
       }
 
-      /** @type {TAzureConfig | undefined} */
-      const azureConfig = this.options?.req?.app?.locals?.[EModelEndpoint.azureOpenAI];
+      const azureConfig = appConfig?.endpoints?.[EModelEndpoint.azureOpenAI];
 
       if (
         (this.azure && this.isVisionModel && azureConfig) ||
@@ -1181,7 +1170,7 @@ ${convo}
           modelGroupMap,
           groupMap,
         });
-        opts.defaultHeaders = resolveHeaders(headers);
+        opts.defaultHeaders = resolveHeaders({ headers });
         this.langchainProxy = extractBaseURL(baseURL);
         this.apiKey = azureOptions.azureOpenAIApiKey;
 

api/app/clients/callbacks/createStartHandler.js

@@ -1,95 +0,0 @@
-const { promptTokensEstimate } = require('openai-chat-tokens');
-const { EModelEndpoint, supportsBalanceCheck } = require('librechat-data-provider');
-const { formatFromLangChain } = require('~/app/clients/prompts');
-const { getBalanceConfig } = require('~/server/services/Config');
-const { checkBalance } = require('~/models/balanceMethods');
-const { logger } = require('~/config');
-
-const createStartHandler = ({
-  context,
-  conversationId,
-  tokenBuffer = 0,
-  initialMessageCount,
-  manager,
-}) => {
-  return async (_llm, _messages, runId, parentRunId, extraParams) => {
-    const { invocation_params } = extraParams;
-    const { model, functions, function_call } = invocation_params;
-    const messages = _messages[0].map(formatFromLangChain);
-
-    logger.debug(`[createStartHandler] handleChatModelStart: ${context}`, {
-      model,
-      function_call,
-    });
-
-    if (context !== 'title') {
-      logger.debug(`[createStartHandler] handleChatModelStart: ${context}`, {
-        functions,
-      });
-    }
-
-    const payload = { messages };
-    let prelimPromptTokens = 1;
-
-    if (functions) {
-      payload.functions = functions;
-      prelimPromptTokens += 2;
-    }
-
-    if (function_call) {
-      payload.function_call = function_call;
-      prelimPromptTokens -= 5;
-    }
-
-    prelimPromptTokens += promptTokensEstimate(payload);
-    logger.debug('[createStartHandler]', {
-      prelimPromptTokens,
-      tokenBuffer,
-    });
-    prelimPromptTokens += tokenBuffer;
-
-    try {
-      const balance = await getBalanceConfig();
-      if (balance?.enabled && supportsBalanceCheck[EModelEndpoint.openAI]) {
-        const generations =
-          initialMessageCount && messages.length > initialMessageCount
-            ? messages.slice(initialMessageCount)
-            : null;
-        await checkBalance({
-          req: manager.req,
-          res: manager.res,
-          txData: {
-            user: manager.user,
-            tokenType: 'prompt',
-            amount: prelimPromptTokens,
-            debug: manager.debug,
-            generations,
-            model,
-            endpoint: EModelEndpoint.openAI,
-          },
-        });
-      }
-    } catch (err) {
-      logger.error(`[createStartHandler][${context}] checkBalance error`, err);
-      manager.abortController.abort();
-      if (context === 'summary' || context === 'plugins') {
-        manager.addRun(runId, { conversationId, error: err.message });
-        throw new Error(err);
-      }
-      return;
-    }
-
-    manager.addRun(runId, {
-      model,
-      messages,
-      functions,
-      function_call,
-      runId,
-      parentRunId,
-      conversationId,
-      prelimPromptTokens,
-    });
-  };
-};
-
-module.exports = createStartHandler;

api/app/clients/callbacks/index.js

@@ -1,5 +0,0 @@
-const createStartHandler = require('./createStartHandler');
-
-module.exports = {
-  createStartHandler,
-};

api/app/clients/llm/RunManager.js

@@ -1,105 +0,0 @@
-const { createStartHandler } = require('~/app/clients/callbacks');
-const { spendTokens } = require('~/models/spendTokens');
-const { logger } = require('~/config');
-
-class RunManager {
-  constructor(fields) {
-    const { req, res, abortController, debug } = fields;
-    this.abortController = abortController;
-    this.user = req.user.id;
-    this.req = req;
-    this.res = res;
-    this.debug = debug;
-    this.runs = new Map();
-    this.convos = new Map();
-  }
-
-  addRun(runId, runData) {
-    if (!this.runs.has(runId)) {
-      this.runs.set(runId, runData);
-      if (runData.conversationId) {
-        this.convos.set(runData.conversationId, runId);
-      }
-      return runData;
-    } else {
-      const existingData = this.runs.get(runId);
-      const update = { ...existingData, ...runData };
-      this.runs.set(runId, update);
-      if (update.conversationId) {
-        this.convos.set(update.conversationId, runId);
-      }
-      return update;
-    }
-  }
-
-  removeRun(runId) {
-    if (this.runs.has(runId)) {
-      this.runs.delete(runId);
-    } else {
-      logger.error(`[api/app/clients/llm/RunManager] Run with ID ${runId} does not exist.`);
-    }
-  }
-
-  getAllRuns() {
-    return Array.from(this.runs.values());
-  }
-
-  getRunById(runId) {
-    return this.runs.get(runId);
-  }
-
-  getRunByConversationId(conversationId) {
-    const runId = this.convos.get(conversationId);
-    return { run: this.runs.get(runId), runId };
-  }
-
-  createCallbacks(metadata) {
-    return [
-      {
-        handleChatModelStart: createStartHandler({ ...metadata, manager: this }),
-        handleLLMEnd: async (output, runId, _parentRunId) => {
-          const { llmOutput, ..._output } = output;
-          logger.debug(`[RunManager] handleLLMEnd: ${JSON.stringify(metadata)}`, {
-            runId,
-            _parentRunId,
-            llmOutput,
-          });
-
-          if (metadata.context !== 'title') {
-            logger.debug('[RunManager] handleLLMEnd:', {
-              output: _output,
-            });
-          }
-
-          const { tokenUsage } = output.llmOutput;
-          const run = this.getRunById(runId);
-          this.removeRun(runId);
-
-          const txData = {
-            user: this.user,
-            model: run?.model ?? 'gpt-3.5-turbo',
-            ...metadata,
-          };
-
-          await spendTokens(txData, tokenUsage);
-        },
-        handleLLMError: async (err) => {
-          logger.error(`[RunManager] handleLLMError: ${JSON.stringify(metadata)}`, err);
-          if (metadata.context === 'title') {
-            return;
-          } else if (metadata.context === 'plugins') {
-            throw new Error(err);
-          }
-          const { conversationId } = metadata;
-          const { run } = this.getRunByConversationId(conversationId);
-          if (run && run.error) {
-            const { error } = run;
-            throw new Error(error);
-          }
-        },
-      },
-    ];
-  }
-}
-
-module.exports = RunManager;

api/app/clients/llm/index.js

@@ -1,9 +1,7 @@
 const createLLM = require('./createLLM');
-const RunManager = require('./RunManager');
 const createCoherePayload = require('./createCoherePayload');
 
 module.exports = {
   createLLM,
-  RunManager,
   createCoherePayload,
 };

api/app/clients/specs/AnthropicClient.test.js

@@ -245,7 +245,7 @@ describe('AnthropicClient', () => {
     });
 
     describe('Claude 4 model headers', () => {
-      it('should add "prompt-caching" beta header for claude-sonnet-4 model', () => {
+      it('should add "prompt-caching" and "context-1m" beta headers for claude-sonnet-4 model', () => {
         const client = new AnthropicClient('test-api-key');
         const modelOptions = {
           model: 'claude-sonnet-4-20250514',
@@ -255,10 +255,30 @@ describe('AnthropicClient', () => {
         expect(anthropicClient._options.defaultHeaders).toBeDefined();
         expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
         expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
-          'prompt-caching-2024-07-31',
+          'prompt-caching-2024-07-31,context-1m-2025-08-07',
         );
       });
 
+      it('should add "prompt-caching" and "context-1m" beta headers for claude-sonnet-4 model formats', () => {
+        const client = new AnthropicClient('test-api-key');
+        const modelVariations = [
+          'claude-sonnet-4-20250514',
+          'claude-sonnet-4-latest',
+          'anthropic/claude-sonnet-4-20250514',
+        ];
+
+        modelVariations.forEach((model) => {
+          const modelOptions = { model };
+          client.setOptions({ modelOptions, promptCache: true });
+          const anthropicClient = client.getClient(modelOptions);
+          expect(anthropicClient._options.defaultHeaders).toBeDefined();
+          expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
+          expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
+            'prompt-caching-2024-07-31,context-1m-2025-08-07',
+          );
+        });
+      });
+
       it('should add "prompt-caching" beta header for claude-opus-4 model', () => {
         const client = new AnthropicClient('test-api-key');
         const modelOptions = {
@@ -273,20 +293,6 @@ describe('AnthropicClient', () => {
         );
       });
 
-      it('should add "prompt-caching" beta header for claude-4-sonnet model', () => {
-        const client = new AnthropicClient('test-api-key');
-        const modelOptions = {
-          model: 'claude-4-sonnet-20250514',
-        };
-        client.setOptions({ modelOptions, promptCache: true });
-        const anthropicClient = client.getClient(modelOptions);
-        expect(anthropicClient._options.defaultHeaders).toBeDefined();
-        expect(anthropicClient._options.defaultHeaders).toHaveProperty('anthropic-beta');
-        expect(anthropicClient._options.defaultHeaders['anthropic-beta']).toBe(
-          'prompt-caching-2024-07-31',
-        );
-      });
-
       it('should add "prompt-caching" beta header for claude-4-opus model', () => {
         const client = new AnthropicClient('test-api-key');
         const modelOptions = {

api/app/clients/specs/BaseClient.test.js

@@ -2,6 +2,14 @@ const { Constants } = require('librechat-data-provider');
 const { initializeFakeClient } = require('./FakeClient');
 
 jest.mock('~/db/connect');
+jest.mock('~/server/services/Config', () => ({
+  getAppConfig: jest.fn().mockResolvedValue({
+    // Default app config for tests
+    paths: { uploads: '/tmp' },
+    fileStrategy: 'local',
+    memory: { disabled: false },
+  }),
+}));
 jest.mock('~/models', () => ({
   User: jest.fn(),
   Key: jest.fn(),

api/app/clients/tools/index.js

@@ -1,4 +1,4 @@
-const availableTools = require('./manifest.json');
+const manifest = require('./manifest');
 
 // Structured Tools
 const DALLE3 = require('./structured/DALLE3');
@@ -13,23 +13,8 @@ const TraversaalSearch = require('./structured/TraversaalSearch');
 const createOpenAIImageTools = require('./structured/OpenAIImageTools');
 const TavilySearchResults = require('./structured/TavilySearchResults');
 
-/** @type {Record<string, TPlugin | undefined>} */
-const manifestToolMap = {};
-
-/** @type {Array<TPlugin>} */
-const toolkits = [];
-
-availableTools.forEach((tool) => {
-  manifestToolMap[tool.pluginKey] = tool;
-  if (tool.toolkit === true) {
-    toolkits.push(tool);
-  }
-});
-
 module.exports = {
-  toolkits,
-  availableTools,
-  manifestToolMap,
+  ...manifest,
   // Structured Tools
   DALLE3,
   FluxAPI,

api/app/clients/tools/manifest.js

@@ -0,0 +1,20 @@
+const availableTools = require('./manifest.json');
+
+/** @type {Record<string, TPlugin | undefined>} */
+const manifestToolMap = {};
+
+/** @type {Array<TPlugin>} */
+const toolkits = [];
+
+availableTools.forEach((tool) => {
+  manifestToolMap[tool.pluginKey] = tool;
+  if (tool.toolkit === true) {
+    toolkits.push(tool);
+  }
+});
+
+module.exports = {
+  toolkits,
+  availableTools,
+  manifestToolMap,
+};

api/app/clients/tools/structured/DALLE3.js

@@ -5,10 +5,10 @@ const fetch = require('node-fetch');
 const { v4: uuidv4 } = require('uuid');
 const { ProxyAgent } = require('undici');
 const { Tool } = require('@langchain/core/tools');
+const { logger } = require('@librechat/data-schemas');
+const { getImageBasename } = require('@librechat/api');
 const { FileContext, ContentTypes } = require('librechat-data-provider');
-const { getImageBasename } = require('~/server/services/Files/images');
 const extractBaseURL = require('~/utils/extractBaseURL');
-const logger = require('~/config/winston');
 
 const displayMessage =
   "DALL-E displayed an image. All generated images are already plainly visible, so don't repeat the descriptions in detail. Do not list download links as they are available in the UI already. The user may download the images by clicking on them, but do not mention anything about downloading to the user.";

api/app/clients/tools/structured/OpenAIImageTools.js

@@ -1,69 +1,16 @@
-const { z } = require('zod');
 const axios = require('axios');
 const { v4 } = require('uuid');
 const OpenAI = require('openai');
 const FormData = require('form-data');
 const { ProxyAgent } = require('undici');
 const { tool } = require('@langchain/core/tools');
-const { logAxiosError } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
+const { logAxiosError, oaiToolkit } = require('@librechat/api');
 const { ContentTypes, EImageOutputType } = require('librechat-data-provider');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
-const { extractBaseURL } = require('~/utils');
+const extractBaseURL = require('~/utils/extractBaseURL');
 const { getFiles } = require('~/models/File');
 
-/** Default descriptions for image generation tool  */
-const DEFAULT_IMAGE_GEN_DESCRIPTION = `
-Generates high-quality, original images based solely on text, not using any uploaded reference images.
-
-When to use \`image_gen_oai\`:
-- To create entirely new images from detailed text descriptions that do NOT reference any image files.
-
-When NOT to use \`image_gen_oai\`:
-- If the user has uploaded any images and requests modifications, enhancements, or remixing based on those uploads → use \`image_edit_oai\` instead.
-
-Generated image IDs will be returned in the response, so you can refer to them in future requests made to \`image_edit_oai\`.
-`.trim();
-
-/** Default description for image editing tool  */
-const DEFAULT_IMAGE_EDIT_DESCRIPTION =
-  `Generates high-quality, original images based on text and one or more uploaded/referenced images.
-
-When to use \`image_edit_oai\`:
-- The user wants to modify, extend, or remix one **or more** uploaded images, either:
-- Previously generated, or in the current request (both to be included in the \`image_ids\` array).
-- Always when the user refers to uploaded images for editing, enhancement, remixing, style transfer, or combining elements.
-- Any current or existing images are to be used as visual guides.
-- If there are any files in the current request, they are more likely than not expected as references for image edit requests.
-
-When NOT to use \`image_edit_oai\`:
-- Brand-new generations that do not rely on an existing image → use \`image_gen_oai\` instead.
-
-Both generated and referenced image IDs will be returned in the response, so you can refer to them in future requests made to \`image_edit_oai\`.
-`.trim();
-
-/** Default prompt descriptions  */
-const DEFAULT_IMAGE_GEN_PROMPT_DESCRIPTION = `Describe the image you want in detail. 
-      Be highly specific—break your idea into layers: 
-      (1) main concept and subject,
-      (2) composition and position,
-      (3) lighting and mood,
-      (4) style, medium, or camera details,
-      (5) important features (age, expression, clothing, etc.),
-      (6) background.
-      Use positive, descriptive language and specify what should be included, not what to avoid. 
-      List number and characteristics of people/objects, and mention style/technical requirements (e.g., "DSLR photo, 85mm lens, golden hour").
-      Do not reference any uploaded images—use for new image creation from text only.`;
-
-const DEFAULT_IMAGE_EDIT_PROMPT_DESCRIPTION = `Describe the changes, enhancements, or new ideas to apply to the uploaded image(s).
-      Be highly specific—break your request into layers: 
-      (1) main concept or transformation,
-      (2) specific edits/replacements or composition guidance,
-      (3) desired style, mood, or technique,
-      (4) features/items to keep, change, or add (such as objects, people, clothing, lighting, etc.).
-      Use positive, descriptive language and clarify what should be included or changed, not what to avoid.
-      Always base this prompt on the most recently uploaded reference images.`;
-
 const displayMessage =
   "The tool displayed an image. All generated images are already plainly visible, so don't repeat the descriptions in detail. Do not list download links as they are available in the UI already. The user may download the images by clicking on them, but do not mention anything about downloading to the user.";
 
@@ -91,22 +38,6 @@ function returnValue(value) {
   return value;
 }
 
-const getImageGenDescription = () => {
-  return process.env.IMAGE_GEN_OAI_DESCRIPTION || DEFAULT_IMAGE_GEN_DESCRIPTION;
-};
-
-const getImageEditDescription = () => {
-  return process.env.IMAGE_EDIT_OAI_DESCRIPTION || DEFAULT_IMAGE_EDIT_DESCRIPTION;
-};
-
-const getImageGenPromptDescription = () => {
-  return process.env.IMAGE_GEN_OAI_PROMPT_DESCRIPTION || DEFAULT_IMAGE_GEN_PROMPT_DESCRIPTION;
-};
-
-const getImageEditPromptDescription = () => {
-  return process.env.IMAGE_EDIT_OAI_PROMPT_DESCRIPTION || DEFAULT_IMAGE_EDIT_PROMPT_DESCRIPTION;
-};
-
 function createAbortHandler() {
   return function () {
     logger.debug('[ImageGenOAI] Image generation aborted');
@@ -121,7 +52,9 @@ function createAbortHandler() {
  * @param {string} fields.IMAGE_GEN_OAI_API_KEY - The OpenAI API key
  * @param {boolean} [fields.override] - Whether to override the API key check, necessary for app initialization
  * @param {MongoFile[]} [fields.imageFiles] - The images to be used for editing
- * @returns {Array} - Array of image tools
+ * @param {string} [fields.imageOutputType] - The image output type configuration
+ * @param {string} [fields.fileStrategy] - The file storage strategy
+ * @returns {Array<ReturnType<tool>>} - Array of image tools
  */
 function createOpenAIImageTools(fields = {}) {
   /** @type {boolean} Used to initialize the Tool without necessary variables. */
@@ -131,8 +64,8 @@ function createOpenAIImageTools(fields = {}) {
     throw new Error('This tool is only available for agents.');
   }
   const { req } = fields;
-  const imageOutputType = req?.app.locals.imageOutputType || EImageOutputType.PNG;
-  const appFileStrategy = req?.app.locals.fileStrategy;
+  const imageOutputType = fields.imageOutputType || EImageOutputType.PNG;
+  const appFileStrategy = fields.fileStrategy;
 
   const getApiKey = () => {
     const apiKey = process.env.IMAGE_GEN_OAI_API_KEY ?? '';
@@ -285,46 +218,7 @@ Error Message: ${error.message}`);
       ];
       return [response, { content, file_ids }];
     },
-    {
-      name: 'image_gen_oai',
-      description: getImageGenDescription(),
-      schema: z.object({
-        prompt: z.string().max(32000).describe(getImageGenPromptDescription()),
-        background: z
-          .enum(['transparent', 'opaque', 'auto'])
-          .optional()
-          .describe(
-            'Sets transparency for the background. Must be one of transparent, opaque or auto (default). When transparent, the output format should be png or webp.',
-          ),
-        /*
-        n: z
-          .number()
-          .int()
-          .min(1)
-          .max(10)
-          .optional()
-          .describe('The number of images to generate. Must be between 1 and 10.'),
-        output_compression: z
-          .number()
-          .int()
-          .min(0)
-          .max(100)
-          .optional()
-          .describe('The compression level (0-100%) for webp or jpeg formats. Defaults to 100.'),
-           */
-        quality: z
-          .enum(['auto', 'high', 'medium', 'low'])
-          .optional()
-          .describe('The quality of the image. One of auto (default), high, medium, or low.'),
-        size: z
-          .enum(['auto', '1024x1024', '1536x1024', '1024x1536'])
-          .optional()
-          .describe(
-            'The size of the generated image. One of 1024x1024, 1536x1024 (landscape), 1024x1536 (portrait), or auto (default).',
-          ),
-      }),
-      responseFormat: 'content_and_artifact',
-    },
+    oaiToolkit.image_gen_oai,
   );
 
   /**
@@ -517,48 +411,7 @@ Error Message: ${error.message || 'Unknown error'}`);
         }
       }
     },
-    {
-      name: 'image_edit_oai',
-      description: getImageEditDescription(),
-      schema: z.object({
-        image_ids: z
-          .array(z.string())
-          .min(1)
-          .describe(
-            `
-IDs (image ID strings) of previously generated or uploaded images that should guide the edit.
-
-Guidelines:
-- If the user's request depends on any prior image(s), copy their image IDs into the \`image_ids\` array (in the same order the user refers to them).  
-- Never invent or hallucinate IDs; only use IDs that are still visible in the conversation context.
-- If no earlier image is relevant, omit the field entirely.
-`.trim(),
-          ),
-        prompt: z.string().max(32000).describe(getImageEditPromptDescription()),
-        /*
-        n: z
-          .number()
-          .int()
-          .min(1)
-          .max(10)
-          .optional()
-          .describe('The number of images to generate. Must be between 1 and 10. Defaults to 1.'),
-        */
-        quality: z
-          .enum(['auto', 'high', 'medium', 'low'])
-          .optional()
-          .describe(
-            'The quality of the image. One of auto (default), high, medium, or low. High/medium/low only supported for gpt-image-1.',
-          ),
-        size: z
-          .enum(['auto', '1024x1024', '1536x1024', '1024x1536', '256x256', '512x512'])
-          .optional()
-          .describe(
-            'The size of the generated images. For gpt-image-1: auto (default), 1024x1024, 1536x1024, 1024x1536. For dall-e-2: 256x256, 512x512, 1024x1024.',
-          ),
-      }),
-      responseFormat: 'content_and_artifact',
-    },
+    oaiToolkit.image_edit_oai,
   );
 
   return [imageGenTool, imageEditTool];

api/app/clients/tools/structured/YouTube.js

@@ -1,9 +1,9 @@
-const { z } = require('zod');
+const { ytToolkit } = require('@librechat/api');
 const { tool } = require('@langchain/core/tools');
 const { youtube } = require('@googleapis/youtube');
+const { logger } = require('@librechat/data-schemas');
 const { YoutubeTranscript } = require('youtube-transcript');
 const { getApiKey } = require('./credentials');
-const { logger } = require('~/config');
 
 function extractVideoId(url) {
   const rawIdRegex = /^[a-zA-Z0-9_-]{11}$/;
@@ -29,7 +29,7 @@ function parseTranscript(transcriptResponse) {
     .map((entry) => entry.text.trim())
     .filter((text) => text)
     .join(' ')
-    .replaceAll(''', '\'');
+    .replaceAll(''', "'");
 }
 
 function createYouTubeTools(fields = {}) {
@@ -42,160 +42,94 @@ function createYouTubeTools(fields = {}) {
     auth: apiKey,
   });
 
-  const searchTool = tool(
-    async ({ query, maxResults = 5 }) => {
-      const response = await youtubeClient.search.list({
-        part: 'snippet',
-        q: query,
-        type: 'video',
-        maxResults: maxResults || 5,
-      });
-      const result = response.data.items.map((item) => ({
-        title: item.snippet.title,
-        description: item.snippet.description,
-        url: `https://www.youtube.com/watch?v=${item.id.videoId}`,
-      }));
-      return JSON.stringify(result, null, 2);
-    },
-    {
-      name: 'youtube_search',
-      description: `Search for YouTube videos by keyword or phrase.
-- Required: query (search terms to find videos)
-- Optional: maxResults (number of videos to return, 1-50, default: 5)
-- Returns: List of videos with titles, descriptions, and URLs
-- Use for: Finding specific videos, exploring content, research
-Example: query="cooking pasta tutorials" maxResults=3`,
-      schema: z.object({
-        query: z.string().describe('Search query terms'),
-        maxResults: z.number().int().min(1).max(50).optional().describe('Number of results (1-50)'),
-      }),
-    },
-  );
+  const searchTool = tool(async ({ query, maxResults = 5 }) => {
+    const response = await youtubeClient.search.list({
+      part: 'snippet',
+      q: query,
+      type: 'video',
+      maxResults: maxResults || 5,
+    });
+    const result = response.data.items.map((item) => ({
+      title: item.snippet.title,
+      description: item.snippet.description,
+      url: `https://www.youtube.com/watch?v=${item.id.videoId}`,
+    }));
+    return JSON.stringify(result, null, 2);
+  }, ytToolkit.youtube_search);
 
-  const infoTool = tool(
-    async ({ url }) => {
-      const videoId = extractVideoId(url);
-      if (!videoId) {
-        throw new Error('Invalid YouTube URL or video ID');
-      }
+  const infoTool = tool(async ({ url }) => {
+    const videoId = extractVideoId(url);
+    if (!videoId) {
+      throw new Error('Invalid YouTube URL or video ID');
+    }
 
-      const response = await youtubeClient.videos.list({
-        part: 'snippet,statistics',
-        id: videoId,
-      });
+    const response = await youtubeClient.videos.list({
+      part: 'snippet,statistics',
+      id: videoId,
+    });
 
-      if (!response.data.items?.length) {
-        throw new Error('Video not found');
-      }
-      const video = response.data.items[0];
+    if (!response.data.items?.length) {
+      throw new Error('Video not found');
+    }
+    const video = response.data.items[0];
 
-      const result = {
-        title: video.snippet.title,
-        description: video.snippet.description,
-        views: video.statistics.viewCount,
-        likes: video.statistics.likeCount,
-        comments: video.statistics.commentCount,
-      };
-      return JSON.stringify(result, null, 2);
-    },
-    {
-      name: 'youtube_info',
-      description: `Get detailed metadata and statistics for a specific YouTube video.
-- Required: url (full YouTube URL or video ID)
-- Returns: Video title, description, view count, like count, comment count
-- Use for: Getting video metrics and basic metadata
-- DO NOT USE FOR VIDEO SUMMARIES, USE TRANSCRIPTS FOR COMPREHENSIVE ANALYSIS
-- Accepts both full URLs and video IDs
-Example: url="https://youtube.com/watch?v=abc123" or url="abc123"`,
-      schema: z.object({
-        url: z.string().describe('YouTube video URL or ID'),
-      }),
-    },
-  );
+    const result = {
+      title: video.snippet.title,
+      description: video.snippet.description,
+      views: video.statistics.viewCount,
+      likes: video.statistics.likeCount,
+      comments: video.statistics.commentCount,
+    };
+    return JSON.stringify(result, null, 2);
+  }, ytToolkit.youtube_info);
 
-  const commentsTool = tool(
-    async ({ url, maxResults = 10 }) => {
-      const videoId = extractVideoId(url);
-      if (!videoId) {
-        throw new Error('Invalid YouTube URL or video ID');
-      }
+  const commentsTool = tool(async ({ url, maxResults = 10 }) => {
+    const videoId = extractVideoId(url);
+    if (!videoId) {
+      throw new Error('Invalid YouTube URL or video ID');
+    }
 
-      const response = await youtubeClient.commentThreads.list({
-        part: 'snippet',
-        videoId,
-        maxResults: maxResults || 10,
-      });
+    const response = await youtubeClient.commentThreads.list({
+      part: 'snippet',
+      videoId,
+      maxResults: maxResults || 10,
+    });
 
-      const result = response.data.items.map((item) => ({
-        author: item.snippet.topLevelComment.snippet.authorDisplayName,
-        text: item.snippet.topLevelComment.snippet.textDisplay,
-        likes: item.snippet.topLevelComment.snippet.likeCount,
-      }));
-      return JSON.stringify(result, null, 2);
-    },
-    {
-      name: 'youtube_comments',
-      description: `Retrieve top-level comments from a YouTube video.
-- Required: url (full YouTube URL or video ID)
-- Optional: maxResults (number of comments, 1-50, default: 10)
-- Returns: Comment text, author names, like counts
-- Use for: Sentiment analysis, audience feedback, engagement review
-Example: url="abc123" maxResults=20`,
-      schema: z.object({
-        url: z.string().describe('YouTube video URL or ID'),
-        maxResults: z
-          .number()
-          .int()
-          .min(1)
-          .max(50)
-          .optional()
-          .describe('Number of comments to retrieve'),
-      }),
-    },
-  );
+    const result = response.data.items.map((item) => ({
+      author: item.snippet.topLevelComment.snippet.authorDisplayName,
+      text: item.snippet.topLevelComment.snippet.textDisplay,
+      likes: item.snippet.topLevelComment.snippet.likeCount,
+    }));
+    return JSON.stringify(result, null, 2);
+  }, ytToolkit.youtube_comments);
 
-  const transcriptTool = tool(
-    async ({ url }) => {
-      const videoId = extractVideoId(url);
-      if (!videoId) {
-        throw new Error('Invalid YouTube URL or video ID');
+  const transcriptTool = tool(async ({ url }) => {
+    const videoId = extractVideoId(url);
+    if (!videoId) {
+      throw new Error('Invalid YouTube URL or video ID');
+    }
+
+    try {
+      try {
+        const transcript = await YoutubeTranscript.fetchTranscript(videoId, { lang: 'en' });
+        return parseTranscript(transcript);
+      } catch (e) {
+        logger.error(e);
       }
 
       try {
-        try {
-          const transcript = await YoutubeTranscript.fetchTranscript(videoId, { lang: 'en' });
-          return parseTranscript(transcript);
-        } catch (e) {
-          logger.error(e);
-        }
-
-        try {
-          const transcript = await YoutubeTranscript.fetchTranscript(videoId, { lang: 'de' });
-          return parseTranscript(transcript);
-        } catch (e) {
-          logger.error(e);
-        }
-
-        const transcript = await YoutubeTranscript.fetchTranscript(videoId);
+        const transcript = await YoutubeTranscript.fetchTranscript(videoId, { lang: 'de' });
         return parseTranscript(transcript);
-      } catch (error) {
-        throw new Error(`Failed to fetch transcript: ${error.message}`);
+      } catch (e) {
+        logger.error(e);
       }
-    },
-    {
-      name: 'youtube_transcript',
-      description: `Fetch and parse the transcript/captions of a YouTube video.
-- Required: url (full YouTube URL or video ID)
-- Returns: Full video transcript as plain text
-- Use for: Content analysis, summarization, translation reference
-- This is the "Go-to" tool for analyzing actual video content
-- Attempts to fetch English first, then German, then any available language
-Example: url="https://youtube.com/watch?v=abc123"`,
-      schema: z.object({
-        url: z.string().describe('YouTube video URL or ID'),
-      }),
-    },
-  );
+
+      const transcript = await YoutubeTranscript.fetchTranscript(videoId);
+      return parseTranscript(transcript);
+    } catch (error) {
+      throw new Error(`Failed to fetch transcript: ${error.message}`);
+    }
+  }, ytToolkit.youtube_transcript);
 
   return [searchTool, infoTool, commentsTool, transcriptTool];
 }

api/app/clients/tools/structured/specs/DALLE3-proxy.spec.js

@@ -1,43 +1,9 @@
 const DALLE3 = require('../DALLE3');
 const { ProxyAgent } = require('undici');
 
+jest.mock('tiktoken');
 const processFileURL = jest.fn();
 
-jest.mock('~/server/services/Files/images', () => ({
-  getImageBasename: jest.fn().mockImplementation((url) => {
-    const parts = url.split('/');
-    const lastPart = parts.pop();
-    const imageExtensionRegex = /\.(jpg|jpeg|png|gif|bmp|tiff|svg)$/i;
-    if (imageExtensionRegex.test(lastPart)) {
-      return lastPart;
-    }
-    return '';
-  }),
-}));
-
-jest.mock('fs', () => {
-  return {
-    existsSync: jest.fn(),
-    mkdirSync: jest.fn(),
-    promises: {
-      writeFile: jest.fn(),
-      readFile: jest.fn(),
-      unlink: jest.fn(),
-    },
-  };
-});
-
-jest.mock('path', () => {
-  return {
-    resolve: jest.fn(),
-    join: jest.fn(),
-    relative: jest.fn(),
-    extname: jest.fn().mockImplementation((filename) => {
-      return filename.slice(filename.lastIndexOf('.'));
-    }),
-  };
-});
-
 describe('DALLE3 Proxy Configuration', () => {
   let originalEnv;
 

api/app/clients/tools/structured/specs/DALLE3.spec.js

@@ -1,9 +1,8 @@
 const OpenAI = require('openai');
+const { logger } = require('@librechat/data-schemas');
 const DALLE3 = require('../DALLE3');
-const logger = require('~/config/winston');
 
 jest.mock('openai');
-
 jest.mock('@librechat/data-schemas', () => {
   return {
     logger: {
@@ -26,25 +25,6 @@ jest.mock('tiktoken', () => {
 
 const processFileURL = jest.fn();
 
-jest.mock('~/server/services/Files/images', () => ({
-  getImageBasename: jest.fn().mockImplementation((url) => {
-    // Split the URL by '/'
-    const parts = url.split('/');
-
-    // Get the last part of the URL
-    const lastPart = parts.pop();
-
-    // Check if the last part of the URL matches the image extension regex
-    const imageExtensionRegex = /\.(jpg|jpeg|png|gif|bmp|tiff|svg)$/i;
-    if (imageExtensionRegex.test(lastPart)) {
-      return lastPart;
-    }
-
-    // If the regex test fails, return an empty string
-    return '';
-  }),
-}));
-
 const generate = jest.fn();
 OpenAI.mockImplementation(() => ({
   images: {

api/app/clients/tools/util/handleTools.js

@@ -121,16 +121,19 @@ const getAuthFields = (toolKey) => {
 
 /**
  *
- * @param {object} object
- * @param {string} object.user
- * @param {Pick<Agent, 'id' | 'provider' | 'model'>} [object.agent]
- * @param {string} [object.model]
- * @param {EModelEndpoint} [object.endpoint]
- * @param {LoadToolOptions} [object.options]
- * @param {boolean} [object.useSpecs]
- * @param {Array<string>} object.tools
- * @param {boolean} [object.functions]
- * @param {boolean} [object.returnMap]
+ * @param {object} params
+ * @param {string} params.user
+ * @param {Pick<Agent, 'id' | 'provider' | 'model'>} [params.agent]
+ * @param {string} [params.model]
+ * @param {EModelEndpoint} [params.endpoint]
+ * @param {LoadToolOptions} [params.options]
+ * @param {boolean} [params.useSpecs]
+ * @param {Array<string>} params.tools
+ * @param {boolean} [params.functions]
+ * @param {boolean} [params.returnMap]
+ * @param {AppConfig['webSearch']} [params.webSearch]
+ * @param {AppConfig['fileStrategy']} [params.fileStrategy]
+ * @param {AppConfig['imageOutputType']} [params.imageOutputType]
  * @returns {Promise<{ loadedTools: Tool[], toolContextMap: Object<string, any> } | Record<string,Tool>>}
  */
 const loadTools = async ({
@@ -142,6 +145,9 @@ const loadTools = async ({
   options = {},
   functions = true,
   returnMap = false,
+  webSearch,
+  fileStrategy,
+  imageOutputType,
 }) => {
   const toolConstructors = {
     flux: FluxAPI,
@@ -200,6 +206,8 @@ const loadTools = async ({
         ...authValues,
         isAgent: !!agent,
         req: options.req,
+        imageOutputType,
+        fileStrategy,
         imageFiles,
       });
     },
@@ -215,7 +223,7 @@ const loadTools = async ({
   const imageGenOptions = {
     isAgent: !!agent,
     req: options.req,
-    fileStrategy: options.fileStrategy,
+    fileStrategy,
     processFileURL: options.processFileURL,
     returnMetadata: options.returnMetadata,
     uploadImageBuffer: options.uploadImageBuffer,
@@ -272,11 +280,10 @@ const loadTools = async ({
       };
       continue;
     } else if (tool === Tools.web_search) {
-      const webSearchConfig = options?.req?.app?.locals?.webSearch;
       const result = await loadWebSearchAuth({
         userId: user,
         loadAuthValues,
-        webSearchConfig,
+        webSearchConfig: webSearch,
       });
       const { onSearchResults, onGetHighlights } = options?.[Tools.web_search] ?? {};
       requestedTools[tool] = async () => {

api/app/clients/tools/util/handleTools.test.js

@@ -9,6 +9,27 @@ const mockPluginService = {
 
 jest.mock('~/server/services/PluginService', () => mockPluginService);
 
+jest.mock('~/server/services/Config', () => ({
+  getAppConfig: jest.fn().mockResolvedValue({
+    // Default app config for tool tests
+    paths: { uploads: '/tmp' },
+    fileStrategy: 'local',
+    filteredTools: [],
+    includedTools: [],
+  }),
+  getCachedTools: jest.fn().mockResolvedValue({
+    // Default cached tools for tests
+    dalle: {
+      type: 'function',
+      function: {
+        name: 'dalle',
+        description: 'DALL-E image generation',
+        parameters: {},
+      },
+    },
+  }),
+}));
+
 const { BaseLLM } = require('@langchain/openai');
 const { Calculator } = require('@langchain/community/tools/calculator');
 

api/cache/cacheConfig.js

@@ -52,7 +52,8 @@ const cacheConfig = {
   REDIS_CONNECT_TIMEOUT: math(process.env.REDIS_CONNECT_TIMEOUT, 10000),
   /** Queue commands when disconnected */
   REDIS_ENABLE_OFFLINE_QUEUE: isEnabled(process.env.REDIS_ENABLE_OFFLINE_QUEUE ?? 'true'),
-
+  /** Enable redis cluster without the need of multiple URIs */
+  USE_REDIS_CLUSTER: isEnabled(process.env.USE_REDIS_CLUSTER ?? 'false'),
   CI: isEnabled(process.env.CI),
   DEBUG_MEMORY_CACHE: isEnabled(process.env.DEBUG_MEMORY_CACHE),
 

api/cache/cacheConfig.spec.js

@@ -14,6 +14,7 @@ describe('cacheConfig', () => {
     delete process.env.REDIS_KEY_PREFIX_VAR;
     delete process.env.REDIS_KEY_PREFIX;
     delete process.env.USE_REDIS;
+    delete process.env.USE_REDIS_CLUSTER;
     delete process.env.REDIS_PING_INTERVAL;
     delete process.env.FORCED_IN_MEMORY_CACHE_NAMESPACES;
 
@@ -101,6 +102,38 @@ describe('cacheConfig', () => {
     });
   });
 
+  describe('USE_REDIS_CLUSTER configuration', () => {
+    test('should default to false when USE_REDIS_CLUSTER is not set', () => {
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.USE_REDIS_CLUSTER).toBe(false);
+    });
+
+    test('should be false when USE_REDIS_CLUSTER is set to false', () => {
+      process.env.USE_REDIS_CLUSTER = 'false';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.USE_REDIS_CLUSTER).toBe(false);
+    });
+
+    test('should be true when USE_REDIS_CLUSTER is set to true', () => {
+      process.env.USE_REDIS_CLUSTER = 'true';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.USE_REDIS_CLUSTER).toBe(true);
+    });
+
+    test('should work with USE_REDIS enabled and REDIS_URI set', () => {
+      process.env.USE_REDIS_CLUSTER = 'true';
+      process.env.USE_REDIS = 'true';
+      process.env.REDIS_URI = 'redis://localhost:6379';
+
+      const { cacheConfig } = require('./cacheConfig');
+      expect(cacheConfig.USE_REDIS_CLUSTER).toBe(true);
+      expect(cacheConfig.USE_REDIS).toBe(true);
+      expect(cacheConfig.REDIS_URI).toBe('redis://localhost:6379');
+    });
+  });
+
   describe('REDIS_CA file reading', () => {
     test('should be null when REDIS_CA is not set', () => {
       const { cacheConfig } = require('./cacheConfig');

api/cache/redisClients.js

@@ -38,7 +38,7 @@ if (cacheConfig.USE_REDIS) {
       const targetError = 'READONLY';
       if (err.message.includes(targetError)) {
         logger.warn('ioredis reconnecting due to READONLY error');
-        return true;
+        return 2; // Return retry delay instead of boolean
       }
       return false;
     },
@@ -48,26 +48,29 @@ if (cacheConfig.USE_REDIS) {
   };
 
   ioredisClient =
-    urls.length === 1
+    urls.length === 1 && !cacheConfig.USE_REDIS_CLUSTER
       ? new IoRedis(cacheConfig.REDIS_URI, redisOptions)
-      : new IoRedis.Cluster(cacheConfig.REDIS_URI, {
-          redisOptions,
-          clusterRetryStrategy: (times) => {
-            if (
-              cacheConfig.REDIS_RETRY_MAX_ATTEMPTS > 0 &&
-              times > cacheConfig.REDIS_RETRY_MAX_ATTEMPTS
-            ) {
-              logger.error(
-                `ioredis cluster giving up after ${cacheConfig.REDIS_RETRY_MAX_ATTEMPTS} reconnection attempts`,
-              );
-              return null;
-            }
-            const delay = Math.min(times * 100, cacheConfig.REDIS_RETRY_MAX_DELAY);
-            logger.info(`ioredis cluster reconnecting... attempt ${times}, delay ${delay}ms`);
-            return delay;
+      : new IoRedis.Cluster(
+          urls.map((url) => ({ host: url.hostname, port: parseInt(url.port, 10) || 6379 })),
+          {
+            redisOptions,
+            clusterRetryStrategy: (times) => {
+              if (
+                cacheConfig.REDIS_RETRY_MAX_ATTEMPTS > 0 &&
+                times > cacheConfig.REDIS_RETRY_MAX_ATTEMPTS
+              ) {
+                logger.error(
+                  `ioredis cluster giving up after ${cacheConfig.REDIS_RETRY_MAX_ATTEMPTS} reconnection attempts`,
+                );
+                return null;
+              }
+              const delay = Math.min(times * 100, cacheConfig.REDIS_RETRY_MAX_DELAY);
+              logger.info(`ioredis cluster reconnecting... attempt ${times}, delay ${delay}ms`);
+              return delay;
+            },
+            enableOfflineQueue: cacheConfig.REDIS_ENABLE_OFFLINE_QUEUE,
           },
-          enableOfflineQueue: cacheConfig.REDIS_ENABLE_OFFLINE_QUEUE,
-        });
+        );
 
   ioredisClient.on('error', (err) => {
     logger.error('ioredis client error:', err);
@@ -145,10 +148,10 @@ if (cacheConfig.USE_REDIS) {
   };
 
   keyvRedisClient =
-    urls.length === 1
+    urls.length === 1 && !cacheConfig.USE_REDIS_CLUSTER
       ? createClient({ url: cacheConfig.REDIS_URI, ...redisOptions })
       : createCluster({
-          rootNodes: cacheConfig.REDIS_URI.split(',').map((url) => ({ url })),
+          rootNodes: urls.map((url) => ({ url: url.href })),
           defaults: redisOptions,
         });
 

api/config/index.js

@@ -1,27 +1,13 @@
+const { MCPManager, FlowStateManager } = require('@librechat/api');
 const { EventSource } = require('eventsource');
 const { Time } = require('librechat-data-provider');
-const { MCPManager, FlowStateManager } = require('@librechat/api');
 const logger = require('./winston');
 
 global.EventSource = EventSource;
 
 /** @type {MCPManager} */
-let mcpManager = null;
 let flowManager = null;
 
-/**
- * @param {string} [userId] - Optional user ID, to avoid disconnecting the current user.
- * @returns {MCPManager}
- */
-function getMCPManager(userId) {
-  if (!mcpManager) {
-    mcpManager = MCPManager.getInstance();
-  } else {
-    mcpManager.checkIdleConnections(userId);
-  }
-  return mcpManager;
-}
-
 /**
  * @param {Keyv} flowsCache
  * @returns {FlowStateManager}
@@ -37,6 +23,7 @@ function getFlowStateManager(flowsCache) {
 
 module.exports = {
   logger,
-  getMCPManager,
+  createMCPManager: MCPManager.createInstance,
+  getMCPManager: MCPManager.getInstance,
   getFlowStateManager,
 };

api/models/Conversation.js

@@ -1,6 +1,6 @@
 const { logger } = require('@librechat/data-schemas');
 const { createTempChatExpirationDate } = require('@librechat/api');
-const { getCustomConfig } = require('~/server/services/Config/getCustomConfig');
+const { getAppConfig } = require('~/server/services/Config/app');
 const { getMessages, deleteMessages } = require('./Message');
 const { Conversation } = require('~/db/models');
 
@@ -102,8 +102,10 @@ module.exports = {
 
       if (req?.body?.isTemporary) {
         try {
-          const customConfig = await getCustomConfig();
-          update.expiredAt = createTempChatExpirationDate(customConfig);
+          const appConfig = await getAppConfig({
+            role: req.user.role,
+          });
+          update.expiredAt = createTempChatExpirationDate(appConfig?.interfaceConfig);
         } catch (err) {
           logger.error('Error creating temporary chat expiration date:', err);
           logger.info(`---\`saveConvo\` context: ${metadata?.context}`);

api/models/Conversation.spec.js

@@ -13,9 +13,9 @@ const {
   saveConvo,
   getConvo,
 } = require('./Conversation');
-jest.mock('~/server/services/Config/getCustomConfig');
+jest.mock('~/server/services/Config/app');
 jest.mock('./Message');
-const { getCustomConfig } = require('~/server/services/Config/getCustomConfig');
+const { getAppConfig } = require('~/server/services/Config/app');
 const { getMessages, deleteMessages } = require('./Message');
 
 const { Conversation } = require('~/db/models');
@@ -118,9 +118,9 @@ describe('Conversation Operations', () => {
 
   describe('isTemporary conversation handling', () => {
     it('should save a conversation with expiredAt when isTemporary is true', async () => {
-      // Mock custom config with 24 hour retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with 24 hour retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 24,
         },
       });
@@ -167,9 +167,9 @@ describe('Conversation Operations', () => {
     });
 
     it('should use custom retention period from config', async () => {
-      // Mock custom config with 48 hour retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with 48 hour retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 48,
         },
       });
@@ -194,9 +194,9 @@ describe('Conversation Operations', () => {
     });
 
     it('should handle minimum retention period (1 hour)', async () => {
-      // Mock custom config with less than minimum retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with less than minimum retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 0.5, // Half hour - should be clamped to 1 hour
         },
       });
@@ -221,9 +221,9 @@ describe('Conversation Operations', () => {
     });
 
     it('should handle maximum retention period (8760 hours)', async () => {
-      // Mock custom config with more than maximum retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with more than maximum retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 10000, // Should be clamped to 8760 hours
         },
       });
@@ -247,9 +247,9 @@ describe('Conversation Operations', () => {
       );
     });
 
-    it('should handle getCustomConfig errors gracefully', async () => {
-      // Mock getCustomConfig to throw an error
-      getCustomConfig.mockRejectedValue(new Error('Config service unavailable'));
+    it('should handle getAppConfig errors gracefully', async () => {
+      // Mock getAppConfig to throw an error
+      getAppConfig.mockRejectedValue(new Error('Config service unavailable'));
 
       mockReq.body = { isTemporary: true };
 
@@ -261,8 +261,8 @@ describe('Conversation Operations', () => {
     });
 
     it('should use default retention when config is not provided', async () => {
-      // Mock getCustomConfig to return empty config
-      getCustomConfig.mockResolvedValue({});
+      // Mock getAppConfig to return empty config
+      getAppConfig.mockResolvedValue({});
 
       mockReq.body = { isTemporary: true };
 
@@ -285,8 +285,8 @@ describe('Conversation Operations', () => {
 
     it('should update expiredAt when saving existing temporary conversation', async () => {
       // First save a temporary conversation
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 24,
         },
       });

api/models/Message.js

@@ -1,7 +1,7 @@
 const { z } = require('zod');
 const { logger } = require('@librechat/data-schemas');
 const { createTempChatExpirationDate } = require('@librechat/api');
-const { getCustomConfig } = require('~/server/services/Config/getCustomConfig');
+const { getAppConfig } = require('~/server/services/Config/app');
 const { Message } = require('~/db/models');
 
 const idSchema = z.string().uuid();
@@ -57,8 +57,10 @@ async function saveMessage(req, params, metadata) {
 
     if (req?.body?.isTemporary) {
       try {
-        const customConfig = await getCustomConfig();
-        update.expiredAt = createTempChatExpirationDate(customConfig);
+        const appConfig = await getAppConfig({
+          role: req.user.role,
+        });
+        update.expiredAt = createTempChatExpirationDate(appConfig?.interfaceConfig);
       } catch (err) {
         logger.error('Error creating temporary chat expiration date:', err);
         logger.info(`---\`saveMessage\` context: ${metadata?.context}`);

api/models/Message.spec.js

@@ -13,8 +13,8 @@ const {
   deleteMessagesSince,
 } = require('./Message');
 
-jest.mock('~/server/services/Config/getCustomConfig');
-const { getCustomConfig } = require('~/server/services/Config/getCustomConfig');
+jest.mock('~/server/services/Config/app');
+const { getAppConfig } = require('~/server/services/Config/app');
 
 /**
  * @type {import('mongoose').Model<import('@librechat/data-schemas').IMessage>}
@@ -326,9 +326,9 @@ describe('Message Operations', () => {
     });
 
     it('should save a message with expiredAt when isTemporary is true', async () => {
-      // Mock custom config with 24 hour retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with 24 hour retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 24,
         },
       });
@@ -375,9 +375,9 @@ describe('Message Operations', () => {
     });
 
     it('should use custom retention period from config', async () => {
-      // Mock custom config with 48 hour retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with 48 hour retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 48,
         },
       });
@@ -402,9 +402,9 @@ describe('Message Operations', () => {
     });
 
     it('should handle minimum retention period (1 hour)', async () => {
-      // Mock custom config with less than minimum retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with less than minimum retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 0.5, // Half hour - should be clamped to 1 hour
         },
       });
@@ -429,9 +429,9 @@ describe('Message Operations', () => {
     });
 
     it('should handle maximum retention period (8760 hours)', async () => {
-      // Mock custom config with more than maximum retention
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      // Mock app config with more than maximum retention
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 10000, // Should be clamped to 8760 hours
         },
       });
@@ -455,9 +455,9 @@ describe('Message Operations', () => {
       );
     });
 
-    it('should handle getCustomConfig errors gracefully', async () => {
-      // Mock getCustomConfig to throw an error
-      getCustomConfig.mockRejectedValue(new Error('Config service unavailable'));
+    it('should handle getAppConfig errors gracefully', async () => {
+      // Mock getAppConfig to throw an error
+      getAppConfig.mockRejectedValue(new Error('Config service unavailable'));
 
       mockReq.body = { isTemporary: true };
 
@@ -469,8 +469,8 @@ describe('Message Operations', () => {
     });
 
     it('should use default retention when config is not provided', async () => {
-      // Mock getCustomConfig to return empty config
-      getCustomConfig.mockResolvedValue({});
+      // Mock getAppConfig to return empty config
+      getAppConfig.mockResolvedValue({});
 
       mockReq.body = { isTemporary: true };
 
@@ -493,8 +493,8 @@ describe('Message Operations', () => {
 
     it('should not update expiredAt on message update', async () => {
       // First save a temporary message
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 24,
         },
       });
@@ -520,8 +520,8 @@ describe('Message Operations', () => {
 
     it('should preserve expiredAt when saving existing temporary message', async () => {
       // First save a temporary message
-      getCustomConfig.mockResolvedValue({
-        interface: {
+      getAppConfig.mockResolvedValue({
+        interfaceConfig: {
           temporaryChatRetention: 24,
         },
       });

api/models/Transaction.js

@@ -1,5 +1,4 @@
 const { logger } = require('@librechat/data-schemas');
-const { getBalanceConfig } = require('~/server/services/Config');
 const { getMultiplier, getCacheMultiplier } = require('./tx');
 const { Transaction, Balance } = require('~/db/models');
 
@@ -187,9 +186,10 @@ async function createAutoRefillTransaction(txData) {
 
 /**
  * Static method to create a transaction and update the balance
- * @param {txData} txData - Transaction data.
+ * @param {txData} _txData - Transaction data.
  */
-async function createTransaction(txData) {
+async function createTransaction(_txData) {
+  const { balance, ...txData } = _txData;
   if (txData.rawAmount != null && isNaN(txData.rawAmount)) {
     return;
   }
@@ -199,8 +199,6 @@ async function createTransaction(txData) {
   calculateTokenValue(transaction);
 
   await transaction.save();
-
-  const balance = await getBalanceConfig();
   if (!balance?.enabled) {
     return;
   }
@@ -221,9 +219,10 @@ async function createTransaction(txData) {
 
 /**
  * Static method to create a structured transaction and update the balance
- * @param {txData} txData - Transaction data.
+ * @param {txData} _txData - Transaction data.
  */
-async function createStructuredTransaction(txData) {
+async function createStructuredTransaction(_txData) {
+  const { balance, ...txData } = _txData;
   const transaction = new Transaction({
     ...txData,
     endpointTokenConfig: txData.endpointTokenConfig,
@@ -233,7 +232,6 @@ async function createStructuredTransaction(txData) {
 
   await transaction.save();
 
-  const balance = await getBalanceConfig();
   if (!balance?.enabled) {
     return;
   }

api/models/Transaction.spec.js

@@ -1,14 +1,11 @@
 const mongoose = require('mongoose');
 const { MongoMemoryServer } = require('mongodb-memory-server');
 const { spendTokens, spendStructuredTokens } = require('./spendTokens');
-const { getBalanceConfig } = require('~/server/services/Config');
+
 const { getMultiplier, getCacheMultiplier } = require('./tx');
 const { createTransaction } = require('./Transaction');
 const { Balance } = require('~/db/models');
 
-// Mock the custom config module so we can control the balance flag.
-jest.mock('~/server/services/Config');
-
 let mongoServer;
 beforeAll(async () => {
   mongoServer = await MongoMemoryServer.create();
@@ -23,8 +20,6 @@ afterAll(async () => {
 
 beforeEach(async () => {
   await mongoose.connection.dropDatabase();
-  // Default: enable balance updates in tests.
-  getBalanceConfig.mockResolvedValue({ enabled: true });
 });
 
 describe('Regular Token Spending Tests', () => {
@@ -41,6 +36,7 @@ describe('Regular Token Spending Tests', () => {
       model,
       context: 'test',
       endpointTokenConfig: null,
+      balance: { enabled: true },
     };
 
     const tokenUsage = {
@@ -74,6 +70,7 @@ describe('Regular Token Spending Tests', () => {
       model,
       context: 'test',
       endpointTokenConfig: null,
+      balance: { enabled: true },
     };
 
     const tokenUsage = {
@@ -104,6 +101,7 @@ describe('Regular Token Spending Tests', () => {
       model,
       context: 'test',
       endpointTokenConfig: null,
+      balance: { enabled: true },
     };
 
     const tokenUsage = {};
@@ -128,6 +126,7 @@ describe('Regular Token Spending Tests', () => {
       model,
       context: 'test',
       endpointTokenConfig: null,
+      balance: { enabled: true },
     };
 
     const tokenUsage = { promptTokens: 100 };
@@ -143,8 +142,7 @@ describe('Regular Token Spending Tests', () => {
   });
 
   test('spendTokens should not update balance when balance feature is disabled', async () => {
-    // Arrange: Override the config to disable balance updates.
-    getBalanceConfig.mockResolvedValue({ balance: { enabled: false } });
+    // Arrange: Balance config is now passed directly in txData
     const userId = new mongoose.Types.ObjectId();
     const initialBalance = 10000000;
     await Balance.create({ user: userId, tokenCredits: initialBalance });
@@ -156,6 +154,7 @@ describe('Regular Token Spending Tests', () => {
       model,
       context: 'test',
       endpointTokenConfig: null,
+      balance: { enabled: false },
     };
 
     const tokenUsage = {
@@ -186,6 +185,7 @@ describe('Structured Token Spending Tests', () => {
       model,
       context: 'message',
       endpointTokenConfig: null,
+      balance: { enabled: true },
     };
 
     const tokenUsage = {
@@ -239,6 +239,7 @@ describe('Structured Token Spending Tests', () => {
       conversationId: 'test-convo',
       model,
       context: 'message',
+      balance: { enabled: true },
     };
 
     const tokenUsage = {
@@ -271,6 +272,7 @@ describe('Structured Token Spending Tests', () => {
       conversationId: 'test-convo',
       model,
       context: 'message',
+      balance: { enabled: true },
     };
 
     const tokenUsage = {
@@ -302,6 +304,7 @@ describe('Structured Token Spending Tests', () => {
       conversationId: 'test-convo',
       model,
       context: 'message',
+      balance: { enabled: true },
     };
 
     const tokenUsage = {};
@@ -328,6 +331,7 @@ describe('Structured Token Spending Tests', () => {
       conversationId: 'test-convo',
       model,
       context: 'incomplete',
+      balance: { enabled: true },
     };
 
     const tokenUsage = {
@@ -364,6 +368,7 @@ describe('NaN Handling Tests', () => {
       endpointTokenConfig: null,
       rawAmount: NaN,
       tokenType: 'prompt',
+      balance: { enabled: true },
     };
 
     // Act

api/models/index.js

@@ -24,8 +24,15 @@ const { getConvoTitle, getConvo, saveConvo, deleteConvos } = require('./Conversa
 const { getPreset, getPresets, savePreset, deletePresets } = require('./Preset');
 const { File } = require('~/db/models');
 
+const seedDatabase = async () => {
+  await methods.initializeRoles();
+  await methods.seedDefaultRoles();
+  await methods.ensureDefaultCategories();
+};
+
 module.exports = {
   ...methods,
+  seedDatabase,
   comparePassword,
   findFileById,
   createFile,

api/models/interface.js

@@ -0,0 +1,24 @@
+const { logger } = require('@librechat/data-schemas');
+const { updateInterfacePermissions: updateInterfacePerms } = require('@librechat/api');
+const { getRoleByName, updateAccessPermissions } = require('./Role');
+
+/**
+ * Update interface permissions based on app configuration.
+ * Must be done independently from loading the app config.
+ * @param {AppConfig} appConfig
+ */
+async function updateInterfacePermissions(appConfig) {
+  try {
+    await updateInterfacePerms({
+      appConfig,
+      getRoleByName,
+      updateAccessPermissions,
+    });
+  } catch (error) {
+    logger.error('Error updating interface permissions:', error);
+  }
+}
+
+module.exports = {
+  updateInterfacePermissions,
+};

api/models/spendTokens.js

@@ -5,13 +5,7 @@ const { createTransaction, createStructuredTransaction } = require('./Transactio
  *
  * @function
  * @async
- * @param {Object} txData - Transaction data.
- * @param {mongoose.Schema.Types.ObjectId} txData.user - The user ID.
- * @param {String} txData.conversationId - The ID of the conversation.
- * @param {String} txData.model - The model name.
- * @param {String} txData.context - The context in which the transaction is made.
- * @param {EndpointTokenConfig} [txData.endpointTokenConfig] - The current endpoint token config.
- * @param {String} [txData.valueKey] - The value key (optional).
+ * @param {txData} txData - Transaction data.
  * @param {Object} tokenUsage - The number of tokens used.
  * @param {Number} tokenUsage.promptTokens - The number of prompt tokens used.
  * @param {Number} tokenUsage.completionTokens - The number of completion tokens used.
@@ -69,13 +63,7 @@ const spendTokens = async (txData, tokenUsage) => {
  *
  * @function
  * @async
- * @param {Object} txData - Transaction data.
- * @param {mongoose.Schema.Types.ObjectId} txData.user - The user ID.
- * @param {String} txData.conversationId - The ID of the conversation.
- * @param {String} txData.model - The model name.
- * @param {String} txData.context - The context in which the transaction is made.
- * @param {EndpointTokenConfig} [txData.endpointTokenConfig] - The current endpoint token config.
- * @param {String} [txData.valueKey] - The value key (optional).
+ * @param {txData} txData - Transaction data.
  * @param {Object} tokenUsage - The number of tokens used.
  * @param {Object} tokenUsage.promptTokens - The number of prompt tokens used.
  * @param {Number} tokenUsage.promptTokens.input - The number of input tokens.

api/models/spendTokens.spec.js

@@ -5,7 +5,6 @@ const { createTransaction, createAutoRefillTransaction } = require('./Transactio
 
 require('~/db/models');
 
-// Mock the logger to prevent console output during tests
 jest.mock('~/config', () => ({
   logger: {
     debug: jest.fn(),
@@ -13,10 +12,6 @@ jest.mock('~/config', () => ({
   },
 }));
 
-// Mock the Config service
-const { getBalanceConfig } = require('~/server/services/Config');
-jest.mock('~/server/services/Config');
-
 describe('spendTokens', () => {
   let mongoServer;
   let userId;
@@ -44,8 +39,7 @@ describe('spendTokens', () => {
     // Create a new user ID for each test
     userId = new mongoose.Types.ObjectId();
 
-    // Mock the balance config to be enabled by default
-    getBalanceConfig.mockResolvedValue({ enabled: true });
+    // Balance config is now passed directly in txData
   });
 
   it('should create transactions for both prompt and completion tokens', async () => {
@@ -60,6 +54,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
+      balance: { enabled: true },
     };
     const tokenUsage = {
       promptTokens: 100,
@@ -98,6 +93,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
+      balance: { enabled: true },
     };
     const tokenUsage = {
       promptTokens: 100,
@@ -127,6 +123,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
+      balance: { enabled: true },
     };
     const tokenUsage = {};
 
@@ -138,8 +135,7 @@ describe('spendTokens', () => {
   });
 
   it('should not update balance when the balance feature is disabled', async () => {
-    // Override configuration: disable balance updates
-    getBalanceConfig.mockResolvedValue({ enabled: false });
+    // Balance is now passed directly in txData
     // Create a balance for the user
     await Balance.create({
       user: userId,
@@ -151,6 +147,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'gpt-3.5-turbo',
       context: 'test',
+      balance: { enabled: false },
     };
     const tokenUsage = {
       promptTokens: 100,
@@ -180,6 +177,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'gpt-4', // Using a more expensive model
       context: 'test',
+      balance: { enabled: true },
     };
 
     // Spending more tokens than the user has balance for
@@ -233,6 +231,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo-1',
       model: 'gpt-4',
       context: 'test',
+      balance: { enabled: true },
     };
 
     const tokenUsage1 = {
@@ -252,6 +251,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo-2',
       model: 'gpt-4',
       context: 'test',
+      balance: { enabled: true },
     };
 
     const tokenUsage2 = {
@@ -292,6 +292,7 @@ describe('spendTokens', () => {
       tokenType: 'completion',
       rawAmount: -100,
       context: 'test',
+      balance: { enabled: true },
     });
 
     console.log('Direct Transaction.create result:', directResult);
@@ -316,6 +317,7 @@ describe('spendTokens', () => {
         conversationId: `test-convo-${model}`,
         model,
         context: 'test',
+        balance: { enabled: true },
       };
 
       const tokenUsage = {
@@ -352,6 +354,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo-1',
       model: 'claude-3-5-sonnet',
       context: 'test',
+      balance: { enabled: true },
     };
 
     const tokenUsage1 = {
@@ -375,6 +378,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo-2',
       model: 'claude-3-5-sonnet',
       context: 'test',
+      balance: { enabled: true },
     };
 
     const tokenUsage2 = {
@@ -426,6 +430,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'claude-3-5-sonnet', // Using a model that supports structured tokens
       context: 'test',
+      balance: { enabled: true },
     };
 
     // Spending more tokens than the user has balance for
@@ -505,6 +510,7 @@ describe('spendTokens', () => {
         conversationId,
         user: userId,
         model: usage.model,
+        balance: { enabled: true },
       };
 
       // Calculate expected spend for this transaction
@@ -617,6 +623,7 @@ describe('spendTokens', () => {
           tokenType: 'credits',
           context: 'concurrent-refill-test',
           rawAmount: refillAmount,
+          balance: { enabled: true },
         }),
       );
     }
@@ -683,6 +690,7 @@ describe('spendTokens', () => {
       conversationId: 'test-convo',
       model: 'claude-3-5-sonnet',
       context: 'test',
+      balance: { enabled: true },
     };
     const tokenUsage = {
       promptTokens: {

api/package.json

@@ -49,12 +49,12 @@
     "@langchain/google-vertexai": "^0.2.13",
     "@langchain/openai": "^0.5.18",
     "@langchain/textsplitters": "^0.1.0",
-    "@librechat/agents": "^2.4.75",
+    "@librechat/agents": "^2.4.76",
     "@librechat/api": "*",
     "@librechat/data-schemas": "*",
+    "@microsoft/microsoft-graph-client": "^3.0.7",
     "@modelcontextprotocol/sdk": "^1.17.1",
     "@node-saml/passport-saml": "^5.1.0",
-    "@microsoft/microsoft-graph-client": "^3.0.7",
     "@waylaidwanderer/fetch-event-source": "^3.0.1",
     "axios": "^1.8.2",
     "bcryptjs": "^2.4.3",

api/server/cleanup.js

@@ -1,6 +1,6 @@
-const { logger } = require('~/config');
+const { logger } = require('@librechat/data-schemas');
 
-// WeakMap to hold temporary data associated with requests
+/** WeakMap to hold temporary data associated with requests */
 const requestDataMap = new WeakMap();
 
 const FinalizationRegistry = global.FinalizationRegistry || null;
@@ -23,7 +23,7 @@ const clientRegistry = FinalizationRegistry
         } else {
           logger.debug('[FinalizationRegistry] Cleaning up client');
         }
-      } catch (e) {
+      } catch {
         // Ignore errors
       }
     })
@@ -55,6 +55,9 @@ function disposeClient(client) {
     if (client.responseMessageId) {
       client.responseMessageId = null;
     }
+    if (client.parentMessageId) {
+      client.parentMessageId = null;
+    }
     if (client.message_file_map) {
       client.message_file_map = null;
     }
@@ -334,7 +337,7 @@ function disposeClient(client) {
       }
     }
     client.options = null;
-  } catch (e) {
+  } catch {
     // Ignore errors during disposal
   }
 }

api/server/controllers/AuthController.js

@@ -84,7 +84,7 @@ const refreshController = async (req, res) => {
   }
   try {
     const payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET);
-    const user = await getUserById(payload.id, '-password -__v -totpSecret');
+    const user = await getUserById(payload.id, '-password -__v -totpSecret -backupCodes');
     if (!user) {
       return res.status(401).redirect('/login');
     }

api/server/controllers/PermissionsController.js

@@ -364,7 +364,7 @@ const getUserEffectivePermissions = async (req, res) => {
  */
 const searchPrincipals = async (req, res) => {
   try {
-    const { q: query, limit = 20, type } = req.query;
+    const { q: query, limit = 20, types } = req.query;
 
     if (!query || query.trim().length === 0) {
       return res.status(400).json({
@@ -379,22 +379,34 @@ const searchPrincipals = async (req, res) => {
     }
 
     const searchLimit = Math.min(Math.max(1, parseInt(limit) || 10), 50);
-    const typeFilter = [PrincipalType.USER, PrincipalType.GROUP, PrincipalType.ROLE].includes(type)
-      ? type
-      : null;
 
-    const localResults = await searchLocalPrincipals(query.trim(), searchLimit, typeFilter);
+    let typeFilters = null;
+    if (types) {
+      const typesArray = Array.isArray(types) ? types : types.split(',');
+      const validTypes = typesArray.filter((t) =>
+        [PrincipalType.USER, PrincipalType.GROUP, PrincipalType.ROLE].includes(t),
+      );
+      typeFilters = validTypes.length > 0 ? validTypes : null;
+    }
+
+    const localResults = await searchLocalPrincipals(query.trim(), searchLimit, typeFilters);
     let allPrincipals = [...localResults];
 
     const useEntraId = entraIdPrincipalFeatureEnabled(req.user);
 
     if (useEntraId && localResults.length < searchLimit) {
       try {
-        const graphTypeMap = {
-          user: 'users',
-          group: 'groups',
-          null: 'all',
-        };
+        let graphType = 'all';
+        if (typeFilters && typeFilters.length === 1) {
+          const graphTypeMap = {
+            [PrincipalType.USER]: 'users',
+            [PrincipalType.GROUP]: 'groups',
+          };
+          const mappedType = graphTypeMap[typeFilters[0]];
+          if (mappedType) {
+            graphType = mappedType;
+          }
+        }
 
         const authHeader = req.headers.authorization;
         const accessToken =
@@ -405,7 +417,7 @@ const searchPrincipals = async (req, res) => {
             accessToken,
             req.user.openidId,
             query.trim(),
-            graphTypeMap[typeFilter],
+            graphType,
             searchLimit - localResults.length,
           );
 
@@ -436,21 +448,22 @@ const searchPrincipals = async (req, res) => {
       _searchScore: calculateRelevanceScore(item, query.trim()),
     }));
 
-    allPrincipals = sortPrincipalsByRelevance(scoredResults)
+    const finalResults = sortPrincipalsByRelevance(scoredResults)
       .slice(0, searchLimit)
       .map((result) => {
         const { _searchScore, ...resultWithoutScore } = result;
         return resultWithoutScore;
       });
+
     res.status(200).json({
       query: query.trim(),
       limit: searchLimit,
-      type: typeFilter,
-      results: allPrincipals,
-      count: allPrincipals.length,
+      types: typeFilters,
+      results: finalResults,
+      count: finalResults.length,
       sources: {
-        local: allPrincipals.filter((r) => r.source === 'local').length,
-        entra: allPrincipals.filter((r) => r.source === 'entra').length,
+        local: finalResults.filter((r) => r.source === 'local').length,
+        entra: finalResults.filter((r) => r.source === 'entra').length,
       },
     });
   } catch (error) {

api/server/controllers/PluginController.js

@@ -6,7 +6,7 @@ const {
   filterUniquePlugins,
   convertMCPToolsToPlugins,
 } = require('@librechat/api');
-const { getCustomConfig, getCachedTools } = require('~/server/services/Config');
+const { getCachedTools, getAppConfig } = require('~/server/services/Config');
 const { availableTools, toolkits } = require('~/app/clients/tools');
 const { getMCPManager, getFlowStateManager } = require('~/config');
 const { getLogStores } = require('~/cache');
@@ -20,8 +20,9 @@ const getAvailablePluginsController = async (req, res) => {
       return;
     }
 
+    const appConfig = await getAppConfig({ role: req.user?.role });
     /** @type {{ filteredTools: string[], includedTools: string[] }} */
-    const { filteredTools = [], includedTools = [] } = req.app.locals;
+    const { filteredTools = [], includedTools = [] } = appConfig;
     const pluginManifest = availableTools;
 
     const uniquePlugins = filterUniquePlugins(pluginManifest);
@@ -101,11 +102,13 @@ function createGetServerTools() {
 const getAvailableTools = async (req, res) => {
   try {
     const userId = req.user?.id;
-    const customConfig = await getCustomConfig();
+    const appConfig = await getAppConfig();
     const cache = getLogStores(CacheKeys.CONFIG_STORE);
     const cachedToolsArray = await cache.get(CacheKeys.TOOLS);
     const cachedUserTools = await getCachedTools({ userId });
-    const userPlugins = convertMCPToolsToPlugins({ functionTools: cachedUserTools, customConfig });
+
+    const mcpManager = getMCPManager();
+    const userPlugins = convertMCPToolsToPlugins({ functionTools: cachedUserTools, mcpManager });
 
     if (cachedToolsArray != null && userPlugins != null) {
       const dedupedTools = filterUniquePlugins([...userPlugins, ...cachedToolsArray]);
@@ -113,20 +116,25 @@ const getAvailableTools = async (req, res) => {
       return;
     }
 
-    // If not in cache, build from manifest
     let pluginManifest = availableTools;
-    if (customConfig?.mcpServers != null) {
-      const mcpManager = getMCPManager();
-      const flowsCache = getLogStores(CacheKeys.FLOWS);
-      const flowManager = flowsCache ? getFlowStateManager(flowsCache) : null;
-      const serverToolsCallback = createServerToolsCallback();
-      const getServerTools = createGetServerTools();
-      const mcpTools = await mcpManager.loadManifestTools({
-        flowManager,
-        serverToolsCallback,
-        getServerTools,
-      });
-      pluginManifest = [...mcpTools, ...pluginManifest];
+    if (appConfig?.mcpConfig != null) {
+      try {
+        const flowsCache = getLogStores(CacheKeys.FLOWS);
+        const flowManager = flowsCache ? getFlowStateManager(flowsCache) : null;
+        const serverToolsCallback = createServerToolsCallback();
+        const getServerTools = createGetServerTools();
+        const mcpTools = await mcpManager.loadManifestTools({
+          flowManager,
+          serverToolsCallback,
+          getServerTools,
+        });
+        pluginManifest = [...mcpTools, ...pluginManifest];
+      } catch (error) {
+        logger.error(
+          '[getAvailableTools] Error loading MCP Tools, servers may still be initializing:',
+          error,
+        );
+      }
     }
 
     /** @type {TPlugin[]} */
@@ -164,7 +172,7 @@ const getAvailableTools = async (req, res) => {
 
       const parts = plugin.pluginKey.split(Constants.mcp_delimiter);
       const serverName = parts[parts.length - 1];
-      const serverConfig = customConfig?.mcpServers?.[serverName];
+      const serverConfig = appConfig?.mcpConfig?.[serverName];
 
       if (!serverConfig?.customUserVars) {
         toolsOutput.push(toolToAdd);

api/server/controllers/PluginController.spec.js

@@ -1,8 +1,7 @@
 const { Constants } = require('librechat-data-provider');
-const { getCustomConfig, getCachedTools } = require('~/server/services/Config');
+const { getCachedTools, getAppConfig } = require('~/server/services/Config');
 const { getLogStores } = require('~/cache');
 
-// Mock the dependencies
 jest.mock('@librechat/data-schemas', () => ({
   logger: {
     debug: jest.fn(),
@@ -11,8 +10,8 @@ jest.mock('@librechat/data-schemas', () => ({
 }));
 
 jest.mock('~/server/services/Config', () => ({
-  getCustomConfig: jest.fn(),
   getCachedTools: jest.fn(),
+  getAppConfig: jest.fn(),
 }));
 
 jest.mock('~/server/services/ToolService', () => ({
@@ -22,6 +21,7 @@ jest.mock('~/server/services/ToolService', () => ({
 jest.mock('~/config', () => ({
   getMCPManager: jest.fn(() => ({
     loadManifestTools: jest.fn().mockResolvedValue([]),
+    getRawConfig: jest.fn(),
   })),
   getFlowStateManager: jest.fn(),
 }));
@@ -64,7 +64,10 @@ describe('PluginController', () => {
 
   describe('getAvailablePluginsController', () => {
     beforeEach(() => {
-      mockReq.app = { locals: { filteredTools: [], includedTools: [] } };
+      getAppConfig.mockResolvedValue({
+        filteredTools: [],
+        includedTools: [],
+      });
     });
 
     it('should use filterUniquePlugins to remove duplicate plugins', async () => {
@@ -122,7 +125,10 @@ describe('PluginController', () => {
         { name: 'Plugin2', pluginKey: 'key2', description: 'Second' },
       ];
 
-      mockReq.app.locals.includedTools = ['key1'];
+      getAppConfig.mockResolvedValue({
+        filteredTools: [],
+        includedTools: ['key1'],
+      });
       mockCache.get.mockResolvedValue(null);
       filterUniquePlugins.mockReturnValue(mockPlugins);
       checkPluginAuth.mockReturnValue(false);
@@ -154,13 +160,12 @@ describe('PluginController', () => {
       getCachedTools.mockResolvedValueOnce(mockUserTools);
       convertMCPToolsToPlugins.mockReturnValue(mockConvertedPlugins);
       filterUniquePlugins.mockImplementation((plugins) => plugins);
-      getCustomConfig.mockResolvedValue(null);
 
       await getAvailableTools(mockReq, mockRes);
 
       expect(convertMCPToolsToPlugins).toHaveBeenCalledWith({
         functionTools: mockUserTools,
-        customConfig: null,
+        mcpManager: expect.any(Object),
       });
     });
 
@@ -176,7 +181,6 @@ describe('PluginController', () => {
       getCachedTools.mockResolvedValueOnce({});
       convertMCPToolsToPlugins.mockReturnValue(mockUserPlugins);
       filterUniquePlugins.mockReturnValue([...mockUserPlugins, ...mockManifestPlugins]);
-      getCustomConfig.mockResolvedValue(null);
 
       await getAvailableTools(mockReq, mockRes);
 
@@ -195,7 +199,6 @@ describe('PluginController', () => {
       convertMCPToolsToPlugins.mockReturnValue([]);
       filterUniquePlugins.mockReturnValue([mockPlugin]);
       checkPluginAuth.mockReturnValue(true);
-      getCustomConfig.mockResolvedValue(null);
 
       // Mock getCachedTools second call to return tool definitions
       getCachedTools.mockResolvedValueOnce({}).mockResolvedValueOnce({ tool1: true });
@@ -219,7 +222,6 @@ describe('PluginController', () => {
       filterUniquePlugins.mockReturnValue([mockToolkit]);
       checkPluginAuth.mockReturnValue(false);
       getToolkitKey.mockReturnValue('toolkit1');
-      getCustomConfig.mockResolvedValue(null);
 
       // Mock getCachedTools second call to return tool definitions
       getCachedTools.mockResolvedValueOnce({}).mockResolvedValueOnce({
@@ -233,9 +235,8 @@ describe('PluginController', () => {
   });
 
   describe('plugin.icon behavior', () => {
-    const callGetAvailableToolsWithMCPServer = async (mcpServers) => {
+    const callGetAvailableToolsWithMCPServer = async (serverConfig) => {
       mockCache.get.mockResolvedValue(null);
-      getCustomConfig.mockResolvedValue({ mcpServers });
 
       const functionTools = {
         [`test-tool${Constants.mcp_delimiter}test-server`]: {
@@ -247,11 +248,18 @@ describe('PluginController', () => {
         name: 'test-tool',
         pluginKey: `test-tool${Constants.mcp_delimiter}test-server`,
         description: 'A test tool',
-        icon: mcpServers['test-server']?.iconPath,
+        icon: serverConfig?.iconPath,
         authenticated: true,
         authConfig: [],
       };
 
+      // Mock the MCP manager to return the server config
+      const mockMCPManager = {
+        loadManifestTools: jest.fn().mockResolvedValue([]),
+        getRawConfig: jest.fn().mockReturnValue(serverConfig),
+      };
+      require('~/config').getMCPManager.mockReturnValue(mockMCPManager);
+
       getCachedTools.mockResolvedValueOnce(functionTools);
       convertMCPToolsToPlugins.mockReturnValue([mockConvertedPlugin]);
       filterUniquePlugins.mockImplementation((plugins) => plugins);
@@ -268,28 +276,24 @@ describe('PluginController', () => {
     };
 
     it('should set plugin.icon when iconPath is defined', async () => {
-      const mcpServers = {
-        'test-server': {
-          iconPath: '/path/to/icon.png',
-        },
+      const serverConfig = {
+        iconPath: '/path/to/icon.png',
       };
-      const testTool = await callGetAvailableToolsWithMCPServer(mcpServers);
+      const testTool = await callGetAvailableToolsWithMCPServer(serverConfig);
       expect(testTool.icon).toBe('/path/to/icon.png');
     });
 
     it('should set plugin.icon to undefined when iconPath is not defined', async () => {
-      const mcpServers = {
-        'test-server': {},
-      };
-      const testTool = await callGetAvailableToolsWithMCPServer(mcpServers);
+      const serverConfig = {};
+      const testTool = await callGetAvailableToolsWithMCPServer(serverConfig);
       expect(testTool.icon).toBeUndefined();
     });
   });
 
   describe('helper function integration', () => {
     it('should properly handle MCP tools with custom user variables', async () => {
-      const customConfig = {
-        mcpServers: {
+      const appConfig = {
+        mcpConfig: {
           'test-server': {
             customUserVars: {
               API_KEY: { title: 'API Key', description: 'Your API key' },
@@ -311,11 +315,12 @@ describe('PluginController', () => {
       // Mock the MCP manager to return tools
       const mockMCPManager = {
         loadManifestTools: jest.fn().mockResolvedValue(mcpManagerTools),
+        getRawConfig: jest.fn(),
       };
       require('~/config').getMCPManager.mockReturnValue(mockMCPManager);
 
       mockCache.get.mockResolvedValue(null);
-      getCustomConfig.mockResolvedValue(customConfig);
+      getAppConfig.mockResolvedValue(appConfig);
 
       // First call returns user tools (empty in this case)
       getCachedTools.mockResolvedValueOnce({});
@@ -375,13 +380,12 @@ describe('PluginController', () => {
       getCachedTools.mockResolvedValue(null);
       convertMCPToolsToPlugins.mockReturnValue(undefined);
       filterUniquePlugins.mockImplementation((plugins) => plugins || []);
-      getCustomConfig.mockResolvedValue(null);
 
       await getAvailableTools(mockReq, mockRes);
 
       expect(convertMCPToolsToPlugins).toHaveBeenCalledWith({
         functionTools: null,
-        customConfig: null,
+        mcpManager: expect.any(Object),
       });
     });
 
@@ -390,7 +394,6 @@ describe('PluginController', () => {
       getCachedTools.mockResolvedValue(undefined);
       convertMCPToolsToPlugins.mockReturnValue(undefined);
       filterUniquePlugins.mockImplementation((plugins) => plugins || []);
-      getCustomConfig.mockResolvedValue(null);
       checkPluginAuth.mockReturnValue(false);
 
       // Mock getCachedTools to return undefined for both calls
@@ -401,7 +404,7 @@ describe('PluginController', () => {
 
       expect(convertMCPToolsToPlugins).toHaveBeenCalledWith({
         functionTools: undefined,
-        customConfig: null,
+        mcpManager: expect.any(Object),
       });
     });
 
@@ -428,7 +431,6 @@ describe('PluginController', () => {
       getCachedTools.mockResolvedValueOnce({}).mockResolvedValueOnce({});
       convertMCPToolsToPlugins.mockReturnValue([]);
       filterUniquePlugins.mockImplementation((plugins) => plugins || []);
-      getCustomConfig.mockResolvedValue(null);
       checkPluginAuth.mockReturnValue(true);
 
       await getAvailableTools(mockReq, mockRes);
@@ -452,8 +454,19 @@ describe('PluginController', () => {
         },
       };
 
+      // Mock the MCP manager to return server config without customUserVars
+      const mockMCPManager = {
+        loadManifestTools: jest.fn().mockResolvedValue([]),
+        getRawConfig: jest.fn().mockReturnValue(customConfig.mcpServers['test-server']),
+      };
+      require('~/config').getMCPManager.mockReturnValue(mockMCPManager);
+
       mockCache.get.mockResolvedValue(null);
-      getCustomConfig.mockResolvedValue(customConfig);
+      getAppConfig.mockResolvedValue({
+        mcpConfig: customConfig.mcpServers,
+        filteredTools: [],
+        includedTools: [],
+      });
       getCachedTools.mockResolvedValueOnce(mockUserTools);
 
       const mockPlugin = {
@@ -480,8 +493,8 @@ describe('PluginController', () => {
       expect(responseData[0].authConfig).toEqual([]);
     });
 
-    it('should handle req.app.locals with undefined filteredTools and includedTools', async () => {
-      mockReq.app = { locals: {} };
+    it('should handle undefined filteredTools and includedTools', async () => {
+      getAppConfig.mockResolvedValue({});
       mockCache.get.mockResolvedValue(null);
       filterUniquePlugins.mockReturnValue([]);
       checkPluginAuth.mockReturnValue(false);
@@ -506,7 +519,6 @@ describe('PluginController', () => {
       filterUniquePlugins.mockReturnValue([mockToolkit]);
       checkPluginAuth.mockReturnValue(false);
       getToolkitKey.mockReturnValue(undefined);
-      getCustomConfig.mockResolvedValue(null);
 
       // Mock getCachedTools second call to return null
       getCachedTools.mockResolvedValueOnce({}).mockResolvedValueOnce(null);

api/server/controllers/TwoFactorController.js

@@ -47,7 +47,7 @@ const verify2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     const { token, backupCode } = req.body;
-    const user = await getUserById(userId);
+    const user = await getUserById(userId, '_id totpSecret backupCodes');
 
     if (!user || !user.totpSecret) {
       return res.status(400).json({ message: '2FA not initiated' });
@@ -79,7 +79,7 @@ const confirm2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     const { token } = req.body;
-    const user = await getUserById(userId);
+    const user = await getUserById(userId, '_id totpSecret');
 
     if (!user || !user.totpSecret) {
       return res.status(400).json({ message: '2FA not initiated' });
@@ -105,7 +105,7 @@ const disable2FA = async (req, res) => {
   try {
     const userId = req.user.id;
     const { token, backupCode } = req.body;
-    const user = await getUserById(userId);
+    const user = await getUserById(userId, '_id totpSecret backupCodes');
 
     if (!user || !user.totpSecret) {
       return res.status(400).json({ message: '2FA is not setup for this user' });

api/server/controllers/UserController.js

@@ -17,15 +17,23 @@ const { needsRefresh, getNewS3URL } = require('~/server/services/Files/S3/crud')
 const { Tools, Constants, FileSources } = require('librechat-data-provider');
 const { processDeleteRequest } = require('~/server/services/Files/process');
 const { Transaction, Balance, User } = require('~/db/models');
+const { getAppConfig } = require('~/server/services/Config');
 const { deleteToolCalls } = require('~/models/ToolCall');
 const { deleteAllSharedLinks } = require('~/models');
 const { getMCPManager } = require('~/config');
 
 const getUserController = async (req, res) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   /** @type {MongoUser} */
   const userData = req.user.toObject != null ? req.user.toObject() : { ...req.user };
+  /**
+   * These fields should not exist due to secure field selection, but deletion
+   * is done in case of alternate database incompatibility with Mongo API
+   * */
+  delete userData.password;
   delete userData.totpSecret;
-  if (req.app.locals.fileStrategy === FileSources.s3 && userData.avatar) {
+  delete userData.backupCodes;
+  if (appConfig.fileStrategy === FileSources.s3 && userData.avatar) {
     const avatarNeedsRefresh = needsRefresh(userData.avatar, 3600);
     if (!avatarNeedsRefresh) {
       return res.status(200).send(userData);
@@ -81,6 +89,7 @@ const deleteUserFiles = async (req) => {
 };
 
 const updateUserPluginsController = async (req, res) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   const { user } = req;
   const { pluginKey, action, auth, isEntityTool } = req.body;
   try {
@@ -125,7 +134,7 @@ const updateUserPluginsController = async (req, res) => {
 
     if (pluginKey === Tools.web_search) {
       /** @type  {TCustomConfig['webSearch']} */
-      const webSearchConfig = req.app.locals?.webSearch;
+      const webSearchConfig = appConfig?.webSearch;
       keys = extractWebSearchEnvVars({
         keys: action === 'install' ? keys : webSearchKeys,
         config: webSearchConfig,

api/server/controllers/agents/client.js

@@ -7,6 +7,8 @@ const {
   createRun,
   Tokenizer,
   checkAccess,
+  hasCustomUserVars,
+  getUserMCPAuthMap,
   memoryInstructions,
   formatContentStrings,
   createMemoryProcessor,
@@ -39,10 +41,10 @@ const {
   deleteMemory,
   setMemory,
 } = require('~/models');
-const { getMCPAuthMap, checkCapability, hasCustomUserVars } = require('~/server/services/Config');
 const { addCacheControl, createContextHandlers } = require('~/app/clients/prompts');
 const { initializeAgent } = require('~/server/services/Endpoints/agents/agent');
 const { spendTokens, spendStructuredTokens } = require('~/models/spendTokens');
+const { checkCapability, getAppConfig } = require('~/server/services/Config');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
 const { getProviderConfig } = require('~/server/services/Endpoints');
 const BaseClient = require('~/app/clients/BaseClient');
@@ -451,8 +453,8 @@ class AgentClient extends BaseClient {
       );
       return;
     }
-    /** @type {TCustomConfig['memory']} */
-    const memoryConfig = this.options.req?.app?.locals?.memory;
+    const appConfig = await getAppConfig({ role: user.role });
+    const memoryConfig = appConfig.memory;
     if (!memoryConfig || memoryConfig.disabled === true) {
       return;
     }
@@ -460,7 +462,7 @@ class AgentClient extends BaseClient {
     /** @type {Agent} */
     let prelimAgent;
     const allowedProviders = new Set(
-      this.options.req?.app?.locals?.[EModelEndpoint.agents]?.allowedProviders,
+      appConfig?.endpoints?.[EModelEndpoint.agents]?.allowedProviders,
     );
     try {
       if (memoryConfig.agent?.id != null && memoryConfig.agent.id !== this.options.agent.id) {
@@ -582,8 +584,8 @@ class AgentClient extends BaseClient {
       if (this.processMemory == null) {
         return;
       }
-      /** @type {TCustomConfig['memory']} */
-      const memoryConfig = this.options.req?.app?.locals?.memory;
+      const appConfig = await getAppConfig({ role: this.options.req.user?.role });
+      const memoryConfig = appConfig.memory;
       const messageWindowSize = memoryConfig?.messageWindowSize ?? 5;
 
       let messagesToProcess = [...messages];
@@ -624,9 +626,15 @@ class AgentClient extends BaseClient {
    * @param {Object} params
    * @param {string} [params.model]
    * @param {string} [params.context='message']
+   * @param {AppConfig['balance']} [params.balance]
    * @param {UsageMetadata[]} [params.collectedUsage=this.collectedUsage]
    */
-  async recordCollectedUsage({ model, context = 'message', collectedUsage = this.collectedUsage }) {
+  async recordCollectedUsage({
+    model,
+    balance,
+    context = 'message',
+    collectedUsage = this.collectedUsage,
+  }) {
     if (!collectedUsage || !collectedUsage.length) {
       return;
     }
@@ -648,6 +656,7 @@ class AgentClient extends BaseClient {
 
       const txMetadata = {
         context,
+        balance,
         conversationId: this.conversationId,
         user: this.user ?? this.options.req.user?.id,
         endpointTokenConfig: this.options.endpointTokenConfig,
@@ -759,8 +768,9 @@ class AgentClient extends BaseClient {
         abortController = new AbortController();
       }
 
-      /** @type {TCustomConfig['endpoints']['agents']} */
-      const agentsEConfig = this.options.req.app.locals[EModelEndpoint.agents];
+      const appConfig = await getAppConfig({ role: this.options.req.user?.role });
+      /** @type {AppConfig['endpoints']['agents']} */
+      const agentsEConfig = appConfig.endpoints?.[EModelEndpoint.agents];
 
       config = {
         configurable: {
@@ -768,6 +778,11 @@ class AgentClient extends BaseClient {
           last_agent_index: this.agentConfigs?.size ?? 0,
           user_id: this.user ?? this.options.req.user?.id,
           hide_sequential_outputs: this.options.agent.hide_sequential_outputs,
+          requestBody: {
+            messageId: this.responseMessageId,
+            conversationId: this.conversationId,
+            parentMessageId: this.parentMessageId,
+          },
           user: this.options.req.user,
         },
         recursionLimit: agentsEConfig?.recursionLimit ?? 25,
@@ -899,10 +914,10 @@ class AgentClient extends BaseClient {
         }
 
         try {
-          if (await hasCustomUserVars()) {
-            config.configurable.userMCPAuthMap = await getMCPAuthMap({
-              tools: agent.tools,
+          if (agent.tools?.length && hasCustomUserVars(appConfig)) {
+            config.configurable.userMCPAuthMap = await getUserMCPAuthMap({
               userId: this.options.req.user.id,
+              tools: agent.tools,
               findPluginAuthsByKeys,
             });
           }
@@ -1035,7 +1050,7 @@ class AgentClient extends BaseClient {
           this.artifactPromises.push(...attachments);
         }
 
-        await this.recordCollectedUsage({ context: 'message' });
+        await this.recordCollectedUsage({ context: 'message', balance: appConfig?.balance });
       } catch (err) {
         logger.error(
           '[api/server/controllers/agents/client.js #chatCompletion] Error recording collected usage',
@@ -1076,19 +1091,21 @@ class AgentClient extends BaseClient {
     }
     const { handleLLMEnd, collected: collectedMetadata } = createMetadataAggregator();
     const { req, res, agent } = this.options;
+    const appConfig = await getAppConfig({ role: req.user?.role });
     let endpoint = agent.endpoint;
 
     /** @type {import('@librechat/agents').ClientOptions} */
     let clientOptions = {
-      maxTokens: 75,
       model: agent.model || agent.model_parameters.model,
     };
 
-    let titleProviderConfig = await getProviderConfig(endpoint);
+    let titleProviderConfig = getProviderConfig({ provider: endpoint, appConfig });
 
     /** @type {TEndpoint | undefined} */
     const endpointConfig =
-      req.app.locals.all ?? req.app.locals[endpoint] ?? titleProviderConfig.customEndpointConfig;
+      appConfig.endpoints?.all ??
+      appConfig.endpoints?.[endpoint] ??
+      titleProviderConfig.customEndpointConfig;
     if (!endpointConfig) {
       logger.warn(
         '[api/server/controllers/agents/client.js #titleConvo] Error getting endpoint config',
@@ -1097,7 +1114,10 @@ class AgentClient extends BaseClient {
 
     if (endpointConfig?.titleEndpoint && endpointConfig.titleEndpoint !== endpoint) {
       try {
-        titleProviderConfig = await getProviderConfig(endpointConfig.titleEndpoint);
+        titleProviderConfig = getProviderConfig({
+          provider: endpointConfig.titleEndpoint,
+          appConfig,
+        });
         endpoint = endpointConfig.titleEndpoint;
       } catch (error) {
         logger.warn(
@@ -1106,7 +1126,7 @@ class AgentClient extends BaseClient {
         );
         // Fall back to original provider config
         endpoint = agent.endpoint;
-        titleProviderConfig = await getProviderConfig(endpoint);
+        titleProviderConfig = getProviderConfig({ provider: endpoint, appConfig });
       }
     }
 
@@ -1147,15 +1167,13 @@ class AgentClient extends BaseClient {
       clientOptions.configuration = options.configOptions;
     }
 
-    const shouldRemoveMaxTokens = /\b(o\d|gpt-[5-9])\b/i.test(clientOptions.model);
-    if (shouldRemoveMaxTokens && clientOptions.maxTokens != null) {
+    if (clientOptions.maxTokens != null) {
       delete clientOptions.maxTokens;
-    } else if (!shouldRemoveMaxTokens && !clientOptions.maxTokens) {
-      clientOptions.maxTokens = 75;
     }
-    if (shouldRemoveMaxTokens && clientOptions?.modelKwargs?.max_completion_tokens != null) {
+    if (clientOptions?.modelKwargs?.max_completion_tokens != null) {
       delete clientOptions.modelKwargs.max_completion_tokens;
-    } else if (shouldRemoveMaxTokens && clientOptions?.modelKwargs?.max_output_tokens != null) {
+    }
+    if (clientOptions?.modelKwargs?.max_output_tokens != null) {
       delete clientOptions.modelKwargs.max_output_tokens;
     }
 
@@ -1212,9 +1230,10 @@ class AgentClient extends BaseClient {
       });
 
       await this.recordCollectedUsage({
-        model: clientOptions.model,
-        context: 'title',
         collectedUsage,
+        context: 'title',
+        model: clientOptions.model,
+        balance: appConfig?.balance,
       }).catch((err) => {
         logger.error(
           '[api/server/controllers/agents/client.js #titleConvo] Error recording collected usage',
@@ -1233,17 +1252,26 @@ class AgentClient extends BaseClient {
    * @param {object} params
    * @param {number} params.promptTokens
    * @param {number} params.completionTokens
-   * @param {OpenAIUsageMetadata} [params.usage]
    * @param {string} [params.model]
+   * @param {OpenAIUsageMetadata} [params.usage]
+   * @param {AppConfig['balance']} [params.balance]
    * @param {string} [params.context='message']
    * @returns {Promise<void>}
    */
-  async recordTokenUsage({ model, promptTokens, completionTokens, usage, context = 'message' }) {
+  async recordTokenUsage({
+    model,
+    usage,
+    balance,
+    promptTokens,
+    completionTokens,
+    context = 'message',
+  }) {
     try {
       await spendTokens(
         {
           model,
           context,
+          balance,
           conversationId: this.conversationId,
           user: this.user ?? this.options.req.user?.id,
           endpointTokenConfig: this.options.endpointTokenConfig,
@@ -1260,6 +1288,7 @@ class AgentClient extends BaseClient {
         await spendTokens(
           {
             model,
+            balance,
             context: 'reasoning',
             conversationId: this.conversationId,
             user: this.user ?? this.options.req.user?.id,

api/server/controllers/agents/client.test.js

@@ -1,5 +1,6 @@
 const { Providers } = require('@librechat/agents');
 const { Constants, EModelEndpoint } = require('librechat-data-provider');
+const { getAppConfig } = require('~/server/services/Config');
 const AgentClient = require('./client');
 
 jest.mock('@librechat/agents', () => ({
@@ -10,6 +11,10 @@ jest.mock('@librechat/agents', () => ({
   }),
 }));
 
+jest.mock('~/server/services/Config', () => ({
+  getAppConfig: jest.fn(),
+}));
+
 describe('AgentClient - titleConvo', () => {
   let client;
   let mockRun;
@@ -39,19 +44,21 @@ describe('AgentClient - titleConvo', () => {
       },
     };
 
-    // Mock request and response
-    mockReq = {
-      app: {
-        locals: {
-          [EModelEndpoint.openAI]: {
-            // Match the agent endpoint
-            titleModel: 'gpt-3.5-turbo',
-            titlePrompt: 'Custom title prompt',
-            titleMethod: 'structured',
-            titlePromptTemplate: 'Template: {{content}}',
-          },
+    // Mock getAppConfig to return endpoint configurations
+    getAppConfig.mockResolvedValue({
+      endpoints: {
+        [EModelEndpoint.openAI]: {
+          // Match the agent endpoint
+          titleModel: 'gpt-3.5-turbo',
+          titlePrompt: 'Custom title prompt',
+          titleMethod: 'structured',
+          titlePromptTemplate: 'Template: {{content}}',
         },
       },
+    });
+
+    // Mock request and response
+    mockReq = {
       user: {
         id: 'user-123',
       },
@@ -143,7 +150,7 @@ describe('AgentClient - titleConvo', () => {
 
     it('should handle missing endpoint config gracefully', async () => {
       // Remove endpoint config
-      mockReq.app.locals[EModelEndpoint.openAI] = undefined;
+      getAppConfig.mockResolvedValue({ endpoints: {} });
 
       const text = 'Test conversation text';
       const abortController = new AbortController();
@@ -161,7 +168,16 @@ describe('AgentClient - titleConvo', () => {
 
     it('should use agent model when titleModel is not provided', async () => {
       // Remove titleModel from config
-      delete mockReq.app.locals[EModelEndpoint.openAI].titleModel;
+      getAppConfig.mockResolvedValue({
+        endpoints: {
+          [EModelEndpoint.openAI]: {
+            titlePrompt: 'Custom title prompt',
+            titleMethod: 'structured',
+            titlePromptTemplate: 'Template: {{content}}',
+            // titleModel is omitted
+          },
+        },
+      });
 
       const text = 'Test conversation text';
       const abortController = new AbortController();
@@ -173,7 +189,16 @@ describe('AgentClient - titleConvo', () => {
     });
 
     it('should not use titleModel when it equals CURRENT_MODEL constant', async () => {
-      mockReq.app.locals[EModelEndpoint.openAI].titleModel = Constants.CURRENT_MODEL;
+      getAppConfig.mockResolvedValue({
+        endpoints: {
+          [EModelEndpoint.openAI]: {
+            titleModel: Constants.CURRENT_MODEL,
+            titlePrompt: 'Custom title prompt',
+            titleMethod: 'structured',
+            titlePromptTemplate: 'Template: {{content}}',
+          },
+        },
+      });
 
       const text = 'Test conversation text';
       const abortController = new AbortController();
@@ -245,10 +270,17 @@ describe('AgentClient - titleConvo', () => {
       process.env.ANTHROPIC_API_KEY = 'test-api-key';
 
       // Add titleEndpoint to the config
-      mockReq.app.locals[EModelEndpoint.openAI].titleEndpoint = EModelEndpoint.anthropic;
-      mockReq.app.locals[EModelEndpoint.openAI].titleMethod = 'structured';
-      mockReq.app.locals[EModelEndpoint.openAI].titlePrompt = 'Custom title prompt';
-      mockReq.app.locals[EModelEndpoint.openAI].titlePromptTemplate = 'Custom template';
+      getAppConfig.mockResolvedValue({
+        endpoints: {
+          [EModelEndpoint.openAI]: {
+            titleModel: 'gpt-3.5-turbo',
+            titleEndpoint: EModelEndpoint.anthropic,
+            titleMethod: 'structured',
+            titlePrompt: 'Custom title prompt',
+            titlePromptTemplate: 'Custom template',
+          },
+        },
+      });
 
       const text = 'Test conversation text';
       const abortController = new AbortController();
@@ -274,19 +306,17 @@ describe('AgentClient - titleConvo', () => {
     });
 
     it('should use all config when endpoint config is missing', async () => {
-      // Remove endpoint-specific config
-      delete mockReq.app.locals[EModelEndpoint.openAI].titleModel;
-      delete mockReq.app.locals[EModelEndpoint.openAI].titlePrompt;
-      delete mockReq.app.locals[EModelEndpoint.openAI].titleMethod;
-      delete mockReq.app.locals[EModelEndpoint.openAI].titlePromptTemplate;
-
-      // Set 'all' config
-      mockReq.app.locals.all = {
-        titleModel: 'gpt-4o-mini',
-        titlePrompt: 'All config title prompt',
-        titleMethod: 'completion',
-        titlePromptTemplate: 'All config template: {{content}}',
-      };
+      // Set 'all' config without endpoint-specific config
+      getAppConfig.mockResolvedValue({
+        endpoints: {
+          all: {
+            titleModel: 'gpt-4o-mini',
+            titlePrompt: 'All config title prompt',
+            titleMethod: 'completion',
+            titlePromptTemplate: 'All config template: {{content}}',
+          },
+        },
+      });
 
       const text = 'Test conversation text';
       const abortController = new AbortController();
@@ -309,18 +339,22 @@ describe('AgentClient - titleConvo', () => {
 
     it('should prioritize all config over endpoint config for title settings', async () => {
       // Set both endpoint and 'all' config
-      mockReq.app.locals[EModelEndpoint.openAI].titleModel = 'gpt-3.5-turbo';
-      mockReq.app.locals[EModelEndpoint.openAI].titlePrompt = 'Endpoint title prompt';
-      mockReq.app.locals[EModelEndpoint.openAI].titleMethod = 'structured';
-      // Remove titlePromptTemplate from endpoint config to test fallback
-      delete mockReq.app.locals[EModelEndpoint.openAI].titlePromptTemplate;
-
-      mockReq.app.locals.all = {
-        titleModel: 'gpt-4o-mini',
-        titlePrompt: 'All config title prompt',
-        titleMethod: 'completion',
-        titlePromptTemplate: 'All config template',
-      };
+      getAppConfig.mockResolvedValue({
+        endpoints: {
+          [EModelEndpoint.openAI]: {
+            titleModel: 'gpt-3.5-turbo',
+            titlePrompt: 'Endpoint title prompt',
+            titleMethod: 'structured',
+            // titlePromptTemplate is omitted to test fallback
+          },
+          all: {
+            titleModel: 'gpt-4o-mini',
+            titlePrompt: 'All config title prompt',
+            titleMethod: 'completion',
+            titlePromptTemplate: 'All config template',
+          },
+        },
+      });
 
       const text = 'Test conversation text';
       const abortController = new AbortController();
@@ -346,18 +380,19 @@ describe('AgentClient - titleConvo', () => {
       const originalApiKey = process.env.ANTHROPIC_API_KEY;
       process.env.ANTHROPIC_API_KEY = 'test-anthropic-key';
 
-      // Remove endpoint-specific config to test 'all' config
-      delete mockReq.app.locals[EModelEndpoint.openAI];
-
       // Set comprehensive 'all' config with all new title options
-      mockReq.app.locals.all = {
-        titleConvo: true,
-        titleModel: 'claude-3-haiku-20240307',
-        titleMethod: 'completion', // Testing the new default method
-        titlePrompt: 'Generate a concise, descriptive title for this conversation',
-        titlePromptTemplate: 'Conversation summary: {{content}}',
-        titleEndpoint: EModelEndpoint.anthropic, // Should switch provider to Anthropic
-      };
+      getAppConfig.mockResolvedValue({
+        endpoints: {
+          all: {
+            titleConvo: true,
+            titleModel: 'claude-3-haiku-20240307',
+            titleMethod: 'completion', // Testing the new default method
+            titlePrompt: 'Generate a concise, descriptive title for this conversation',
+            titlePromptTemplate: 'Conversation summary: {{content}}',
+            titleEndpoint: EModelEndpoint.anthropic, // Should switch provider to Anthropic
+          },
+        },
+      });
 
       const text = 'Test conversation about AI and machine learning';
       const abortController = new AbortController();
@@ -402,16 +437,17 @@ describe('AgentClient - titleConvo', () => {
         // Clear previous calls
         mockRun.generateTitle.mockClear();
 
-        // Remove endpoint config
-        delete mockReq.app.locals[EModelEndpoint.openAI];
-
         // Set 'all' config with specific titleMethod
-        mockReq.app.locals.all = {
-          titleModel: 'gpt-4o-mini',
-          titleMethod: method,
-          titlePrompt: `Testing ${method} method`,
-          titlePromptTemplate: `Template for ${method}: {{content}}`,
-        };
+        getAppConfig.mockResolvedValue({
+          endpoints: {
+            all: {
+              titleModel: 'gpt-4o-mini',
+              titleMethod: method,
+              titlePrompt: `Testing ${method} method`,
+              titlePromptTemplate: `Template for ${method}: {{content}}`,
+            },
+          },
+        });
 
         const text = `Test conversation for ${method} method`;
         const abortController = new AbortController();
@@ -455,32 +491,36 @@ describe('AgentClient - titleConvo', () => {
         // Set up Azure endpoint with serverless config
         mockAgent.endpoint = EModelEndpoint.azureOpenAI;
         mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: 'grok-3',
-          titleMethod: 'completion',
-          titlePrompt: 'Azure serverless title prompt',
-          streamRate: 35,
-          modelGroupMap: {
-            'grok-3': {
-              group: 'Azure AI Foundry',
-              deploymentName: 'grok-3',
-            },
-          },
-          groupMap: {
-            'Azure AI Foundry': {
-              apiKey: '${AZURE_API_KEY}',
-              baseURL: 'https://test.services.ai.azure.com/models',
-              version: '2024-05-01-preview',
-              serverless: true,
-              models: {
+        getAppConfig.mockResolvedValue({
+          endpoints: {
+            [EModelEndpoint.azureOpenAI]: {
+              titleConvo: true,
+              titleModel: 'grok-3',
+              titleMethod: 'completion',
+              titlePrompt: 'Azure serverless title prompt',
+              streamRate: 35,
+              modelGroupMap: {
                 'grok-3': {
+                  group: 'Azure AI Foundry',
                   deploymentName: 'grok-3',
                 },
               },
+              groupMap: {
+                'Azure AI Foundry': {
+                  apiKey: '${AZURE_API_KEY}',
+                  baseURL: 'https://test.services.ai.azure.com/models',
+                  version: '2024-05-01-preview',
+                  serverless: true,
+                  models: {
+                    'grok-3': {
+                      deploymentName: 'grok-3',
+                    },
+                  },
+                },
+              },
             },
           },
-        };
+        });
         mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
         mockReq.body.model = 'grok-3';
 
@@ -503,31 +543,35 @@ describe('AgentClient - titleConvo', () => {
         // Set up Azure endpoint
         mockAgent.endpoint = EModelEndpoint.azureOpenAI;
         mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: 'gpt-4o',
-          titleMethod: 'structured',
-          titlePrompt: 'Azure instance title prompt',
-          streamRate: 35,
-          modelGroupMap: {
-            'gpt-4o': {
-              group: 'eastus',
-              deploymentName: 'gpt-4o',
-            },
-          },
-          groupMap: {
-            eastus: {
-              apiKey: '${EASTUS_API_KEY}',
-              instanceName: 'region-instance',
-              version: '2024-02-15-preview',
-              models: {
+        getAppConfig.mockResolvedValue({
+          endpoints: {
+            [EModelEndpoint.azureOpenAI]: {
+              titleConvo: true,
+              titleModel: 'gpt-4o',
+              titleMethod: 'structured',
+              titlePrompt: 'Azure instance title prompt',
+              streamRate: 35,
+              modelGroupMap: {
                 'gpt-4o': {
+                  group: 'eastus',
                   deploymentName: 'gpt-4o',
                 },
               },
+              groupMap: {
+                eastus: {
+                  apiKey: '${EASTUS_API_KEY}',
+                  instanceName: 'region-instance',
+                  version: '2024-02-15-preview',
+                  models: {
+                    'gpt-4o': {
+                      deploymentName: 'gpt-4o',
+                    },
+                  },
+                },
+              },
             },
           },
-        };
+        });
         mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
         mockReq.body.model = 'gpt-4o';
 
@@ -551,32 +595,36 @@ describe('AgentClient - titleConvo', () => {
         mockAgent.endpoint = EModelEndpoint.azureOpenAI;
         mockAgent.provider = EModelEndpoint.azureOpenAI;
         mockAgent.model_parameters.model = 'gpt-4o-latest';
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: Constants.CURRENT_MODEL,
-          titleMethod: 'functions',
-          streamRate: 35,
-          modelGroupMap: {
-            'gpt-4o-latest': {
-              group: 'region-eastus',
-              deploymentName: 'gpt-4o-mini',
-              version: '2024-02-15-preview',
-            },
-          },
-          groupMap: {
-            'region-eastus': {
-              apiKey: '${EASTUS2_API_KEY}',
-              instanceName: 'test-instance',
-              version: '2024-12-01-preview',
-              models: {
+        getAppConfig.mockResolvedValue({
+          endpoints: {
+            [EModelEndpoint.azureOpenAI]: {
+              titleConvo: true,
+              titleModel: Constants.CURRENT_MODEL,
+              titleMethod: 'functions',
+              streamRate: 35,
+              modelGroupMap: {
                 'gpt-4o-latest': {
+                  group: 'region-eastus',
                   deploymentName: 'gpt-4o-mini',
                   version: '2024-02-15-preview',
                 },
               },
+              groupMap: {
+                'region-eastus': {
+                  apiKey: '${EASTUS2_API_KEY}',
+                  instanceName: 'test-instance',
+                  version: '2024-12-01-preview',
+                  models: {
+                    'gpt-4o-latest': {
+                      deploymentName: 'gpt-4o-mini',
+                      version: '2024-02-15-preview',
+                    },
+                  },
+                },
+              },
             },
           },
-        };
+        });
         mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
         mockReq.body.model = 'gpt-4o-latest';
 
@@ -598,59 +646,63 @@ describe('AgentClient - titleConvo', () => {
         // Set up Azure endpoint
         mockAgent.endpoint = EModelEndpoint.azureOpenAI;
         mockAgent.provider = EModelEndpoint.azureOpenAI;
-        mockReq.app.locals[EModelEndpoint.azureOpenAI] = {
-          titleConvo: true,
-          titleModel: 'o1-mini',
-          titleMethod: 'completion',
-          streamRate: 35,
-          modelGroupMap: {
-            'gpt-4o': {
-              group: 'eastus',
-              deploymentName: 'gpt-4o',
-            },
-            'o1-mini': {
-              group: 'region-eastus',
-              deploymentName: 'o1-mini',
-            },
-            'codex-mini': {
-              group: 'codex-mini',
-              deploymentName: 'codex-mini',
-            },
-          },
-          groupMap: {
-            eastus: {
-              apiKey: '${EASTUS_API_KEY}',
-              instanceName: 'region-eastus',
-              version: '2024-02-15-preview',
-              models: {
+        getAppConfig.mockResolvedValue({
+          endpoints: {
+            [EModelEndpoint.azureOpenAI]: {
+              titleConvo: true,
+              titleModel: 'o1-mini',
+              titleMethod: 'completion',
+              streamRate: 35,
+              modelGroupMap: {
                 'gpt-4o': {
+                  group: 'eastus',
                   deploymentName: 'gpt-4o',
                 },
-              },
-            },
-            'region-eastus': {
-              apiKey: '${EASTUS2_API_KEY}',
-              instanceName: 'region-eastus2',
-              version: '2024-12-01-preview',
-              models: {
                 'o1-mini': {
+                  group: 'region-eastus',
                   deploymentName: 'o1-mini',
                 },
-              },
-            },
-            'codex-mini': {
-              apiKey: '${AZURE_API_KEY}',
-              baseURL: 'https://example.cognitiveservices.azure.com/openai/',
-              version: '2025-04-01-preview',
-              serverless: true,
-              models: {
                 'codex-mini': {
+                  group: 'codex-mini',
                   deploymentName: 'codex-mini',
                 },
               },
+              groupMap: {
+                eastus: {
+                  apiKey: '${EASTUS_API_KEY}',
+                  instanceName: 'region-eastus',
+                  version: '2024-02-15-preview',
+                  models: {
+                    'gpt-4o': {
+                      deploymentName: 'gpt-4o',
+                    },
+                  },
+                },
+                'region-eastus': {
+                  apiKey: '${EASTUS2_API_KEY}',
+                  instanceName: 'region-eastus2',
+                  version: '2024-12-01-preview',
+                  models: {
+                    'o1-mini': {
+                      deploymentName: 'o1-mini',
+                    },
+                  },
+                },
+                'codex-mini': {
+                  apiKey: '${AZURE_API_KEY}',
+                  baseURL: 'https://example.cognitiveservices.azure.com/openai/',
+                  version: '2025-04-01-preview',
+                  serverless: true,
+                  models: {
+                    'codex-mini': {
+                      deploymentName: 'codex-mini',
+                    },
+                  },
+                },
+              },
             },
           },
-        };
+        });
         mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
         mockReq.body.model = 'o1-mini';
 
@@ -679,36 +731,37 @@ describe('AgentClient - titleConvo', () => {
         mockReq.body.endpoint = EModelEndpoint.azureOpenAI;
         mockReq.body.model = 'gpt-4';
 
-        // Remove Azure-specific config
-        delete mockReq.app.locals[EModelEndpoint.azureOpenAI];
-
         // Set 'all' config as fallback with a serverless Azure config
-        mockReq.app.locals.all = {
-          titleConvo: true,
-          titleModel: 'gpt-4',
-          titleMethod: 'structured',
-          titlePrompt: 'Fallback title prompt from all config',
-          titlePromptTemplate: 'Template: {{content}}',
-          modelGroupMap: {
-            'gpt-4': {
-              group: 'default-group',
-              deploymentName: 'gpt-4',
-            },
-          },
-          groupMap: {
-            'default-group': {
-              apiKey: '${AZURE_API_KEY}',
-              baseURL: 'https://default.openai.azure.com/',
-              version: '2024-02-15-preview',
-              serverless: true,
-              models: {
+        getAppConfig.mockResolvedValue({
+          endpoints: {
+            all: {
+              titleConvo: true,
+              titleModel: 'gpt-4',
+              titleMethod: 'structured',
+              titlePrompt: 'Fallback title prompt from all config',
+              titlePromptTemplate: 'Template: {{content}}',
+              modelGroupMap: {
                 'gpt-4': {
+                  group: 'default-group',
                   deploymentName: 'gpt-4',
                 },
               },
+              groupMap: {
+                'default-group': {
+                  apiKey: '${AZURE_API_KEY}',
+                  baseURL: 'https://default.openai.azure.com/',
+                  version: '2024-02-15-preview',
+                  serverless: true,
+                  models: {
+                    'gpt-4': {
+                      deploymentName: 'gpt-4',
+                    },
+                  },
+                },
+              },
             },
           },
-        };
+        });
 
         const text = 'Test Azure with all config fallback';
         const abortController = new AbortController();
@@ -982,13 +1035,6 @@ describe('AgentClient - titleConvo', () => {
       };
 
       mockReq = {
-        app: {
-          locals: {
-            memory: {
-              messageWindowSize: 3,
-            },
-          },
-        },
         user: {
           id: 'user-123',
           personalization: {
@@ -997,6 +1043,13 @@ describe('AgentClient - titleConvo', () => {
         },
       };
 
+      // Mock getAppConfig for memory tests
+      getAppConfig.mockResolvedValue({
+        memory: {
+          messageWindowSize: 3,
+        },
+      });
+
       mockRes = {};
 
       mockOptions = {

api/server/controllers/agents/v1.js

@@ -31,12 +31,12 @@ const {
   grantPermission,
 } = require('~/server/services/PermissionService');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
+const { getCachedTools, getAppConfig } = require('~/server/services/Config');
 const { resizeAvatar } = require('~/server/services/Files/images/avatar');
 const { getFileStrategy } = require('~/server/utils/getFileStrategy');
 const { refreshS3Url } = require('~/server/services/Files/S3/crud');
 const { filterFile } = require('~/server/services/Files/process');
 const { updateAction, getActions } = require('~/models/Action');
-const { getCachedTools } = require('~/server/services/Config');
 const { deleteFileByFilter } = require('~/models/File');
 const { getCategoriesWithCounts } = require('~/models');
 
@@ -487,6 +487,7 @@ const getListAgentsHandler = async (req, res) => {
  */
 const uploadAgentAvatarHandler = async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     filterFile({ req, file: req.file, image: true, isAvatar: true });
     const { agent_id } = req.params;
     if (!agent_id) {
@@ -510,9 +511,7 @@ const uploadAgentAvatarHandler = async (req, res) => {
     }
 
     const buffer = await fs.readFile(req.file.path);
-
-    const fileStrategy = getFileStrategy(req.app.locals, { isAvatar: true });
-
+    const fileStrategy = getFileStrategy(appConfig, { isAvatar: true });
     const resizedBuffer = await resizeAvatar({
       userId: req.user.id,
       input: buffer,

api/server/controllers/assistants/chatV1.js

@@ -29,6 +29,7 @@ const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
 const { createRunBody } = require('~/server/services/createRunBody');
 const { sendResponse } = require('~/server/middleware/error');
+const { getAppConfig } = require('~/server/services/Config');
 const { getTransactions } = require('~/models/Transaction');
 const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
@@ -47,6 +48,7 @@ const { getOpenAIClient } = require('./helpers');
  * @returns {void}
  */
 const chatV1 = async (req, res) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   logger.debug('[/assistants/chat/] req.body', req.body);
 
   const {
@@ -251,7 +253,7 @@ const chatV1 = async (req, res) => {
     }
 
     const checkBalanceBeforeRun = async () => {
-      const balance = req.app?.locals?.balance;
+      const balance = appConfig?.balance;
       if (!balance?.enabled) {
         return;
       }

api/server/controllers/assistants/chatV2.js

@@ -26,6 +26,7 @@ const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { createRun, StreamRunManager } = require('~/server/services/Runs');
 const { addTitle } = require('~/server/services/Endpoints/assistants');
 const { createRunBody } = require('~/server/services/createRunBody');
+const { getAppConfig } = require('~/server/services/Config');
 const { getTransactions } = require('~/models/Transaction');
 const { checkBalance } = require('~/models/balanceMethods');
 const { getConvo } = require('~/models/Conversation');
@@ -44,6 +45,7 @@ const { getOpenAIClient } = require('./helpers');
  */
 const chatV2 = async (req, res) => {
   logger.debug('[/assistants/chat/] req.body', req.body);
+  const appConfig = await getAppConfig({ role: req.user?.role });
 
   /** @type {{files: MongoFile[]}} */
   const {
@@ -126,7 +128,7 @@ const chatV2 = async (req, res) => {
     }
 
     const checkBalanceBeforeRun = async () => {
-      const balance = req.app?.locals?.balance;
+      const balance = appConfig?.balance;
       if (!balance?.enabled) {
         return;
       }
@@ -374,9 +376,9 @@ const chatV2 = async (req, res) => {
       };
 
       /** @type {undefined | TAssistantEndpoint} */
-      const config = req.app.locals[endpoint] ?? {};
+      const config = appConfig.endpoints?.[endpoint] ?? {};
       /** @type {undefined | TBaseEndpoint} */
-      const allConfig = req.app.locals.all;
+      const allConfig = appConfig.endpoints?.all;
 
       const streamRunManager = new StreamRunManager({
         req,

api/server/controllers/assistants/helpers.js

@@ -7,8 +7,8 @@ const {
 const {
   initializeClient: initAzureClient,
 } = require('~/server/services/Endpoints/azureAssistants');
+const { getEndpointsConfig, getAppConfig } = require('~/server/services/Config');
 const { initializeClient } = require('~/server/services/Endpoints/assistants');
-const { getEndpointsConfig } = require('~/server/services/Config');
 
 /**
  * @param {Express.Request} req
@@ -210,6 +210,7 @@ async function getOpenAIClient({ req, res, endpointOption, initAppClient, overri
  * @returns {Promise<AssistantListResponse>} 200 - success response - application/json
  */
 const fetchAssistants = async ({ req, res, overrideEndpoint }) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   const {
     limit = 100,
     order = 'desc',
@@ -230,20 +231,20 @@ const fetchAssistants = async ({ req, res, overrideEndpoint }) => {
   if (endpoint === EModelEndpoint.assistants) {
     ({ body } = await listAllAssistants({ req, res, version, query }));
   } else if (endpoint === EModelEndpoint.azureAssistants) {
-    const azureConfig = req.app.locals[EModelEndpoint.azureOpenAI];
+    const azureConfig = appConfig.endpoints?.[EModelEndpoint.azureOpenAI];
     body = await listAssistantsForAzure({ req, res, version, azureConfig, query });
   }
 
   if (req.user.role === SystemRoles.ADMIN) {
     return body;
-  } else if (!req.app.locals[endpoint]) {
+  } else if (!appConfig.endpoints?.[endpoint]) {
     return body;
   }
 
   body.data = filterAssistants({
     userId: req.user.id,
     assistants: body.data,
-    assistantsConfig: req.app.locals[endpoint],
+    assistantsConfig: appConfig.endpoints?.[endpoint],
   });
   return body;
 };

api/server/controllers/assistants/v1.js

@@ -5,9 +5,9 @@ const { uploadImageBuffer, filterFile } = require('~/server/services/Files/proce
 const validateAuthor = require('~/server/middleware/assistants/validateAuthor');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
 const { deleteAssistantActions } = require('~/server/services/ActionService');
+const { getCachedTools, getAppConfig } = require('~/server/services/Config');
 const { updateAssistantDoc, getAssistants } = require('~/models/Assistant');
 const { getOpenAIClient, fetchAssistants } = require('./helpers');
-const { getCachedTools } = require('~/server/services/Config');
 const { manifestToolMap } = require('~/app/clients/tools');
 const { deleteFileByFilter } = require('~/models/File');
 
@@ -258,8 +258,9 @@ function filterAssistantDocs({ documents, userId, assistantsConfig = {} }) {
  */
 const getAssistantDocuments = async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     const endpoint = req.query;
-    const assistantsConfig = req.app.locals[endpoint];
+    const assistantsConfig = appConfig.endpoints?.[endpoint];
     const documents = await getAssistants(
       {},
       {
@@ -296,6 +297,7 @@ const getAssistantDocuments = async (req, res) => {
  */
 const uploadAssistantAvatar = async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     filterFile({ req, file: req.file, image: true, isAvatar: true });
     const { assistant_id } = req.params;
     if (!assistant_id) {
@@ -337,7 +339,7 @@ const uploadAssistantAvatar = async (req, res) => {
     const metadata = {
       ..._metadata,
       avatar: image.filepath,
-      avatar_source: req.app.locals.fileStrategy,
+      avatar_source: appConfig.fileStrategy,
     };
 
     const promises = [];
@@ -347,7 +349,7 @@ const uploadAssistantAvatar = async (req, res) => {
         {
           avatar: {
             filepath: image.filepath,
-            source: req.app.locals.fileStrategy,
+            source: appConfig.fileStrategy,
           },
           user: req.user.id,
         },

api/server/controllers/auth/TwoFactorAuthController.js

@@ -22,10 +22,11 @@ const verify2FAWithTempToken = async (req, res) => {
     try {
       payload = jwt.verify(tempToken, process.env.JWT_SECRET);
     } catch (err) {
+      logger.error('Failed to verify temporary token:', err);
       return res.status(401).json({ message: 'Invalid or expired temporary token' });
     }
 
-    const user = await getUserById(payload.userId);
+    const user = await getUserById(payload.userId, '+totpSecret +backupCodes');
     if (!user || !user.twoFactorEnabled) {
       return res.status(400).json({ message: '2FA is not enabled for this user' });
     }
@@ -42,11 +43,11 @@ const verify2FAWithTempToken = async (req, res) => {
       return res.status(401).json({ message: 'Invalid 2FA code or backup code' });
     }
 
-    // Prepare user data to return (omit sensitive fields).
     const userData = user.toObject ? user.toObject() : { ...user };
-    delete userData.password;
     delete userData.__v;
+    delete userData.password;
     delete userData.totpSecret;
+    delete userData.backupCodes;
     userData.id = user._id.toString();
 
     const authToken = await setAuthTokens(user._id, res);

api/server/controllers/tools.js

@@ -13,6 +13,7 @@ const { processFileURL, uploadImageBuffer } = require('~/server/services/Files/p
 const { processCodeOutput } = require('~/server/services/Files/Code/process');
 const { createToolCall, getToolCallsByConvo } = require('~/models/ToolCall');
 const { loadAuthValues } = require('~/server/services/Tools/credentials');
+const { getAppConfig } = require('~/server/services/Config');
 const { loadTools } = require('~/app/clients/tools/util');
 const { getRoleByName } = require('~/models/Role');
 const { getMessage } = require('~/models/Message');
@@ -35,9 +36,10 @@ const toolAccessPermType = {
  */
 const verifyWebSearchAuth = async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     const userId = req.user.id;
     /** @type {TCustomConfig['webSearch']} */
-    const webSearchConfig = req.app.locals?.webSearch || {};
+    const webSearchConfig = appConfig?.webSearch || {};
     const result = await loadWebSearchAuth({
       userId,
       loadAuthValues,
@@ -110,6 +112,7 @@ const verifyToolAuth = async (req, res) => {
  */
 const callTool = async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     const { toolId = '' } = req.params;
     if (!fieldsMap[toolId]) {
       logger.warn(`[${toolId}/call] User ${req.user.id} attempted call to invalid tool`);
@@ -155,8 +158,10 @@ const callTool = async (req, res) => {
         returnMetadata: true,
         processFileURL,
         uploadImageBuffer,
-        fileStrategy: req.app.locals.fileStrategy,
       },
+      webSearch: appConfig.webSearch,
+      fileStrategy: appConfig.fileStrategy,
+      imageOutputType: appConfig.imageOutputType,
     });
 
     const tool = loadedTools[0];

api/server/index.js

@@ -14,11 +14,14 @@ const { isEnabled, ErrorController } = require('@librechat/api');
 const { connectDb, indexSync } = require('~/db');
 const validateImageRequest = require('./middleware/validateImageRequest');
 const { jwtLogin, ldapLogin, passportLogin } = require('~/strategies');
+const { updateInterfacePermissions } = require('~/models/interface');
+const { checkMigrations } = require('./services/start/migration');
 const initializeMCPs = require('./services/initializeMCPs');
 const configureSocialLogins = require('./socialLogins');
-const AppService = require('./services/AppService');
+const { getAppConfig } = require('./services/Config');
 const staticCache = require('./utils/staticCache');
 const noIndex = require('./middleware/noIndex');
+const { seedDatabase } = require('~/models');
 const routes = require('./routes');
 
 const { PORT, HOST, ALLOW_SOCIAL_LOGIN, DISABLE_COMPRESSION, TRUST_PROXY } = process.env ?? {};
@@ -44,9 +47,11 @@ const startServer = async () => {
   app.disable('x-powered-by');
   app.set('trust proxy', trusted_proxy);
 
-  await AppService(app);
+  await seedDatabase();
 
-  const indexPath = path.join(app.locals.paths.dist, 'index.html');
+  const appConfig = await getAppConfig();
+  await updateInterfacePermissions(appConfig);
+  const indexPath = path.join(appConfig.paths.dist, 'index.html');
   const indexHTML = fs.readFileSync(indexPath, 'utf8');
 
   app.get('/health', (_req, res) => res.status(200).send('OK'));
@@ -65,10 +70,9 @@ const startServer = async () => {
     console.warn('Response compression has been disabled via DISABLE_COMPRESSION.');
   }
 
-  // Serve static assets with aggressive caching
-  app.use(staticCache(app.locals.paths.dist));
-  app.use(staticCache(app.locals.paths.fonts));
-  app.use(staticCache(app.locals.paths.assets));
+  app.use(staticCache(appConfig.paths.dist));
+  app.use(staticCache(appConfig.paths.fonts));
+  app.use(staticCache(appConfig.paths.assets));
 
   if (!ALLOW_SOCIAL_LOGIN) {
     console.warn('Social logins are disabled. Set ALLOW_SOCIAL_LOGIN=true to enable them.');
@@ -145,7 +149,7 @@ const startServer = async () => {
       logger.info(`Server listening at http://${host == '0.0.0.0' ? 'localhost' : host}:${port}`);
     }
 
-    initializeMCPs(app);
+    initializeMCPs().then(() => checkMigrations());
   });
 };
 

api/server/index.spec.js

@@ -3,9 +3,28 @@ const request = require('supertest');
 const { MongoMemoryServer } = require('mongodb-memory-server');
 const mongoose = require('mongoose');
 
-jest.mock('~/server/services/Config/loadCustomConfig', () => {
-  return jest.fn(() => Promise.resolve({}));
-});
+jest.mock('~/server/services/Config', () => ({
+  loadCustomConfig: jest.fn(() => Promise.resolve({})),
+  setAppConfig: jest.fn(),
+  getAppConfig: jest.fn().mockResolvedValue({
+    paths: {
+      uploads: '/tmp',
+      dist: '/tmp/dist',
+      fonts: '/tmp/fonts',
+      assets: '/tmp/assets',
+    },
+    fileStrategy: 'local',
+    imageOutputType: 'PNG',
+  }),
+  setCachedTools: jest.fn(),
+}));
+
+jest.mock('~/app/clients/tools', () => ({
+  createOpenAIImageTools: jest.fn(() => []),
+  createYouTubeTools: jest.fn(() => []),
+  manifestToolMap: {},
+  toolkits: [],
+}));
 
 describe('Server Configuration', () => {
   // Increase the default timeout to allow for Mongo cleanup
@@ -31,6 +50,22 @@ describe('Server Configuration', () => {
   });
 
   beforeAll(async () => {
+    // Create the required directories and files for the test
+    const fs = require('fs');
+    const path = require('path');
+
+    const dirs = ['/tmp/dist', '/tmp/fonts', '/tmp/assets'];
+    dirs.forEach((dir) => {
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+      }
+    });
+
+    fs.writeFileSync(
+      path.join('/tmp/dist', 'index.html'),
+      '<!DOCTYPE html><html><head><title>LibreChat</title></head><body><div id="root"></div></body></html>',
+    );
+
     mongoServer = await MongoMemoryServer.create();
     process.env.MONGO_URI = mongoServer.getUri();
     process.env.PORT = '0'; // Use a random available port

api/server/middleware/assistants/validate.js

@@ -1,5 +1,6 @@
 const { v4 } = require('uuid');
 const { handleAbortError } = require('~/server/middleware/abortMiddleware');
+const { getAppConfig } = require('~/server/services/Config/app');
 
 /**
  * Checks if the assistant is supported or excluded
@@ -12,8 +13,9 @@ const { handleAbortError } = require('~/server/middleware/abortMiddleware');
 const validateAssistant = async (req, res, next) => {
   const { endpoint, conversationId, assistant_id, messageId } = req.body;
 
+  const appConfig = await getAppConfig({ role: req.user?.role });
   /** @type {Partial<TAssistantEndpoint>} */
-  const assistantsConfig = req.app.locals?.[endpoint];
+  const assistantsConfig = appConfig.endpoints?.[endpoint];
   if (!assistantsConfig) {
     return next();
   }

api/server/middleware/assistants/validateAuthor.js

@@ -1,4 +1,5 @@
 const { SystemRoles } = require('librechat-data-provider');
+const { getAppConfig } = require('~/server/services/Config/app');
 const { getAssistant } = require('~/models/Assistant');
 
 /**
@@ -20,8 +21,9 @@ const validateAuthor = async ({ req, openai, overrideEndpoint, overrideAssistant
   const assistant_id =
     overrideAssistantId ?? req.params.id ?? req.body.assistant_id ?? req.query.assistant_id;
 
+  const appConfig = await getAppConfig({ role: req.user?.role });
   /** @type {Partial<TAssistantEndpoint>} */
-  const assistantsConfig = req.app.locals?.[endpoint];
+  const assistantsConfig = appConfig.endpoints?.[endpoint];
   if (!assistantsConfig) {
     return;
   }

api/server/middleware/buildEndpointOption.js

@@ -10,6 +10,7 @@ const azureAssistants = require('~/server/services/Endpoints/azureAssistants');
 const assistants = require('~/server/services/Endpoints/assistants');
 const { processFiles } = require('~/server/services/Files/process');
 const anthropic = require('~/server/services/Endpoints/anthropic');
+const { getAppConfig } = require('~/server/services/Config/app');
 const bedrock = require('~/server/services/Endpoints/bedrock');
 const openAI = require('~/server/services/Endpoints/openAI');
 const agents = require('~/server/services/Endpoints/agents');
@@ -40,9 +41,10 @@ async function buildEndpointOption(req, res, next) {
     return handleError(res, { text: 'Error parsing conversation' });
   }
 
-  if (req.app.locals.modelSpecs?.list && req.app.locals.modelSpecs?.enforce) {
+  const appConfig = await getAppConfig({ role: req.user?.role });
+  if (appConfig.modelSpecs?.list && appConfig.modelSpecs?.enforce) {
     /** @type {{ list: TModelSpec[] }}*/
-    const { list } = req.app.locals.modelSpecs;
+    const { list } = appConfig.modelSpecs;
     const { spec } = parsedBody;
 
     if (!spec) {

api/server/middleware/checkDomainAllowed.js

@@ -1,5 +1,6 @@
+const { logger } = require('@librechat/data-schemas');
 const { isEmailDomainAllowed } = require('~/server/services/domains');
-const { logger } = require('~/config');
+const { getAppConfig } = require('~/server/services/Config');
 
 /**
  * Checks the domain's social login is allowed
@@ -14,7 +15,10 @@ const { logger } = require('~/config');
  */
 const checkDomainAllowed = async (req, res, next = () => {}) => {
   const email = req?.user?.email;
-  if (email && !(await isEmailDomainAllowed(email))) {
+  const appConfig = getAppConfig({
+    role: req?.user?.role,
+  });
+  if (email && !(await isEmailDomainAllowed(email, appConfig?.registration?.allowedDomains))) {
     logger.error(`[Social Login] [Social Login not allowed] [Email: ${email}]`);
     return res.redirect('/login');
   } else {

api/server/middleware/index.js

@@ -9,7 +9,6 @@ const validateEndpoint = require('./validateEndpoint');
 const requireLocalAuth = require('./requireLocalAuth');
 const canDeleteAccount = require('./canDeleteAccount');
 const accessResources = require('./accessResources');
-const setBalanceConfig = require('./setBalanceConfig');
 const requireLdapAuth = require('./requireLdapAuth');
 const abortMiddleware = require('./abortMiddleware');
 const checkInviteUser = require('./checkInviteUser');
@@ -44,7 +43,6 @@ module.exports = {
   requireLocalAuth,
   canDeleteAccount,
   validateEndpoint,
-  setBalanceConfig,
   concurrentLimiter,
   checkDomainAllowed,
   validateMessageReq,

api/server/middleware/setBalanceConfig.js

@@ -1,91 +0,0 @@
-const { logger } = require('@librechat/data-schemas');
-const { getBalanceConfig } = require('~/server/services/Config');
-const { Balance } = require('~/db/models');
-
-/**
- * Middleware to synchronize user balance settings with current balance configuration.
- * @function
- * @param {Object} req - Express request object containing user information.
- * @param {Object} res - Express response object.
- * @param {import('express').NextFunction} next - Next middleware function.
- */
-const setBalanceConfig = async (req, res, next) => {
-  try {
-    const balanceConfig = await getBalanceConfig();
-    if (!balanceConfig?.enabled) {
-      return next();
-    }
-    if (balanceConfig.startBalance == null) {
-      return next();
-    }
-
-    const userId = req.user._id;
-    const userBalanceRecord = await Balance.findOne({ user: userId }).lean();
-    const updateFields = buildUpdateFields(balanceConfig, userBalanceRecord);
-
-    if (Object.keys(updateFields).length === 0) {
-      return next();
-    }
-
-    await Balance.findOneAndUpdate(
-      { user: userId },
-      { $set: updateFields },
-      { upsert: true, new: true },
-    );
-
-    next();
-  } catch (error) {
-    logger.error('Error setting user balance:', error);
-    next(error);
-  }
-};
-
-/**
- * Build an object containing fields that need updating
- * @param {Object} config - The balance configuration
- * @param {Object|null} userRecord - The user's current balance record, if any
- * @returns {Object} Fields that need updating
- */
-function buildUpdateFields(config, userRecord) {
-  const updateFields = {};
-
-  // Ensure user record has the required fields
-  if (!userRecord) {
-    updateFields.user = userRecord?.user;
-    updateFields.tokenCredits = config.startBalance;
-  }
-
-  if (userRecord?.tokenCredits == null && config.startBalance != null) {
-    updateFields.tokenCredits = config.startBalance;
-  }
-
-  const isAutoRefillConfigValid =
-    config.autoRefillEnabled &&
-    config.refillIntervalValue != null &&
-    config.refillIntervalUnit != null &&
-    config.refillAmount != null;
-
-  if (!isAutoRefillConfigValid) {
-    return updateFields;
-  }
-
-  if (userRecord?.autoRefillEnabled !== config.autoRefillEnabled) {
-    updateFields.autoRefillEnabled = config.autoRefillEnabled;
-  }
-
-  if (userRecord?.refillIntervalValue !== config.refillIntervalValue) {
-    updateFields.refillIntervalValue = config.refillIntervalValue;
-  }
-
-  if (userRecord?.refillIntervalUnit !== config.refillIntervalUnit) {
-    updateFields.refillIntervalUnit = config.refillIntervalUnit;
-  }
-
-  if (userRecord?.refillAmount !== config.refillAmount) {
-    updateFields.refillAmount = config.refillAmount;
-  }
-
-  return updateFields;
-}
-
-module.exports = setBalanceConfig;

api/server/middleware/spec/validateImages.spec.js

@@ -1,13 +1,18 @@
 const jwt = require('jsonwebtoken');
 const validateImageRequest = require('~/server/middleware/validateImageRequest');
 
+jest.mock('~/server/services/Config/app', () => ({
+  getAppConfig: jest.fn(),
+}));
+
 describe('validateImageRequest middleware', () => {
   let req, res, next;
   const validObjectId = '65cfb246f7ecadb8b1e8036b';
+  const { getAppConfig } = require('~/server/services/Config/app');
 
   beforeEach(() => {
+    jest.clearAllMocks();
     req = {
-      app: { locals: { secureImageLinks: true } },
       headers: {},
       originalUrl: '',
     };
@@ -17,79 +22,86 @@ describe('validateImageRequest middleware', () => {
     };
     next = jest.fn();
     process.env.JWT_REFRESH_SECRET = 'test-secret';
+
+    // Mock getAppConfig to return secureImageLinks: true by default
+    getAppConfig.mockResolvedValue({
+      secureImageLinks: true,
+    });
   });
 
   afterEach(() => {
     jest.clearAllMocks();
   });
 
-  test('should call next() if secureImageLinks is false', () => {
-    req.app.locals.secureImageLinks = false;
-    validateImageRequest(req, res, next);
+  test('should call next() if secureImageLinks is false', async () => {
+    getAppConfig.mockResolvedValue({
+      secureImageLinks: false,
+    });
+    await validateImageRequest(req, res, next);
     expect(next).toHaveBeenCalled();
   });
 
-  test('should return 401 if refresh token is not provided', () => {
-    validateImageRequest(req, res, next);
+  test('should return 401 if refresh token is not provided', async () => {
+    await validateImageRequest(req, res, next);
     expect(res.status).toHaveBeenCalledWith(401);
     expect(res.send).toHaveBeenCalledWith('Unauthorized');
   });
 
-  test('should return 403 if refresh token is invalid', () => {
+  test('should return 403 if refresh token is invalid', async () => {
     req.headers.cookie = 'refreshToken=invalid-token';
-    validateImageRequest(req, res, next);
+    await validateImageRequest(req, res, next);
     expect(res.status).toHaveBeenCalledWith(403);
     expect(res.send).toHaveBeenCalledWith('Access Denied');
   });
 
-  test('should return 403 if refresh token is expired', () => {
+  test('should return 403 if refresh token is expired', async () => {
     const expiredToken = jwt.sign(
       { id: validObjectId, exp: Math.floor(Date.now() / 1000) - 3600 },
       process.env.JWT_REFRESH_SECRET,
     );
     req.headers.cookie = `refreshToken=${expiredToken}`;
-    validateImageRequest(req, res, next);
+    await validateImageRequest(req, res, next);
     expect(res.status).toHaveBeenCalledWith(403);
     expect(res.send).toHaveBeenCalledWith('Access Denied');
   });
 
-  test('should call next() for valid image path', () => {
+  test('should call next() for valid image path', async () => {
     const validToken = jwt.sign(
       { id: validObjectId, exp: Math.floor(Date.now() / 1000) + 3600 },
       process.env.JWT_REFRESH_SECRET,
     );
     req.headers.cookie = `refreshToken=${validToken}`;
     req.originalUrl = `/images/${validObjectId}/example.jpg`;
-    validateImageRequest(req, res, next);
+    await validateImageRequest(req, res, next);
     expect(next).toHaveBeenCalled();
   });
 
-  test('should return 403 for invalid image path', () => {
+  test('should return 403 for invalid image path', async () => {
     const validToken = jwt.sign(
       { id: validObjectId, exp: Math.floor(Date.now() / 1000) + 3600 },
       process.env.JWT_REFRESH_SECRET,
     );
     req.headers.cookie = `refreshToken=${validToken}`;
     req.originalUrl = '/images/65cfb246f7ecadb8b1e8036c/example.jpg'; // Different ObjectId
-    validateImageRequest(req, res, next);
+    await validateImageRequest(req, res, next);
     expect(res.status).toHaveBeenCalledWith(403);
     expect(res.send).toHaveBeenCalledWith('Access Denied');
   });
 
-  test('should return 403 for invalid ObjectId format', () => {
+  test('should return 403 for invalid ObjectId format', async () => {
     const validToken = jwt.sign(
       { id: validObjectId, exp: Math.floor(Date.now() / 1000) + 3600 },
       process.env.JWT_REFRESH_SECRET,
     );
     req.headers.cookie = `refreshToken=${validToken}`;
     req.originalUrl = '/images/123/example.jpg'; // Invalid ObjectId
-    validateImageRequest(req, res, next);
+    await validateImageRequest(req, res, next);
     expect(res.status).toHaveBeenCalledWith(403);
     expect(res.send).toHaveBeenCalledWith('Access Denied');
   });
 
   // File traversal tests
-  test('should prevent file traversal attempts', () => {
+  test('should prevent file traversal attempts', async () => {
     const validToken = jwt.sign(
       { id: validObjectId, exp: Math.floor(Date.now() / 1000) + 3600 },
       process.env.JWT_REFRESH_SECRET,
@@ -103,23 +115,23 @@ describe('validateImageRequest middleware', () => {
       `/images/${validObjectId}/%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd`,
     ];
 
-    traversalAttempts.forEach((attempt) => {
+    for (const attempt of traversalAttempts) {
       req.originalUrl = attempt;
-      validateImageRequest(req, res, next);
+      await validateImageRequest(req, res, next);
       expect(res.status).toHaveBeenCalledWith(403);
       expect(res.send).toHaveBeenCalledWith('Access Denied');
       jest.clearAllMocks();
-    });
+    }
   });
 
-  test('should handle URL encoded characters in valid paths', () => {
+  test('should handle URL encoded characters in valid paths', async () => {
     const validToken = jwt.sign(
       { id: validObjectId, exp: Math.floor(Date.now() / 1000) + 3600 },
       process.env.JWT_REFRESH_SECRET,
     );
     req.headers.cookie = `refreshToken=${validToken}`;
     req.originalUrl = `/images/${validObjectId}/image%20with%20spaces.jpg`;
-    validateImageRequest(req, res, next);
+    await validateImageRequest(req, res, next);
     expect(next).toHaveBeenCalled();
   });
 });

api/server/middleware/validateImageRequest.js

@@ -1,6 +1,7 @@
 const cookies = require('cookie');
 const jwt = require('jsonwebtoken');
-const { logger } = require('~/config');
+const { logger } = require('@librechat/data-schemas');
+const { getAppConfig } = require('~/server/services/Config/app');
 
 const OBJECT_ID_LENGTH = 24;
 const OBJECT_ID_PATTERN = /^[0-9a-f]{24}$/i;
@@ -24,8 +25,9 @@ function isValidObjectId(id) {
  * Middleware to validate image request.
  * Must be set by `secureImageLinks` via custom config file.
  */
-function validateImageRequest(req, res, next) {
-  if (!req.app.locals.secureImageLinks) {
+async function validateImageRequest(req, res, next) {
+  const appConfig = await getAppConfig({ role: req.user?.role });
+  if (!appConfig.secureImageLinks) {
     return next();
   }
 

api/server/routes/__tests__/mcp.spec.js

@@ -1,7 +1,7 @@
-const express = require('express');
+const { MongoMemoryServer } = require('mongodb-memory-server');
 const request = require('supertest');
 const mongoose = require('mongoose');
-const { MongoMemoryServer } = require('mongodb-memory-server');
+const express = require('express');
 
 jest.mock('@librechat/api', () => ({
   MCPOAuthHandler: {
@@ -494,12 +494,9 @@ describe('MCP Routes', () => {
     });
 
     it('should return 500 when token retrieval throws an unexpected error', async () => {
-      const mockFlowManager = {
-        getFlowState: jest.fn().mockRejectedValue(new Error('Database connection failed')),
-      };
-
-      getLogStores.mockReturnValue({});
-      require('~/config').getFlowStateManager.mockReturnValue(mockFlowManager);
+      getLogStores.mockImplementation(() => {
+        throw new Error('Database connection failed');
+      });
 
       const response = await request(app).get('/api/mcp/oauth/tokens/test-user-id:error-flow');
 
@@ -563,8 +560,8 @@ describe('MCP Routes', () => {
   });
 
   describe('POST /oauth/cancel/:serverName', () => {
-    const { getLogStores } = require('~/cache');
     const { MCPOAuthHandler } = require('@librechat/api');
+    const { getLogStores } = require('~/cache');
 
     it('should cancel OAuth flow successfully', async () => {
       const mockFlowManager = {
@@ -644,15 +641,15 @@ describe('MCP Routes', () => {
   });
 
   describe('POST /:serverName/reinitialize', () => {
-    const { loadCustomConfig } = require('~/server/services/Config');
-    const { getUserPluginAuthValue } = require('~/server/services/PluginService');
-
     it('should return 404 when server is not found in configuration', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'other-server': {},
-        },
-      });
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockReturnValue(null),
+        disconnectUserConnection: jest.fn().mockResolvedValue(),
+      };
+
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
+      require('~/config').getFlowStateManager.mockReturnValue({});
+      require('~/cache').getLogStores.mockReturnValue({});
 
       const response = await request(app).post('/api/mcp/non-existent-server/reinitialize');
 
@@ -663,16 +660,11 @@ describe('MCP Routes', () => {
     });
 
     it('should handle OAuth requirement during reinitialize', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'oauth-server': {
-            customUserVars: {},
-          },
-        },
-      });
-
       const mockMcpManager = {
-        disconnectServer: jest.fn().mockResolvedValue(),
+        getRawConfig: jest.fn().mockReturnValue({
+          customUserVars: {},
+        }),
+        disconnectUserConnection: jest.fn().mockResolvedValue(),
         mcpConfigs: {},
         getUserConnection: jest.fn().mockImplementation(async ({ oauthStart }) => {
           if (oauthStart) {
@@ -690,7 +682,7 @@ describe('MCP Routes', () => {
 
       expect(response.status).toBe(200);
       expect(response.body).toEqual({
-        success: 'https://oauth.example.com/auth',
+        success: true,
         message: "MCP server 'oauth-server' ready for OAuth authentication",
         serverName: 'oauth-server',
         oauthRequired: true,
@@ -699,14 +691,9 @@ describe('MCP Routes', () => {
     });
 
     it('should return 500 when reinitialize fails with non-OAuth error', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'error-server': {},
-        },
-      });
-
       const mockMcpManager = {
-        disconnectServer: jest.fn().mockResolvedValue(),
+        getRawConfig: jest.fn().mockReturnValue({}),
+        disconnectUserConnection: jest.fn().mockResolvedValue(),
         mcpConfigs: {},
         getUserConnection: jest.fn().mockRejectedValue(new Error('Connection failed')),
       };
@@ -724,7 +711,13 @@ describe('MCP Routes', () => {
     });
 
     it('should return 500 when unexpected error occurs', async () => {
-      loadCustomConfig.mockRejectedValue(new Error('Config loading failed'));
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockImplementation(() => {
+          throw new Error('Config loading failed');
+        }),
+      };
+
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
 
       const response = await request(app).post('/api/mcp/test-server/reinitialize');
 
@@ -747,29 +740,17 @@ describe('MCP Routes', () => {
       expect(response.body).toEqual({ error: 'User not authenticated' });
     });
 
-    it('should handle errors when fetching custom user variables', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': {
-            customUserVars: {
-              API_KEY: 'test-key-var',
-              SECRET_TOKEN: 'test-secret-var',
-            },
-          },
-        },
-      });
-
-      getUserPluginAuthValue
-        .mockResolvedValueOnce('test-api-key-value')
-        .mockRejectedValueOnce(new Error('Database error'));
-
+    it('should successfully reinitialize server and cache tools', async () => {
       const mockUserConnection = {
-        fetchTools: jest.fn().mockResolvedValue([]),
+        fetchTools: jest.fn().mockResolvedValue([
+          { name: 'tool1', description: 'Test tool 1', inputSchema: { type: 'object' } },
+          { name: 'tool2', description: 'Test tool 2', inputSchema: { type: 'object' } },
+        ]),
       };
 
       const mockMcpManager = {
-        disconnectServer: jest.fn().mockResolvedValue(),
-        mcpConfigs: {},
+        getRawConfig: jest.fn().mockReturnValue({ endpoint: 'http://test-server.com' }),
+        disconnectUserConnection: jest.fn().mockResolvedValue(),
         getUserConnection: jest.fn().mockResolvedValue(mockUserConnection),
       };
 
@@ -784,38 +765,54 @@ describe('MCP Routes', () => {
       const response = await request(app).post('/api/mcp/test-server/reinitialize');
 
       expect(response.status).toBe(200);
-      expect(response.body.success).toBe(true);
+      expect(response.body).toEqual({
+        success: true,
+        message: "MCP server 'test-server' reinitialized successfully",
+        serverName: 'test-server',
+        oauthRequired: false,
+        oauthUrl: null,
+      });
+      expect(mockMcpManager.disconnectUserConnection).toHaveBeenCalledWith(
+        'test-user-id',
+        'test-server',
+      );
+      expect(setCachedTools).toHaveBeenCalled();
     });
 
-    it('should return failure message when reinitialize completely fails', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': {},
-        },
-      });
+    it('should handle server with custom user variables', async () => {
+      const mockUserConnection = {
+        fetchTools: jest.fn().mockResolvedValue([]),
+      };
 
       const mockMcpManager = {
-        disconnectServer: jest.fn().mockResolvedValue(),
-        mcpConfigs: {},
-        getUserConnection: jest.fn().mockResolvedValue(null),
+        getRawConfig: jest.fn().mockReturnValue({
+          endpoint: 'http://test-server.com',
+          customUserVars: {
+            API_KEY: 'some-env-var',
+          },
+        }),
+        disconnectUserConnection: jest.fn().mockResolvedValue(),
+        getUserConnection: jest.fn().mockResolvedValue(mockUserConnection),
       };
 
       require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
       require('~/config').getFlowStateManager.mockReturnValue({});
       require('~/cache').getLogStores.mockReturnValue({});
+      require('~/server/services/PluginService').getUserPluginAuthValue.mockResolvedValue(
+        'api-key-value',
+      );
 
       const { getCachedTools, setCachedTools } = require('~/server/services/Config');
-      const { Constants } = require('librechat-data-provider');
-      getCachedTools.mockResolvedValue({
-        [`existing-tool${Constants.mcp_delimiter}test-server`]: { type: 'function' },
-      });
+      getCachedTools.mockResolvedValue({});
       setCachedTools.mockResolvedValue();
 
       const response = await request(app).post('/api/mcp/test-server/reinitialize');
 
       expect(response.status).toBe(200);
-      expect(response.body.success).toBe(false);
-      expect(response.body.message).toBe("Failed to reinitialize MCP server 'test-server'");
+      expect(response.body.success).toBe(true);
+      expect(
+        require('~/server/services/PluginService').getUserPluginAuthValue,
+      ).toHaveBeenCalledWith('test-user-id', 'API_KEY', false);
     });
   });
 
@@ -984,21 +981,19 @@ describe('MCP Routes', () => {
   });
 
   describe('GET /:serverName/auth-values', () => {
-    const { loadCustomConfig } = require('~/server/services/Config');
     const { getUserPluginAuthValue } = require('~/server/services/PluginService');
 
     it('should return auth value flags for server', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': {
-            customUserVars: {
-              API_KEY: 'some-env-var',
-              SECRET_TOKEN: 'another-env-var',
-            },
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockReturnValue({
+          customUserVars: {
+            API_KEY: 'some-env-var',
+            SECRET_TOKEN: 'another-env-var',
           },
-        },
-      });
+        }),
+      };
 
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
       getUserPluginAuthValue.mockResolvedValueOnce('some-api-key-value').mockResolvedValueOnce('');
 
       const response = await request(app).get('/api/mcp/test-server/auth-values');
@@ -1017,11 +1012,11 @@ describe('MCP Routes', () => {
     });
 
     it('should return 404 when server is not found in configuration', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'other-server': {},
-        },
-      });
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockReturnValue(null),
+      };
+
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
 
       const response = await request(app).get('/api/mcp/non-existent-server/auth-values');
 
@@ -1032,16 +1027,15 @@ describe('MCP Routes', () => {
     });
 
     it('should handle errors when checking auth values', async () => {
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': {
-            customUserVars: {
-              API_KEY: 'some-env-var',
-            },
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockReturnValue({
+          customUserVars: {
+            API_KEY: 'some-env-var',
           },
-        },
-      });
+        }),
+      };
 
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
       getUserPluginAuthValue.mockRejectedValue(new Error('Database error'));
 
       const response = await request(app).get('/api/mcp/test-server/auth-values');
@@ -1057,7 +1051,13 @@ describe('MCP Routes', () => {
     });
 
     it('should return 500 when auth values check throws unexpected error', async () => {
-      loadCustomConfig.mockRejectedValue(new Error('Config loading failed'));
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockImplementation(() => {
+          throw new Error('Config loading failed');
+        }),
+      };
+
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
 
       const response = await request(app).get('/api/mcp/test-server/auth-values');
 
@@ -1066,14 +1066,13 @@ describe('MCP Routes', () => {
     });
 
     it('should handle customUserVars that is not an object', async () => {
-      const { loadCustomConfig } = require('~/server/services/Config');
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': {
-            customUserVars: 'not-an-object',
-          },
-        },
-      });
+      const mockMcpManager = {
+        getRawConfig: jest.fn().mockReturnValue({
+          customUserVars: 'not-an-object',
+        }),
+      };
+
+      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
 
       const response = await request(app).get('/api/mcp/test-server/auth-values');
 
@@ -1097,98 +1096,6 @@ describe('MCP Routes', () => {
     });
   });
 
-  describe('POST /:serverName/reinitialize - Tool Deletion Coverage', () => {
-    it('should handle null cached tools during reinitialize (triggers || {} fallback)', async () => {
-      const { loadCustomConfig, getCachedTools } = require('~/server/services/Config');
-
-      const mockUserConnection = {
-        fetchTools: jest.fn().mockResolvedValue([{ name: 'new-tool', description: 'A new tool' }]),
-      };
-
-      const mockMcpManager = {
-        getUserConnection: jest.fn().mockResolvedValue(mockUserConnection),
-        disconnectServer: jest.fn(),
-        initializeServer: jest.fn(),
-        mcpConfigs: {},
-      };
-      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
-
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': { env: { API_KEY: 'test-key' } },
-        },
-      });
-
-      getCachedTools.mockResolvedValue(null);
-
-      const response = await request(app).post('/api/mcp/test-server/reinitialize').expect(200);
-
-      expect(response.body).toEqual({
-        message: "MCP server 'test-server' reinitialized successfully",
-        success: true,
-        oauthRequired: false,
-        oauthUrl: null,
-        serverName: 'test-server',
-      });
-    });
-
-    it('should delete existing cached tools during successful reinitialize', async () => {
-      const {
-        loadCustomConfig,
-        getCachedTools,
-        setCachedTools,
-      } = require('~/server/services/Config');
-
-      const mockUserConnection = {
-        fetchTools: jest.fn().mockResolvedValue([{ name: 'new-tool', description: 'A new tool' }]),
-      };
-
-      const mockMcpManager = {
-        getUserConnection: jest.fn().mockResolvedValue(mockUserConnection),
-        disconnectServer: jest.fn(),
-        initializeServer: jest.fn(),
-        mcpConfigs: {},
-      };
-      require('~/config').getMCPManager.mockReturnValue(mockMcpManager);
-
-      loadCustomConfig.mockResolvedValue({
-        mcpServers: {
-          'test-server': { env: { API_KEY: 'test-key' } },
-        },
-      });
-
-      const existingTools = {
-        'old-tool_mcp_test-server': { type: 'function' },
-        'other-tool_mcp_other-server': { type: 'function' },
-      };
-      getCachedTools.mockResolvedValue(existingTools);
-
-      const response = await request(app).post('/api/mcp/test-server/reinitialize').expect(200);
-
-      expect(response.body).toEqual({
-        message: "MCP server 'test-server' reinitialized successfully",
-        success: true,
-        oauthRequired: false,
-        oauthUrl: null,
-        serverName: 'test-server',
-      });
-
-      expect(setCachedTools).toHaveBeenCalledWith(
-        expect.objectContaining({
-          'new-tool_mcp_test-server': expect.any(Object),
-          'other-tool_mcp_other-server': { type: 'function' },
-        }),
-        { userId: 'test-user-id' },
-      );
-      expect(setCachedTools).toHaveBeenCalledWith(
-        expect.not.objectContaining({
-          'old-tool_mcp_test-server': expect.anything(),
-        }),
-        { userId: 'test-user-id' },
-      );
-    });
-  });
-
   describe('GET /:serverName/oauth/callback - Edge Cases', () => {
     it('should handle OAuth callback without toolFlowId (falsy toolFlowId)', async () => {
       const { MCPOAuthHandler } = require('@librechat/api');

api/server/routes/agents/actions.js

@@ -16,6 +16,7 @@ const { getAgent, updateAgent, getListAgentsByAccess } = require('~/models/Agent
 const { updateAction, getActions, deleteAction } = require('~/models/Action');
 const { isActionDomainAllowed } = require('~/server/services/domains');
 const { canAccessAgentResource } = require('~/server/middleware');
+const { getAppConfig } = require('~/server/services/Config/app');
 const { getRoleByName } = require('~/models/Role');
 
 const router = express.Router();
@@ -83,7 +84,11 @@ router.post(
       }
 
       let metadata = await encryptMetadata(removeNullishValues(_metadata, true));
-      const isDomainAllowed = await isActionDomainAllowed(metadata.domain);
+      const appConfig = await getAppConfig({ role: req.user.role });
+      const isDomainAllowed = await isActionDomainAllowed(
+        metadata.domain,
+        appConfig?.actions?.allowedDomains,
+      );
       if (!isDomainAllowed) {
         return res.status(400).json({ message: 'Domain not allowed' });
       }

api/server/routes/assistants/actions.js

@@ -6,6 +6,7 @@ const { getOpenAIClient } = require('~/server/controllers/assistants/helpers');
 const { updateAction, getActions, deleteAction } = require('~/models/Action');
 const { updateAssistantDoc, getAssistant } = require('~/models/Assistant');
 const { isActionDomainAllowed } = require('~/server/services/domains');
+const { getAppConfig } = require('~/server/services/Config');
 const { logger } = require('~/config');
 
 const router = express.Router();
@@ -21,6 +22,7 @@ const router = express.Router();
  */
 router.post('/:assistant_id', async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     const { assistant_id } = req.params;
 
     /** @type {{ functions: FunctionTool[], action_id: string, metadata: ActionMetadata }} */
@@ -30,7 +32,10 @@ router.post('/:assistant_id', async (req, res) => {
     }
 
     let metadata = await encryptMetadata(removeNullishValues(_metadata, true));
-    const isDomainAllowed = await isActionDomainAllowed(metadata.domain);
+    const isDomainAllowed = await isActionDomainAllowed(
+      metadata.domain,
+      appConfig?.actions?.allowedDomains,
+    );
     if (!isDomainAllowed) {
       return res.status(400).json({ message: 'Domain not allowed' });
     }
@@ -125,7 +130,7 @@ router.post('/:assistant_id', async (req, res) => {
     }
 
     /* Map Azure OpenAI model to the assistant as defined by config */
-    if (req.app.locals[EModelEndpoint.azureOpenAI]?.assistants) {
+    if (appConfig.endpoints?.[EModelEndpoint.azureOpenAI]?.assistants) {
       updatedAssistant = {
         ...updatedAssistant,
         model: req.body.model,

api/server/routes/auth.js

@@ -1,75 +1,75 @@
 const express = require('express');
+const { createSetBalanceConfig } = require('@librechat/api');
 const {
-  refreshController,
-  registrationController,
-  resetPasswordController,
   resetPasswordRequestController,
+  resetPasswordController,
+  registrationController,
   graphTokenController,
+  refreshController,
 } = require('~/server/controllers/AuthController');
-const { loginController } = require('~/server/controllers/auth/LoginController');
-const { logoutController } = require('~/server/controllers/auth/LogoutController');
-const { verify2FAWithTempToken } = require('~/server/controllers/auth/TwoFactorAuthController');
 const {
+  regenerateBackupCodes,
+  disable2FA,
+  confirm2FA,
   enable2FA,
   verify2FA,
-  disable2FA,
-  regenerateBackupCodes,
-  confirm2FA,
 } = require('~/server/controllers/TwoFactorController');
-const {
-  checkBan,
-  logHeaders,
-  loginLimiter,
-  requireJwtAuth,
-  checkInviteUser,
-  registerLimiter,
-  requireLdapAuth,
-  setBalanceConfig,
-  requireLocalAuth,
-  resetPasswordLimiter,
-  validateRegistration,
-  validatePasswordReset,
-} = require('~/server/middleware');
+const { verify2FAWithTempToken } = require('~/server/controllers/auth/TwoFactorAuthController');
+const { logoutController } = require('~/server/controllers/auth/LogoutController');
+const { loginController } = require('~/server/controllers/auth/LoginController');
+const { getBalanceConfig } = require('~/server/services/Config');
+const middleware = require('~/server/middleware');
+const { Balance } = require('~/db/models');
+
+const setBalanceConfig = createSetBalanceConfig({
+  getBalanceConfig,
+  Balance,
+});
 
 const router = express.Router();
 
 const ldapAuth = !!process.env.LDAP_URL && !!process.env.LDAP_USER_SEARCH_BASE;
 //Local
-router.post('/logout', requireJwtAuth, logoutController);
+router.post('/logout', middleware.requireJwtAuth, logoutController);
 router.post(
   '/login',
-  logHeaders,
-  loginLimiter,
-  checkBan,
-  ldapAuth ? requireLdapAuth : requireLocalAuth,
+  middleware.logHeaders,
+  middleware.loginLimiter,
+  middleware.checkBan,
+  ldapAuth ? middleware.requireLdapAuth : middleware.requireLocalAuth,
   setBalanceConfig,
   loginController,
 );
 router.post('/refresh', refreshController);
 router.post(
   '/register',
-  registerLimiter,
-  checkBan,
-  checkInviteUser,
-  validateRegistration,
+  middleware.registerLimiter,
+  middleware.checkBan,
+  middleware.checkInviteUser,
+  middleware.validateRegistration,
   registrationController,
 );
 router.post(
   '/requestPasswordReset',
-  resetPasswordLimiter,
-  checkBan,
-  validatePasswordReset,
+  middleware.resetPasswordLimiter,
+  middleware.checkBan,
+  middleware.validatePasswordReset,
   resetPasswordRequestController,
 );
-router.post('/resetPassword', checkBan, validatePasswordReset, resetPasswordController);
+router.post(
+  '/resetPassword',
+  middleware.checkBan,
+  middleware.validatePasswordReset,
+  resetPasswordController,
+);
 
-router.get('/2fa/enable', requireJwtAuth, enable2FA);
-router.post('/2fa/verify', requireJwtAuth, verify2FA);
-router.post('/2fa/verify-temp', checkBan, verify2FAWithTempToken);
-router.post('/2fa/confirm', requireJwtAuth, confirm2FA);
-router.post('/2fa/disable', requireJwtAuth, disable2FA);
-router.post('/2fa/backup/regenerate', requireJwtAuth, regenerateBackupCodes);
+router.get('/2fa/enable', middleware.requireJwtAuth, enable2FA);
+router.post('/2fa/verify', middleware.requireJwtAuth, verify2FA);
+router.post('/2fa/verify-temp', middleware.checkBan, verify2FAWithTempToken);
+router.post('/2fa/confirm', middleware.requireJwtAuth, confirm2FA);
+router.post('/2fa/disable', middleware.requireJwtAuth, disable2FA);
+router.post('/2fa/backup/regenerate', middleware.requireJwtAuth, regenerateBackupCodes);
 
-router.get('/graph-token', requireJwtAuth, graphTokenController);
+router.get('/graph-token', middleware.requireJwtAuth, graphTokenController);
 
 module.exports = router;

api/server/routes/config.js

@@ -1,9 +1,14 @@
 const express = require('express');
 const { isEnabled } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
-const { CacheKeys, defaultSocialLogins, Constants } = require('librechat-data-provider');
-const { getCustomConfig } = require('~/server/services/Config/getCustomConfig');
+const {
+  Constants,
+  CacheKeys,
+  removeNullishValues,
+  defaultSocialLogins,
+} = require('librechat-data-provider');
 const { getLdapConfig } = require('~/server/services/Config/ldap');
+const { getAppConfig } = require('~/server/services/Config/app');
 const { getProjectByName } = require('~/models/Project');
 const { getMCPManager } = require('~/config');
 const { getLogStores } = require('~/cache');
@@ -43,6 +48,8 @@ router.get('/', async function (req, res) {
   const ldap = getLdapConfig();
 
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
+
     const isOpenIdEnabled =
       !!process.env.OPENID_CLIENT_ID &&
       !!process.env.OPENID_CLIENT_SECRET &&
@@ -58,7 +65,7 @@ router.get('/', async function (req, res) {
     /** @type {TStartupConfig} */
     const payload = {
       appTitle: process.env.APP_TITLE || 'LibreChat',
-      socialLogins: req.app.locals.socialLogins ?? defaultSocialLogins,
+      socialLogins: appConfig?.registration?.socialLogins ?? defaultSocialLogins,
       discordLoginEnabled: !!process.env.DISCORD_CLIENT_ID && !!process.env.DISCORD_CLIENT_SECRET,
       facebookLoginEnabled:
         !!process.env.FACEBOOK_CLIENT_ID && !!process.env.FACEBOOK_CLIENT_SECRET,
@@ -91,10 +98,10 @@ router.get('/', async function (req, res) {
         isEnabled(process.env.SHOW_BIRTHDAY_ICON) ||
         process.env.SHOW_BIRTHDAY_ICON === '',
       helpAndFaqURL: process.env.HELP_AND_FAQ_URL || 'https://librechat.ai',
-      interface: req.app.locals.interfaceConfig,
-      turnstile: req.app.locals.turnstileConfig,
-      modelSpecs: req.app.locals.modelSpecs,
-      balance: req.app.locals.balance,
+      interface: appConfig?.interfaceConfig,
+      turnstile: appConfig?.turnstileConfig,
+      modelSpecs: appConfig?.modelSpecs,
+      balance: appConfig?.balance,
       sharedLinksEnabled,
       publicSharedLinksEnabled,
       analyticsGtmId: process.env.ANALYTICS_GTM_ID,
@@ -109,24 +116,31 @@ router.get('/', async function (req, res) {
     };
 
     payload.mcpServers = {};
-    const config = await getCustomConfig();
-    if (config?.mcpServers != null) {
-      const mcpManager = getMCPManager();
-      const oauthServers = mcpManager.getOAuthServers();
-
-      for (const serverName in config.mcpServers) {
-        const serverConfig = config.mcpServers[serverName];
-        payload.mcpServers[serverName] = {
-          customUserVars: serverConfig?.customUserVars || {},
-          chatMenu: serverConfig?.chatMenu,
-          isOAuth: oauthServers.has(serverName),
-          startup: serverConfig?.startup,
-        };
+    const getMCPServers = () => {
+      try {
+        const mcpManager = getMCPManager();
+        if (!mcpManager) {
+          return;
+        }
+        const mcpServers = mcpManager.getAllServers();
+        if (!mcpServers) return;
+        const oauthServers = mcpManager.getOAuthServers();
+        for (const serverName in mcpServers) {
+          const serverConfig = mcpServers[serverName];
+          payload.mcpServers[serverName] = removeNullishValues({
+            startup: serverConfig?.startup,
+            chatMenu: serverConfig?.chatMenu,
+            isOAuth: oauthServers?.has(serverName),
+            customUserVars: serverConfig?.customUserVars,
+          });
+        }
+      } catch (error) {
+        logger.error('Error loading MCP servers', error);
       }
-    }
+    };
 
-    /** @type {TCustomConfig['webSearch']} */
-    const webSearchConfig = req.app.locals.webSearch;
+    getMCPServers();
+    const webSearchConfig = appConfig?.webSearch;
     if (
       webSearchConfig != null &&
       (webSearchConfig.searchProvider ||

api/server/routes/files/avatar.js

@@ -2,14 +2,16 @@ const fs = require('fs').promises;
 const express = require('express');
 const { getStrategyFunctions } = require('~/server/services/Files/strategies');
 const { resizeAvatar } = require('~/server/services/Files/images/avatar');
-const { filterFile } = require('~/server/services/Files/process');
 const { getFileStrategy } = require('~/server/utils/getFileStrategy');
+const { filterFile } = require('~/server/services/Files/process');
+const { getAppConfig } = require('~/server/services/Config');
 const { logger } = require('~/config');
 
 const router = express.Router();
 
 router.post('/', async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     filterFile({ req, file: req.file, image: true, isAvatar: true });
     const userId = req.user.id;
     const { manual } = req.body;
@@ -19,8 +21,8 @@ router.post('/', async (req, res) => {
       throw new Error('User ID is undefined');
     }
 
-    const fileStrategy = getFileStrategy(req.app.locals, { isAvatar: true });
-    const desiredFormat = req.app.locals.imageOutputType;
+    const fileStrategy = getFileStrategy(appConfig, { isAvatar: true });
+    const desiredFormat = appConfig.imageOutputType;
     const resizedBuffer = await resizeAvatar({
       userId,
       input,
@@ -39,7 +41,7 @@ router.post('/', async (req, res) => {
     try {
       await fs.unlink(req.file.path);
       logger.debug('[/files/images/avatar] Temp. image upload file deleted');
-    } catch (error) {
+    } catch {
       logger.debug('[/files/images/avatar] Temp. image upload file already deleted');
     }
   }

api/server/routes/files/files.js

@@ -26,6 +26,7 @@ const { loadAuthValues } = require('~/server/services/Tools/credentials');
 const { refreshS3FileUrls } = require('~/server/services/Files/S3/crud');
 const { hasAccessToFilesViaAgent } = require('~/server/services/Files');
 const { getFiles, batchUpdateFiles } = require('~/models/File');
+const { getAppConfig } = require('~/server/services/Config');
 const { cleanFileName } = require('~/server/utils/files');
 const { getAssistant } = require('~/models/Assistant');
 const { getAgent } = require('~/models/Agent');
@@ -36,8 +37,9 @@ const router = express.Router();
 
 router.get('/', async (req, res) => {
   try {
+    const appConfig = await getAppConfig({ role: req.user?.role });
     const files = await getFiles({ user: req.user.id });
-    if (req.app.locals.fileStrategy === FileSources.s3) {
+    if (appConfig.fileStrategy === FileSources.s3) {
       try {
         const cache = getLogStores(CacheKeys.S3_EXPIRY_INTERVAL);
         const alreadyChecked = await cache.get(req.user.id);
@@ -114,7 +116,8 @@ router.get('/agent/:agent_id', async (req, res) => {
 
 router.get('/config', async (req, res) => {
   try {
-    res.status(200).json(req.app.locals.fileConfig);
+    const appConfig = await getAppConfig({ role: req.user?.role });
+    res.status(200).json(appConfig.fileConfig);
   } catch (error) {
     logger.error('[/files] Error getting fileConfig', error);
     res.status(400).json({ message: 'Error in request', error: error.message });

api/server/routes/files/images.js

@@ -7,11 +7,13 @@ const {
   processImageFile,
   processAgentFileUpload,
 } = require('~/server/services/Files/process');
+const { getAppConfig } = require('~/server/services/Config');
 const { logger } = require('~/config');
 
 const router = express.Router();
 
 router.post('/', async (req, res) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   const metadata = req.body;
 
   try {
@@ -30,7 +32,7 @@ router.post('/', async (req, res) => {
     logger.error('[/files/images] Error processing file:', error);
     try {
       const filepath = path.join(
-        req.app.locals.paths.imageOutput,
+        appConfig.paths.imageOutput,
         req.user.id,
         path.basename(req.file.filename),
       );
@@ -43,7 +45,7 @@ router.post('/', async (req, res) => {
     try {
       await fs.unlink(req.file.path);
       logger.debug('[/files/images] Temp. image upload file deleted');
-    } catch (error) {
+    } catch {
       logger.debug('[/files/images] Temp. image upload file already deleted');
     }
   }

api/server/routes/files/multer.js

@@ -4,15 +4,21 @@ const crypto = require('crypto');
 const multer = require('multer');
 const { sanitizeFilename } = require('@librechat/api');
 const { fileConfig: defaultFileConfig, mergeFileConfig } = require('librechat-data-provider');
-const { getCustomConfig } = require('~/server/services/Config');
+const { getAppConfig } = require('~/server/services/Config');
 
 const storage = multer.diskStorage({
   destination: function (req, file, cb) {
-    const outputPath = path.join(req.app.locals.paths.uploads, 'temp', req.user.id);
-    if (!fs.existsSync(outputPath)) {
-      fs.mkdirSync(outputPath, { recursive: true });
-    }
-    cb(null, outputPath);
+    getAppConfig({ role: req.user?.role })
+      .then((appConfig) => {
+        const outputPath = path.join(appConfig.paths.uploads, 'temp', req.user.id);
+        if (!fs.existsSync(outputPath)) {
+          fs.mkdirSync(outputPath, { recursive: true });
+        }
+        cb(null, outputPath);
+      })
+      .catch((error) => {
+        cb(error);
+      });
   },
   filename: function (req, file, cb) {
     req.file_id = crypto.randomUUID();
@@ -68,8 +74,8 @@ const createFileFilter = (customFileConfig) => {
 };
 
 const createMulterInstance = async () => {
-  const customConfig = await getCustomConfig();
-  const fileConfig = mergeFileConfig(customConfig?.fileConfig);
+  const appConfig = await getAppConfig();
+  const fileConfig = mergeFileConfig(appConfig?.fileConfig);
   const fileFilter = createFileFilter(fileConfig);
   return multer({
     storage,

api/server/routes/files/multer.spec.js

@@ -8,21 +8,7 @@ const { createMulterInstance, storage, importFileFilter } = require('./multer');
 
 // Mock only the config service that requires external dependencies
 jest.mock('~/server/services/Config', () => ({
-  getCustomConfig: jest.fn(() =>
-    Promise.resolve({
-      fileConfig: {
-        endpoints: {
-          openAI: {
-            supportedMimeTypes: ['image/jpeg', 'image/png', 'application/pdf'],
-          },
-          default: {
-            supportedMimeTypes: ['image/jpeg', 'image/png', 'text/plain'],
-          },
-        },
-        serverFileSizeLimit: 10000000, // 10MB
-      },
-    }),
-  ),
+  getAppConfig: jest.fn(),
 }));
 
 describe('Multer Configuration', () => {
@@ -36,13 +22,6 @@ describe('Multer Configuration', () => {
 
     mockReq = {
       user: { id: 'test-user-123' },
-      app: {
-        locals: {
-          paths: {
-            uploads: tempDir,
-          },
-        },
-      },
       body: {},
       originalUrl: '/api/files/upload',
     };
@@ -53,6 +32,14 @@ describe('Multer Configuration', () => {
       size: 1024,
     };
 
+    // Mock getAppConfig to return paths
+    const { getAppConfig } = require('~/server/services/Config');
+    getAppConfig.mockResolvedValue({
+      paths: {
+        uploads: tempDir,
+      },
+    });
+
     // Clear mocks
     jest.clearAllMocks();
   });
@@ -79,7 +66,12 @@ describe('Multer Configuration', () => {
 
       it("should create directory recursively if it doesn't exist", (done) => {
         const deepPath = path.join(tempDir, 'deep', 'nested', 'path');
-        mockReq.app.locals.paths.uploads = deepPath;
+        const { getAppConfig } = require('~/server/services/Config');
+        getAppConfig.mockResolvedValue({
+          paths: {
+            uploads: deepPath,
+          },
+        });
 
         const cb = jest.fn((err, destination) => {
           expect(err).toBeNull();
@@ -331,11 +323,11 @@ describe('Multer Configuration', () => {
     });
 
     it('should use real config merging', async () => {
-      const { getCustomConfig } = require('~/server/services/Config');
+      const { getAppConfig } = require('~/server/services/Config');
 
       const multerInstance = await createMulterInstance();
 
-      expect(getCustomConfig).toHaveBeenCalled();
+      expect(getAppConfig).toHaveBeenCalled();
       expect(multerInstance).toBeDefined();
     });
 
@@ -465,23 +457,24 @@ describe('Multer Configuration', () => {
     it('should handle file system errors when directory creation fails', (done) => {
       // Test with a non-existent parent directory to simulate fs issues
       const invalidPath = '/nonexistent/path/that/should/not/exist';
-      mockReq.app.locals.paths.uploads = invalidPath;
+      const { getAppConfig } = require('~/server/services/Config');
+      getAppConfig.mockResolvedValue({
+        paths: {
+          uploads: invalidPath,
+        },
+      });
 
-      try {
-        // Call getDestination which should fail due to permission/path issues
-        storage.getDestination(mockReq, mockFile, (err, destination) => {
-          // If callback is reached, we didn't get the expected error
-          done(new Error('Expected mkdirSync to throw an error but callback was called'));
-        });
-        // If we get here without throwing, something unexpected happened
-        done(new Error('Expected mkdirSync to throw an error but no error was thrown'));
-      } catch (error) {
+      // Call getDestination which should fail due to permission/path issues
+      storage.getDestination(mockReq, mockFile, (err, destination) => {
+        // Now we expect the error to be passed to the callback
+        expect(err).toBeDefined();
         // This is the expected behavior - mkdirSync throws synchronously for invalid paths
         // On Linux, this typically returns EACCES (permission denied)
         // On macOS/Darwin, this returns ENOENT (no such file or directory)
-        expect(['EACCES', 'ENOENT']).toContain(error.code);
+        expect(['EACCES', 'ENOENT']).toContain(err.code);
+        expect(destination).toBeUndefined();
         done();
-      }
+      });
     });
 
     it('should handle malformed filenames with real sanitization', (done) => {
@@ -538,10 +531,10 @@ describe('Multer Configuration', () => {
 
   describe('Real Configuration Testing', () => {
     it('should handle missing custom config gracefully with real mergeFileConfig', async () => {
-      const { getCustomConfig } = require('~/server/services/Config');
+      const { getAppConfig } = require('~/server/services/Config');
 
-      // Mock getCustomConfig to return undefined
-      getCustomConfig.mockResolvedValueOnce(undefined);
+      // Mock getAppConfig to return undefined
+      getAppConfig.mockResolvedValueOnce(undefined);
 
       const multerInstance = await createMulterInstance();
       expect(multerInstance).toBeDefined();
@@ -549,25 +542,28 @@ describe('Multer Configuration', () => {
     });
 
     it('should properly integrate real fileConfig with custom endpoints', async () => {
-      const { getCustomConfig } = require('~/server/services/Config');
+      const { getAppConfig } = require('~/server/services/Config');
 
-      // Mock a custom config with additional endpoints
-      getCustomConfig.mockResolvedValueOnce({
+      // Mock appConfig with fileConfig
+      getAppConfig.mockResolvedValueOnce({
+        paths: {
+          uploads: tempDir,
+        },
         fileConfig: {
           endpoints: {
             anthropic: {
               supportedMimeTypes: ['text/plain', 'image/png'],
             },
           },
-          serverFileSizeLimit: 20, // 20 MB
+          serverFileSizeLimit: 20971520, // 20 MB in bytes (mergeFileConfig converts)
         },
       });
 
       const multerInstance = await createMulterInstance();
       expect(multerInstance).toBeDefined();
 
-      // Verify that getCustomConfig was called (we can't spy on the actual merge function easily)
-      expect(getCustomConfig).toHaveBeenCalled();
+      // Verify that getAppConfig was called
+      expect(getAppConfig).toHaveBeenCalled();
     });
   });
 });

api/server/routes/mcp.js

@@ -1,11 +1,11 @@
-const { Router } = require('express');
 const { logger } = require('@librechat/data-schemas');
 const { MCPOAuthHandler } = require('@librechat/api');
-const { CacheKeys, Constants } = require('librechat-data-provider');
-const { findToken, updateToken, createToken, deleteTokens } = require('~/models');
-const { setCachedTools, getCachedTools, loadCustomConfig } = require('~/server/services/Config');
+const { Router } = require('express');
 const { getMCPSetupData, getServerConnectionStatus } = require('~/server/services/MCP');
+const { findToken, updateToken, createToken, deleteTokens } = require('~/models');
+const { setCachedTools, getCachedTools } = require('~/server/services/Config');
 const { getUserPluginAuthValue } = require('~/server/services/PluginService');
+const { CacheKeys, Constants } = require('librechat-data-provider');
 const { getMCPManager, getFlowStateManager } = require('~/config');
 const { requireJwtAuth } = require('~/server/middleware');
 const { getLogStores } = require('~/cache');
@@ -315,9 +315,9 @@ router.post('/:serverName/reinitialize', requireJwtAuth, async (req, res) => {
 
     logger.info(`[MCP Reinitialize] Reinitializing server: ${serverName}`);
 
-    const printConfig = false;
-    const config = await loadCustomConfig(printConfig);
-    if (!config || !config.mcpServers || !config.mcpServers[serverName]) {
+    const mcpManager = getMCPManager();
+    const serverConfig = mcpManager.getRawConfig(serverName);
+    if (!serverConfig) {
       return res.status(404).json({
         error: `MCP server '${serverName}' not found in configuration`,
       });
@@ -325,13 +325,12 @@ router.post('/:serverName/reinitialize', requireJwtAuth, async (req, res) => {
 
     const flowsCache = getLogStores(CacheKeys.FLOWS);
     const flowManager = getFlowStateManager(flowsCache);
-    const mcpManager = getMCPManager();
 
-    await mcpManager.disconnectServer(serverName);
-    logger.info(`[MCP Reinitialize] Disconnected existing server: ${serverName}`);
+    await mcpManager.disconnectUserConnection(user.id, serverName);
+    logger.info(
+      `[MCP Reinitialize] Disconnected existing user connection for server: ${serverName}`,
+    );
 
-    const serverConfig = config.mcpServers[serverName];
-    mcpManager.mcpConfigs[serverName] = serverConfig;
     let customUserVars = {};
     if (serverConfig.customUserVars && typeof serverConfig.customUserVars === 'object') {
       for (const varName of Object.keys(serverConfig.customUserVars)) {
@@ -437,7 +436,7 @@ router.post('/:serverName/reinitialize', requireJwtAuth, async (req, res) => {
     };
 
     res.json({
-      success: (userConnection && !oauthRequired) || (oauthRequired && oauthUrl),
+      success: Boolean((userConnection && !oauthRequired) || (oauthRequired && oauthUrl)),
       message: getResponseMessage(),
       serverName,
       oauthRequired,
@@ -551,15 +550,14 @@ router.get('/:serverName/auth-values', requireJwtAuth, async (req, res) => {
       return res.status(401).json({ error: 'User not authenticated' });
     }
 
-    const printConfig = false;
-    const config = await loadCustomConfig(printConfig);
-    if (!config || !config.mcpServers || !config.mcpServers[serverName]) {
+    const mcpManager = getMCPManager();
+    const serverConfig = mcpManager.getRawConfig(serverName);
+    if (!serverConfig) {
       return res.status(404).json({
         error: `MCP server '${serverName}' not found in configuration`,
       });
     }
 
-    const serverConfig = config.mcpServers[serverName];
     const pluginKey = `${Constants.mcp_prefix}${serverName}`;
     const authValueFlags = {};
 

api/server/routes/memories.js

@@ -8,6 +8,7 @@ const {
   deleteMemory,
   setMemory,
 } = require('~/models');
+const { getAppConfig } = require('~/server/services/Config');
 const { requireJwtAuth } = require('~/server/middleware');
 const { getRoleByName } = require('~/models/Role');
 
@@ -60,7 +61,8 @@ router.get('/', checkMemoryRead, async (req, res) => {
       return sum + (memory.tokenCount || 0);
     }, 0);
 
-    const memoryConfig = req.app.locals?.memory;
+    const appConfig = await getAppConfig({ role: req.user?.role });
+    const memoryConfig = appConfig?.memory;
     const tokenLimit = memoryConfig?.tokenLimit;
     const charLimit = memoryConfig?.charLimit || 10000;
 
@@ -98,7 +100,8 @@ router.post('/', memoryPayloadLimit, checkMemoryCreate, async (req, res) => {
     return res.status(400).json({ error: 'Value is required and must be a non-empty string.' });
   }
 
-  const memoryConfig = req.app.locals?.memory;
+  const appConfig = await getAppConfig({ role: req.user?.role });
+  const memoryConfig = appConfig?.memory;
   const charLimit = memoryConfig?.charLimit || 10000;
 
   if (key.length > 1000) {
@@ -117,6 +120,9 @@ router.post('/', memoryPayloadLimit, checkMemoryCreate, async (req, res) => {
     const tokenCount = Tokenizer.getTokenCount(value, 'o200k_base');
 
     const memories = await getAllUserMemories(req.user.id);
+
+    const appConfig = await getAppConfig({ role: req.user?.role });
+    const memoryConfig = appConfig?.memory;
     const tokenLimit = memoryConfig?.tokenLimit;
 
     if (tokenLimit) {
@@ -200,8 +206,8 @@ router.patch('/:key', memoryPayloadLimit, checkMemoryUpdate, async (req, res) =>
   }
 
   const newKey = bodyKey || urlKey;
-
-  const memoryConfig = req.app.locals?.memory;
+  const appConfig = await getAppConfig({ role: req.user?.role });
+  const memoryConfig = appConfig?.memory;
   const charLimit = memoryConfig?.charLimit || 10000;
 
   if (newKey.length > 1000) {

api/server/routes/oauth.js

@@ -1,19 +1,20 @@
 // file deepcode ignore NoRateLimitingForLogin: Rate limiting is handled by the `loginLimiter` middleware
 const express = require('express');
 const passport = require('passport');
-const { isEnabled } = require('@librechat/api');
 const { randomState } = require('openid-client');
 const { logger } = require('@librechat/data-schemas');
 const { ErrorTypes } = require('librechat-data-provider');
-const {
-  checkBan,
-  logHeaders,
-  loginLimiter,
-  setBalanceConfig,
-  checkDomainAllowed,
-} = require('~/server/middleware');
+const { isEnabled, createSetBalanceConfig } = require('@librechat/api');
+const { checkDomainAllowed, loginLimiter, logHeaders, checkBan } = require('~/server/middleware');
 const { syncUserEntraGroupMemberships } = require('~/server/services/PermissionService');
 const { setAuthTokens, setOpenIDAuthTokens } = require('~/server/services/AuthService');
+const { getBalanceConfig } = require('~/server/services/Config');
+const { Balance } = require('~/db/models');
+
+const setBalanceConfig = createSetBalanceConfig({
+  getBalanceConfig,
+  Balance,
+});
 
 const router = express.Router();
 

api/server/routes/prompts.test.js

@@ -14,7 +14,6 @@ const {
 // Mock modules before importing
 jest.mock('~/server/services/Config', () => ({
   getCachedTools: jest.fn().mockResolvedValue({}),
-  getCustomConfig: jest.fn(),
 }));
 
 jest.mock('~/models/Role', () => ({

api/server/services/ActionService.spec.js

@@ -1,10 +1,7 @@
-const { Constants, EModelEndpoint, actionDomainSeparator } = require('librechat-data-provider');
+const { Constants, actionDomainSeparator } = require('librechat-data-provider');
 const { domainParser } = require('./ActionService');
 
 jest.mock('keyv');
-jest.mock('~/server/services/Config', () => ({
-  getCustomConfig: jest.fn(),
-}));
 
 const globalCache = {};
 jest.mock('~/cache/getLogStores', () => {
@@ -53,26 +50,6 @@ jest.mock('~/cache/getLogStores', () => {
 });
 
 describe('domainParser', () => {
-  const req = {
-    app: {
-      locals: {
-        [EModelEndpoint.azureOpenAI]: {
-          assistants: true,
-        },
-      },
-    },
-  };
-
-  const reqNoAzure = {
-    app: {
-      locals: {
-        [EModelEndpoint.azureOpenAI]: {
-          assistants: false,
-        },
-      },
-    },
-  };
-
   const TLD = '.com';
 
   // Non-azure request

api/server/services/AppService.interface.spec.js

@@ -1,15 +1,4 @@
-jest.mock('~/models', () => ({
-  initializeRoles: jest.fn(),
-  seedDefaultRoles: jest.fn(),
-  ensureDefaultCategories: jest.fn(),
-}));
-jest.mock('~/models/Role', () => ({
-  updateAccessPermissions: jest.fn(),
-  getRoleByName: jest.fn().mockResolvedValue(null),
-  updateRoleByName: jest.fn(),
-}));
-
-jest.mock('~/config', () => ({
+jest.mock('@librechat/data-schemas', () => ({
   logger: {
     info: jest.fn(),
     warn: jest.fn(),
@@ -17,11 +6,11 @@ jest.mock('~/config', () => ({
   },
 }));
 
-jest.mock('./Config/loadCustomConfig', () => jest.fn());
-jest.mock('./start/interface', () => ({
+jest.mock('@librechat/api', () => ({
+  ...jest.requireActual('@librechat/api'),
   loadDefaultInterface: jest.fn(),
 }));
-jest.mock('./ToolService', () => ({
+jest.mock('./start/tools', () => ({
   loadAndFormatTools: jest.fn().mockReturnValue({}),
 }));
 jest.mock('./start/checks', () => ({
@@ -32,15 +21,15 @@ jest.mock('./start/checks', () => ({
   checkWebSearchConfig: jest.fn(),
 }));
 
+jest.mock('./Config/loadCustomConfig', () => jest.fn());
+
 const AppService = require('./AppService');
-const { loadDefaultInterface } = require('./start/interface');
+const { loadDefaultInterface } = require('@librechat/api');
 
 describe('AppService interface configuration', () => {
-  let app;
   let mockLoadCustomConfig;
 
   beforeEach(() => {
-    app = { locals: {} };
     jest.resetModules();
     jest.clearAllMocks();
     mockLoadCustomConfig = require('./Config/loadCustomConfig');
@@ -50,10 +39,16 @@ describe('AppService interface configuration', () => {
     mockLoadCustomConfig.mockResolvedValue({});
     loadDefaultInterface.mockResolvedValue({ prompts: true, bookmarks: true });
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.prompts).toBe(true);
-    expect(app.locals.interfaceConfig.bookmarks).toBe(true);
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.objectContaining({
+          prompts: true,
+          bookmarks: true,
+        }),
+      }),
+    );
     expect(loadDefaultInterface).toHaveBeenCalled();
   });
 
@@ -61,10 +56,16 @@ describe('AppService interface configuration', () => {
     mockLoadCustomConfig.mockResolvedValue({ interface: { prompts: false, bookmarks: false } });
     loadDefaultInterface.mockResolvedValue({ prompts: false, bookmarks: false });
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.prompts).toBe(false);
-    expect(app.locals.interfaceConfig.bookmarks).toBe(false);
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.objectContaining({
+          prompts: false,
+          bookmarks: false,
+        }),
+      }),
+    );
     expect(loadDefaultInterface).toHaveBeenCalled();
   });
 
@@ -72,10 +73,17 @@ describe('AppService interface configuration', () => {
     mockLoadCustomConfig.mockResolvedValue({});
     loadDefaultInterface.mockResolvedValue({});
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.prompts).toBeUndefined();
-    expect(app.locals.interfaceConfig.bookmarks).toBeUndefined();
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.anything(),
+      }),
+    );
+
+    // Verify that prompts and bookmarks are undefined when not provided
+    expect(result.interfaceConfig.prompts).toBeUndefined();
+    expect(result.interfaceConfig.bookmarks).toBeUndefined();
     expect(loadDefaultInterface).toHaveBeenCalled();
   });
 
@@ -83,10 +91,16 @@ describe('AppService interface configuration', () => {
     mockLoadCustomConfig.mockResolvedValue({ interface: { prompts: true, bookmarks: false } });
     loadDefaultInterface.mockResolvedValue({ prompts: true, bookmarks: false });
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.prompts).toBe(true);
-    expect(app.locals.interfaceConfig.bookmarks).toBe(false);
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.objectContaining({
+          prompts: true,
+          bookmarks: false,
+        }),
+      }),
+    );
     expect(loadDefaultInterface).toHaveBeenCalled();
   });
 
@@ -108,14 +122,19 @@ describe('AppService interface configuration', () => {
       },
     });
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.peoplePicker).toBeDefined();
-    expect(app.locals.interfaceConfig.peoplePicker).toMatchObject({
-      users: true,
-      groups: true,
-      roles: true,
-    });
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.objectContaining({
+          peoplePicker: expect.objectContaining({
+            users: true,
+            groups: true,
+            roles: true,
+          }),
+        }),
+      }),
+    );
     expect(loadDefaultInterface).toHaveBeenCalled();
   });
 
@@ -137,11 +156,19 @@ describe('AppService interface configuration', () => {
       },
     });
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.peoplePicker.users).toBe(true);
-    expect(app.locals.interfaceConfig.peoplePicker.groups).toBe(false);
-    expect(app.locals.interfaceConfig.peoplePicker.roles).toBe(true);
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.objectContaining({
+          peoplePicker: expect.objectContaining({
+            users: true,
+            groups: false,
+            roles: true,
+          }),
+        }),
+      }),
+    );
   });
 
   it('should set default peoplePicker permissions when not provided', async () => {
@@ -154,11 +181,18 @@ describe('AppService interface configuration', () => {
       },
     });
 
-    await AppService(app);
+    const result = await AppService();
 
-    expect(app.locals.interfaceConfig.peoplePicker).toBeDefined();
-    expect(app.locals.interfaceConfig.peoplePicker.users).toBe(true);
-    expect(app.locals.interfaceConfig.peoplePicker.groups).toBe(true);
-    expect(app.locals.interfaceConfig.peoplePicker.roles).toBe(true);
+    expect(result).toEqual(
+      expect.objectContaining({
+        interfaceConfig: expect.objectContaining({
+          peoplePicker: expect.objectContaining({
+            users: true,
+            groups: true,
+            roles: true,
+          }),
+        }),
+      }),
+    );
   });
 });

api/server/services/AppService.js

@@ -1,4 +1,10 @@
-const { loadMemoryConfig, agentsConfigSetup, loadWebSearchConfig } = require('@librechat/api');
+const {
+  isEnabled,
+  loadMemoryConfig,
+  agentsConfigSetup,
+  loadWebSearchConfig,
+  loadDefaultInterface,
+} = require('@librechat/api');
 const {
   FileSources,
   loadOCRConfig,
@@ -6,37 +12,27 @@ const {
   getConfigDefaults,
 } = require('librechat-data-provider');
 const {
+  checkWebSearchConfig,
+  checkVariables,
   checkHealth,
   checkConfig,
-  checkVariables,
-  checkAzureVariables,
-  checkWebSearchConfig,
 } = require('./start/checks');
-const { azureAssistantsDefaults, assistantsConfigSetup } = require('./start/assistants');
 const { initializeAzureBlobService } = require('./Files/Azure/initialize');
 const { initializeFirebase } = require('./Files/Firebase/initialize');
-const { seedDefaultRoles, initializeRoles, ensureDefaultCategories } = require('~/models');
-const loadCustomConfig = require('./Config/loadCustomConfig');
 const handleRateLimits = require('./Config/handleRateLimits');
-const { loadDefaultInterface } = require('./start/interface');
+const loadCustomConfig = require('./Config/loadCustomConfig');
 const { loadTurnstileConfig } = require('./start/turnstile');
-const { azureConfigSetup } = require('./start/azureOpenAI');
 const { processModelSpecs } = require('./start/modelSpecs');
 const { initializeS3 } = require('./Files/S3/initialize');
-const { loadAndFormatTools } = require('./ToolService');
-const { isEnabled } = require('~/server/utils');
-const { setCachedTools } = require('./Config');
+const { loadAndFormatTools } = require('./start/tools');
+const { loadEndpoints } = require('./start/endpoints');
 const paths = require('~/config/paths');
 
 /**
  * Loads custom config and initializes app-wide variables.
  * @function AppService
- * @param {Express.Application} app - The Express application object.
  */
-const AppService = async (app) => {
-  await initializeRoles();
-  await seedDefaultRoles();
-  await ensureDefaultCategories();
+const AppService = async () => {
   /** @type {TCustomConfig} */
   const config = (await loadCustomConfig()) ?? {};
   const configDefaults = getConfigDefaults();
@@ -75,101 +71,57 @@ const AppService = async (app) => {
     directory: paths.structuredTools,
   });
 
-  await setCachedTools(availableTools, { isGlobal: true });
-
-  // Store MCP config for later initialization
   const mcpConfig = config.mcpServers || null;
-
-  const socialLogins =
-    config?.registration?.socialLogins ?? configDefaults?.registration?.socialLogins;
-  const interfaceConfig = await loadDefaultInterface(config, configDefaults);
+  const registration = config.registration ?? configDefaults.registration;
+  const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
   const turnstileConfig = loadTurnstileConfig(config, configDefaults);
+  const speech = config.speech;
 
-  const defaultLocals = {
-    config,
+  const defaultConfig = {
     ocr,
     paths,
+    config,
     memory,
+    speech,
+    balance,
+    mcpConfig,
     webSearch,
     fileStrategy,
-    socialLogins,
+    registration,
     filteredTools,
     includedTools,
+    availableTools,
     imageOutputType,
     interfaceConfig,
     turnstileConfig,
-    balance,
-    mcpConfig,
+    fileStrategies: config.fileStrategies,
   };
 
   const agentsDefaults = agentsConfigSetup(config);
 
   if (!Object.keys(config).length) {
-    app.locals = {
-      ...defaultLocals,
-      [EModelEndpoint.agents]: agentsDefaults,
+    const appConfig = {
+      ...defaultConfig,
+      endpoints: {
+        [EModelEndpoint.agents]: agentsDefaults,
+      },
     };
-    return;
+    return appConfig;
   }
 
   checkConfig(config);
   handleRateLimits(config?.rateLimits);
+  const loadedEndpoints = loadEndpoints(config, agentsDefaults);
 
-  const endpointLocals = {};
-  const endpoints = config?.endpoints;
-
-  if (endpoints?.[EModelEndpoint.azureOpenAI]) {
-    endpointLocals[EModelEndpoint.azureOpenAI] = azureConfigSetup(config);
-    checkAzureVariables();
-  }
-
-  if (endpoints?.[EModelEndpoint.azureOpenAI]?.assistants) {
-    endpointLocals[EModelEndpoint.azureAssistants] = azureAssistantsDefaults();
-  }
-
-  if (endpoints?.[EModelEndpoint.azureAssistants]) {
-    endpointLocals[EModelEndpoint.azureAssistants] = assistantsConfigSetup(
-      config,
-      EModelEndpoint.azureAssistants,
-      endpointLocals[EModelEndpoint.azureAssistants],
-    );
-  }
-
-  if (endpoints?.[EModelEndpoint.assistants]) {
-    endpointLocals[EModelEndpoint.assistants] = assistantsConfigSetup(
-      config,
-      EModelEndpoint.assistants,
-      endpointLocals[EModelEndpoint.assistants],
-    );
-  }
-
-  endpointLocals[EModelEndpoint.agents] = agentsConfigSetup(config, agentsDefaults);
-
-  const endpointKeys = [
-    EModelEndpoint.openAI,
-    EModelEndpoint.google,
-    EModelEndpoint.bedrock,
-    EModelEndpoint.anthropic,
-    EModelEndpoint.gptPlugins,
-  ];
-
-  endpointKeys.forEach((key) => {
-    if (endpoints?.[key]) {
-      endpointLocals[key] = endpoints[key];
-    }
-  });
-
-  if (endpoints?.all) {
-    endpointLocals.all = endpoints.all;
-  }
-
-  app.locals = {
-    ...defaultLocals,
+  const appConfig = {
+    ...defaultConfig,
     fileConfig: config?.fileConfig,
     secureImageLinks: config?.secureImageLinks,
-    modelSpecs: processModelSpecs(endpoints, config.modelSpecs, interfaceConfig),
-    ...endpointLocals,
+    modelSpecs: processModelSpecs(config?.endpoints, config.modelSpecs, interfaceConfig),
+    endpoints: loadedEndpoints,
   };
+
+  return appConfig;
 };
 
 module.exports = AppService;

api/server/services/AssistantService.js

@@ -16,6 +16,7 @@ const { retrieveAndProcessFile } = require('~/server/services/Files/process');
 const { processRequiredActions } = require('~/server/services/ToolService');
 const { RunManager, waitForRun } = require('~/server/services/Runs');
 const { processMessages } = require('~/server/services/Threads');
+const { getAppConfig } = require('~/server/services/Config');
 const { createOnProgress } = require('~/server/utils');
 const { TextStream } = require('~/app/clients');
 
@@ -350,6 +351,7 @@ async function runAssistant({
   accumulatedMessages = [],
   in_progress: inProgress,
 }) {
+  const appConfig = await getAppConfig({ role: openai.req.user?.role });
   let steps = accumulatedSteps;
   let messages = accumulatedMessages;
   const in_progress = inProgress ?? createInProgressHandler(openai, thread_id, messages);
@@ -396,8 +398,8 @@ async function runAssistant({
   });
 
   const { endpoint = EModelEndpoint.azureAssistants } = openai.req.body;
-  /** @type {TCustomConfig.endpoints.assistants} */
-  const assistantsEndpointConfig = openai.req.app.locals?.[endpoint] ?? {};
+  /** @type {AppConfig['endpoints']['assistants']} */
+  const assistantsEndpointConfig = appConfig.endpoints?.[endpoint] ?? {};
   const { pollIntervalMs, timeoutMs } = assistantsEndpointConfig;
 
   const run = await waitForRun({

api/server/services/AuthService.js

@@ -1,8 +1,8 @@
 const bcrypt = require('bcryptjs');
 const jwt = require('jsonwebtoken');
 const { webcrypto } = require('node:crypto');
-const { isEnabled } = require('@librechat/api');
 const { logger } = require('@librechat/data-schemas');
+const { isEnabled, checkEmailConfig } = require('@librechat/api');
 const { SystemRoles, errorsToString } = require('librechat-data-provider');
 const {
   findUser,
@@ -21,9 +21,9 @@ const {
   generateRefreshToken,
 } = require('~/models');
 const { isEmailDomainAllowed } = require('~/server/services/domains');
-const { checkEmailConfig, sendEmail } = require('~/server/utils');
-const { getBalanceConfig } = require('~/server/services/Config');
 const { registerSchema } = require('~/strategies/validators');
+const { getAppConfig } = require('~/server/services/Config');
+const { sendEmail } = require('~/server/utils');
 
 const domains = {
   client: process.env.DOMAIN_CLIENT,
@@ -195,7 +195,8 @@ const registerUser = async (user, additionalData = {}) => {
       return { status: 200, message: genericVerificationMessage };
     }
 
-    if (!(await isEmailDomainAllowed(email))) {
+    const appConfig = await getAppConfig({ role: user.role });
+    if (!(await isEmailDomainAllowed(email, appConfig?.registration?.allowedDomains))) {
       const errorMessage =
         'The email address provided cannot be used. Please use a different email address.';
       logger.error(`[registerUser] [Registration not allowed] [Email: ${user.email}]`);
@@ -219,9 +220,8 @@ const registerUser = async (user, additionalData = {}) => {
 
     const emailEnabled = checkEmailConfig();
     const disableTTL = isEnabled(process.env.ALLOW_UNVERIFIED_EMAIL_LOGIN);
-    const balanceConfig = await getBalanceConfig();
 
-    const newUser = await createUser(newUserData, balanceConfig, disableTTL, true);
+    const newUser = await createUser(newUserData, appConfig.balance, disableTTL, true);
     newUserId = newUser._id;
     if (emailEnabled && !newUser.emailVerified) {
       await sendVerificationEmail({

api/server/services/Config/app.js

@@ -0,0 +1,68 @@
+const { logger } = require('@librechat/data-schemas');
+const { CacheKeys } = require('librechat-data-provider');
+const AppService = require('~/server/services/AppService');
+const { setCachedTools } = require('./getCachedTools');
+const getLogStores = require('~/cache/getLogStores');
+
+/**
+ * Get the app configuration based on user context
+ * @param {Object} [options]
+ * @param {string} [options.role] - User role for role-based config
+ * @param {boolean} [options.refresh] - Force refresh the cache
+ * @returns {Promise<AppConfig>}
+ */
+async function getAppConfig(options = {}) {
+  const { role, refresh } = options;
+
+  const cache = getLogStores(CacheKeys.CONFIG_STORE);
+  const cacheKey = role ? `${CacheKeys.APP_CONFIG}:${role}` : CacheKeys.APP_CONFIG;
+
+  if (!refresh) {
+    const cached = await cache.get(cacheKey);
+    if (cached) {
+      return cached;
+    }
+  }
+
+  let baseConfig = await cache.get(CacheKeys.APP_CONFIG);
+  if (!baseConfig) {
+    logger.info('[getAppConfig] App configuration not initialized. Initializing AppService...');
+    baseConfig = await AppService();
+
+    if (!baseConfig) {
+      throw new Error('Failed to initialize app configuration through AppService.');
+    }
+
+    if (baseConfig.availableTools) {
+      await setCachedTools(baseConfig.availableTools, { isGlobal: true });
+    }
+
+    await cache.set(CacheKeys.APP_CONFIG, baseConfig);
+  }
+
+  // For now, return the base config
+  // In the future, this is where we'll apply role-based modifications
+  if (role) {
+    // TODO: Apply role-based config modifications
+    // const roleConfig = await applyRoleBasedConfig(baseConfig, role);
+    // await cache.set(cacheKey, roleConfig);
+    // return roleConfig;
+  }
+
+  return baseConfig;
+}
+
+/**
+ * Clear the app configuration cache
+ * @returns {Promise<boolean>}
+ */
+async function clearAppConfigCache() {
+  const cache = getLogStores(CacheKeys.CONFIG_STORE);
+  const cacheKey = CacheKeys.APP_CONFIG;
+  return await cache.delete(cacheKey);
+}
+
+module.exports = {
+  getAppConfig,
+  clearAppConfigCache,
+};

api/server/services/Config/getCustomConfig.js

@@ -1,96 +0,0 @@
-const { logger } = require('@librechat/data-schemas');
-const { isEnabled, getUserMCPAuthMap } = require('@librechat/api');
-const { CacheKeys, EModelEndpoint } = require('librechat-data-provider');
-const { normalizeEndpointName } = require('~/server/utils');
-const loadCustomConfig = require('./loadCustomConfig');
-const getLogStores = require('~/cache/getLogStores');
-
-/**
- * Retrieves the configuration object
- * @function getCustomConfig
- * @returns {Promise<TCustomConfig | null>}
- * */
-async function getCustomConfig() {
-  const cache = getLogStores(CacheKeys.STATIC_CONFIG);
-  return (await cache.get(CacheKeys.LIBRECHAT_YAML_CONFIG)) || (await loadCustomConfig());
-}
-
-/**
- * Retrieves the configuration object
- * @function getBalanceConfig
- * @returns {Promise<TCustomConfig['balance'] | null>}
- * */
-async function getBalanceConfig() {
-  const isLegacyEnabled = isEnabled(process.env.CHECK_BALANCE);
-  const startBalance = process.env.START_BALANCE;
-  /** @type {TCustomConfig['balance']} */
-  const config = {
-    enabled: isLegacyEnabled,
-    startBalance: startBalance != null && startBalance ? parseInt(startBalance, 10) : undefined,
-  };
-  const customConfig = await getCustomConfig();
-  if (!customConfig) {
-    return config;
-  }
-  return { ...config, ...(customConfig?.['balance'] ?? {}) };
-}
-
-/**
- *
- * @param {string | EModelEndpoint} endpoint
- * @returns {Promise<TEndpoint | undefined>}
- */
-const getCustomEndpointConfig = async (endpoint) => {
-  const customConfig = await getCustomConfig();
-  if (!customConfig) {
-    throw new Error(`Config not found for the ${endpoint} custom endpoint.`);
-  }
-
-  const { endpoints = {} } = customConfig;
-  const customEndpoints = endpoints[EModelEndpoint.custom] ?? [];
-  return customEndpoints.find(
-    (endpointConfig) => normalizeEndpointName(endpointConfig.name) === endpoint,
-  );
-};
-
-/**
- * @param {Object} params
- * @param {string} params.userId
- * @param {GenericTool[]} [params.tools]
- * @param {import('@librechat/data-schemas').PluginAuthMethods['findPluginAuthsByKeys']} params.findPluginAuthsByKeys
- * @returns {Promise<Record<string, Record<string, string>> | undefined>}
- */
-async function getMCPAuthMap({ userId, tools, findPluginAuthsByKeys }) {
-  try {
-    if (!tools || tools.length === 0) {
-      return;
-    }
-    return await getUserMCPAuthMap({
-      tools,
-      userId,
-      findPluginAuthsByKeys,
-    });
-  } catch (err) {
-    logger.error(
-      `[api/server/controllers/agents/client.js #chatCompletion] Error getting custom user vars for agent`,
-      err,
-    );
-  }
-}
-
-/**
- * @returns {Promise<boolean>}
- */
-async function hasCustomUserVars() {
-  const customConfig = await getCustomConfig();
-  const mcpServers = customConfig?.mcpServers;
-  return Object.values(mcpServers ?? {}).some((server) => server.customUserVars);
-}
-
-module.exports = {
-  getMCPAuthMap,
-  getCustomConfig,
-  getBalanceConfig,
-  hasCustomUserVars,
-  getCustomEndpointConfig,
-};

api/server/services/Config/getEndpointsConfig.js

@@ -1,3 +1,4 @@
+const { loadCustomEndpointsConfig } = require('@librechat/api');
 const {
   CacheKeys,
   EModelEndpoint,
@@ -6,8 +7,8 @@ const {
   defaultAgentCapabilities,
 } = require('librechat-data-provider');
 const loadDefaultEndpointsConfig = require('./loadDefaultEConfig');
-const loadConfigEndpoints = require('./loadConfigEndpoints');
 const getLogStores = require('~/cache/getLogStores');
+const { getAppConfig } = require('./app');
 
 /**
  *
@@ -21,14 +22,36 @@ async function getEndpointsConfig(req) {
     return cachedEndpointsConfig;
   }
 
-  const defaultEndpointsConfig = await loadDefaultEndpointsConfig(req);
-  const customConfigEndpoints = await loadConfigEndpoints(req);
+  const appConfig = await getAppConfig({ role: req.user?.role });
+  const defaultEndpointsConfig = await loadDefaultEndpointsConfig(appConfig);
+  const customEndpointsConfig = loadCustomEndpointsConfig(appConfig?.endpoints?.custom);
 
   /** @type {TEndpointsConfig} */
-  const mergedConfig = { ...defaultEndpointsConfig, ...customConfigEndpoints };
-  if (mergedConfig[EModelEndpoint.assistants] && req.app.locals?.[EModelEndpoint.assistants]) {
+  const mergedConfig = {
+    ...defaultEndpointsConfig,
+    ...customEndpointsConfig,
+  };
+
+  if (appConfig.endpoints?.[EModelEndpoint.azureOpenAI]) {
+    /** @type {Omit<TConfig, 'order'>} */
+    mergedConfig[EModelEndpoint.azureOpenAI] = {
+      userProvide: false,
+    };
+  }
+
+  if (appConfig.endpoints?.[EModelEndpoint.azureOpenAI]?.assistants) {
+    /** @type {Omit<TConfig, 'order'>} */
+    mergedConfig[EModelEndpoint.azureAssistants] = {
+      userProvide: false,
+    };
+  }
+
+  if (
+    mergedConfig[EModelEndpoint.assistants] &&
+    appConfig?.endpoints?.[EModelEndpoint.assistants]
+  ) {
     const { disableBuilder, retrievalModels, capabilities, version, ..._rest } =
-      req.app.locals[EModelEndpoint.assistants];
+      appConfig.endpoints[EModelEndpoint.assistants];
 
     mergedConfig[EModelEndpoint.assistants] = {
       ...mergedConfig[EModelEndpoint.assistants],
@@ -38,9 +61,9 @@ async function getEndpointsConfig(req) {
       capabilities,
     };
   }
-  if (mergedConfig[EModelEndpoint.agents] && req.app.locals?.[EModelEndpoint.agents]) {
+  if (mergedConfig[EModelEndpoint.agents] && appConfig?.endpoints?.[EModelEndpoint.agents]) {
     const { disableBuilder, capabilities, allowedProviders, ..._rest } =
-      req.app.locals[EModelEndpoint.agents];
+      appConfig.endpoints[EModelEndpoint.agents];
 
     mergedConfig[EModelEndpoint.agents] = {
       ...mergedConfig[EModelEndpoint.agents],
@@ -52,10 +75,10 @@ async function getEndpointsConfig(req) {
 
   if (
     mergedConfig[EModelEndpoint.azureAssistants] &&
-    req.app.locals?.[EModelEndpoint.azureAssistants]
+    appConfig?.endpoints?.[EModelEndpoint.azureAssistants]
   ) {
     const { disableBuilder, retrievalModels, capabilities, version, ..._rest } =
-      req.app.locals[EModelEndpoint.azureAssistants];
+      appConfig.endpoints[EModelEndpoint.azureAssistants];
 
     mergedConfig[EModelEndpoint.azureAssistants] = {
       ...mergedConfig[EModelEndpoint.azureAssistants],
@@ -66,8 +89,8 @@ async function getEndpointsConfig(req) {
     };
   }
 
-  if (mergedConfig[EModelEndpoint.bedrock] && req.app.locals?.[EModelEndpoint.bedrock]) {
-    const { availableRegions } = req.app.locals[EModelEndpoint.bedrock];
+  if (mergedConfig[EModelEndpoint.bedrock] && appConfig?.endpoints?.[EModelEndpoint.bedrock]) {
+    const { availableRegions } = appConfig.endpoints[EModelEndpoint.bedrock];
     mergedConfig[EModelEndpoint.bedrock] = {
       ...mergedConfig[EModelEndpoint.bedrock],
       availableRegions,

api/server/services/Config/index.js

@@ -1,6 +1,6 @@
+const appConfig = require('./app');
 const { config } = require('./EndpointService');
 const getCachedTools = require('./getCachedTools');
-const getCustomConfig = require('./getCustomConfig');
 const loadCustomConfig = require('./loadCustomConfig');
 const loadConfigModels = require('./loadConfigModels');
 const loadDefaultModels = require('./loadDefaultModels');
@@ -15,7 +15,7 @@ module.exports = {
   loadDefaultModels,
   loadOverrideConfig,
   loadAsyncEndpoints,
+  ...appConfig,
   ...getCachedTools,
-  ...getCustomConfig,
   ...getEndpointsConfig,
 };

api/server/services/Config/loadAsyncEndpoints.js

@@ -1,16 +1,16 @@
 const path = require('path');
 const { logger } = require('@librechat/data-schemas');
-const { loadServiceKey, isUserProvided } = require('@librechat/api');
 const { EModelEndpoint } = require('librechat-data-provider');
+const { loadServiceKey, isUserProvided } = require('@librechat/api');
 const { config } = require('./EndpointService');
 
 const { openAIApiKey, azureOpenAIApiKey, useAzurePlugins, userProvidedOpenAI, googleKey } = config;
 
 /**
  * Load async endpoints and return a configuration object
- * @param {Express.Request} req - The request object
+ * @param {AppConfig} [appConfig] - The app configuration object
  */
-async function loadAsyncEndpoints(req) {
+async function loadAsyncEndpoints(appConfig) {
   let serviceKey, googleUserProvides;
 
   /** Check if GOOGLE_KEY is provided at all(including 'user_provided') */
@@ -34,7 +34,7 @@ async function loadAsyncEndpoints(req) {
 
   const google = serviceKey || isGoogleKeyProvided ? { userProvide: googleUserProvides } : false;
 
-  const useAzure = req.app.locals[EModelEndpoint.azureOpenAI]?.plugins;
+  const useAzure = !!appConfig?.endpoints?.[EModelEndpoint.azureOpenAI]?.plugins;
   const gptPlugins =
     useAzure || openAIApiKey || azureOpenAIApiKey
       ? {

api/server/services/Config/loadConfigEndpoints.js

@@ -1,73 +0,0 @@
-const { EModelEndpoint, extractEnvVariable } = require('librechat-data-provider');
-const { isUserProvided, normalizeEndpointName } = require('~/server/utils');
-const { getCustomConfig } = require('./getCustomConfig');
-
-/**
- * Load config endpoints from the cached configuration object
- * @param {Express.Request} req - The request object
- * @returns {Promise<TEndpointsConfig>} A promise that resolves to an object containing the endpoints configuration
- */
-async function loadConfigEndpoints(req) {
-  const customConfig = await getCustomConfig();
-
-  if (!customConfig) {
-    return {};
-  }
-
-  const { endpoints = {} } = customConfig ?? {};
-  const endpointsConfig = {};
-
-  if (Array.isArray(endpoints[EModelEndpoint.custom])) {
-    const customEndpoints = endpoints[EModelEndpoint.custom].filter(
-      (endpoint) =>
-        endpoint.baseURL &&
-        endpoint.apiKey &&
-        endpoint.name &&
-        endpoint.models &&
-        (endpoint.models.fetch || endpoint.models.default),
-    );
-
-    for (let i = 0; i < customEndpoints.length; i++) {
-      const endpoint = customEndpoints[i];
-      const {
-        baseURL,
-        apiKey,
-        name: configName,
-        iconURL,
-        modelDisplayLabel,
-        customParams,
-      } = endpoint;
-      const name = normalizeEndpointName(configName);
-
-      const resolvedApiKey = extractEnvVariable(apiKey);
-      const resolvedBaseURL = extractEnvVariable(baseURL);
-
-      endpointsConfig[name] = {
-        type: EModelEndpoint.custom,
-        userProvide: isUserProvided(resolvedApiKey),
-        userProvideURL: isUserProvided(resolvedBaseURL),
-        modelDisplayLabel,
-        iconURL,
-        customParams,
-      };
-    }
-  }
-
-  if (req.app.locals[EModelEndpoint.azureOpenAI]) {
-    /** @type {Omit<TConfig, 'order'>} */
-    endpointsConfig[EModelEndpoint.azureOpenAI] = {
-      userProvide: false,
-    };
-  }
-
-  if (req.app.locals[EModelEndpoint.azureOpenAI]?.assistants) {
-    /** @type {Omit<TConfig, 'order'>} */
-    endpointsConfig[EModelEndpoint.azureAssistants] = {
-      userProvide: false,
-    };
-  }
-
-  return endpointsConfig;
-}
-
-module.exports = loadConfigEndpoints;

api/server/services/Config/loadConfigModels.js

@@ -1,7 +1,7 @@
+const { isUserProvided, normalizeEndpointName } = require('@librechat/api');
 const { EModelEndpoint, extractEnvVariable } = require('librechat-data-provider');
-const { isUserProvided, normalizeEndpointName } = require('~/server/utils');
 const { fetchModels } = require('~/server/services/ModelService');
-const { getCustomConfig } = require('./getCustomConfig');
+const { getAppConfig } = require('./app');
 
 /**
  * Load config endpoints from the cached configuration object
@@ -9,35 +9,31 @@ const { getCustomConfig } = require('./getCustomConfig');
  * @param {Express.Request} req - The Express request object.
  */
 async function loadConfigModels(req) {
-  const customConfig = await getCustomConfig();
-
-  if (!customConfig) {
+  const appConfig = await getAppConfig({ role: req.user?.role });
+  if (!appConfig) {
     return {};
   }
-
-  const { endpoints = {} } = customConfig ?? {};
   const modelsConfig = {};
-  const azureEndpoint = endpoints[EModelEndpoint.azureOpenAI];
-  const azureConfig = req.app.locals[EModelEndpoint.azureOpenAI];
+  const azureConfig = appConfig.endpoints?.[EModelEndpoint.azureOpenAI];
   const { modelNames } = azureConfig ?? {};
 
-  if (modelNames && azureEndpoint) {
+  if (modelNames && azureConfig) {
     modelsConfig[EModelEndpoint.azureOpenAI] = modelNames;
   }
 
-  if (modelNames && azureEndpoint && azureEndpoint.plugins) {
+  if (modelNames && azureConfig && azureConfig.plugins) {
     modelsConfig[EModelEndpoint.gptPlugins] = modelNames;
   }
 
-  if (azureEndpoint?.assistants && azureConfig.assistantModels) {
+  if (azureConfig?.assistants && azureConfig.assistantModels) {
     modelsConfig[EModelEndpoint.azureAssistants] = azureConfig.assistantModels;
   }
 
-  if (!Array.isArray(endpoints[EModelEndpoint.custom])) {
+  if (!Array.isArray(appConfig.endpoints?.[EModelEndpoint.custom])) {
     return modelsConfig;
   }
 
-  const customEndpoints = endpoints[EModelEndpoint.custom].filter(
+  const customEndpoints = appConfig.endpoints[EModelEndpoint.custom].filter(
     (endpoint) =>
       endpoint.baseURL &&
       endpoint.apiKey &&

api/server/services/Config/loadConfigModels.spec.js

@@ -1,9 +1,9 @@
 const { fetchModels } = require('~/server/services/ModelService');
-const { getCustomConfig } = require('./getCustomConfig');
 const loadConfigModels = require('./loadConfigModels');
+const { getAppConfig } = require('./app');
 
 jest.mock('~/server/services/ModelService');
-jest.mock('./getCustomConfig');
+jest.mock('./app');
 
 const exampleConfig = {
   endpoints: {
@@ -60,7 +60,7 @@ const exampleConfig = {
 };
 
 describe('loadConfigModels', () => {
-  const mockRequest = { app: { locals: {} }, user: { id: 'testUserId' } };
+  const mockRequest = { user: { id: 'testUserId' } };
 
   const originalEnv = process.env;
 
@@ -68,6 +68,9 @@ describe('loadConfigModels', () => {
     jest.resetAllMocks();
     jest.resetModules();
     process.env = { ...originalEnv };
+
+    // Default mock for getAppConfig
+    getAppConfig.mockResolvedValue({});
   });
 
   afterEach(() => {
@@ -75,18 +78,15 @@ describe('loadConfigModels', () => {
   });
 
   it('should return an empty object if customConfig is null', async () => {
-    getCustomConfig.mockResolvedValue(null);
+    getAppConfig.mockResolvedValue(null);
     const result = await loadConfigModels(mockRequest);
     expect(result).toEqual({});
   });
 
   it('handles azure models and endpoint correctly', async () => {
-    mockRequest.app.locals.azureOpenAI = { modelNames: ['model1', 'model2'] };
-    getCustomConfig.mockResolvedValue({
+    getAppConfig.mockResolvedValue({
       endpoints: {
-        azureOpenAI: {
-          models: ['model1', 'model2'],
-        },
+        azureOpenAI: { modelNames: ['model1', 'model2'] },
       },
     });
 
@@ -97,18 +97,16 @@ describe('loadConfigModels', () => {
   it('fetches custom models based on the unique key', async () => {
     process.env.BASE_URL = 'http://example.com';
     process.env.API_KEY = 'some-api-key';
-    const customEndpoints = {
-      custom: [
-        {
-          baseURL: '${BASE_URL}',
-          apiKey: '${API_KEY}',
-          name: 'CustomModel',
-          models: { fetch: true },
-        },
-      ],
-    };
+    const customEndpoints = [
+      {
+        baseURL: '${BASE_URL}',
+        apiKey: '${API_KEY}',
+        name: 'CustomModel',
+        models: { fetch: true },
+      },
+    ];
 
-    getCustomConfig.mockResolvedValue({ endpoints: customEndpoints });
+    getAppConfig.mockResolvedValue({ endpoints: { custom: customEndpoints } });
     fetchModels.mockResolvedValue(['customModel1', 'customModel2']);
 
     const result = await loadConfigModels(mockRequest);
@@ -117,7 +115,7 @@ describe('loadConfigModels', () => {
   });
 
   it('correctly associates models to names using unique keys', async () => {
-    getCustomConfig.mockResolvedValue({
+    getAppConfig.mockResolvedValue({
       endpoints: {
         custom: [
           {
@@ -146,7 +144,7 @@ describe('loadConfigModels', () => {
 
   it('correctly handles multiple endpoints with the same baseURL but different apiKeys', async () => {
     // Mock the custom configuration to simulate the user's scenario
-    getCustomConfig.mockResolvedValue({
+    getAppConfig.mockResolvedValue({
       endpoints: {
         custom: [
           {
@@ -210,7 +208,7 @@ describe('loadConfigModels', () => {
     process.env.MY_OPENROUTER_API_KEY = 'actual_openrouter_api_key';
     // Setup custom configuration with specific API keys for Mistral and OpenRouter
     // and "user_provided" for groq and Ollama, indicating no fetch for the latter two
-    getCustomConfig.mockResolvedValue(exampleConfig);
+    getAppConfig.mockResolvedValue(exampleConfig);
 
     // Assuming fetchModels would be called only for Mistral and OpenRouter
     fetchModels.mockImplementation(({ name }) => {
@@ -273,7 +271,7 @@ describe('loadConfigModels', () => {
   });
 
   it('falls back to default models if fetching returns an empty array', async () => {
-    getCustomConfig.mockResolvedValue({
+    getAppConfig.mockResolvedValue({
       endpoints: {
         custom: [
           {
@@ -306,7 +304,7 @@ describe('loadConfigModels', () => {
   });
 
   it('falls back to default models if fetching returns a falsy value', async () => {
-    getCustomConfig.mockResolvedValue({
+    getAppConfig.mockResolvedValue({
       endpoints: {
         custom: [
           {
@@ -367,7 +365,7 @@ describe('loadConfigModels', () => {
       },
     ];
 
-    getCustomConfig.mockResolvedValue({
+    getAppConfig.mockResolvedValue({
       endpoints: {
         custom: testCases,
       },

api/server/services/Config/loadDefaultEConfig.js

@@ -4,11 +4,11 @@ const { config } = require('./EndpointService');
 
 /**
  * Load async endpoints and return a configuration object
- * @param {Express.Request} req - The request object
+ * @param {AppConfig} appConfig - The app configuration object
  * @returns {Promise<Object.<string, EndpointWithOrder>>} An object whose keys are endpoint names and values are objects that contain the endpoint configuration and an order.
  */
-async function loadDefaultEndpointsConfig(req) {
-  const { google, gptPlugins } = await loadAsyncEndpoints(req);
+async function loadDefaultEndpointsConfig(appConfig) {
+  const { google, gptPlugins } = await loadAsyncEndpoints(appConfig);
   const { assistants, azureAssistants, azureOpenAI, chatGPTBrowser } = config;
 
   const enabledEndpoints = getEnabledEndpoints();

api/server/services/Endpoints/agents/agent.js

@@ -16,6 +16,7 @@ const generateArtifactsPrompt = require('~/app/clients/prompts/artifacts');
 const { getProviderConfig } = require('~/server/services/Endpoints');
 const { processFiles } = require('~/server/services/Files/process');
 const { getFiles, getToolFilesByIds } = require('~/models/File');
+const { getAppConfig } = require('~/server/services/Config');
 const { getConvoFiles } = require('~/models/Conversation');
 const { getModelMaxTokens } = require('~/utils');
 
@@ -43,6 +44,7 @@ const initializeAgent = async ({
   allowedProviders,
   isInitialAgent = false,
 }) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   if (
     isAgentsEndpoint(endpointOption?.endpoint) &&
     allowedProviders.size > 0 &&
@@ -84,10 +86,11 @@ const initializeAgent = async ({
   const { attachments, tool_resources } = await primeResources({
     req,
     getFiles,
+    appConfig,
+    agentId: agent.id,
     attachments: currentFiles,
     tool_resources: agent.tool_resources,
     requestFileSet: new Set(requestFiles?.map((file) => file.file_id)),
-    agentId: agent.id,
   });
 
   const provider = agent.provider;
@@ -103,7 +106,7 @@ const initializeAgent = async ({
     })) ?? {};
 
   agent.endpoint = provider;
-  const { getOptions, overrideProvider } = await getProviderConfig(provider);
+  const { getOptions, overrideProvider } = getProviderConfig({ provider, appConfig });
   if (overrideProvider !== agent.provider) {
     agent.provider = overrideProvider;
   }

api/server/services/Endpoints/agents/initialize.js

@@ -1,6 +1,6 @@
 const { logger } = require('@librechat/data-schemas');
-const { validateAgentModel } = require('@librechat/api');
 const { createContentAggregator } = require('@librechat/agents');
+const { validateAgentModel, getCustomEndpointConfig } = require('@librechat/api');
 const {
   Constants,
   EModelEndpoint,
@@ -13,9 +13,9 @@ const {
 } = require('~/server/controllers/agents/callbacks');
 const { initializeAgent } = require('~/server/services/Endpoints/agents/agent');
 const { getModelsConfig } = require('~/server/controllers/ModelController');
-const { getCustomEndpointConfig } = require('~/server/services/Config');
 const { loadAgentTools } = require('~/server/services/ToolService');
 const AgentClient = require('~/server/controllers/agents/client');
+const { getAppConfig } = require('~/server/services/Config');
 const { getAgent } = require('~/models/Agent');
 const { logViolation } = require('~/cache');
 
@@ -50,6 +50,7 @@ const initializeClient = async ({ req, res, endpointOption }) => {
   if (!endpointOption) {
     throw new Error('Endpoint option not provided');
   }
+  const appConfig = await getAppConfig({ role: req.user?.role });
 
   // TODO: use endpointOption to determine options/modelOptions
   /** @type {Array<UsageMetadata>} */
@@ -89,8 +90,7 @@ const initializeClient = async ({ req, res, endpointOption }) => {
   }
 
   const agentConfigs = new Map();
-  /** @type {Set<string>} */
-  const allowedProviders = new Set(req?.app?.locals?.[EModelEndpoint.agents]?.allowedProviders);
+  const allowedProviders = new Set(appConfig?.endpoints?.[EModelEndpoint.agents]?.allowedProviders);
 
   const loadTools = createToolLoader();
   /** @type {Array<MongoFile>} */
@@ -144,10 +144,13 @@ const initializeClient = async ({ req, res, endpointOption }) => {
     }
   }
 
-  let endpointConfig = req.app.locals[primaryConfig.endpoint];
+  let endpointConfig = appConfig.endpoints?.[primaryConfig.endpoint];
   if (!isAgentsEndpoint(primaryConfig.endpoint) && !endpointConfig) {
     try {
-      endpointConfig = await getCustomEndpointConfig(primaryConfig.endpoint);
+      endpointConfig = getCustomEndpointConfig({
+        endpoint: primaryConfig.endpoint,
+        appConfig,
+      });
     } catch (err) {
       logger.error(
         '[api/server/controllers/agents/client.js #titleConvo] Error getting custom endpoint config',

api/server/services/Endpoints/anthropic/helpers.js

@@ -45,6 +45,10 @@ function getClaudeHeaders(model, supportsCacheControl) {
       'anthropic-beta':
         'token-efficient-tools-2025-02-19,output-128k-2025-02-19,prompt-caching-2024-07-31',
     };
+  } else if (/claude-sonnet-4/.test(model)) {
+    return {
+      'anthropic-beta': 'prompt-caching-2024-07-31,context-1m-2025-08-07',
+    };
   } else if (
     /claude-(?:sonnet|opus|haiku)-[4-9]/.test(model) ||
     /claude-[4-9]-(?:sonnet|opus|haiku)?/.test(model) ||

api/server/services/Endpoints/anthropic/initialize.js

@@ -2,8 +2,10 @@ const { EModelEndpoint } = require('librechat-data-provider');
 const { getUserKey, checkUserKeyExpiry } = require('~/server/services/UserService');
 const { getLLMConfig } = require('~/server/services/Endpoints/anthropic/llm');
 const AnthropicClient = require('~/app/clients/AnthropicClient');
+const { getAppConfig } = require('~/server/services/Config');
 
 const initializeClient = async ({ req, res, endpointOption, overrideModel, optionsOnly }) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   const { ANTHROPIC_API_KEY, ANTHROPIC_REVERSE_PROXY, PROXY } = process.env;
   const expiresAt = req.body.key;
   const isUserProvided = ANTHROPIC_API_KEY === 'user_provided';
@@ -23,15 +25,14 @@ const initializeClient = async ({ req, res, endpointOption, overrideModel, optio
   let clientOptions = {};
 
   /** @type {undefined | TBaseEndpoint} */
-  const anthropicConfig = req.app.locals[EModelEndpoint.anthropic];
+  const anthropicConfig = appConfig.endpoints?.[EModelEndpoint.anthropic];
 
   if (anthropicConfig) {
     clientOptions.streamRate = anthropicConfig.streamRate;
     clientOptions.titleModel = anthropicConfig.titleModel;
   }
 
-  /** @type {undefined | TBaseEndpoint} */
-  const allConfig = req.app.locals.all;
+  const allConfig = appConfig.endpoints?.all;
   if (allConfig) {
     clientOptions.streamRate = allConfig.streamRate;
   }

api/server/services/Endpoints/anthropic/llm.spec.js

@@ -1,50 +1,19 @@
-const { anthropicSettings, removeNullishValues } = require('librechat-data-provider');
 const { getLLMConfig } = require('~/server/services/Endpoints/anthropic/llm');
-const { checkPromptCacheSupport, getClaudeHeaders, configureReasoning } = require('./helpers');
 
 jest.mock('https-proxy-agent', () => ({
   HttpsProxyAgent: jest.fn().mockImplementation((proxy) => ({ proxy })),
 }));
 
-jest.mock('./helpers', () => ({
-  checkPromptCacheSupport: jest.fn(),
-  getClaudeHeaders: jest.fn(),
-  configureReasoning: jest.fn((requestOptions) => requestOptions),
-}));
-
-jest.mock('librechat-data-provider', () => ({
-  anthropicSettings: {
-    model: { default: 'claude-3-opus-20240229' },
-    maxOutputTokens: { default: 4096, reset: jest.fn(() => 4096) },
-    thinking: { default: false },
-    promptCache: { default: false },
-    thinkingBudget: { default: null },
-  },
-  removeNullishValues: jest.fn((obj) => {
-    const result = {};
-    for (const key in obj) {
-      if (obj[key] !== null && obj[key] !== undefined) {
-        result[key] = obj[key];
-      }
-    }
-    return result;
-  }),
-}));
-
 describe('getLLMConfig', () => {
   beforeEach(() => {
     jest.clearAllMocks();
-    checkPromptCacheSupport.mockReturnValue(false);
-    getClaudeHeaders.mockReturnValue(undefined);
-    configureReasoning.mockImplementation((requestOptions) => requestOptions);
-    anthropicSettings.maxOutputTokens.reset.mockReturnValue(4096);
   });
 
   it('should create a basic configuration with default values', () => {
     const result = getLLMConfig('test-api-key', { modelOptions: {} });
 
     expect(result.llmConfig).toHaveProperty('apiKey', 'test-api-key');
-    expect(result.llmConfig).toHaveProperty('model', anthropicSettings.model.default);
+    expect(result.llmConfig).toHaveProperty('model', 'claude-3-5-sonnet-latest');
     expect(result.llmConfig).toHaveProperty('stream', true);
     expect(result.llmConfig).toHaveProperty('maxTokens');
   });
@@ -99,40 +68,73 @@ describe('getLLMConfig', () => {
     expect(result.llmConfig).toHaveProperty('topP', 0.9);
   });
 
-  it('should NOT include topK and topP for Claude-3-7 models (hyphen notation)', () => {
-    configureReasoning.mockImplementation((requestOptions) => {
-      requestOptions.thinking = { type: 'enabled' };
-      return requestOptions;
-    });
-
+  it('should NOT include topK and topP for Claude-3-7 models with thinking enabled (hyphen notation)', () => {
     const result = getLLMConfig('test-api-key', {
       modelOptions: {
         model: 'claude-3-7-sonnet',
         topK: 10,
         topP: 0.9,
+        thinking: true,
       },
     });
 
     expect(result.llmConfig).not.toHaveProperty('topK');
     expect(result.llmConfig).not.toHaveProperty('topP');
+    expect(result.llmConfig).toHaveProperty('thinking');
+    expect(result.llmConfig.thinking).toHaveProperty('type', 'enabled');
+    // When thinking is enabled, it uses the default thinkingBudget of 2000
+    expect(result.llmConfig.thinking).toHaveProperty('budget_tokens', 2000);
   });
 
-  it('should NOT include topK and topP for Claude-3.7 models (decimal notation)', () => {
-    configureReasoning.mockImplementation((requestOptions) => {
-      requestOptions.thinking = { type: 'enabled' };
-      return requestOptions;
-    });
+  it('should add "prompt-caching" and "context-1m" beta headers for claude-sonnet-4 model', () => {
+    const modelOptions = {
+      model: 'claude-sonnet-4-20250514',
+      promptCache: true,
+    };
+    const result = getLLMConfig('test-key', { modelOptions });
+    const clientOptions = result.llmConfig.clientOptions;
+    expect(clientOptions.defaultHeaders).toBeDefined();
+    expect(clientOptions.defaultHeaders).toHaveProperty('anthropic-beta');
+    expect(clientOptions.defaultHeaders['anthropic-beta']).toBe(
+      'prompt-caching-2024-07-31,context-1m-2025-08-07',
+    );
+  });
 
+  it('should add "prompt-caching" and "context-1m" beta headers for claude-sonnet-4 model formats', () => {
+    const modelVariations = [
+      'claude-sonnet-4-20250514',
+      'claude-sonnet-4-latest',
+      'anthropic/claude-sonnet-4-20250514',
+    ];
+
+    modelVariations.forEach((model) => {
+      const modelOptions = { model, promptCache: true };
+      const result = getLLMConfig('test-key', { modelOptions });
+      const clientOptions = result.llmConfig.clientOptions;
+      expect(clientOptions.defaultHeaders).toBeDefined();
+      expect(clientOptions.defaultHeaders).toHaveProperty('anthropic-beta');
+      expect(clientOptions.defaultHeaders['anthropic-beta']).toBe(
+        'prompt-caching-2024-07-31,context-1m-2025-08-07',
+      );
+    });
+  });
+
+  it('should NOT include topK and topP for Claude-3.7 models with thinking enabled (decimal notation)', () => {
     const result = getLLMConfig('test-api-key', {
       modelOptions: {
         model: 'claude-3.7-sonnet',
         topK: 10,
         topP: 0.9,
+        thinking: true,
       },
     });
 
     expect(result.llmConfig).not.toHaveProperty('topK');
     expect(result.llmConfig).not.toHaveProperty('topP');
+    expect(result.llmConfig).toHaveProperty('thinking');
+    expect(result.llmConfig.thinking).toHaveProperty('type', 'enabled');
+    // When thinking is enabled, it uses the default thinkingBudget of 2000
+    expect(result.llmConfig.thinking).toHaveProperty('budget_tokens', 2000);
   });
 
   it('should handle custom maxOutputTokens', () => {
@@ -233,7 +235,6 @@ describe('getLLMConfig', () => {
     });
 
     it('should handle maxOutputTokens when explicitly set to falsy value', () => {
-      anthropicSettings.maxOutputTokens.reset.mockReturnValue(8192);
       const result = getLLMConfig('test-api-key', {
         modelOptions: {
           model: 'claude-3-opus',
@@ -241,8 +242,8 @@ describe('getLLMConfig', () => {
         },
       });
 
-      expect(anthropicSettings.maxOutputTokens.reset).toHaveBeenCalledWith('claude-3-opus');
-      expect(result.llmConfig).toHaveProperty('maxTokens', 8192);
+      // The actual anthropicSettings.maxOutputTokens.reset('claude-3-opus') returns 4096
+      expect(result.llmConfig).toHaveProperty('maxTokens', 4096);
     });
 
     it('should handle both proxy and reverseProxyUrl', () => {
@@ -263,9 +264,6 @@ describe('getLLMConfig', () => {
     });
 
     it('should handle prompt cache with supported model', () => {
-      checkPromptCacheSupport.mockReturnValue(true);
-      getClaudeHeaders.mockReturnValue({ 'anthropic-beta': 'prompt-caching-2024-07-31' });
-
       const result = getLLMConfig('test-api-key', {
         modelOptions: {
           model: 'claude-3-5-sonnet',
@@ -273,43 +271,38 @@ describe('getLLMConfig', () => {
         },
       });
 
-      expect(checkPromptCacheSupport).toHaveBeenCalledWith('claude-3-5-sonnet');
-      expect(getClaudeHeaders).toHaveBeenCalledWith('claude-3-5-sonnet', true);
+      // claude-3-5-sonnet supports prompt caching and should get the appropriate headers
       expect(result.llmConfig.clientOptions.defaultHeaders).toEqual({
-        'anthropic-beta': 'prompt-caching-2024-07-31',
+        'anthropic-beta': 'max-tokens-3-5-sonnet-2024-07-15,prompt-caching-2024-07-31',
       });
     });
 
     it('should handle thinking and thinkingBudget options', () => {
-      configureReasoning.mockImplementation((requestOptions, systemOptions) => {
-        if (systemOptions.thinking) {
-          requestOptions.thinking = { type: 'enabled' };
-        }
-        if (systemOptions.thinkingBudget) {
-          requestOptions.thinking = {
-            ...requestOptions.thinking,
-            budget_tokens: systemOptions.thinkingBudget,
-          };
-        }
-        return requestOptions;
-      });
-
-      getLLMConfig('test-api-key', {
+      const result = getLLMConfig('test-api-key', {
         modelOptions: {
           model: 'claude-3-7-sonnet',
           thinking: true,
-          thinkingBudget: 5000,
+          thinkingBudget: 10000, // This exceeds the default max_tokens of 8192
         },
       });
 
-      expect(configureReasoning).toHaveBeenCalledWith(
-        expect.any(Object),
-        expect.objectContaining({
+      // The function should add thinking configuration for claude-3-7 models
+      expect(result.llmConfig).toHaveProperty('thinking');
+      expect(result.llmConfig.thinking).toHaveProperty('type', 'enabled');
+      // With claude-3-7-sonnet, the max_tokens default is 8192
+      // Budget tokens gets adjusted to 90% of max_tokens (8192 * 0.9 = 7372) when it exceeds max_tokens
+      expect(result.llmConfig.thinking).toHaveProperty('budget_tokens', 7372);
+
+      // Test with budget_tokens within max_tokens limit
+      const result2 = getLLMConfig('test-api-key', {
+        modelOptions: {
+          model: 'claude-3-7-sonnet',
           thinking: true,
-          promptCache: false,
-          thinkingBudget: 5000,
-        }),
-      );
+          thinkingBudget: 2000,
+        },
+      });
+
+      expect(result2.llmConfig.thinking).toHaveProperty('budget_tokens', 2000);
     });
 
     it('should remove system options from modelOptions', () => {
@@ -330,16 +323,6 @@ describe('getLLMConfig', () => {
     });
 
     it('should handle all nullish values removal', () => {
-      removeNullishValues.mockImplementation((obj) => {
-        const cleaned = {};
-        Object.entries(obj).forEach(([key, value]) => {
-          if (value !== null && value !== undefined) {
-            cleaned[key] = value;
-          }
-        });
-        return cleaned;
-      });
-
       const result = getLLMConfig('test-api-key', {
         modelOptions: {
           temperature: null,

api/server/services/Endpoints/azureAssistants/initialize.js

@@ -7,6 +7,7 @@ const {
   getUserKeyValues,
   getUserKeyExpiry,
 } = require('~/server/services/UserService');
+const { getAppConfig } = require('~/server/services/Config');
 const OAIClient = require('~/app/clients/OpenAIClient');
 
 class Files {
@@ -48,6 +49,7 @@ class Files {
 }
 
 const initializeClient = async ({ req, res, version, endpointOption, initAppClient = false }) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   const { PROXY, OPENAI_ORGANIZATION, AZURE_ASSISTANTS_API_KEY, AZURE_ASSISTANTS_BASE_URL } =
     process.env;
 
@@ -81,7 +83,7 @@ const initializeClient = async ({ req, res, version, endpointOption, initAppClie
   };
 
   /** @type {TAzureConfig | undefined} */
-  const azureConfig = req.app.locals[EModelEndpoint.azureOpenAI];
+  const azureConfig = appConfig.endpoints?.[EModelEndpoint.azureOpenAI];
 
   /** @type {AzureOptions | undefined} */
   let azureOptions;
@@ -109,14 +111,14 @@ const initializeClient = async ({ req, res, version, endpointOption, initAppClie
 
     apiKey = azureOptions.azureOpenAIApiKey;
     opts.defaultQuery = { 'api-version': azureOptions.azureOpenAIApiVersion };
-    opts.defaultHeaders = resolveHeaders(
-      {
+    opts.defaultHeaders = resolveHeaders({
+      headers: {
         ...headers,
         'api-key': apiKey,
         'OpenAI-Beta': `assistants=${version}`,
       },
-      req.user,
-    );
+      user: req.user,
+    });
     opts.model = azureOptions.azureOpenAIApiDeploymentName;
 
     if (initAppClient) {

api/server/services/Endpoints/azureAssistants/initialize.spec.js

@@ -12,6 +12,15 @@ jest.mock('~/server/services/UserService', () => ({
   checkUserKeyExpiry: jest.requireActual('~/server/services/UserService').checkUserKeyExpiry,
 }));
 
+jest.mock('~/server/services/Config', () => ({
+  getAppConfig: jest.fn().mockResolvedValue({
+    azureAssistants: {
+      apiKey: 'test-key',
+      baseURL: 'https://test.url',
+    },
+  }),
+}));
+
 const today = new Date();
 const tenDaysFromToday = new Date(today.setDate(today.getDate() + 10));
 const isoString = tenDaysFromToday.toISOString();

api/server/services/Endpoints/bedrock/options.js

@@ -9,8 +9,10 @@ const {
   removeNullishValues,
 } = require('librechat-data-provider');
 const { getUserKey, checkUserKeyExpiry } = require('~/server/services/UserService');
+const { getAppConfig } = require('~/server/services/Config');
 
 const getOptions = async ({ req, overrideModel, endpointOption }) => {
+  const appConfig = await getAppConfig({ role: req.user?.role });
   const {
     BEDROCK_AWS_SECRET_ACCESS_KEY,
     BEDROCK_AWS_ACCESS_KEY_ID,
@@ -50,14 +52,13 @@ const getOptions = async ({ req, overrideModel, endpointOption }) => {
   let streamRate = Constants.DEFAULT_STREAM_RATE;
 
   /** @type {undefined | TBaseEndpoint} */
-  const bedrockConfig = req.app.locals[EModelEndpoint.bedrock];
+  const bedrockConfig = appConfig.endpoints?.[EModelEndpoint.bedrock];
 
   if (bedrockConfig && bedrockConfig.streamRate) {
     streamRate = bedrockConfig.streamRate;
   }
 
-  /** @type {undefined | TBaseEndpoint} */
-  const allConfig = req.app.locals.all;
+  const allConfig = appConfig.endpoints?.all;
   if (allConfig && allConfig.streamRate) {
     streamRate = allConfig.streamRate;
   }