import { NextRequest, NextResponse } from 'next/server'; import { auth } from '@/auth'; import { getEffectiveTier } from '@/lib/entitlements'; import { getAllowedByokProviders, isByokProviderAllowed } from '@/lib/byok'; import { fetchLiveModelsForProvider } from '@/lib/ai/models-list'; import { VALID_PROVIDERS, type AiGatewayProvider } from '@/lib/ai/router'; /** * GET /api/user/api-keys/live-models?provider=&key=&baseUrl= * * Dynamically queries the third-party provider's API with the user's key to fetch * actual available models dynamically. */ export async function GET(request: NextRequest) { const session = await auth(); if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); } const tier = await getEffectiveTier(session.user.id); if (tier === 'BASIC') { return NextResponse.json({ error: 'Forbidden' }, { status: 403 }); } const { searchParams } = request.nextUrl; const provider = searchParams.get('provider') as AiGatewayProvider; const apiKey = searchParams.get('key'); const baseUrl = searchParams.get('baseUrl') ?? undefined; if (!provider || !apiKey) { return NextResponse.json({ error: 'Missing parameters' }, { status: 400 }); } if (!VALID_PROVIDERS.has(provider)) { return NextResponse.json({ error: 'Invalid provider' }, { status: 400 }); } if (!isByokProviderAllowed(tier, provider)) { return NextResponse.json({ error: 'Tier restricted' }, { status: 403 }); } const models = await fetchLiveModelsForProvider(provider, apiKey, baseUrl); return NextResponse.json({ success: true, models }); }