# PromptGate
**A lightweight LLM protocol gateway and admin console for OpenAI-compatible and Anthropic-style APIs.**
[](./LICENSE)
[](./package.json)
[](https://www.typescriptlang.org/)
[](https://pnpm.io/)
[中文文档 / Chinese documentation](./README.zh-CN.md) | [Caddy deployment guide](./docs/deployment-caddy.md)
PromptGate focuses on the gateway layer of LLM applications: one entry point, one authentication layer, one routing system, one logging surface, and one fallback path. It is not trying to reinvent a full model platform.
It gives you a deployable control plane for:
- routing requests by `Host`, path, and protocol;
- validating PromptGate API keys;
- replacing upstream provider API keys;
- rewriting the request `model` field from route configuration;
- forwarding OpenAI-compatible and Anthropic-style requests;
- adapting Anthropic requests to OpenAI-compatible upstreams when needed;
- enforcing global, provider, and API-key concurrency limits;
- applying prompt injection policies;
- collecting token, latency, user, route, provider, and model logs;
- failing over when an upstream is rate-limited, overloaded, or unavailable.
PromptGate is a **protocol gateway**, not a model-type gateway.
API Key -> user identity
Host -> public entry point
Path + protocol -> request shape
Provider exits -> final upstream protocol
modelId -> the string written into the request body
## Why PromptGate?
LLM applications often start with a simple proxy and quickly run into operational needs:
- multiple upstream providers;
- separate public hostnames for different clients;
- API-key ownership and revocation;
- route-specific models;
- Claude Code / Anthropic-style request compatibility;
- concurrency control and fallback;
- request logs that are readable by humans;
- a UI for configuration instead of hand-editing runtime files.
PromptGate keeps the small-proxy mental model, but turns it into a configurable, observable, and production-deployable gateway.
### Logo Philosophy
The PromptGate logo features a modern arch or gateway with a central glowing code spark. This symbolizes a powerful, secure, and intelligent portal for LLM prompts, with the blue gradient conveying technology, depth, and reliability.
## Features
### Recent Updates
- **Global Analytics Timeframe UI**: Introduced a sleek, fully internationalized top-bar dropdown for global time range filtering, along with customizable analytics boundaries (start of day/week) in settings.
- **DingTalk Notifications**: Send automated daily usage reports to DingTalk groups, with support for custom Cron schedules, excluded users, and internationalized (i18n) push languages.
- **Login Security & i18n**: Fully internationalized login page featuring a modern "Keep me logged in" option.
- **Improved Settings UI**: Fixed browser autofill issues on sensitive webhook and cron configuration fields.
- **Enhanced Analytics UI**: Fixed internal scrolling mechanics for data tables to keep summary cards visible at all times.
### Protocol-aware routing
A route maps:
Host + Path + incoming protocol
-> provider + modelId + prompt policy + fallback provider
Example:
Host: code.example.com
Path: /v1/messages
Incoming protocol: Anthropic
Provider: qwen-provider
Model: qwen3.6-plus
### OpenAI-compatible and Anthropic-style APIs
| Incoming request | Provider has | Behavior |
| --- | --- | --- |
| OpenAI-compatible | OpenAI-compatible base URL | Direct forwarding |
| Anthropic-style | Anthropic base URL | Direct forwarding |
| Anthropic-style | OpenAI-compatible base URL only | Anthropic -> OpenAI-compatible non-stream adapter |
| OpenAI-compatible | Anthropic base URL only | Not adapted |
The model name itself does not decide the protocol. The route protocol and provider exit capability do.
### API key management
PromptGate API keys identify users of the gateway.
- Full keys are shown only once when created.
- The database stores key hashes and prefixes, not raw keys.
- Users manage their own keys.
- Admins can inspect, disable, enable, and audit keys.
### Provider management
Each provider can define:
- OpenAI-compatible base URL;
- Anthropic base URL;
- encrypted upstream API keys;
- model list;
- concurrency limit;
- maximum output token policy.
### Prompt policies
PromptGate supports configurable prompt injection policies for OpenAI-compatible and Anthropic-style request shapes. This is useful for organization-wide system prompts, Claude Code policies, safety constraints, and role presets.
### Concurrency, queueing, and fallback
PromptGate supports layered concurrency limits:
global concurrency
provider concurrency
API-key concurrency
Fallback can be triggered when:
- the primary provider queue is full;
- the upstream returns `429`;
- the upstream returns `503`;
- the upstream returns `529`.
Fallback is intentionally single-level. If the fallback provider is also busy, the request waits in the fallback provider queue instead of cascading through more providers.
### Human-readable realtime logs
Action logs are written as one-line Chinese operational events and are emitted to:
- stdout / PM2 logs;
- the realtime logs page over SSE;
- in-memory history;
- `data/action.log`.
Example:
2026-06-02 13:20:01 信息 请求完成 requestId=req_xxx 用户=test APIKey=pg_abcd Host=code.example.com 路径=/v1/messages 路由=ClaudeCode 供应商=ProviderA 模型=qwen3.6-plus 状态=200 输入Token=10 输出Token=20 总Token=30 耗时=1234ms 排队=0ms 降级=否
### Playground
The Playground helps users generate and test:
- `curl` requests;
- OpenAI-compatible calls;
- Anthropic-style calls;
- Claude Code `settings.json`;
- API-key based examples.
Because full API keys are only shown once, Playground asks users to paste their own `pg_` key instead of fetching it from the server.
## Architecture
Typical production deployment:
Internet
-> HTTPS / Caddy
-> PromptGate on 127.0.0.1:3001
-> upstream LLM providers
PromptGate is a single service:
- admin web console;
- admin API;
- gateway API;
- realtime logs;
- SQLite-backed persistence.
Recommended:
- let Caddy terminate HTTPS;
- keep PromptGate bound to `127.0.0.1`;
- preserve the original `Host` header;
- do not expose the PromptGate port directly to the public internet.
## Quick Start
### Requirements
- Node.js `>= 24.16.0`
- pnpm
- SQLite
### Install
git clone https://github.com/tomwu618/PromptGate.git
cd PromptGate
pnpm install
### Configure
cat > .env <
标签:自动化攻击