Trong bối cảnh chi phí AI API ngày càng tăng và các mối đe dọa bảo mật ngày càng phức tạp, việc triển khai hệ thống audit cho AI API không còn là lựa chọn mà là yêu cầu bắt buộc đối với doanh nghiệp. Bài viết này sẽ hướng dẫn chi tiết cách xây dựng Enterprise AI API Security Audit với HolySheep, bao gồm request logging, key isolation và abnormal consumption tracking.
Bảng so sánh: HolySheep vs API Chính thức vs Dịch vụ Relay
| Tiêu chí | HolySheep AI | API Chính thức (OpenAI/Anthropic) | Dịch vụ Relay khác |
|---|---|---|---|
| Chi phí GPT-4.1 | $8/MTok | $60/MTok | $15-40/MTok |
| Chi phí Claude Sonnet 4.5 | $15/MTok | $90/MTok | $25-50/MTok |
| Chi phí Gemini 2.5 Flash | $2.50/MTok | $15/MTok | $5-12/MTok |
| DeepSeek V3.2 | $0.42/MTok | Không có | $0.80-2/MTok |
| Request Logging | Tích hợp sẵn | Cần tự xây dựng | Hạn chế |
| Key Isolation | Đa tenant, workspace riêng | Không hỗ trợ | Chia sẻ key |
| Abnormal Consumption Alert | Real-time, tự động | Cần webhook/logging riêng | Thủ công |
| Thanh toán | WeChat/Alipay, USD | Chỉ thẻ quốc tế | Đa dạng |
| Độ trễ trung bình | <50ms | 100-300ms | 80-200ms |
| Tín dụng miễn phí | Có khi đăng ký | $5 trial | Không |
| Tiết kiệm | 85%+ | Baseline | 30-70% |
Tại sao Enterprise cần AI API Security Audit?
Khi triển khai AI API trong production, doanh nghiệp đối mặt với nhiều rủi ro:
- Chi phí phát sinh bất thường: API key bị leak có thể gây thiệt hại hàng ngàn đô la trong vài giờ
- Không minh bạch trong sử dụng: Không biết developer nào, ứng dụng nào đang tiêu tốn bao nhiêu token
- Compliance và Audit Trail: Cần log đầy đủ cho SOX, SOC2 hoặc các quy định nội bộ
- Performance degradation: Không phát hiện kịp thời các request bất thường
Với HolySheep AI, toàn bộ các tính năng này được tích hợp sẵn, giúp doanh nghiệp tiết kiệm hàng triệu đồng chi phí xây dựng hệ thống audit riêng.
1. Cấu trúc dự án Enterprise AI Security Audit
enterprise-ai-audit/
├── src/
│ ├── config/
│ │ ├── holySheepConfig.js # Cấu hình HolySheep API
│ │ └── alertConfig.js # Cấu hình cảnh báo
│ ├── services/
│ │ ├── requestLogger.js # Ghi log request
│ │ ├── keyManager.js # Quản lý key isolation
│ │ ├── consumptionTracker.js # Theo dõi tiêu thụ
│ │ └── alertService.js # Dịch vụ cảnh báo
│ ├── middleware/
│ │ ├── auditMiddleware.js # Middleware audit
│ │ └── rateLimitMiddleware.js # Rate limiting
│ ├── routes/
│ │ └── auditRoutes.js # API routes cho audit
│ └── utils/
│ └── costCalculator.js # Tính toán chi phí
├── logs/ # Thư mục lưu log
├── tests/
│ └── audit.test.js # Unit tests
├── .env.example # Template biến môi trường
└── package.json
2. Cấu hình HolySheep API với Key Isolation
// src/config/holySheepConfig.js
const HOLYSHEEP_CONFIG = {
baseUrl: 'https://api.holysheep.ai/v1',
apiKey: process.env.HOLYSHEEP_API_KEY,
// Workspace isolation - mỗi team/project có workspace riêng
workspace: {
default: process.env.DEFAULT_WORKSPACE_ID,
teams: {
backend: process.env.BACKEND_TEAM_WORKSPACE,
frontend: process.env.FRONTEND_TEAM_WORKSPACE,
ml: process.env.ML_TEAM_WORKSPACE,
qa: process.env.QA_TEAM_WORKSPACE
}
},
// Model pricing (USD per 1M tokens) - 2026
models: {
'gpt-4.1': { input: 8, output: 24 },
'claude-sonnet-4.5': { input: 15, output: 75 },
'gemini-2.5-flash': { input: 2.50, output: 10 },
'deepseek-v3.2': { input: 0.42, output: 1.68 }
},
// Alert thresholds (USD)
alertThresholds: {
dailyLimit: 100, // Cảnh báo khi chi phí/ngày > $100
hourlyLimit: 20, // Cảnh báo khi chi phí/giờ > $20
burstThreshold: 50, // Cảnh báo khi request/giây > 50
tokenBurst: 1000000 // Cảnh báo khi tokens/request > 1M
},
// Request logging config
logging: {
enabled: true,
retentionDays: 90,
logLevel: 'detailed', // minimal, standard, detailed
sensitiveFields: ['api_key', 'password', 'token']
}
};
module.exports = HOLYSHEEP_CONFIG;
3. Request Logger Service - Ghi log chi tiết
// src/services/requestLogger.js
const fs = require('fs');
const path = require('path');
const crypto = require('crypto');
const HOLYSHEEP_CONFIG = require('../config/holySheepConfig');
class RequestLogger {
constructor() {
this.logDir = path.join(__dirname, '../../logs');
this.ensureLogDirectory();
}
ensureLogDirectory() {
if (!fs.existsSync(this.logDir)) {
fs.mkdirSync(this.logDir, { recursive: true });
}
}
// Hash sensitive data trước khi log
maskSensitiveData(data) {
if (!data) return data;
const masked = { ...data };
HOLYSHEEP_CONFIG.logging.sensitiveFields.forEach(field => {
if (masked[field]) {
masked[field] = '***REDACTED***';
}
});
// Đặc biệt mask API key partial
if (masked.api_key || masked.key) {
const key = masked.api_key || masked.key;
masked.key_preview = key.substring(0, 8) + '...' + key.slice(-4);
}
return masked;
}
// Calculate chi phí cho một request
calculateRequestCost(model, usage) {
const modelPricing = HOLYSHEEP_CONFIG.models[model];
if (!modelPricing) return 0;
const inputCost = (usage.prompt_tokens / 1000000) * modelPricing.input;
const outputCost = (usage.completion_tokens / 1000000) * modelPricing.output;
return {
inputCost: Math.round(inputCost * 10000) / 10000, // 4 decimal places
outputCost: Math.round(outputCost * 10000) / 10000,
totalCost: Math.round((inputCost + outputCost) * 10000) / 10000
};
}
// Generate unique request ID
generateRequestId() {
return req_${Date.now()}_${crypto.randomBytes(4).toString('hex')};
}
// Log request mới
logRequest(reqData) {
const timestamp = new Date().toISOString();
const requestId = this.generateRequestId();
const logEntry = {
request_id: requestId,
timestamp,
workspace_id: reqData.workspaceId,
team: reqData.team,
application: reqData.application,
// Request details
model: reqData.model,
endpoint: reqData.endpoint,
method: reqData.method || 'POST',
// Usage
usage: {
prompt_tokens: reqData.promptTokens || 0,
completion_tokens: reqData.completionTokens || 0,
total_tokens: (reqData.promptTokens || 0) + (reqData.completionTokens || 0)
},
// Cost
cost: reqData.usage ?
this.calculateRequestCost(reqData.model, reqData.usage) :
{ inputCost: 0, outputCost: 0, totalCost: 0 },
// Performance
latency_ms: reqData.latencyMs,
time_to_first_token: reqData.timeToFirstToken,
// Metadata
user_id: reqData.userId,
ip_address: this.maskIp(reqData.ipAddress),
user_agent: reqData.userAgent,
// Error tracking
error: reqData.error || null,
error_code: reqData.errorCode,
// Request body (masked)
request_body: this.maskSensitiveData(reqData.body)
};
// Write to daily log file
const dateStr = timestamp.split('T')[0];
const logFile = path.join(this.logDir, audit_${dateStr}.jsonl);
fs.appendFileSync(logFile, JSON.stringify(logEntry) + '\n');
// Write to team-specific log
if (reqData.team) {
const teamLogFile = path.join(this.logDir, team_${reqData.team}_${dateStr}.jsonl);
fs.appendFileSync(teamLogFile, JSON.stringify(logEntry) + '\n');
}
return requestId;
}
maskIp(ip) {
if (!ip) return null;
const parts = ip.split('.');
if (parts.length === 4) {
return ${parts[0]}.${parts[1]}.***.${parts[3]};
}
return ip;
}
// Query logs với filters
async queryLogs(filters = {}) {
const { startDate, endDate, team, model, minCost, maxCost } = filters;
// Implementation for querying logs
// Trả về array các log entries thỏa mãn filter
return [];
}
// Aggregate costs theo ngày/team/model
async aggregateCosts(groupBy = 'day') {
// Implementation for cost aggregation
return {};
}
}
module.exports = new RequestLogger();
4. Key Manager với Workspace Isolation
// src/services/keyManager.js
const crypto = require('crypto');
const HOLYSHEEP_CONFIG = require('../config/holySheepConfig');
class KeyManager {
constructor() {
// In-memory key store (thay bằng database trong production)
this.keys = new Map();
this.workspaces = new Map();
}
// Tạo workspace mới cho team
createWorkspace(teamName, metadata = {}) {
const workspaceId = ws_${teamName}_${Date.now()};
const workspace = {
id: workspaceId,
name: teamName,
created_at: new Date().toISOString(),
monthly_limit: metadata.monthlyLimit || 1000, // USD
daily_limit: metadata.dailyLimit || 100,
hourly_limit: metadata.hourlyLimit || 20,
models_allowed: metadata.allowedModels || Object.keys(HOLYSHEEP_CONFIG.models),
status: 'active',
metadata
};
this.workspaces.set(workspaceId, workspace);
// Tạo API key cho workspace
const apiKey = this.createApiKey(workspaceId);
return { workspace, apiKey };
}
// Tạo API key mới
createApiKey(workspaceId, options = {}) {
const prefix = 'hssk'; // HolySheep Secret Key prefix
const randomPart = crypto.randomBytes(24).toString('base64');
const apiKey = ${prefix}_${randomPart};
const keyRecord = {
key: apiKey,
key_preview: apiKey.substring(0, 12) + '...',
workspace_id: workspaceId,
name: options.name || 'Default Key',
created_at: new Date().toISOString(),
last_used: null,
usage_count: 0,
total_cost: 0,
permissions: options.permissions || ['chat', 'embeddings'],
rate_limit: options.rateLimit || { requests_per_minute: 60 },
status: 'active'
};
this.keys.set(apiKey, keyRecord);
return apiKey;
}
// Validate API key
validateApiKey(apiKey) {
const keyRecord = this.keys.get(apiKey);
if (!keyRecord) {
return { valid: false, error: 'Invalid API key' };
}
if (keyRecord.status !== 'active') {
return { valid: false, error: 'API key is inactive' };
}
// Check workspace status
const workspace = this.workspaces.get(keyRecord.workspace_id);
if (!workspace || workspace.status !== 'active') {
return { valid: false, error: 'Workspace is inactive' };
}
// Update last used
keyRecord.last_used = new Date().toISOString();
keyRecord.usage_count++;
return {
valid: true,
keyRecord,
workspace
};
}
// Get available models cho workspace
getAllowedModels(workspaceId) {
const workspace = this.workspaces.get(workspaceId);
if (!workspace) return [];
return workspace.models_allowed;
}
// Kiểm tra và enforce rate limit
checkRateLimit(apiKey) {
const keyRecord = this.keys.get(apiKey);
if (!keyRecord) return { allowed: false, error: 'Invalid key' };
const { rate_limit } = keyRecord;
// Implement rate limit checking với sliding window
// Trả về { allowed: true/false, remaining: number, reset: timestamp }
return {
allowed: true,
remaining: rate_limit.requests_per_minute - 1,
reset: Date.now() + 60000
};
}
// Revoke API key
revokeKey(apiKey) {
const keyRecord = this.keys.get(apiKey);
if (keyRecord) {
keyRecord.status = 'revoked';
keyRecord.revoked_at = new Date().toISOString();
return true;
}
return false;
}
// Get workspace usage statistics
getWorkspaceStats(workspaceId) {
const workspace = this.workspaces.get(workspaceId);
if (!workspace) return null;
// Calculate total usage từ keys
let totalUsage = { count: 0, cost: 0 };
this.keys.forEach((key) => {
if (key.workspace_id === workspaceId) {
totalUsage.count += key.usage_count;
totalUsage.cost += key.total_cost;
}
});
return {
workspace,
total_usage: totalUsage,
monthly_limit: workspace.monthly_limit,
usage_percentage: (totalUsage.cost / workspace.monthly_limit) * 100,
remaining_credit: workspace.monthly_limit - totalUsage.cost
};
}
}
// Singleton instance
const keyManager = new KeyManager();
// Tạo sample workspaces
keyManager.createWorkspace('backend', {
monthlyLimit: 500,
allowedModels: ['gpt-4.1', 'deepseek-v3.2']
});
keyManager.createWorkspace('frontend', {
monthlyLimit: 200,
allowedModels: ['gemini-2.5-flash']
});
keyManager.createWorkspace('ml', {
monthlyLimit: 1000,
allowedModels: ['claude-sonnet-4.5', 'gpt-4.1', 'deepseek-v3.2']
});
module.exports = keyManager;
5. Abnormal Consumption Tracker với Real-time Alerts
// src/services/consumptionTracker.js
const HOLYSHEEP_CONFIG = require('../config/holySheepConfig');
class ConsumptionTracker {
constructor() {
// In-memory stores (thay bằng Redis trong production)
this.hourlyUsage = new Map(); // workspace_id -> hourly data
this.dailyUsage = new Map(); // workspace_id -> daily data
this.requestBuffer = []; // Buffer cho real-time processing
this.alertCallbacks = [];
}
// Register alert callback
onAlert(callback) {
this.alertCallbacks.push(callback);
}
// Track request usage
trackUsage(workspaceId, cost, tokens, metadata = {}) {
const now = new Date();
const hourKey = ${workspaceId}_${now.toISOString().slice(0, 13)};
const dayKey = ${workspaceId}_${now.toISOString().slice(0, 10)};
// Update hourly usage
if (!this.hourlyUsage.has(hourKey)) {
this.hourlyUsage.set(hourKey, {
workspace_id: workspaceId,
hour: hourKey,
total_cost: 0,
request_count: 0,
total_tokens: 0,
models_used: {}
});
}
const hourly = this.hourlyUsage.get(hourKey);
hourly.total_cost += cost;
hourly.request_count++;
hourly.total_tokens += tokens;
// Track by model
const model = metadata.model || 'unknown';
if (!hourly.models_used[model]) {
hourly.models_used[model] = { cost: 0, tokens: 0, count: 0 };
}
hourly.models_used[model].cost += cost;
hourly.models_used[model].tokens += tokens;
hourly.models_used[model].count++;
// Update daily usage
if (!this.dailyUsage.has(dayKey)) {
this.dailyUsage.set(dayKey, {
workspace_id: workspaceId,
date: dayKey,
total_cost: 0,
request_count: 0,
total_tokens: 0,
hourly_breakdown: {}
});
}
const daily = this.dailyUsage.get(dayKey);
daily.total_cost += cost;
daily.request_count++;
daily.total_tokens += tokens;
const hour = now.getHours();
if (!daily.hourly_breakdown[hour]) {
daily.hourly_breakdown[hour] = { cost: 0, count: 0 };
}
daily.hourly_breakdown[hour].cost += cost;
daily.hourly_breakdown[hour].count++;
// Check thresholds and trigger alerts
this.checkAndAlert(workspaceId, hourly, daily, metadata);
}
// Check thresholds and trigger alerts
checkAndAlert(workspaceId, hourlyData, dailyData, metadata) {
const workspace = keyManager.workspaces.get(workspaceId);
if (!workspace) return;
const alerts = [];
// Hourly cost threshold
if (hourlyData.total_cost > HOLYSHEEP_CONFIG.alertThresholds.hourlyLimit) {
alerts.push({
type: 'HOURLY_COST_EXCEEDED',
severity: 'HIGH',
workspace_id: workspaceId,
message: Hourly cost exceeded: $${hourlyData.total_cost.toFixed(2)} (limit: $${HOLYSHEEP_CONFIG.alertThresholds.hourlyLimit}),
current: hourlyData.total_cost,
limit: HOLYSHEEP_CONFIG.alertThresholds.hourlyLimit,
timestamp: new Date().toISOString()
});
}
// Daily cost threshold
if (dailyData.total_cost > HOLYSHEEP_CONFIG.alertThresholds.dailyLimit) {
alerts.push({
type: 'DAILY_COST_EXCEEDED',
severity: 'CRITICAL',
workspace_id: workspaceId,
message: Daily cost exceeded: $${dailyData.total_cost.toFixed(2)} (limit: $${HOLYSHEEP_CONFIG.alertThresholds.dailyLimit}),
current: dailyData.total_cost,
limit: HOLYSHEEP_CONFIG.alertThresholds.dailyLimit,
timestamp: new Date().toISOString()
});
}
// Monthly budget check
const monthlyUsage = this.getMonthlyUsage(workspaceId);
if (monthlyUsage > workspace.monthly_limit) {
alerts.push({
type: 'MONTHLY_BUDGET_EXCEEDED',
severity: 'CRITICAL',
workspace_id: workspaceId,
message: Monthly budget exceeded: $${monthlyUsage.toFixed(2)} (budget: $${workspace.monthly_limit}),
current: monthlyUsage,
limit: workspace.monthly_limit,
timestamp: new Date().toISOString()
});
}
// Burst detection (high request rate)
if (hourlyData.request_count > HOLYSHEEP_CONFIG.alertThresholds.burstThreshold * 60) {
alerts.push({
type: 'BURST_DETECTED',
severity: 'MEDIUM',
workspace_id: workspaceId,
message: Unusual request burst: ${hourlyData.request_count} requests in current hour,
current: hourlyData.request_count,
threshold: HOLYSHEEP_CONFIG.alertThresholds.burstThreshold * 60,
timestamp: new Date().toISOString()
});
}
// Token burst (very long requests)
if (metadata.promptTokens > HOLYSHEEP_CONFIG.alertThresholds.tokenBurst) {
alerts.push({
type: 'LARGE_REQUEST_DETECTED',
severity: 'LOW',
workspace_id: workspaceId,
message: Large token request: ${metadata.promptTokens.toLocaleString()} tokens,
tokens: metadata.promptTokens,
estimated_cost: metadata.estimatedCost,
timestamp: new Date().toISOString()
});
}
// Fire alerts
alerts.forEach(alert => this.fireAlert(alert));
}
// Fire alert to all registered callbacks
fireAlert(alert) {
console.error([ALERT] ${alert.severity}: ${alert.message});
this.alertCallbacks.forEach(callback => {
try {
callback(alert);
} catch (err) {
console.error('Alert callback error:', err);
}
});
}
// Get monthly usage for workspace
getMonthlyUsage(workspaceId) {
const now = new Date();
const monthStart = ${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, '0')}-01;
let total = 0;
this.dailyUsage.forEach((data, key) => {
if (key.startsWith(workspaceId) && key >= monthStart) {
total += data.total_cost;
}
});
return total;
}
// Get dashboard data
getDashboardData(workspaceId) {
const now = new Date();
const today = now.toISOString().slice(0, 10);
const thisMonth = ${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, '0')};
const workspace = keyManager.workspaces.get(workspaceId);
if (!workspace) return null;
const todayData = this.dailyUsage.get(${workspaceId}_${today});
const monthlyUsage = this.getMonthlyUsage(workspaceId);
// Get hourly breakdown for today
const hourlyBreakdown = [];
for (let h = 0; h < 24; h++) {
const hourKey = ${workspaceId}_${today}T${String(h).padStart(2, '0')};
const hourData = this.hourlyUsage.get(hourKey);
hourlyBreakdown.push({
hour: h,
cost: hourData?.total_cost || 0,
requests: hourData?.request_count || 0
});
}
return {
workspace_id: workspaceId,
workspace_name: workspace.name,
budget: {
monthly: workspace.monthly_limit,
daily: workspace.daily_limit,
hourly: workspace.hourly_limit
},
usage: {
today: {
cost: todayData?.total_cost || 0,
requests: todayData?.request_count || 0,
tokens: todayData?.total_tokens || 0
},
this_month: {
cost: monthlyUsage,
requests: this.getMonthlyRequestCount(workspaceId),
tokens: this.getMonthlyTokenCount(workspaceId)
},
hourly_breakdown: hourlyBreakdown
},
utilization: {
monthly_percent: (monthlyUsage / workspace.monthly_limit) * 100,
daily_percent: ((todayData?.total_cost || 0) / workspace.daily_limit) * 100
}
};
}
getMonthlyRequestCount(workspaceId) {
let count = 0;
this.dailyUsage.forEach((data, key) => {
if (key.startsWith(workspaceId) && key.includes(thisMonth)) {
count += data.request_count;
}
});
return count;
}
getMonthlyTokenCount(workspaceId) {
let tokens = 0;
this.dailyUsage.forEach((data, key) => {
if (key.startsWith(workspaceId) && key.includes(thisMonth)) {
tokens += data.total_tokens;
}
});
return tokens;
}
}
module.exports = new ConsumptionTracker();
6. Integration với HolySheep API - Complete Example
// src/services/holySheepClient.js
const HOLYSHEEP_CONFIG = require('../config/holySheepConfig');
const requestLogger = require('./requestLogger');
const consumptionTracker = require('./consumptionTracker');
const keyManager = require('./keyManager');
class HolySheepClient {
constructor(apiKey) {
this.baseUrl = HOLYSHEEP_CONFIG.baseUrl;
this.apiKey = apiKey;
}
// Unified API call method với auto-logging
async chatCompletion(model, messages, options = {}) {
const startTime = Date.now();
const workspaceId = options.workspaceId || 'default';
// Validate API key
const validation = keyManager.validateApiKey(this.apiKey);
if (!validation.valid) {
throw new Error(API Key validation failed: ${validation.error});
}
// Check if model is allowed
const allowedModels = keyManager.getAllowedModels(validation.workspace.id);
if (!allowedModels.includes(model)) {
throw new Error(Model ${model} not allowed for this workspace. Allowed: ${allowedModels.join(', ')});
}
try {
// Make request to HolySheep API
const response = await fetch(${this.baseUrl}/chat/completions, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': Bearer ${this.apiKey},
'X-Workspace-ID': validation.workspace.id
},
body: JSON.stringify({
model,
messages,
...options
})
});
const latencyMs = Date.now() - startTime;
if (!response.ok) {
const error = await response.json();
throw new Error(HolySheep API Error: ${error.message || response.statusText});
}
const data = await response.json();
// Extract usage
const usage = data.usage || {
prompt_tokens: 0,
completion_tokens: 0,
total_tokens: 0
};
// Calculate cost
const cost = requestLogger.calculateRequestCost(model, usage);
// Log request
const requestId = requestLogger.logRequest({
workspaceId: validation.workspace.id,
team: validation.workspace.name,
model,
endpoint: '/chat/completions',
promptTokens: usage.prompt_tokens,
completionTokens: usage.completion_tokens,
latencyMs,
cost
});
// Track consumption
consumptionTracker.trackUsage(validation.workspace.id, cost.totalCost, usage.total_tokens, {
model,
promptTokens: usage.prompt_tokens
});
return {
...data,
_audit: {
request_id: requestId,
cost,
latency_ms: latencyMs,
workspace_id: validation.workspace.id
}
};
} catch (error) {
// Log failed request
requestLogger.logRequest({
workspaceId: validation.workspace.id,
team: validation.workspace.name,
model,
endpoint: '/chat/completions',
latencyMs: Date.now() - startTime,
error: error.message,
errorCode: error.code
});
throw error;
}
}
// Streaming completion với audit
async *chatCompletionStream(model, messages, options = {}) {
const startTime = Date.now();
const validation = keyManager.validateApiKey(this.apiKey);
if (!validation.valid) {
throw new Error(API Key validation failed: ${validation.error});
}
let fullResponse = '';
let totalTokens = 0;
const response = await fetch(${this.baseUrl}/chat/completions, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': Bearer ${this.apiKey},
'X-Workspace-ID': validation.workspace.id
},
body: JSON.stringify({
model,
messages,
stream: true,
...options
})
});
if (!response.ok) {
throw new Error(HolySheep API Error: ${response.statusText});
}
const reader = response.body.getReader();
const decoder = new TextDecoder();
try {
while (true) {
const { done, value } = await reader.read();
if (done) break;
const chunk = decoder.decode(value);
const lines = chunk.split('\n').filter(line => line.trim());
for (const line of lines) {
if (line.startsWith('data: ')) {
const data = line.slice(6);
if (data === '[DONE]') continue;
try {
const parsed = JSON.parse(data);
if (parsed.choices?.[0]?.delta?.content) {
fullResponse += parsed.choices[0].delta.content;
}
if (parsed.usage) {
totalTokens = parsed.usage.total_tokens;
}
yield parsed;
} catch (e) {
// Skip invalid JSON
}
}
}
}
// Log streaming completion
const latencyMs = Date.now() - startTime;
const cost = requestLogger.calculateRequestCost(model, {
prompt_tokens: Math.floor(totalTokens *