From edeadfc3893c3109bd57236465a42735866d36fe Mon Sep 17 00:00:00 2001
From: Luis Pater <webmaster@idotorg.org>
Date: Fri, 11 Jul 2025 10:57:23 +0800
Subject: [PATCH] Restrict CLI access to localhost and update README for Gemini
 compatibility

- Added localhost-only access restriction to `CLIHandler` for security.
- Updated README to reflect Gemini-compatible API and local access limitation notes.
---
 README.md                    |  8 ++++++--
 internal/api/cli-handlers.go | 11 +++++++++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7bdaea5d..c03f3265 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,10 @@
 # CLI Proxy API
 
-A proxy server that provides an OpenAI-compatible API interface for CLI. This allows you to use CLI models with tools and libraries designed for the OpenAI API.
+A proxy server that provides an OpenAI-compatible/Gemini-compatible API interface for CLI. This allows you to use CLI models with tools and libraries designed for the OpenAI/Gemini API.
 
 ## Features
 
-- OpenAI-compatible API endpoints for CLI models
+- OpenAI/Gemini compatible API endpoints for CLI models
 - Support for both streaming and non-streaming responses
 - Function calling/tools support
 - Multimodal input support (text and images)
@@ -208,6 +208,10 @@ export CODE_ASSIST_ENDPOINT="http://127.0.0.1:8317"
 
 The server will relay the `loadCodeAssist`, `onboardUser`, and `countTokens` requests. And automatically load balance the text generation requests between the multiple accounts.
 
+> [!NOTE]  
+> This feature only allows local access because I couldn't find a way to authenticate the requests.   
+> I hardcoded `127.0.0.1` into the load balancing.
+
 ## Contributing
 
 Contributions are welcome! Please feel free to submit a Pull Request.
diff --git a/internal/api/cli-handlers.go b/internal/api/cli-handlers.go
index 2f342e8b..b4fcf146 100644
--- a/internal/api/cli-handlers.go
+++ b/internal/api/cli-handlers.go
@@ -12,10 +12,21 @@ import (
 	"github.com/tidwall/sjson"
 	"io"
 	"net/http"
+	"strings"
 	"time"
 )
 
 func (h *APIHandlers) CLIHandler(c *gin.Context) {
+	if !strings.HasPrefix(c.Request.RemoteAddr, "127.0.0.1:") {
+		c.JSON(http.StatusForbidden, ErrorResponse{
+			Error: ErrorDetail{
+				Message: "CLI reply only allow local access",
+				Type:    "forbidden",
+			},
+		})
+		return
+	}
+
 	rawJson, _ := c.GetRawData()
 	requestRawURI := c.Request.URL.Path
 	if requestRawURI == "/v1internal:generateContent" {