fix: ensure database is initialized before saving tool embeddings (#531 )

Add custom access type for bearer keys to support combined group and server scoping (#530 )
Co-authored-by: samanhappy <samanhappy@gmail.com>
2025-12-29 21:19:29 -05:00 · 2025-12-28 12:19:21 +08:00 · 2025-12-27 16:16:50 +08:00 · 2025-12-25 09:15:07 +08:00 · 2025-12-20 12:16:09 +08:00 · 2025-12-17 18:34:07 +08:00
36 changed files with 822 additions and 251 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -76,7 +76,7 @@ jobs:

  #   services:
  #     postgres:
-  #       image: postgres:15
+  #       image: pgvector/pgvector:pg17
  #       env:
  #         POSTGRES_PASSWORD: postgres
  #         POSTGRES_DB: mcphub_test
--- a/docker-compose.db.yml
+++ b/docker-compose.db.yml
@@ -3,7 +3,7 @@ version: "3.8"
 services:
  # PostgreSQL database for MCPHub configuration
  postgres:
-    image: postgres:16-alpine
+    image: pgvector/pgvector:pg17-alpine
    container_name: mcphub-postgres
    environment:
      POSTGRES_DB: mcphub
--- a/docs/configuration/database-configuration.mdx
+++ b/docs/configuration/database-configuration.mdx
@@ -59,7 +59,7 @@ version: '3.8'

 services:
  postgres:
-    image: postgres:16
+    image: pgvector/pgvector:pg17
    environment:
      POSTGRES_DB: mcphub
      POSTGRES_USER: mcphub
--- a/docs/configuration/docker-setup.mdx
+++ b/docs/configuration/docker-setup.mdx
@@ -119,7 +119,7 @@ services:
      - mcphub-network

  postgres:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-postgres
    environment:
      - POSTGRES_DB=mcphub
@@ -203,7 +203,7 @@ services:
      retries: 3

  postgres:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-postgres
    environment:
      - POSTGRES_DB=mcphub
@@ -305,7 +305,7 @@ services:
      - mcphub-dev

  postgres:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-postgres-dev
    environment:
      - POSTGRES_DB=mcphub
@@ -445,7 +445,7 @@ Add backup service to your `docker-compose.yml`:
 ```yaml
 services:
  backup:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-backup
    environment:
      - PGPASSWORD=${POSTGRES_PASSWORD}
--- a/docs/features/smart-routing.mdx
+++ b/docs/features/smart-routing.mdx
@@ -78,7 +78,7 @@ Smart Routing requires additional setup compared to basic MCPHub usage:
          - ./mcp_settings.json:/app/mcp_settings.json

      postgres:
-        image: pgvector/pgvector:pg16
+        image: pgvector/pgvector:pg17
        environment:
          - POSTGRES_DB=mcphub
          - POSTGRES_USER=mcphub
@@ -146,7 +146,7 @@ Smart Routing requires additional setup compared to basic MCPHub usage:
        spec:
          containers:
          - name: postgres
-            image: pgvector/pgvector:pg16
+            image: pgvector/pgvector:pg17
            env:
            - name: POSTGRES_DB
              value: mcphub
--- a/docs/installation.mdx
+++ b/docs/installation.mdx
@@ -96,7 +96,7 @@ Optional for Smart Routing:

      # Optional: PostgreSQL for Smart Routing
      postgres:
-        image: pgvector/pgvector:pg16
+        image: pgvector/pgvector:pg17
        environment:
          POSTGRES_DB: mcphub
          POSTGRES_USER: mcphub
--- a/docs/zh/configuration/database-configuration.mdx
+++ b/docs/zh/configuration/database-configuration.mdx
@@ -59,7 +59,7 @@ version: '3.8'

 services:
  postgres:
-    image: postgres:16
+    image: pgvector/pgvector:pg17
    environment:
      POSTGRES_DB: mcphub
      POSTGRES_USER: mcphub
--- a/docs/zh/configuration/docker-setup.mdx
+++ b/docs/zh/configuration/docker-setup.mdx
@@ -119,7 +119,7 @@ services:
      - mcphub-network

  postgres:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-postgres
    environment:
      - POSTGRES_DB=mcphub
@@ -203,7 +203,7 @@ services:
      retries: 3

  postgres:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-postgres
    environment:
      - POSTGRES_DB=mcphub
@@ -305,7 +305,7 @@ services:
      - mcphub-dev

  postgres:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-postgres-dev
    environment:
      - POSTGRES_DB=mcphub
@@ -445,7 +445,7 @@ secrets:
 ```yaml
 services:
  backup:
-    image: postgres:15-alpine
+    image: pgvector/pgvector:pg17
    container_name: mcphub-backup
    environment:
      - PGPASSWORD=${POSTGRES_PASSWORD}
--- a/docs/zh/installation.mdx
+++ b/docs/zh/installation.mdx
@@ -96,7 +96,7 @@ description: '各种平台的详细安装说明'

      # 可选：用于智能路由的 PostgreSQL
      postgres:
-        image: pgvector/pgvector:pg16
+        image: pgvector/pgvector:pg17
        environment:
          POSTGRES_DB: mcphub
          POSTGRES_USER: mcphub
--- a/frontend/src/components/ServerForm.tsx
+++ b/frontend/src/components/ServerForm.tsx
@@ -375,6 +375,7 @@ const ServerForm = ({
              ? {
                  url: formData.url,
                  ...(Object.keys(headers).length > 0 ? { headers } : {}),
+                  ...(Object.keys(env).length > 0 ? { env } : {}),
                  ...(oauthConfig ? { oauth: oauthConfig } : {}),
                }
              : {
@@ -978,6 +979,49 @@ const ServerForm = ({
              ))}
            </div>

+            <div className="mb-4">
+              <div className="flex justify-between items-center mb-2">
+                <label className="block text-gray-700 text-sm font-bold">
+                  {t('server.envVars')}
+                </label>
+                <button
+                  type="button"
+                  onClick={addEnvVar}
+                  className="bg-gray-200 hover:bg-gray-300 text-gray-700 font-medium py-1 px-2 rounded text-sm flex items-center justify-center min-w-[30px] min-h-[30px] btn-primary"
+                >
+                  +
+                </button>
+              </div>
+              {envVars.map((envVar, index) => (
+                <div key={index} className="flex items-center mb-2">
+                  <div className="flex items-center space-x-2 flex-grow">
+                    <input
+                      type="text"
+                      value={envVar.key}
+                      onChange={(e) => handleEnvVarChange(index, 'key', e.target.value)}
+                      className="shadow appearance-none border rounded py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline w-1/2 form-input"
+                      placeholder={t('server.key')}
+                    />
+                    <span className="flex items-center">:</span>
+                    <input
+                      type="text"
+                      value={envVar.value}
+                      onChange={(e) => handleEnvVarChange(index, 'value', e.target.value)}
+                      className="shadow appearance-none border rounded py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline w-1/2 form-input"
+                      placeholder={t('server.value')}
+                    />
+                  </div>
+                  <button
+                    type="button"
+                    onClick={() => removeEnvVar(index)}
+                    className="bg-gray-200 hover:bg-gray-300 text-gray-700 font-medium py-1 px-2 rounded text-sm flex items-center justify-center min-w-[30px] min-h-[30px] ml-2 btn-danger"
+                  >
+                    -
+                  </button>
+                </div>
+              ))}
+            </div>
+
            <div className="mb-4">
              <div
                className="flex items-center justify-between cursor-pointer bg-gray-50 hover:bg-gray-100 p-3 rounded border border-gray-200"
--- a/frontend/src/contexts/AuthContext.tsx
+++ b/frontend/src/contexts/AuthContext.tsx
@@ -14,14 +14,17 @@ const initialState: AuthState = {
 // Create auth context
 const AuthContext = createContext<{
  auth: AuthState;
-  login: (username: string, password: string) => Promise<{ success: boolean; isUsingDefaultPassword?: boolean }>;
+  login: (
+    username: string,
+    password: string,
+  ) => Promise<{ success: boolean; isUsingDefaultPassword?: boolean; message?: string }>;
  register: (username: string, password: string, isAdmin?: boolean) => Promise<boolean>;
  logout: () => void;
 }>({
  auth: initialState,
  login: async () => ({ success: false }),
  register: async () => false,
-  logout: () => { },
+  logout: () => {},
 });

 // Auth provider component
@@ -90,7 +93,10 @@ export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) =>
  }, []);

  // Login function
-  const login = async (username: string, password: string): Promise<{ success: boolean; isUsingDefaultPassword?: boolean }> => {
+  const login = async (
+    username: string,
+    password: string,
+  ): Promise<{ success: boolean; isUsingDefaultPassword?: boolean; message?: string }> => {
    try {
      const response = await authService.login({ username, password });

@@ -111,7 +117,7 @@ export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) =>
          loading: false,
          error: response.message || 'Authentication failed',
        });
-        return { success: false };
+        return { success: false, message: response.message };
      }
    } catch (error) {
      setAuth({
@@ -119,7 +125,7 @@ export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) =>
        loading: false,
        error: 'Authentication failed',
      });
-      return { success: false };
+      return { success: false, message: error instanceof Error ? error.message : undefined };
    }
  };

@@ -127,7 +133,7 @@ export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) =>
  const register = async (
    username: string,
    password: string,
-    isAdmin = false
+    isAdmin = false,
  ): Promise<boolean> => {
    try {
      const response = await authService.register({ username, password, isAdmin });
@@ -175,4 +181,4 @@ export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) =>
 };

 // Custom hook to use auth context
-export const useAuth = () => useContext(AuthContext);
+export const useAuth = () => useContext(AuthContext);
--- a/frontend/src/contexts/SettingsContext.tsx
+++ b/frontend/src/contexts/SettingsContext.tsx
@@ -9,6 +9,7 @@ import React, {
 import { useTranslation } from 'react-i18next';
 import { ApiResponse, BearerKey } from '@/types';
 import { useToast } from '@/contexts/ToastContext';
+import { useAuth } from '@/contexts/AuthContext';
 import { apiGet, apiPut, apiPost, apiDelete } from '@/utils/fetchInterceptor';

 // Define types for the settings data
@@ -153,6 +154,7 @@ interface SettingsProviderProps {
 export const SettingsProvider: React.FC<SettingsProviderProps> = ({ children }) => {
  const { t } = useTranslation();
  const { showToast } = useToast();
+  const { auth } = useAuth();

  const [routingConfig, setRoutingConfig] = useState<RoutingConfig>({
    enableGlobalRoute: true,
@@ -746,6 +748,15 @@ export const SettingsProvider: React.FC<SettingsProviderProps> = ({ children })
    fetchSettings();
  }, [fetchSettings, refreshKey]);

+  // Watch for authentication status changes - refetch settings after login
+  useEffect(() => {
+    if (auth.isAuthenticated) {
+      console.log('[SettingsContext] User authenticated, triggering settings refresh');
+      // When user logs in, trigger a refresh to load settings
+      triggerRefresh();
+    }
+  }, [auth.isAuthenticated, triggerRefresh]);
+
  useEffect(() => {
    if (routingConfig) {
      setTempRoutingConfig({
--- a/frontend/src/pages/LoginPage.tsx
+++ b/frontend/src/pages/LoginPage.tsx
@@ -44,6 +44,24 @@ const LoginPage: React.FC = () => {
    return sanitizeReturnUrl(params.get('returnUrl'));
  }, [location.search]);

+  const isServerUnavailableError = useCallback((message?: string) => {
+    if (!message) return false;
+    const normalized = message.toLowerCase();
+
+    return (
+      normalized.includes('failed to fetch') ||
+      normalized.includes('networkerror') ||
+      normalized.includes('network error') ||
+      normalized.includes('connection refused') ||
+      normalized.includes('unable to connect') ||
+      normalized.includes('fetch error') ||
+      normalized.includes('econnrefused') ||
+      normalized.includes('http 500') ||
+      normalized.includes('internal server error') ||
+      normalized.includes('proxy error')
+    );
+  }, []);
+
  const buildRedirectTarget = useCallback(() => {
    if (!returnUrl) {
      return '/';
@@ -100,10 +118,20 @@ const LoginPage: React.FC = () => {
          redirectAfterLogin();
        }
      } else {
-        setError(t('auth.loginFailed'));
+        const message = result.message;
+        if (isServerUnavailableError(message)) {
+          setError(t('auth.serverUnavailable'));
+        } else {
+          setError(t('auth.loginFailed'));
+        }
      }
    } catch (err) {
-      setError(t('auth.loginError'));
+      const message = err instanceof Error ? err.message : undefined;
+      if (isServerUnavailableError(message)) {
+        setError(t('auth.serverUnavailable'));
+      } else {
+        setError(t('auth.loginError'));
+      }
    } finally {
      setLoading(false);
    }
@@ -131,13 +159,21 @@ const LoginPage: React.FC = () => {
        }}
      />
      <div className="pointer-events-none absolute inset-0 -z-10">
-        <svg className="h-full w-full opacity-[0.08] dark:opacity-[0.12]" xmlns="http://www.w3.org/2000/svg">
+        <svg
+          className="h-full w-full opacity-[0.08] dark:opacity-[0.12]"
+          xmlns="http://www.w3.org/2000/svg"
+        >
          <defs>
            <pattern id="grid" width="32" height="32" patternUnits="userSpaceOnUse">
              <path d="M 32 0 L 0 0 0 32" fill="none" stroke="currentColor" strokeWidth="0.5" />
            </pattern>
          </defs>
-          <rect width="100%" height="100%" fill="url(#grid)" className="text-gray-400 dark:text-gray-300" />
+          <rect
+            width="100%"
+            height="100%"
+            fill="url(#grid)"
+            className="text-gray-400 dark:text-gray-300"
+          />
        </svg>
      </div>

--- a/frontend/src/pages/SettingsPage.tsx
+++ b/frontend/src/pages/SettingsPage.tsx
@@ -25,7 +25,7 @@ interface BearerKeyRowProps {
      name: string;
      token: string;
      enabled: boolean;
-      accessType: 'all' | 'groups' | 'servers';
+      accessType: 'all' | 'groups' | 'servers' | 'custom';
      allowedGroups: string;
      allowedServers: string;
    },
@@ -47,7 +47,7 @@ const BearerKeyRow: React.FC<BearerKeyRowProps> = ({
  const [name, setName] = useState(keyData.name);
  const [token, setToken] = useState(keyData.token);
  const [enabled, setEnabled] = useState<boolean>(keyData.enabled);
-  const [accessType, setAccessType] = useState<'all' | 'groups' | 'servers'>(
+  const [accessType, setAccessType] = useState<'all' | 'groups' | 'servers' | 'custom'>(
    keyData.accessType || 'all',
  );
  const [selectedGroups, setSelectedGroups] = useState<string[]>(keyData.allowedGroups || []);
@@ -105,6 +105,13 @@ const BearerKeyRow: React.FC<BearerKeyRowProps> = ({
      );
      return;
    }
+    if (accessType === 'custom' && selectedGroups.length === 0 && selectedServers.length === 0) {
+      showToast(
+        t('settings.selectAtLeastOneGroupOrServer') || 'Please select at least one group or server',
+        'error',
+      );
+      return;
+    }

    setSaving(true);
    try {
@@ -135,6 +142,31 @@ const BearerKeyRow: React.FC<BearerKeyRowProps> = ({
  };

  const isGroupsMode = accessType === 'groups';
+  const isCustomMode = accessType === 'custom';
+
+  // Helper function to format access type display text
+  const formatAccessTypeDisplay = (key: BearerKey): string => {
+    if (key.accessType === 'all') {
+      return t('settings.bearerKeyAccessAll') || 'All Resources';
+    }
+    if (key.accessType === 'groups') {
+      return `${t('settings.bearerKeyAccessGroups') || 'Groups'}: ${key.allowedGroups}`;
+    }
+    if (key.accessType === 'servers') {
+      return `${t('settings.bearerKeyAccessServers') || 'Servers'}: ${key.allowedServers}`;
+    }
+    if (key.accessType === 'custom') {
+      const parts: string[] = [];
+      if (key.allowedGroups && key.allowedGroups.length > 0) {
+        parts.push(`${t('settings.bearerKeyAccessGroups') || 'Groups'}: ${key.allowedGroups}`);
+      }
+      if (key.allowedServers && key.allowedServers.length > 0) {
+        parts.push(`${t('settings.bearerKeyAccessServers') || 'Servers'}: ${key.allowedServers}`);
+      }
+      return `${t('settings.bearerKeyAccessCustom') || 'Custom'}: ${parts.join('; ')}`;
+    }
+    return '';
+  };

  if (isEditing) {
    return (
@@ -194,7 +226,9 @@ const BearerKeyRow: React.FC<BearerKeyRowProps> = ({
                <select
                  className="block w-full py-2 px-3 border border-gray-300 bg-white rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500 sm:text-sm form-select transition-shadow duration-200"
                  value={accessType}
-                  onChange={(e) => setAccessType(e.target.value as 'all' | 'groups' | 'servers')}
+                  onChange={(e) =>
+                    setAccessType(e.target.value as 'all' | 'groups' | 'servers' | 'custom')
+                  }
                  disabled={loading}
                >
                  <option value="all">{t('settings.bearerKeyAccessAll') || 'All Resources'}</option>
@@ -204,29 +238,65 @@ const BearerKeyRow: React.FC<BearerKeyRowProps> = ({
                  <option value="servers">
                    {t('settings.bearerKeyAccessServers') || 'Specific Servers'}
                  </option>
+                  <option value="custom">
+                    {t('settings.bearerKeyAccessCustom') || 'Custom (Groups & Servers)'}
+                  </option>
                </select>
              </div>

-              <div className="flex-1 min-w-[200px]">
-                <label
-                  className={`block text-sm font-medium mb-1 ${accessType === 'all' ? 'text-gray-400' : 'text-gray-700'}`}
-                >
-                  {isGroupsMode
-                    ? t('settings.bearerKeyAllowedGroups') || 'Allowed groups'
-                    : t('settings.bearerKeyAllowedServers') || 'Allowed servers'}
-                </label>
-                <MultiSelect
-                  options={isGroupsMode ? availableGroups : availableServers}
-                  selected={isGroupsMode ? selectedGroups : selectedServers}
-                  onChange={isGroupsMode ? setSelectedGroups : setSelectedServers}
-                  placeholder={
-                    isGroupsMode
-                      ? t('settings.selectGroups') || 'Select groups...'
-                      : t('settings.selectServers') || 'Select servers...'
-                  }
-                  disabled={loading || accessType === 'all'}
-                />
-              </div>
+              {/* Show single selector for groups or servers mode */}
+              {!isCustomMode && (
+                <div className="flex-1 min-w-[200px]">
+                  <label
+                    className={`block text-sm font-medium mb-1 ${accessType === 'all' ? 'text-gray-400' : 'text-gray-700'}`}
+                  >
+                    {isGroupsMode
+                      ? t('settings.bearerKeyAllowedGroups') || 'Allowed groups'
+                      : t('settings.bearerKeyAllowedServers') || 'Allowed servers'}
+                  </label>
+                  <MultiSelect
+                    options={isGroupsMode ? availableGroups : availableServers}
+                    selected={isGroupsMode ? selectedGroups : selectedServers}
+                    onChange={isGroupsMode ? setSelectedGroups : setSelectedServers}
+                    placeholder={
+                      isGroupsMode
+                        ? t('settings.selectGroups') || 'Select groups...'
+                        : t('settings.selectServers') || 'Select servers...'
+                    }
+                    disabled={loading || accessType === 'all'}
+                  />
+                </div>
+              )}
+
+              {/* Show both selectors for custom mode */}
+              {isCustomMode && (
+                <>
+                  <div className="flex-1 min-w-[200px]">
+                    <label className="block text-sm font-medium text-gray-700 mb-1">
+                      {t('settings.bearerKeyAllowedGroups') || 'Allowed groups'}
+                    </label>
+                    <MultiSelect
+                      options={availableGroups}
+                      selected={selectedGroups}
+                      onChange={setSelectedGroups}
+                      placeholder={t('settings.selectGroups') || 'Select groups...'}
+                      disabled={loading}
+                    />
+                  </div>
+                  <div className="flex-1 min-w-[200px]">
+                    <label className="block text-sm font-medium text-gray-700 mb-1">
+                      {t('settings.bearerKeyAllowedServers') || 'Allowed servers'}
+                    </label>
+                    <MultiSelect
+                      options={availableServers}
+                      selected={selectedServers}
+                      onChange={setSelectedServers}
+                      placeholder={t('settings.selectServers') || 'Select servers...'}
+                      disabled={loading}
+                    />
+                  </div>
+                </>
+              )}

              <div className="flex justify-end gap-2">
                <button
@@ -281,11 +351,7 @@ const BearerKeyRow: React.FC<BearerKeyRowProps> = ({
        </span>
      </td>
      <td className="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
-        {keyData.accessType === 'all'
-          ? t('settings.bearerKeyAccessAll') || 'All Resources'
-          : keyData.accessType === 'groups'
-            ? `${t('settings.bearerKeyAccessGroups') || 'Groups'}: ${keyData.allowedGroups}`
-            : `${t('settings.bearerKeyAccessServers') || 'Servers'}: ${keyData.allowedServers}`}
+        {formatAccessTypeDisplay(keyData)}
      </td>
      <td className="px-6 py-4 whitespace-nowrap text-right text-sm font-medium">
        <button
@@ -558,12 +624,6 @@ const SettingsPage: React.FC = () => {
    });
  };

-  const saveSmartRoutingConfig = async (
-    key: 'dbUrl' | 'openaiApiBaseUrl' | 'openaiApiKey' | 'openaiApiEmbeddingModel',
-  ) => {
-    await updateSmartRoutingConfig(key, tempSmartRoutingConfig[key]);
-  };
-
  const handleMCPRouterConfigChange = (
    key: 'apiKey' | 'referer' | 'title' | 'baseUrl',
    value: string,
@@ -705,6 +765,31 @@ const SettingsPage: React.FC = () => {
    }
  };

+  const handleSaveSmartRoutingConfig = async () => {
+    const updates: any = {};
+
+    if (tempSmartRoutingConfig.dbUrl !== smartRoutingConfig.dbUrl) {
+      updates.dbUrl = tempSmartRoutingConfig.dbUrl;
+    }
+    if (tempSmartRoutingConfig.openaiApiBaseUrl !== smartRoutingConfig.openaiApiBaseUrl) {
+      updates.openaiApiBaseUrl = tempSmartRoutingConfig.openaiApiBaseUrl;
+    }
+    if (tempSmartRoutingConfig.openaiApiKey !== smartRoutingConfig.openaiApiKey) {
+      updates.openaiApiKey = tempSmartRoutingConfig.openaiApiKey;
+    }
+    if (
+      tempSmartRoutingConfig.openaiApiEmbeddingModel !== smartRoutingConfig.openaiApiEmbeddingModel
+    ) {
+      updates.openaiApiEmbeddingModel = tempSmartRoutingConfig.openaiApiEmbeddingModel;
+    }
+
+    if (Object.keys(updates).length > 0) {
+      await updateSmartRoutingConfigBatch(updates);
+    } else {
+      showToast(t('settings.noChanges') || 'No changes to save', 'info');
+    }
+  };
+
  const handlePasswordChangeSuccess = () => {
    setTimeout(() => {
      navigate('/');
@@ -718,7 +803,7 @@ const SettingsPage: React.FC = () => {
    name: string;
    token: string;
    enabled: boolean;
-    accessType: 'all' | 'groups' | 'servers';
+    accessType: 'all' | 'groups' | 'servers' | 'custom';
    allowedGroups: string;
    allowedServers: string;
  }>({
@@ -746,10 +831,10 @@ const SettingsPage: React.FC = () => {

  // Reset selected arrays when accessType changes
  useEffect(() => {
-    if (newBearerKey.accessType !== 'groups') {
+    if (newBearerKey.accessType !== 'groups' && newBearerKey.accessType !== 'custom') {
      setNewSelectedGroups([]);
    }
-    if (newBearerKey.accessType !== 'servers') {
+    if (newBearerKey.accessType !== 'servers' && newBearerKey.accessType !== 'custom') {
      setNewSelectedServers([]);
    }
  }, [newBearerKey.accessType]);
@@ -847,6 +932,17 @@ const SettingsPage: React.FC = () => {
      );
      return;
    }
+    if (
+      newBearerKey.accessType === 'custom' &&
+      newSelectedGroups.length === 0 &&
+      newSelectedServers.length === 0
+    ) {
+      showToast(
+        t('settings.selectAtLeastOneGroupOrServer') || 'Please select at least one group or server',
+        'error',
+      );
+      return;
+    }

    await createBearerKey({
      name: newBearerKey.name,
@@ -854,11 +950,13 @@ const SettingsPage: React.FC = () => {
      enabled: newBearerKey.enabled,
      accessType: newBearerKey.accessType,
      allowedGroups:
-        newBearerKey.accessType === 'groups' && newSelectedGroups.length > 0
+        (newBearerKey.accessType === 'groups' || newBearerKey.accessType === 'custom') &&
+        newSelectedGroups.length > 0
          ? newSelectedGroups
          : undefined,
      allowedServers:
-        newBearerKey.accessType === 'servers' && newSelectedServers.length > 0
+        (newBearerKey.accessType === 'servers' || newBearerKey.accessType === 'custom') &&
+        newSelectedServers.length > 0
          ? newSelectedServers
          : undefined,
    } as any);
@@ -882,7 +980,7 @@ const SettingsPage: React.FC = () => {
      name: string;
      token: string;
      enabled: boolean;
-      accessType: 'all' | 'groups' | 'servers';
+      accessType: 'all' | 'groups' | 'servers' | 'custom';
      allowedGroups: string;
      allowedServers: string;
    },
@@ -1109,7 +1207,7 @@ const SettingsPage: React.FC = () => {
                          onChange={(e) =>
                            setNewBearerKey((prev) => ({
                              ...prev,
-                              accessType: e.target.value as 'all' | 'groups' | 'servers',
+                              accessType: e.target.value as 'all' | 'groups' | 'servers' | 'custom',
                            }))
                          }
                          disabled={loading}
@@ -1123,41 +1221,75 @@ const SettingsPage: React.FC = () => {
                          <option value="servers">
                            {t('settings.bearerKeyAccessServers') || 'Specific Servers'}
                          </option>
+                          <option value="custom">
+                            {t('settings.bearerKeyAccessCustom') || 'Custom (Groups & Servers)'}
+                          </option>
                        </select>
                      </div>

-                      <div className="flex-1 min-w-[200px]">
-                        <label
-                          className={`block text-sm font-medium mb-1 ${newBearerKey.accessType === 'all' ? 'text-gray-400' : 'text-gray-700'}`}
-                        >
-                          {newBearerKey.accessType === 'groups'
-                            ? t('settings.bearerKeyAllowedGroups') || 'Allowed groups'
-                            : t('settings.bearerKeyAllowedServers') || 'Allowed servers'}
-                        </label>
-                        <MultiSelect
-                          options={
-                            newBearerKey.accessType === 'groups'
-                              ? availableGroups
-                              : availableServers
-                          }
-                          selected={
-                            newBearerKey.accessType === 'groups'
-                              ? newSelectedGroups
-                              : newSelectedServers
-                          }
-                          onChange={
-                            newBearerKey.accessType === 'groups'
-                              ? setNewSelectedGroups
-                              : setNewSelectedServers
-                          }
-                          placeholder={
-                            newBearerKey.accessType === 'groups'
-                              ? t('settings.selectGroups') || 'Select groups...'
-                              : t('settings.selectServers') || 'Select servers...'
-                          }
-                          disabled={loading || newBearerKey.accessType === 'all'}
-                        />
-                      </div>
+                      {newBearerKey.accessType !== 'custom' && (
+                        <div className="flex-1 min-w-[200px]">
+                          <label
+                            className={`block text-sm font-medium mb-1 ${newBearerKey.accessType === 'all' ? 'text-gray-400' : 'text-gray-700'}`}
+                          >
+                            {newBearerKey.accessType === 'groups'
+                              ? t('settings.bearerKeyAllowedGroups') || 'Allowed groups'
+                              : t('settings.bearerKeyAllowedServers') || 'Allowed servers'}
+                          </label>
+                          <MultiSelect
+                            options={
+                              newBearerKey.accessType === 'groups'
+                                ? availableGroups
+                                : availableServers
+                            }
+                            selected={
+                              newBearerKey.accessType === 'groups'
+                                ? newSelectedGroups
+                                : newSelectedServers
+                            }
+                            onChange={
+                              newBearerKey.accessType === 'groups'
+                                ? setNewSelectedGroups
+                                : setNewSelectedServers
+                            }
+                            placeholder={
+                              newBearerKey.accessType === 'groups'
+                                ? t('settings.selectGroups') || 'Select groups...'
+                                : t('settings.selectServers') || 'Select servers...'
+                            }
+                            disabled={loading || newBearerKey.accessType === 'all'}
+                          />
+                        </div>
+                      )}
+
+                      {newBearerKey.accessType === 'custom' && (
+                        <>
+                          <div className="flex-1 min-w-[200px]">
+                            <label className="block text-sm font-medium text-gray-700 mb-1">
+                              {t('settings.bearerKeyAllowedGroups') || 'Allowed groups'}
+                            </label>
+                            <MultiSelect
+                              options={availableGroups}
+                              selected={newSelectedGroups}
+                              onChange={setNewSelectedGroups}
+                              placeholder={t('settings.selectGroups') || 'Select groups...'}
+                              disabled={loading}
+                            />
+                          </div>
+                          <div className="flex-1 min-w-[200px]">
+                            <label className="block text-sm font-medium text-gray-700 mb-1">
+                              {t('settings.bearerKeyAllowedServers') || 'Allowed servers'}
+                            </label>
+                            <MultiSelect
+                              options={availableServers}
+                              selected={newSelectedServers}
+                              onChange={setNewSelectedServers}
+                              placeholder={t('settings.selectServers') || 'Select servers...'}
+                              disabled={loading}
+                            />
+                          </div>
+                        </>
+                      )}

                      <div className="flex justify-end gap-2">
                        <button
@@ -1214,31 +1346,27 @@ const SettingsPage: React.FC = () => {
                />
              </div>

-              <div className="p-3 bg-gray-50 rounded-md">
-                <div className="mb-2">
-                  <h3 className="font-medium text-gray-700">
-                    <span className="text-red-500 px-1">*</span>
-                    {t('settings.dbUrl')}
-                  </h3>
+              {/* hide when DB_URL env is set */}
+              {smartRoutingConfig.dbUrl !== '${DB_URL}' && (
+                <div className="p-3 bg-gray-50 rounded-md">
+                  <div className="mb-2">
+                    <h3 className="font-medium text-gray-700">
+                      <span className="text-red-500 px-1">*</span>
+                      {t('settings.dbUrl')}
+                    </h3>
+                  </div>
+                  <div className="flex items-center gap-3">
+                    <input
+                      type="text"
+                      value={tempSmartRoutingConfig.dbUrl}
+                      onChange={(e) => handleSmartRoutingConfigChange('dbUrl', e.target.value)}
+                      placeholder={t('settings.dbUrlPlaceholder')}
+                      className="flex-1 mt-1 block w-full py-2 px-3 border rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500 sm:text-sm border-gray-300 form-input"
+                      disabled={loading}
+                    />
+                  </div>
                </div>
-                <div className="flex items-center gap-3">
-                  <input
-                    type="text"
-                    value={tempSmartRoutingConfig.dbUrl}
-                    onChange={(e) => handleSmartRoutingConfigChange('dbUrl', e.target.value)}
-                    placeholder={t('settings.dbUrlPlaceholder')}
-                    className="flex-1 mt-1 block w-full py-2 px-3 border rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500 sm:text-sm border-gray-300 form-input"
-                    disabled={loading}
-                  />
-                  <button
-                    onClick={() => saveSmartRoutingConfig('dbUrl')}
-                    disabled={loading}
-                    className="mt-1 px-4 py-2 bg-blue-600 hover:bg-blue-700 text-white rounded-md text-sm font-medium disabled:opacity-50 btn-primary"
-                  >
-                    {t('common.save')}
-                  </button>
-                </div>
-              </div>
+              )}

              <div className="p-3 bg-gray-50 rounded-md">
                <div className="mb-2">
@@ -1256,13 +1384,6 @@ const SettingsPage: React.FC = () => {
                    className="flex-1 mt-1 block w-full py-2 px-3 border rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500 sm:text-sm border-gray-300"
                    disabled={loading}
                  />
-                  <button
-                    onClick={() => saveSmartRoutingConfig('openaiApiKey')}
-                    disabled={loading}
-                    className="mt-1 px-4 py-2 bg-blue-600 hover:bg-blue-700 text-white rounded-md text-sm font-medium disabled:opacity-50 btn-primary"
-                  >
-                    {t('common.save')}
-                  </button>
                </div>
              </div>

@@ -1281,13 +1402,6 @@ const SettingsPage: React.FC = () => {
                    className="flex-1 mt-1 block w-full py-2 px-3 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500 sm:text-sm form-input"
                    disabled={loading}
                  />
-                  <button
-                    onClick={() => saveSmartRoutingConfig('openaiApiBaseUrl')}
-                    disabled={loading}
-                    className="mt-1 px-4 py-2 bg-blue-600 hover:bg-blue-700 text-white rounded-md text-sm font-medium disabled:opacity-50 btn-primary"
-                  >
-                    {t('common.save')}
-                  </button>
                </div>
              </div>

@@ -1308,15 +1422,18 @@ const SettingsPage: React.FC = () => {
                    className="flex-1 mt-1 block w-full py-2 px-3 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500 sm:text-sm form-input"
                    disabled={loading}
                  />
-                  <button
-                    onClick={() => saveSmartRoutingConfig('openaiApiEmbeddingModel')}
-                    disabled={loading}
-                    className="mt-1 px-4 py-2 bg-blue-600 hover:bg-blue-700 text-white rounded-md text-sm font-medium disabled:opacity-50 btn-primary"
-                  >
-                    {t('common.save')}
-                  </button>
                </div>
              </div>
+
+              <div className="flex justify-end pt-2">
+                <button
+                  onClick={handleSaveSmartRoutingConfig}
+                  disabled={loading}
+                  className="px-4 py-2 bg-blue-600 hover:bg-blue-700 text-white rounded-md text-sm font-medium disabled:opacity-50 btn-primary"
+                >
+                  {t('common.save')}
+                </button>
+              </div>
            </div>
          )}
        </div>
--- a/frontend/src/services/authService.ts
+++ b/frontend/src/services/authService.ts
@@ -29,7 +29,7 @@ export const login = async (credentials: LoginCredentials): Promise<AuthResponse
    console.error('Login error:', error);
    return {
      success: false,
-      message: 'An error occurred during login',
+      message: error instanceof Error ? error.message : 'An error occurred during login',
    };
  }
 };
--- a/frontend/src/types/index.ts
+++ b/frontend/src/types/index.ts
@@ -310,7 +310,7 @@ export interface ApiResponse<T = any> {
 }

 // Bearer authentication key configuration (frontend view model)
-export type BearerKeyAccessType = 'all' | 'groups' | 'servers';
+export type BearerKeyAccessType = 'all' | 'groups' | 'servers' | 'custom';

 export interface BearerKey {
  id: string;
--- a/locales/en.json
+++ b/locales/en.json
@@ -61,6 +61,7 @@
    "emptyFields": "Username and password cannot be empty",
    "loginFailed": "Login failed, please check your username and password",
    "loginError": "An error occurred during login",
+    "serverUnavailable": "Unable to connect to the server. Please check your network connection or try again later",
    "currentPassword": "Current Password",
    "newPassword": "New Password",
    "confirmPassword": "Confirm Password",
@@ -567,6 +568,7 @@
    "bearerKeyAccessAll": "All",
    "bearerKeyAccessGroups": "Groups",
    "bearerKeyAccessServers": "Servers",
+    "bearerKeyAccessCustom": "Custom",
    "bearerKeyAllowedGroups": "Allowed groups",
    "bearerKeyAllowedServers": "Allowed servers",
    "addBearerKey": "Add key",
--- a/locales/fr.json
+++ b/locales/fr.json
@@ -61,6 +61,7 @@
    "emptyFields": "Le nom d'utilisateur et le mot de passe ne peuvent pas être vides",
    "loginFailed": "Échec de la connexion, veuillez vérifier votre nom d'utilisateur et votre mot de passe",
    "loginError": "Une erreur est survenue lors de la connexion",
+    "serverUnavailable": "Impossible de se connecter au serveur. Veuillez vérifier votre connexion réseau ou réessayer plus tard",
    "currentPassword": "Mot de passe actuel",
    "newPassword": "Nouveau mot de passe",
    "confirmPassword": "Confirmer le mot de passe",
@@ -568,6 +569,7 @@
    "bearerKeyAccessAll": "Toutes",
    "bearerKeyAccessGroups": "Groupes",
    "bearerKeyAccessServers": "Serveurs",
+    "bearerKeyAccessCustom": "Personnalisée",
    "bearerKeyAllowedGroups": "Groupes autorisés",
    "bearerKeyAllowedServers": "Serveurs autorisés",
    "addBearerKey": "Ajouter une clé",
--- a/locales/tr.json
+++ b/locales/tr.json
@@ -61,6 +61,7 @@
    "emptyFields": "Kullanıcı adı ve şifre boş olamaz",
    "loginFailed": "Giriş başarısız, lütfen kullanıcı adınızı ve şifrenizi kontrol edin",
    "loginError": "Giriş sırasında bir hata oluştu",
+    "serverUnavailable": "Sunucuya bağlanılamıyor. Lütfen ağ bağlantınızı kontrol edin veya daha sonra tekrar deneyin",
    "currentPassword": "Mevcut Şifre",
    "newPassword": "Yeni Şifre",
    "confirmPassword": "Şifreyi Onayla",
@@ -568,6 +569,7 @@
    "bearerKeyAccessAll": "Tümü",
    "bearerKeyAccessGroups": "Gruplar",
    "bearerKeyAccessServers": "Sunucular",
+    "bearerKeyAccessCustom": "Özel",
    "bearerKeyAllowedGroups": "İzin verilen gruplar",
    "bearerKeyAllowedServers": "İzin verilen sunucular",
    "addBearerKey": "Anahtar ekle",
--- a/locales/zh.json
+++ b/locales/zh.json
@@ -61,6 +61,7 @@
    "emptyFields": "用户名和密码不能为空",
    "loginFailed": "登录失败，请检查用户名和密码",
    "loginError": "登录过程中出现错误",
+    "serverUnavailable": "无法连接到服务器，请检查网络连接或稍后再试",
    "currentPassword": "当前密码",
    "newPassword": "新密码",
    "confirmPassword": "确认密码",
@@ -569,6 +570,7 @@
    "bearerKeyAccessAll": "全部",
    "bearerKeyAccessGroups": "指定分组",
    "bearerKeyAccessServers": "指定服务器",
+    "bearerKeyAccessCustom": "自定义",
    "bearerKeyAllowedGroups": "允许访问的分组",
    "bearerKeyAllowedServers": "允许访问的服务器",
    "addBearerKey": "新增密钥",
--- a/package.json
+++ b/package.json
@@ -73,6 +73,7 @@
    "postgres": "^3.4.7",
    "reflect-metadata": "^0.2.2",
    "typeorm": "^0.3.26",
+    "undici": "^7.16.0",
    "uuid": "^11.1.0"
  },
  "devDependencies": {
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -99,6 +99,9 @@ importers:
      typeorm:
        specifier: ^0.3.26
        version: 0.3.27(pg@8.16.3)(reflect-metadata@0.2.2)(ts-node@10.9.2(@swc/core@1.15.3)(@types/node@24.6.2)(typescript@5.9.2))
+      undici:
+        specifier: ^7.16.0
+        version: 7.16.0
      uuid:
        specifier: ^11.1.0
        version: 11.1.0
@@ -4431,6 +4434,10 @@ packages:
  undici-types@7.13.0:
    resolution: {integrity: sha512-Ov2Rr9Sx+fRgagJ5AX0qvItZG/JKKoBRAVITs1zk7IqZGTJUwgUr7qoYBpWwakpWilTZFM98rG/AFRocu10iIQ==}

+  undici@7.16.0:
+    resolution: {integrity: sha512-QEg3HPMll0o3t2ourKwOeUAZ159Kn9mx5pnzHRQO8+Wixmh88YdZRiIwat0iNzNNXn0yoEtXJqFpyW7eM8BV7g==}
+    engines: {node: '>=20.18.1'}
+
  universalify@2.0.1:
    resolution: {integrity: sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==}
    engines: {node: '>= 10.0.0'}
@@ -8946,6 +8953,8 @@ snapshots:

  undici-types@7.13.0: {}

+  undici@7.16.0: {}
+
  universalify@2.0.1: {}

  unpipe@1.0.0: {}
--- a/src/controllers/bearerKeyController.ts
+++ b/src/controllers/bearerKeyController.ts
@@ -57,7 +57,7 @@ export const createBearerKey = async (req: Request, res: Response): Promise<void
      return;
    }

-    if (!accessType || !['all', 'groups', 'servers'].includes(accessType)) {
+    if (!accessType || !['all', 'groups', 'servers', 'custom'].includes(accessType)) {
      res.status(400).json({ success: false, message: 'Invalid accessType' });
      return;
    }
@@ -104,7 +104,7 @@ export const updateBearerKey = async (req: Request, res: Response): Promise<void
    if (token !== undefined) updates.token = token;
    if (enabled !== undefined) updates.enabled = enabled;
    if (accessType !== undefined) {
-      if (!['all', 'groups', 'servers'].includes(accessType)) {
+      if (!['all', 'groups', 'servers', 'custom'].includes(accessType)) {
        res.status(400).json({ success: false, message: 'Invalid accessType' });
        return;
      }
--- a/src/controllers/serverController.ts
+++ b/src/controllers/serverController.ts
@@ -66,6 +66,20 @@ export const getAllSettings = async (_: Request, res: Response): Promise<void> =
    const systemConfigDao = getSystemConfigDao();
    const systemConfig = await systemConfigDao.get();

+    // Ensure smart routing config has DB URL set if environment variable is present
+    const dbUrlEnv = process.env.DB_URL || '';
+    if (!systemConfig.smartRouting) {
+      systemConfig.smartRouting = {
+        enabled: false,
+        dbUrl: dbUrlEnv ? '${DB_URL}' : '',
+        openaiApiBaseUrl: '',
+        openaiApiKey: '',
+        openaiApiEmbeddingModel: '',
+      };
+    } else if (!systemConfig.smartRouting.dbUrl) {
+      systemConfig.smartRouting.dbUrl = dbUrlEnv ? '${DB_URL}' : '';
+    }
+
    // Get bearer auth keys from DAO
    const bearerKeyDao = getBearerKeyDao();
    const bearerKeys = await bearerKeyDao.findAll();
@@ -978,7 +992,8 @@ export const updateSystemConfig = async (req: Request, res: Response): Promise<v
      if (typeof smartRouting.enabled === 'boolean') {
        // If enabling Smart Routing, validate required fields
        if (smartRouting.enabled) {
-          const currentDbUrl = smartRouting.dbUrl || systemConfig.smartRouting.dbUrl;
+          const currentDbUrl =
+            process.env.DB_URL || smartRouting.dbUrl || systemConfig.smartRouting.dbUrl;
          const currentOpenaiApiKey =
            smartRouting.openaiApiKey || systemConfig.smartRouting.openaiApiKey;

--- a/src/dao/BearerKeyDao.ts
+++ b/src/dao/BearerKeyDao.ts
@@ -24,7 +24,10 @@ export class BearerKeyDaoImpl extends JsonFileBaseDao implements BearerKeyDao {
  private async loadKeysWithMigration(): Promise<BearerKey[]> {
    const settings = await this.loadSettings();

-    if (Array.isArray(settings.bearerKeys) && settings.bearerKeys.length > 0) {
+    // Treat an existing array (including an empty array) as already migrated.
+    // Otherwise, when there are no configured keys, we'd rewrite mcp_settings.json
+    // on every request, which also clears the global settings cache.
+    if (Array.isArray(settings.bearerKeys)) {
      return settings.bearerKeys;
    }

--- a/src/db/connection.ts
+++ b/src/db/connection.ts
@@ -25,39 +25,44 @@ const createRequiredExtensions = async (dataSource: DataSource): Promise<void> =
 };

 // Get database URL from smart routing config or fallback to environment variable
-const getDatabaseUrl = (): string => {
-  return getSmartRoutingConfig().dbUrl;
+const getDatabaseUrl = async (): Promise<string> => {
+  return (await getSmartRoutingConfig()).dbUrl;
 };

-// Default database configuration
-const defaultConfig: DataSourceOptions = {
-  type: 'postgres',
-  url: getDatabaseUrl(),
-  synchronize: true,
-  entities: entities,
-  subscribers: [VectorEmbeddingSubscriber],
+// Default database configuration (without URL - will be set during initialization)
+const getDefaultConfig = async (): Promise<DataSourceOptions> => {
+  return {
+    type: 'postgres',
+    url: await getDatabaseUrl(),
+    synchronize: true,
+    entities: entities,
+    subscribers: [VectorEmbeddingSubscriber],
+  };
 };

-// AppDataSource is the TypeORM data source
-let appDataSource = new DataSource(defaultConfig);
+// AppDataSource is the TypeORM data source (initialized with empty config, will be updated)
+let appDataSource: DataSource | null = null;

 // Global promise to track initialization status
 let initializationPromise: Promise<DataSource> | null = null;

 // Function to create a new DataSource with updated configuration
-export const updateDataSourceConfig = (): DataSource => {
-  const newConfig: DataSourceOptions = {
-    ...defaultConfig,
-    url: getDatabaseUrl(),
-  };
+export const updateDataSourceConfig = async (): Promise<DataSource> => {
+  const newConfig = await getDefaultConfig();

  // If the configuration has changed, we need to create a new DataSource
-  const currentUrl = (appDataSource.options as any).url;
-  if (currentUrl !== newConfig.url) {
-    console.log('Database URL configuration changed, updating DataSource...');
+  if (appDataSource) {
+    const currentUrl = (appDataSource.options as any).url;
+    const newUrl = (newConfig as any).url;
+    if (currentUrl !== newUrl) {
+      console.log('Database URL configuration changed, updating DataSource...');
+      appDataSource = new DataSource(newConfig);
+      // Reset initialization promise when configuration changes
+      initializationPromise = null;
+    }
+  } else {
+    // First time initialization
    appDataSource = new DataSource(newConfig);
-    // Reset initialization promise when configuration changes
-    initializationPromise = null;
  }

  return appDataSource;
@@ -65,6 +70,9 @@ export const updateDataSourceConfig = (): DataSource => {

 // Get the current AppDataSource instance
 export const getAppDataSource = (): DataSource => {
+  if (!appDataSource) {
+    throw new Error('Database not initialized. Call initializeDatabase() first.');
+  }
  return appDataSource;
 };

@@ -72,7 +80,7 @@ export const getAppDataSource = (): DataSource => {
 export const reconnectDatabase = async (): Promise<DataSource> => {
  try {
    // Close existing connection if it exists
-    if (appDataSource.isInitialized) {
+    if (appDataSource && appDataSource.isInitialized) {
      console.log('Closing existing database connection...');
      await appDataSource.destroy();
    }
@@ -81,7 +89,7 @@ export const reconnectDatabase = async (): Promise<DataSource> => {
    initializationPromise = null;

    // Update configuration and reconnect
-    appDataSource = updateDataSourceConfig();
+    appDataSource = await updateDataSourceConfig();
    return await initializeDatabase();
  } catch (error) {
    console.error('Error during database reconnection:', error);
@@ -98,7 +106,7 @@ export const initializeDatabase = async (): Promise<DataSource> => {
  }

  // If already initialized, return the existing instance
-  if (appDataSource.isInitialized) {
+  if (appDataSource && appDataSource.isInitialized) {
    console.log('Database already initialized, returning existing instance');
    return Promise.resolve(appDataSource);
  }
@@ -122,7 +130,7 @@ export const initializeDatabase = async (): Promise<DataSource> => {
 const performDatabaseInitialization = async (): Promise<DataSource> => {
  try {
    // Update configuration before initializing
-    appDataSource = updateDataSourceConfig();
+    appDataSource = await updateDataSourceConfig();

    if (!appDataSource.isInitialized) {
      console.log('Initializing database connection...');
@@ -250,7 +258,8 @@ const performDatabaseInitialization = async (): Promise<DataSource> => {
      console.log('Database connection established successfully.');

      // Run one final setup check after schema synchronization is done
-      if (defaultConfig.synchronize) {
+      const config = await getDefaultConfig();
+      if (config.synchronize) {
        try {
          console.log('Running final vector configuration check...');

@@ -325,12 +334,12 @@ const performDatabaseInitialization = async (): Promise<DataSource> => {

 // Get database connection status
 export const isDatabaseConnected = (): boolean => {
-  return appDataSource.isInitialized;
+  return appDataSource ? appDataSource.isInitialized : false;
 };

 // Close database connection
 export const closeDatabase = async (): Promise<void> => {
-  if (appDataSource.isInitialized) {
+  if (appDataSource && appDataSource.isInitialized) {
    await appDataSource.destroy();
    console.log('Database connection closed.');
  }
--- a/src/db/entities/BearerKey.ts
+++ b/src/db/entities/BearerKey.ts
@@ -25,7 +25,7 @@ export class BearerKey {
  enabled: boolean;

  @Column({ type: 'varchar', length: 20, default: 'all' })
-  accessType: 'all' | 'groups' | 'servers';
+  accessType: 'all' | 'groups' | 'servers' | 'custom';

  @Column({ type: 'simple-json', nullable: true })
  allowedGroups?: string[];
--- a/src/services/keepAliveService.ts
+++ b/src/services/keepAliveService.ts
@@ -48,7 +48,9 @@ export const setupClientKeepAlive = async (
          await (serverInfo.client as any).ping();
          console.log(`Keep-alive ping successful for server: ${serverInfo.name}`);
        } else {
-          await serverInfo.client.listTools({ timeout: 5000 }).catch(() => void 0);
+          await serverInfo.client
+            .listTools({}, { ...(serverInfo.options || {}), timeout: 5000 })
+            .catch(() => void 0);
        }
      }
    } catch (error) {
--- a/src/services/mcpOAuthProvider.ts
+++ b/src/services/mcpOAuthProvider.ts
@@ -325,7 +325,7 @@ export class MCPHubOAuthProvider implements OAuthClientProvider {
      return;
    }

-    console.log(`Saving OAuth tokens for server: ${this.serverName}`);
+    console.log(`Saving OAuth tokens: ${JSON.stringify(tokens)} for server: ${this.serverName}`);

    const updatedConfig = await persistTokens(this.serverName, {
      accessToken: tokens.access_token,
--- a/src/services/mcpService.ts
+++ b/src/services/mcpService.ts
@@ -14,6 +14,7 @@ import {
  StreamableHTTPClientTransport,
  StreamableHTTPClientTransportOptions,
 } from '@modelcontextprotocol/sdk/client/streamableHttp.js';
+import { createFetchWithProxy, getProxyConfigFromEnv } from './proxy.js';
 import { ServerInfo, ServerConfig, Tool } from '../types/index.js';
 import { expandEnvVars, replaceEnvVars, getNameSeparator } from '../config/index.js';
 import config from '../config/index.js';
@@ -134,6 +135,10 @@ export const cleanupAllServers = (): void => {
 // Helper function to create transport based on server configuration
 export const createTransportFromConfig = async (name: string, conf: ServerConfig): Promise<any> => {
  let transport;
+  const env: Record<string, string> = {
+    ...(process.env as Record<string, string>),
+    ...replaceEnvVars(conf.env || {}),
+  };

  if (conf.type === 'streamable-http') {
    const options: StreamableHTTPClientTransportOptions = {};
@@ -152,6 +157,8 @@ export const createTransportFromConfig = async (name: string, conf: ServerConfig
      console.log(`OAuth provider configured for server: ${name}`);
    }

+    options.fetch = createFetchWithProxy(getProxyConfigFromEnv(env));
+
    transport = new StreamableHTTPClientTransport(new URL(conf.url || ''), options);
  } else if (conf.url) {
    // SSE transport
@@ -174,13 +181,11 @@ export const createTransportFromConfig = async (name: string, conf: ServerConfig
      console.log(`OAuth provider configured for server: ${name}`);
    }

+    options.fetch = createFetchWithProxy(getProxyConfigFromEnv(env));
+
    transport = new SSEClientTransport(new URL(conf.url), options);
  } else if (conf.command && conf.args) {
    // Stdio transport
-    const env: Record<string, string> = {
-      ...(process.env as Record<string, string>),
-      ...replaceEnvVars(conf.env || {}),
-    };
    env['PATH'] = expandEnvVars(process.env.PATH as string) || '';

    const systemConfigDao = getSystemConfigDao();
@@ -236,6 +241,8 @@ const callToolWithReconnect = async (
  for (let attempt = 0; attempt <= maxRetries; attempt++) {
    try {
      const result = await serverInfo.client.callTool(toolParams, undefined, options || {});
+      // Check auth error
+      checkAuthError(result);
      return result;
    } catch (error: any) {
      // Check if error message starts with "Error POSTing to endpoint (HTTP 40"
@@ -825,6 +832,25 @@ export const addOrUpdateServer = async (
  }
 };

+// Check for authentication error in tool call result
+function checkAuthError(result: any) {
+  if (Array.isArray(result.content) && result.content.length > 0) {
+    const text = result.content[0]?.text;
+    if (typeof text === 'string') {
+      let errorContent;
+      try {
+        errorContent = JSON.parse(text);
+      } catch (e) {
+        // Ignore JSON parse errors and continue
+        return;
+      }
+      if (errorContent.code === 401) {
+        throw new Error('Error POSTing to endpoint (HTTP 401 Unauthorized)');
+      }
+    }
+  }
+}
+
 // Close server client and transport
 function closeServer(name: string) {
  const serverInfo = serverInfos.find((serverInfo) => serverInfo.name === name);
--- a/src/services/proxy.ts
+++ b/src/services/proxy.ts
@@ -0,0 +1,167 @@
+/**
+ * HTTP/HTTPS proxy configuration utilities for MCP client transports.
+ *
+ * This module provides utilities to configure HTTP and HTTPS proxies when
+ * connecting to MCP servers. Proxies are configured by providing a custom
+ * fetch implementation that uses Node.js http/https agents with proxy support.
+ *
+ */
+
+import { FetchLike } from '@modelcontextprotocol/sdk/shared/transport.js';
+
+/**
+ * Configuration options for HTTP/HTTPS proxy settings.
+ */
+export interface ProxyConfig {
+  /**
+   * HTTP proxy URL (e.g., 'http://proxy.example.com:8080')
+   * Can include authentication: 'http://user:pass@proxy.example.com:8080'
+   */
+  httpProxy?: string;
+
+  /**
+   * HTTPS proxy URL (e.g., 'https://proxy.example.com:8443')
+   * Can include authentication: 'https://user:pass@proxy.example.com:8443'
+   */
+  httpsProxy?: string;
+
+  /**
+   * Comma-separated list of hosts that should bypass the proxy
+   * (e.g., 'localhost,127.0.0.1,.example.com')
+   */
+  noProxy?: string;
+}
+
+/**
+ * Creates a fetch function that uses the specified proxy configuration.
+ *
+ * This function returns a fetch implementation that routes requests through
+ * the configured HTTP/HTTPS proxies using undici's ProxyAgent.
+ *
+ * Note: This function requires the 'undici' package to be installed.
+ * Install it with: npm install undici
+ *
+ * @param config - Proxy configuration options
+ * @returns A fetch-compatible function configured to use the specified proxies
+ *
+ */
+export function createFetchWithProxy(config: ProxyConfig): FetchLike {
+  // If no proxy is configured, return the default fetch
+  if (!config.httpProxy && !config.httpsProxy) {
+    return fetch;
+  }
+
+  // Parse no_proxy list
+  const noProxyList = parseNoProxy(config.noProxy);
+
+  return async (url: string | URL, init?: RequestInit): Promise<Response> => {
+    const targetUrl = typeof url === 'string' ? new URL(url) : url;
+
+    // Check if host should bypass proxy
+    if (shouldBypassProxy(targetUrl.hostname, noProxyList)) {
+      return fetch(url, init);
+    }
+
+    // Determine which proxy to use based on protocol
+    const proxyUrl = targetUrl.protocol === 'https:' ? config.httpsProxy : config.httpProxy;
+
+    if (!proxyUrl) {
+      // No proxy configured for this protocol
+      return fetch(url, init);
+    }
+
+    // Use undici for proxy support if available
+    try {
+      // Dynamic import - undici is an optional peer dependency
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      const undici = await import('undici' as any);
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      const ProxyAgent = (undici as any).ProxyAgent;
+      const dispatcher = new ProxyAgent(proxyUrl);
+
+      return fetch(url, {
+        ...init,
+        // @ts-expect-error - dispatcher is undici-specific
+        dispatcher,
+      });
+    } catch (error) {
+      // undici not available - throw error requiring installation
+      throw new Error(
+        'Proxy support requires the "undici" package. ' +
+          'Install it with: npm install undici\n' +
+          `Original error: ${error instanceof Error ? error.message : String(error)}`,
+      );
+    }
+  };
+}
+
+/**
+ * Parses a NO_PROXY environment variable value into a list of patterns.
+ */
+function parseNoProxy(noProxy?: string): string[] {
+  if (!noProxy) {
+    return [];
+  }
+
+  return noProxy
+    .split(',')
+    .map((item) => item.trim())
+    .filter((item) => item.length > 0);
+}
+
+/**
+ * Checks if a hostname should bypass the proxy based on NO_PROXY patterns.
+ */
+function shouldBypassProxy(hostname: string, noProxyList: string[]): boolean {
+  if (noProxyList.length === 0) {
+    return false;
+  }
+
+  const hostnameLower = hostname.toLowerCase();
+
+  for (const pattern of noProxyList) {
+    const patternLower = pattern.toLowerCase();
+
+    // Exact match
+    if (hostnameLower === patternLower) {
+      return true;
+    }
+
+    // Domain suffix match (e.g., .example.com matches sub.example.com)
+    if (patternLower.startsWith('.') && hostnameLower.endsWith(patternLower)) {
+      return true;
+    }
+
+    // Domain suffix match without leading dot
+    if (!patternLower.startsWith('.') && hostnameLower.endsWith('.' + patternLower)) {
+      return true;
+    }
+
+    // Special case: "*" matches everything
+    if (patternLower === '*') {
+      return true;
+    }
+  }
+
+  return false;
+}
+
+/**
+ * Creates a ProxyConfig from environment variables.
+ *
+ * This function reads standard proxy environment variables:
+ * - HTTP_PROXY, http_proxy
+ * - HTTPS_PROXY, https_proxy
+ * - NO_PROXY, no_proxy
+ *
+ * Lowercase versions take precedence over uppercase versions.
+ *
+ * @returns A ProxyConfig object populated from environment variables
+ */
+export function getProxyConfigFromEnv(env: Record<string, string>): ProxyConfig {
+  return {
+    httpProxy: env.http_proxy || env.HTTP_PROXY,
+    httpsProxy: env.https_proxy || env.HTTPS_PROXY,
+    noProxy: env.no_proxy || env.NO_PROXY,
+  };
+}
--- a/src/services/sseService.ts
+++ b/src/services/sseService.ts
@@ -88,6 +88,29 @@ const isBearerKeyAllowedForRequest = async (req: Request, key: BearerKey): Promi
        return groupServerNames.some((name) => allowedServers.includes(name));
      }

+      if (key.accessType === 'custom') {
+        // For custom-scoped keys, check if the group is allowed OR if any server in the group is allowed
+        const allowedGroups = key.allowedGroups || [];
+        const allowedServers = key.allowedServers || [];
+
+        // Check if the group itself is allowed
+        const groupAllowed =
+          allowedGroups.includes(matchedGroup.name) || allowedGroups.includes(matchedGroup.id);
+        if (groupAllowed) {
+          return true;
+        }
+
+        // Check if any server in the group is allowed
+        if (allowedServers.length > 0 && Array.isArray(matchedGroup.servers)) {
+          const groupServerNames = matchedGroup.servers.map((server) =>
+            typeof server === 'string' ? server : server.name,
+          );
+          return groupServerNames.some((name) => allowedServers.includes(name));
+        }
+
+        return false;
+      }
+
      // Unknown accessType with matched group
      return false;
    }
@@ -102,8 +125,8 @@ const isBearerKeyAllowedForRequest = async (req: Request, key: BearerKey): Promi
        return false;
      }

-      if (key.accessType === 'servers') {
-        // For server-scoped keys, check if the server is in allowedServers
+      if (key.accessType === 'servers' || key.accessType === 'custom') {
+        // For server-scoped or custom-scoped keys, check if the server is in allowedServers
        const allowedServers = key.allowedServers || [];
        return allowedServers.includes(matchedServer.name);
      }
--- a/src/services/vectorSearchService.ts
+++ b/src/services/vectorSearchService.ts
@@ -1,13 +1,13 @@
 import { getRepositoryFactory } from '../db/index.js';
 import { VectorEmbeddingRepository } from '../db/repositories/index.js';
 import { Tool } from '../types/index.js';
-import { getAppDataSource, initializeDatabase } from '../db/connection.js';
+import { getAppDataSource, isDatabaseConnected, initializeDatabase } from '../db/connection.js';
 import { getSmartRoutingConfig } from '../utils/smartRouting.js';
 import OpenAI from 'openai';

 // Get OpenAI configuration from smartRouting settings or fallback to environment variables
-const getOpenAIConfig = () => {
-  const smartRoutingConfig = getSmartRoutingConfig();
+const getOpenAIConfig = async () => {
+  const smartRoutingConfig = await getSmartRoutingConfig();
  return {
    apiKey: smartRoutingConfig.openaiApiKey,
    baseURL: smartRoutingConfig.openaiApiBaseUrl,
@@ -34,8 +34,8 @@ const getDimensionsForModel = (model: string): number => {
 };

 // Initialize the OpenAI client with smartRouting configuration
-const getOpenAIClient = () => {
-  const config = getOpenAIConfig();
+const getOpenAIClient = async () => {
+  const config = await getOpenAIConfig();
  return new OpenAI({
    apiKey: config.apiKey, // Get API key from smartRouting settings or environment variables
    baseURL: config.baseURL, // Get base URL from smartRouting settings or fallback to default
@@ -53,32 +53,26 @@ const getOpenAIClient = () => {
 * @returns Promise with vector embedding as number array
 */
 async function generateEmbedding(text: string): Promise<number[]> {
-  try {
-    const config = getOpenAIConfig();
-    const openai = getOpenAIClient();
+  const config = await getOpenAIConfig();
+  const openai = await getOpenAIClient();

-    // Check if API key is configured
-    if (!openai.apiKey) {
-      console.warn('OpenAI API key is not configured. Using fallback embedding method.');
-      return generateFallbackEmbedding(text);
-    }
-
-    // Truncate text if it's too long (OpenAI has token limits)
-    const truncatedText = text.length > 8000 ? text.substring(0, 8000) : text;
-
-    // Call OpenAI's embeddings API
-    const response = await openai.embeddings.create({
-      model: config.embeddingModel, // Modern model with better performance
-      input: truncatedText,
-    });
-
-    // Return the embedding
-    return response.data[0].embedding;
-  } catch (error) {
-    console.error('Error generating embedding:', error);
-    console.warn('Falling back to simple embedding method');
+  // Check if API key is configured
+  if (!openai.apiKey) {
+    console.warn('OpenAI API key is not configured. Using fallback embedding method.');
    return generateFallbackEmbedding(text);
  }
+
+  // Truncate text if it's too long (OpenAI has token limits)
+  const truncatedText = text.length > 8000 ? text.substring(0, 8000) : text;
+
+  // Call OpenAI's embeddings API
+  const response = await openai.embeddings.create({
+    model: config.embeddingModel, // Modern model with better performance
+    input: truncatedText,
+  });
+
+  // Return the embedding
+  return response.data[0].embedding;
 }

 /**
@@ -198,12 +192,18 @@ export const saveToolsAsVectorEmbeddings = async (
      return;
    }

-    const smartRoutingConfig = getSmartRoutingConfig();
+    const smartRoutingConfig = await getSmartRoutingConfig();
    if (!smartRoutingConfig.enabled) {
      return;
    }

-    const config = getOpenAIConfig();
+    // Ensure database is initialized before using repository
+    if (!isDatabaseConnected()) {
+      console.info('Database not initialized, initializing...');
+      await initializeDatabase();
+    }
+
+    const config = await getOpenAIConfig();
    const vectorRepository = getRepositoryFactory(
      'vectorEmbeddings',
    )() as VectorEmbeddingRepository;
@@ -227,36 +227,31 @@ export const saveToolsAsVectorEmbeddings = async (
        .filter(Boolean)
        .join(' ');

-      try {
-        // Generate embedding
-        const embedding = await generateEmbedding(searchableText);
+      // Generate embedding
+      const embedding = await generateEmbedding(searchableText);

-        // Check database compatibility before saving
-        await checkDatabaseVectorDimensions(embedding.length);
+      // Check database compatibility before saving
+      await checkDatabaseVectorDimensions(embedding.length);

-        // Save embedding
-        await vectorRepository.saveEmbedding(
-          'tool',
-          `${serverName}:${tool.name}`,
-          searchableText,
-          embedding,
-          {
-            serverName,
-            toolName: tool.name,
-            description: tool.description,
-            inputSchema: tool.inputSchema,
-          },
-          config.embeddingModel, // Store the model used for this embedding
-        );
-      } catch (toolError) {
-        console.error(`Error processing tool ${tool.name} for server ${serverName}:`, toolError);
-        // Continue with the next tool rather than failing the whole batch
-      }
+      // Save embedding
+      await vectorRepository.saveEmbedding(
+        'tool',
+        `${serverName}:${tool.name}`,
+        searchableText,
+        embedding,
+        {
+          serverName,
+          toolName: tool.name,
+          description: tool.description,
+          inputSchema: tool.inputSchema,
+        },
+        config.embeddingModel, // Store the model used for this embedding
+      );
    }

    console.log(`Saved ${tools.length} tool embeddings for server: ${serverName}`);
  } catch (error) {
-    console.error(`Error saving tool embeddings for server ${serverName}:`, error);
+    console.error(`Error saving tool embeddings for server ${serverName}:${error}`);
  }
 };

@@ -381,7 +376,7 @@ export const getAllVectorizedTools = async (
  }>
 > => {
  try {
-    const config = getOpenAIConfig();
+    const config = await getOpenAIConfig();
    const vectorRepository = getRepositoryFactory(
      'vectorEmbeddings',
    )() as VectorEmbeddingRepository;
--- a/src/types/index.ts
+++ b/src/types/index.ts
@@ -244,7 +244,7 @@ export interface OAuthServerConfig {
 }

 // Bearer authentication key configuration
-export type BearerKeyAccessType = 'all' | 'groups' | 'servers';
+export type BearerKeyAccessType = 'all' | 'groups' | 'servers' | 'custom';

 export interface BearerKey {
  id: string; // Unique identifier for the key
@@ -252,8 +252,8 @@ export interface BearerKey {
  token: string; // Bearer token value
  enabled: boolean; // Whether this key is enabled
  accessType: BearerKeyAccessType; // Access scope type
-  allowedGroups?: string[]; // Allowed group names when accessType === 'groups'
-  allowedServers?: string[]; // Allowed server names when accessType === 'servers'
+  allowedGroups?: string[]; // Allowed group names when accessType === 'groups' or 'custom'
+  allowedServers?: string[]; // Allowed server names when accessType === 'servers' or 'custom'
 }

 // Represents the settings for MCP servers
--- a/src/utils/smartRouting.ts
+++ b/src/utils/smartRouting.ts
@@ -1,4 +1,5 @@
-import { loadSettings, expandEnvVars } from '../config/index.js';
+import { expandEnvVars } from '../config/index.js';
+import { getSystemConfigDao } from '../dao/DaoFactory.js';

 /**
 * Smart routing configuration interface
@@ -22,10 +23,11 @@ export interface SmartRoutingConfig {
 *
 * @returns {SmartRoutingConfig} Complete smart routing configuration
 */
-export function getSmartRoutingConfig(): SmartRoutingConfig {
-  const settings = loadSettings();
-  const smartRoutingSettings: Partial<SmartRoutingConfig> =
-    settings.systemConfig?.smartRouting || {};
+export async function getSmartRoutingConfig(): Promise<SmartRoutingConfig> {
+  // Get system config from DAO
+  const systemConfigDao = getSystemConfigDao();
+  const systemConfig = await systemConfigDao.get();
+  const smartRoutingSettings: Partial<SmartRoutingConfig> = systemConfig.smartRouting || {};

  return {
    // Enabled status - check multiple environment variables
--- a/tests/dao/bearerKeyDao.test.ts
+++ b/tests/dao/bearerKeyDao.test.ts
@@ -0,0 +1,97 @@
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+
+import { BearerKeyDaoImpl } from '../../src/dao/BearerKeyDao.js';
+
+const writeSettings = (settingsPath: string, settings: unknown): void => {
+  fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2), 'utf8');
+};
+
+describe('BearerKeyDaoImpl migration + settings caching behavior', () => {
+  let tmpDir: string;
+  let settingsPath: string;
+  let originalSettingsEnv: string | undefined;
+
+  beforeEach(() => {
+    tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'mcphub-bearer-keys-'));
+    settingsPath = path.join(tmpDir, 'mcp_settings.json');
+
+    originalSettingsEnv = process.env.MCPHUB_SETTING_PATH;
+    process.env.MCPHUB_SETTING_PATH = settingsPath;
+  });
+
+  afterEach(() => {
+    if (originalSettingsEnv === undefined) {
+      delete process.env.MCPHUB_SETTING_PATH;
+    } else {
+      process.env.MCPHUB_SETTING_PATH = originalSettingsEnv;
+    }
+
+    try {
+      fs.rmSync(tmpDir, { recursive: true, force: true });
+    } catch {
+      // ignore cleanup errors
+    }
+  });
+
+  it('does not rewrite settings when bearerKeys exists as an empty array', async () => {
+    writeSettings(settingsPath, {
+      mcpServers: {},
+      users: [],
+      systemConfig: {
+        routing: {
+          enableBearerAuth: false,
+          bearerAuthKey: '',
+        },
+      },
+      bearerKeys: [],
+    });
+
+    const writeSpy = jest.spyOn(fs, 'writeFileSync');
+
+    const dao = new BearerKeyDaoImpl();
+    const enabled1 = await dao.findEnabled();
+    const enabled2 = await dao.findEnabled();
+
+    expect(enabled1).toEqual([]);
+    expect(enabled2).toEqual([]);
+
+    // The DAO should NOT persist anything because bearerKeys already exists.
+    expect(writeSpy).not.toHaveBeenCalled();
+
+    writeSpy.mockRestore();
+  });
+
+  it('migrates legacy bearerAuthKey only once', async () => {
+    writeSettings(settingsPath, {
+      mcpServers: {},
+      users: [],
+      systemConfig: {
+        routing: {
+          enableBearerAuth: true,
+          bearerAuthKey: 'legacy-token',
+        },
+      },
+      // bearerKeys is intentionally missing to trigger migration
+    });
+
+    const writeSpy = jest.spyOn(fs, 'writeFileSync');
+
+    const dao = new BearerKeyDaoImpl();
+
+    const enabled1 = await dao.findEnabled();
+    expect(enabled1).toHaveLength(1);
+    expect(enabled1[0].token).toBe('legacy-token');
+    expect(enabled1[0].enabled).toBe(true);
+
+    const enabled2 = await dao.findEnabled();
+    expect(enabled2).toHaveLength(1);
+    expect(enabled2[0].token).toBe('legacy-token');
+
+    // One write for the migration, no further writes on subsequent reads.
+    expect(writeSpy).toHaveBeenCalledTimes(1);
+
+    writeSpy.mockRestore();
+  });
+});
Author	SHA1	Message	Date
samanhappy	7cc330e721	fix: ensure database is initialized before saving tool embeddings (#531 )	2025-12-28 12:19:21 +08:00
Copilot	ab338e80a7	Add custom access type for bearer keys to support combined group and server scoping (#530 ) Co-authored-by: samanhappy <samanhappy@gmail.com>	2025-12-27 16:16:50 +08:00
cheezmil	b00e1c81fc	fix: Found 1 error in src/services/keepAliveService.ts:51 #521 (#522 ) Co-authored-by: cheestard <134115886+cheestard@users.noreply.github.com>	2025-12-25 09:15:07 +08:00
samanhappy	33eae50bd3	Refactor smart routing configuration and async database handling (#519 )	2025-12-20 12:16:09 +08:00
samanhappy	eb1a965e45	feat: add authentication status listener to refresh settings on user login (#518 )	2025-12-17 18:34:07 +08:00
samanhappy	97114dcabb	feat: implement batch saving for smart routing configuration (#517 )	2025-12-17 15:26:53 +08:00
samanhappy	350a022ea3	feat: enhance login error handling and add server unavailable message (#516 )	2025-12-17 13:24:07 +08:00
samanhappy	292876a991	feat: update PostgreSQL images to pgvector/pgvector:pg17 across configurations (#513 )	2025-12-16 15:40:06 +08:00
samanhappy	d6a9146e27	feat: enhance OAuth token logging and add authentication error handling in tool calls (#512 )	2025-12-16 15:16:43 +08:00
samanhappy	1f3a6794ea	feat: enhance BearerKeyDaoImpl to handle migration and caching behavior for bearer keys (#507 )	2025-12-14 20:40:57 +08:00
samanhappy	c673afb97e	Add HTTP/HTTPS proxy configuration and environment variable support (#506 )	2025-12-14 15:44:44 +08:00