079project 6.0.0 → 8.0.0

package/079project_frontend/src/reportWebVitals.js

@@ -0,0 +1,13 @@
+const reportWebVitals = onPerfEntry => {
+  if (onPerfEntry && onPerfEntry instanceof Function) {
+    import('web-vitals').then(({ getCLS, getFID, getFCP, getLCP, getTTFB }) => {
+      getCLS(onPerfEntry);
+      getFID(onPerfEntry);
+      getFCP(onPerfEntry);
+      getLCP(onPerfEntry);
+      getTTFB(onPerfEntry);
+    });
+  }
+};
+
+export default reportWebVitals;

package/079project_frontend/src/setupTests.js

@@ -0,0 +1,5 @@
+// jest-dom adds custom jest matchers for asserting on DOM nodes.
+// allows you to do things like:
+// expect(element).toHaveTextContent(/react/i)
+// learn more: https://github.com/testing-library/jest-dom
+import '@testing-library/jest-dom';

package/README.en.md

@@ -0,0 +1,234 @@
+# 079Project
+
+An experimental AI project that combines **graph-based reasoning**, **learning modules**, a **gateway API**, a **React control console**, and a **SQLite-backed identity system** in one repository.
+
+The current runtime is split into **two Node.js processes**:
+
+- **Main AI process**: `main.cjs` (serves `/api/*`; token required by default)
+- **Identity + Web process**: `auth_frontend_server.cjs` (serves `/auth/*`, hosts the React production build, and reverse-proxies `/api/*` to the main AI process)
+
+Note: This repository is still experimental; APIs/behavior may change.
+
+---
+
+## Key Structure
+
+- `main.cjs`: Main AI process (graph runtime, SparkArray, controller pool, MemeBarrier, RL/ADV learning, snapshots & export, `/api` routes).
+- `auth_frontend_server.cjs`: Identity + frontend hosting (SQLite users/sessions, JWT auth, `/auth` routes, `/api` reverse proxy).
+- `079project_frontend/`: React frontend (Chat + Config console).
+- `robots/`: Robot corpora (TXT).
+- `tests/`: Test cases / word lists (TXT; can be added at runtime and refreshed into RL).
+- `snapshots/`: Snapshot files.
+- `runtime_store/`: Runtime cache/export folder; default location for `runtime_store/auth.sqlite`.
+- `lmdb/`: LMDB data directory (falls back to JSON storage if unavailable).
+
+---
+
+## Requirements
+
+- Windows + PowerShell (`pwsh.exe` examples below).
+- Node.js >= 18 (LTS recommended).
+
+---
+
+## Install
+
+Backend dependencies:
+
+```powershell
+cd "079Project/"
+npm install
+```
+
+Frontend dependencies:
+
+```powershell
+cd "079Project/079project_frontend"
+npm install
+```
+
+---
+
+## Run (Two Processes)
+
+Default ports:
+
+- Main AI: `127.0.0.1:5080`
+- Identity + Web: `127.0.0.1:5081`
+
+### Mode A (Recommended): Identity+Web hosts UI and proxies `/api`
+
+1) Start the main AI process (serves `/api/*` only):
+
+```powershell
+cd "079Project/"
+$env:AI_AUTH_ENABLED="true"
+$env:AI_AUTH_JWT_SECRET="change-me"
+node .\main.cjs
+```
+
+2) Start the identity + web process (hosts UI and proxies `/api/*` to the main AI):
+
+```powershell
+cd "079Project/"
+$env:AUTH_JWT_SECRET="change-me"
+$env:AI_API_BASE="http://127.0.0.1:5080"
+node .\auth_frontend_server.cjs
+```
+
+3) Open in browser:
+
+- `http://127.0.0.1:5081/`
+
+On first run, choose “bootstrap” in the UI and create the initial admin user (only allowed once).
+
+Important: `AUTH_JWT_SECRET` must match `AI_AUTH_JWT_SECRET`, otherwise tokens cannot be verified by the main AI process.
+
+### Mode B (Optional): Frontend dev server
+
+The CRA dev server uses `079project_frontend/package.json` `proxy`.
+If you use this mode, it is recommended to set `proxy` to `http://127.0.0.1:5081` so `/api/*` goes through the identity process (no CORS issues; consistent auth).
+
+Start:
+
+```powershell
+cd "079Project/079project_frontend"
+npm start
+```
+
+### Mode C (Production): Build React and let identity process host it
+
+1) Build the frontend:
+
+```powershell
+cd "079Project/079project_frontend"
+npm run build
+```
+
+2) Start main AI:
+
+```powershell
+cd "079Project/"
+$env:AI_AUTH_ENABLED="true"
+$env:AI_AUTH_JWT_SECRET="change-me"
+node .\main.cjs
+```
+
+3) Start identity + web:
+
+```powershell
+cd "079Project/"
+$env:AUTH_JWT_SECRET="change-me"
+$env:AI_API_BASE="http://127.0.0.1:5080"
+node .\auth_frontend_server.cjs
+```
+
+Open: `http://127.0.0.1:5081/`
+
+---
+
+## Main AI CLI Options (Common)
+
+`main.cjs` supports some CLI / env options (partial list):
+
+- `--gateway-host` / `AI_GATEWAY_HOST`: listen address (default `127.0.0.1`).
+- `--port` / `CONTROLLER_PORT`: gateway port (default `5080`).
+- `--disable-memebarrier`: disable MemeBarrier on startup (can be re-enabled at runtime).
+- `--disable-learning`: disable learning modules on startup (can be re-enabled at runtime).
+- `--disable-rl`: disable RL on startup (can be re-enabled at runtime).
+- `--disable-adv`: disable ADV on startup (can be re-enabled at runtime).
+- `--export-dir` / `AI_EXPORT_DIR`: default export directory for `/api/export/graph`.
+
+Example: listen on `0.0.0.0:5080`:
+
+```powershell
+node .\main.cjs --gateway-host=0.0.0.0 --port=5080
+```
+
+---
+
+## Identity System (SQLite + JWT)
+
+Default DB path: `079Project/runtime_store/auth.sqlite`.
+
+Environment variables for `auth_frontend_server.cjs`:
+
+- `AUTH_PORT`: default `5081`
+- `AUTH_HOST`: default `127.0.0.1`
+- `AUTH_DB_PATH`: default `079Project/runtime_store/auth.sqlite`
+- `AUTH_JWT_SECRET`: JWT secret (must match main AI `AI_AUTH_JWT_SECRET`)
+- `AI_API_BASE`: main AI base URL (default `http://127.0.0.1:5080`)
+
+Environment variables for `main.cjs`:
+
+- `AI_AUTH_ENABLED`: enabled by default (set to `false` to temporarily disable auth)
+- `AI_AUTH_JWT_SECRET`: token verification secret
+
+---
+
+## Frontend
+
+Left navigation:
+
+- `Chat`: basic chat.
+- `Config`: runtime operations console (MemeBarrier / RL / ADV, thresholds, tests refresh, robots retrain).
+
+---
+
+## Selected HTTP APIs
+
+### Chat
+
+- `POST /api/chat`: single-model chat.
+- `POST /api/array/chat`: SparkArray multi-AI / multi-layer chat.
+
+### Runtime toggles (Config UI)
+
+- `GET /api/runtime/features`
+- `PATCH /api/runtime/features`
+
+### MemeBarrier
+
+- `POST /api/memebarrier/start`
+- `POST /api/memebarrier/stop`
+- `GET /api/memebarrier/stats`
+
+### Learning
+
+- `POST /api/learn/reinforce` / `GET /api/learn/reinforce/latest`
+- `POST /api/learn/adversarial` / `GET /api/learn/adversarial/latest`
+- `POST /api/learn/thresholds`
+
+### Tests
+
+- `GET /api/tests/list`
+- `POST /api/tests/case`
+- `POST /api/tests/refresh`
+
+### Robots
+
+- `GET /robots/list`
+- `POST /robots/ingest`
+- `POST /api/robots/retrain`
+
+### Export
+
+- `POST /api/export/graph`: export a windowed graph JSON to file and return inline content.
+
+---
+
+## FAQ
+
+### Why is there no UI on `5080/`?
+
+This is expected: the UI is hosted by the identity + web process (default `http://127.0.0.1:5081/`).
+
+### LMDB cannot be opened
+
+If LMDB fails, the system automatically falls back to JSON storage and continues to run. Check directory permissions and environment dependencies if you need LMDB.
+
+---
+
+## License
+
+LGPL-3.0 (see `LICENSE`).

package/auth_frontend_server.cjs

@@ -0,0 +1,312 @@
+const fs = require('fs');
+const path = require('path');
+const express = require('express');
+const bodyParser = require('body-parser');
+const jwt = require('jsonwebtoken');
+const bcrypt = require('bcryptjs');
+
+let Database;
+try {
+  Database = require('better-sqlite3');
+} catch (e) {
+  Database = null;
+}
+
+function getEnv(name, fallback) {
+  const v = process.env[name];
+  return (v === undefined || v === null || v === '') ? fallback : v;
+}
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function randomId() {
+  return `${Date.now().toString(36)}_${Math.random().toString(36).slice(2)}`;
+}
+
+function jsonError(res, status, error, extra) {
+  res.status(status).json({ ok: false, error, ...(extra || {}) });
+}
+
+class IdentityStore {
+  constructor(dbPath) {
+    if (!Database) {
+      throw new Error('better-sqlite3 not installed/available');
+    }
+    this.dbPath = dbPath;
+    this.db = new Database(dbPath);
+    this.db.pragma('journal_mode = WAL');
+    this._init();
+  }
+
+  _init() {
+    this.db.exec(`
+      CREATE TABLE IF NOT EXISTS users (
+        id TEXT PRIMARY KEY,
+        username TEXT NOT NULL UNIQUE,
+        password_hash TEXT NOT NULL,
+        role TEXT NOT NULL DEFAULT 'user',
+        created_at TEXT NOT NULL,
+        last_login_at TEXT
+      );
+
+      CREATE TABLE IF NOT EXISTS sessions (
+        id TEXT PRIMARY KEY,
+        user_id TEXT NOT NULL,
+        created_at TEXT NOT NULL,
+        expires_at TEXT NOT NULL,
+        revoked_at TEXT,
+        ip TEXT,
+        ua TEXT,
+        FOREIGN KEY(user_id) REFERENCES users(id)
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_sessions_user_id ON sessions(user_id);
+      CREATE INDEX IF NOT EXISTS idx_sessions_expires ON sessions(expires_at);
+    `);
+  }
+
+  hasAnyUser() {
+    const row = this.db.prepare('SELECT COUNT(1) as c FROM users').get();
+    return (row?.c || 0) > 0;
+  }
+
+  createUser({ username, password, role = 'admin' }) {
+    const id = randomId();
+    const passwordHash = bcrypt.hashSync(String(password), 10);
+    const createdAt = nowIso();
+    this.db
+      .prepare('INSERT INTO users (id, username, password_hash, role, created_at) VALUES (?, ?, ?, ?, ?)')
+      .run(id, username, passwordHash, role, createdAt);
+    return { id, username, role, createdAt };
+  }
+
+  getUserByUsername(username) {
+    return this.db.prepare('SELECT * FROM users WHERE username = ?').get(username) || null;
+  }
+
+  getUserById(id) {
+    return this.db.prepare('SELECT * FROM users WHERE id = ?').get(id) || null;
+  }
+
+  verifyPassword(user, password) {
+    return bcrypt.compareSync(String(password), String(user.password_hash));
+  }
+
+  createSession({ userId, ttlSeconds = 60 * 60 * 24 * 7, ip, ua }) {
+    const id = randomId();
+    const createdAt = nowIso();
+    const expiresAt = new Date(Date.now() + ttlSeconds * 1000).toISOString();
+    this.db
+      .prepare('INSERT INTO sessions (id, user_id, created_at, expires_at, ip, ua) VALUES (?, ?, ?, ?, ?, ?)')
+      .run(id, userId, createdAt, expiresAt, ip || null, ua || null);
+    return { id, userId, createdAt, expiresAt };
+  }
+
+  revokeSession(sessionId) {
+    const revokedAt = nowIso();
+    this.db.prepare('UPDATE sessions SET revoked_at = ? WHERE id = ?').run(revokedAt, sessionId);
+    return { id: sessionId, revokedAt };
+  }
+
+  getSession(sessionId) {
+    const row = this.db.prepare('SELECT * FROM sessions WHERE id = ?').get(sessionId);
+    return row || null;
+  }
+}
+
+function parseBearer(req) {
+  const h = req.headers.authorization || '';
+  const m = /^Bearer\s+(.+)$/i.exec(String(h));
+  return m ? m[1] : '';
+}
+
+function start() {
+  const port = Number(getEnv('AUTH_PORT', '5081'));
+  const host = getEnv('AUTH_HOST', '127.0.0.1');
+  const webRoot = getEnv('WEB_ROOT', path.join(__dirname, '079project_frontend', 'build'));
+  const dbPath = getEnv('AUTH_DB_PATH', path.join(__dirname, 'runtime_store', 'auth.sqlite'));
+  const jwtSecret = getEnv('AUTH_JWT_SECRET', 'dev-secret-change-me');
+  const aiApiBase = getEnv('AI_API_BASE', 'http://127.0.0.1:5080');
+  const tokenTtlSeconds = Number(getEnv('AUTH_TOKEN_TTL_SECONDS', String(60 * 60 * 24 * 7)));
+
+  if (!fs.existsSync(path.dirname(dbPath))) {
+    fs.mkdirSync(path.dirname(dbPath), { recursive: true });
+  }
+
+  const store = new IdentityStore(dbPath);
+
+  const app = express();
+  app.use(bodyParser.json({ limit: '2mb' }));
+
+  // Lightweight reverse proxy for /api/* to main AI process.
+  // This avoids CORS and keeps frontend API_BASE as same-origin (:5081).
+  app.all(/^\/api\/.*/, async (req, res) => {
+    try {
+      const base = aiApiBase.endsWith('/') ? aiApiBase.slice(0, -1) : aiApiBase;
+      const targetUrl = new URL(`${base}${req.originalUrl}`);
+      const headers = { ...req.headers };
+      delete headers.host;
+
+      let body;
+      if (req.method !== 'GET' && req.method !== 'HEAD') {
+        body = JSON.stringify(req.body ?? {});
+      }
+
+      const r = await fetch(targetUrl.toString(), {
+        method: req.method,
+        headers: {
+          ...headers,
+          'content-type': 'application/json'
+        },
+        body
+      });
+
+      const text = await r.text();
+      res.status(r.status);
+      // pass through content-type if present
+      const ct = r.headers.get('content-type');
+      if (ct) res.setHeader('content-type', ct);
+      res.send(text);
+    } catch (e) {
+      jsonError(res, 502, 'ai-proxy-failed', { message: e.message });
+    }
+  });
+
+  // health + config
+  app.get('/auth/health', (req, res) => {
+    res.json({ ok: true, ts: Date.now() });
+  });
+
+  app.get('/auth/config', (req, res) => {
+    res.json({ ok: true, aiApiBase });
+  });
+
+  // First-run bootstrap: create initial admin if no users.
+  app.post('/auth/bootstrap', (req, res) => {
+    try {
+      if (store.hasAnyUser()) {
+        jsonError(res, 409, 'already-bootstrapped');
+        return;
+      }
+      const username = String(req.body?.username || 'admin').trim();
+      const password = String(req.body?.password || '').trim();
+      if (!username) {
+        jsonError(res, 400, 'username-required');
+        return;
+      }
+      if (!password || password.length < 6) {
+        jsonError(res, 400, 'password-too-short', { minLen: 6 });
+        return;
+      }
+      const user = store.createUser({ username, password, role: 'admin' });
+      res.json({ ok: true, user: { id: user.id, username: user.username, role: user.role } });
+    } catch (e) {
+      jsonError(res, 500, 'bootstrap-failed', { message: e.message });
+    }
+  });
+
+  app.post('/auth/login', (req, res) => {
+    try {
+      const username = String(req.body?.username || '').trim();
+      const password = String(req.body?.password || '');
+      if (!username || !password) {
+        jsonError(res, 400, 'username-password-required');
+        return;
+      }
+      const user = store.getUserByUsername(username);
+      if (!user || !store.verifyPassword(user, password)) {
+        jsonError(res, 401, 'invalid-credentials');
+        return;
+      }
+      const session = store.createSession({
+        userId: user.id,
+        ttlSeconds: tokenTtlSeconds,
+        ip: req.ip,
+        ua: req.headers['user-agent']
+      });
+      const token = jwt.sign(
+        { sub: user.id, username: user.username, role: user.role, sid: session.id },
+        jwtSecret,
+        { expiresIn: tokenTtlSeconds }
+      );
+      res.json({
+        ok: true,
+        token,
+        user: { id: user.id, username: user.username, role: user.role },
+        expiresAt: session.expires_at
+      });
+    } catch (e) {
+      jsonError(res, 500, 'login-failed', { message: e.message });
+    }
+  });
+
+  app.post('/auth/logout', (req, res) => {
+    try {
+      const token = parseBearer(req);
+      if (!token) {
+        jsonError(res, 401, 'missing-token');
+        return;
+      }
+      const payload = jwt.verify(token, jwtSecret);
+      if (payload?.sid) {
+        store.revokeSession(String(payload.sid));
+      }
+      res.json({ ok: true });
+    } catch (e) {
+      jsonError(res, 401, 'invalid-token', { message: e.message });
+    }
+  });
+
+  app.get('/auth/me', (req, res) => {
+    try {
+      const token = parseBearer(req);
+      if (!token) {
+        jsonError(res, 401, 'missing-token');
+        return;
+      }
+      const payload = jwt.verify(token, jwtSecret);
+      const user = store.getUserById(String(payload.sub));
+      if (!user) {
+        jsonError(res, 401, 'user-not-found');
+        return;
+      }
+      const session = payload?.sid ? store.getSession(String(payload.sid)) : null;
+      if (session && session.revoked_at) {
+        jsonError(res, 401, 'session-revoked');
+        return;
+      }
+      res.json({ ok: true, user: { id: user.id, username: user.username, role: user.role } });
+    } catch (e) {
+      jsonError(res, 401, 'invalid-token', { message: e.message });
+    }
+  });
+
+  // Serve CRA build (separate from main AI process)
+  if (fs.existsSync(webRoot)) {
+    app.use(express.static(webRoot));
+
+    // SPA fallback
+    app.get(/^\/(?!api\/|auth\/|robots\/).*/, (req, res) => {
+      const indexFile = path.join(webRoot, 'index.html');
+      if (!fs.existsSync(indexFile)) {
+        res.status(404).send('index.html not found');
+        return;
+      }
+      res.setHeader('Content-Type', 'text/html; charset=utf-8');
+      res.send(fs.readFileSync(indexFile, 'utf8'));
+    });
+  } else {
+    console.warn('[auth+web] WEB_ROOT does not exist:', webRoot);
+  }
+
+  app.listen(port, host, () => {
+    console.log(`[auth+web] listening on http://${host}:${port}`);
+    console.log(`[auth+web] webRoot: ${webRoot}`);
+    console.log(`[auth+web] db: ${dbPath}`);
+    console.log(`[auth+web] AI_API_BASE: ${aiApiBase}`);
+  });
+}
+
+start();