npm - @axhub/genie - Versions diffs - 0.2.8 → 0.2.10 - Mend

@axhub/genie 0.2.8 → 0.2.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (106) hide show

package/server/index.js CHANGED Viewed

@@ -96,7 +96,7 @@ async function getPty() {
 import fetch from 'node-fetch';
 import mime from 'mime-types';
-import { getProjects, getSessions, getSessionMessages, renameProject, deleteSession, deleteProject, addProjectManually, extractProjectDirectory, clearProjectDirectoryCache, clearProviderSessionLookupCaches, getGeminiSessionMessages } from './projects.js';
+import { getProjects, getProjectsList, getProjectDetails, getSessions, getSessionMessages, renameProject, deleteSession, deleteProject, addProjectManually, extractProjectDirectory, clearProjectDirectoryCache, clearProviderSessionLookupCaches, getGeminiSessionMessages } from './projects.js';
 import {
   executeAgentPrompt,
   getActiveAgentSessions,
@@ -104,11 +104,7 @@ import {
   resolveAgentPermission,
   setAgentSessionMode
 } from './acp-runtime/index.js';
-import gitRoutes from './routes/git.js';
 import authRoutes from './routes/auth.js';
-import mcpRoutes from './routes/mcp.js';
-import taskmasterRoutes from './routes/taskmaster.js';
-import mcpUtilsRoutes from './routes/mcp-utils.js';
 import commandsRoutes from './routes/commands.js';
 import settingsRoutes from './routes/settings.js';
 import channelsRoutes from './routes/channels.js';
@@ -127,13 +123,14 @@ import {
 } from './utils/workspaceRoots.js';
 import cliAuthRoutes, { detectProviderInstallationStatus } from './routes/cli-auth.js';
 import ccConnectRoutes from './routes/cc-connect.js';
+import { lanAccessApiRoutes, lanAccessPageRoutes } from './routes/lan-access.js';
 import userRoutes from './routes/user.js';
 import codexRoutes from './routes/codex.js';
 import opencodeRoutes from './routes/opencode.js';
 import sessionCoreRoutes from './routes/session-core.js';
 import { parseCodexTokenCountInfo } from './utils/codexTokenUsage.js';
 import { getConfiguredDefaultProjectPath, resolveWorkingDirectory } from './utils/defaultWorkingDirectory.js';
-import { initializeDatabase } from './database/db.js';
+import { initializeDatabase, userDb } from './database/db.js';
 import { validateApiKey, authenticateToken, authenticateWebSocket } from './middleware/auth.js';
 import { IS_PLATFORM } from './constants/config.js';
 import { getChannelManager } from './channels/index.js';
@@ -333,8 +330,8 @@ async function setupProjectsWatcher() {
                     clearProjectDirectoryCache();
                     clearProviderSessionLookupCaches();
-                    // Get updated projects list
-                    const updatedProjects = await getProjects(broadcastProgress);
+                    // Get updated lightweight projects list
+                    const updatedProjects = await getProjectsList(broadcastProgress);
                     // Notify all connected clients about the project changes
                     const changedProvider = filePath.startsWith(codexSessionsPath)
@@ -343,14 +340,21 @@ async function setupProjectsWatcher() {
                     const changedFileRoot = changedProvider === 'codex'
                         ? codexSessionsPath
                         : claudeProjectsPath;
+                    const normalizedRelativePath = path.relative(changedFileRoot, filePath);
+                    const changedPathSegments = normalizedRelativePath.split(path.sep).filter(Boolean);
+                    const affectedProjectName = changedProvider === 'claude'
+                        ? (changedPathSegments[0] || null)
+                        : null;
                     const updateMessage = JSON.stringify({
                         type: 'projects_updated',
                         projects: updatedProjects,
                         timestamp: new Date().toISOString(),
                         changeType: eventType,
-                        changedFile: path.relative(changedFileRoot, filePath),
+                        changedFile: normalizedRelativePath,
                         changedProvider,
-                        changedSessionId: extractSessionIdFromChangedFile(filePath)
+                        changedSessionId: extractSessionIdFromChangedFile(filePath),
+                        affectedProjectName,
+                        requiresDetailsRefresh: Boolean(affectedProjectName)
                     });
                     connectedClients.forEach(client => {
@@ -416,7 +420,7 @@ const wss = new WebSocketServer({
         // Platform mode: always allow internal UI WebSocket connections.
         if (IS_PLATFORM) {
-            const user = authenticateWebSocket(null); // Will return first user
+            const user = authenticateWebSocket(null, info.req); // Will return first user
             if (!user) {
                 console.log('[WARN] Platform mode: No user found in database');
                 done(false, 500, 'Platform mode: No user found in database');
@@ -431,7 +435,7 @@ const wss = new WebSocketServer({
         const token = url.searchParams.get('token') ||
             info.req.headers.authorization?.split(' ')[1];
-        const user = authenticateWebSocket(token);
+        const user = authenticateWebSocket(token, info.req);
         if (!user) {
             console.log('[WARN] WebSocket authentication failed');
             done(false, 401, 'Unauthorized');
@@ -490,22 +494,12 @@ app.use('/api', validateApiKey);
 // Authentication routes (public)
 app.use('/api/auth', authRoutes);
+app.use('/api/lan-access', lanAccessApiRoutes);
+app.use('/lan-access', lanAccessPageRoutes);
 // Projects API Routes (protected)
 app.use('/api/projects', authenticateToken, projectsRoutes);
-// Git API Routes (protected)
-app.use('/api/git', authenticateToken, gitRoutes);
-// MCP API Routes (protected)
-app.use('/api/mcp', authenticateToken, mcpRoutes);
-// TaskMaster API Routes (protected)
-app.use('/api/taskmaster', authenticateToken, taskmasterRoutes);
-// MCP utilities
-app.use('/api/mcp-utils', authenticateToken, mcpUtilsRoutes);
 // Commands API Routes (protected)
 app.use('/api/commands', authenticateToken, commandsRoutes);
@@ -647,6 +641,7 @@ app.post('/api/system/update', authenticateToken, async (req, res) => {
 app.get('/api/projects', authenticateToken, async (req, res) => {
     try {
+        res.setHeader('Deprecation', 'true');
         const projects = await getProjects(broadcastProgress);
         res.json(projects);
     } catch (error) {
@@ -654,6 +649,27 @@ app.get('/api/projects', authenticateToken, async (req, res) => {
     }
 });
+app.get('/api/projects/list', authenticateToken, async (req, res) => {
+    try {
+        const projects = await getProjectsList(broadcastProgress);
+        res.json(projects);
+    } catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});
+app.get('/api/projects/:projectName/details', authenticateToken, async (req, res) => {
+    try {
+        const project = await getProjectDetails(req.params.projectName);
+        res.json(project);
+    } catch (error) {
+        if (/Project not found/i.test(error.message)) {
+            return res.status(404).json({ error: error.message });
+        }
+        res.status(500).json({ error: error.message });
+    }
+});
 app.get('/api/projects/:projectName/sessions', authenticateToken, async (req, res) => {
     try {
         const { limit = 5, offset = 0 } = req.query;
@@ -947,6 +963,65 @@ app.post('/api/create-folder', authenticateToken, async (req, res) => {
     }
 });
+function isWithinProjectRoot(projectRoot, candidatePath) {
+    const relativePath = path.relative(projectRoot, candidatePath);
+    return relativePath === '' || (!relativePath.startsWith('..') && !path.isAbsolute(relativePath));
+}
+async function getResolvedProjectRoot(projectName) {
+    const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+    if (!projectRoot) {
+        const error = new Error('Project not found');
+        error.statusCode = 404;
+        throw error;
+    }
+    const resolvedRoot = path.resolve(projectRoot);
+    await fsPromises.access(resolvedRoot);
+    return resolvedRoot;
+}
+async function resolveProjectFilePath(projectName, inputPath) {
+    const requestedPath = typeof inputPath === 'string' ? inputPath.trim() : '';
+    if (!requestedPath) {
+        const error = new Error('Invalid file path');
+        error.statusCode = 400;
+        throw error;
+    }
+    const projectRoot = await getResolvedProjectRoot(projectName);
+    const absoluteTarget = path.isAbsolute(requestedPath)
+        ? path.resolve(requestedPath)
+        : path.resolve(projectRoot, requestedPath);
+    if (!isWithinProjectRoot(projectRoot, absoluteTarget)) {
+        const error = new Error('Path must be under project root');
+        error.statusCode = 403;
+        throw error;
+    }
+    return {
+        projectRoot,
+        targetPath: absoluteTarget
+    };
+}
+function sendProjectFileError(res, error, missingLabel = 'File not found') {
+    if (error.statusCode) {
+        return res.status(error.statusCode).json({ error: error.message });
+    }
+    if (error.code === 'ENOENT') {
+        return res.status(404).json({ error: missingLabel });
+    }
+    if (error.code === 'EACCES') {
+        return res.status(403).json({ error: 'Permission denied' });
+    }
+    return res.status(500).json({ error: error.message });
+}
 // Read file content endpoint
 app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) => {
     try {
@@ -955,36 +1030,12 @@ app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) =
         console.log('[DEBUG] File read request:', projectName, filePath);
-        // Security: ensure the requested path is inside the project root
-        if (!filePath) {
-            return res.status(400).json({ error: 'Invalid file path' });
-        }
-        const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
-        if (!projectRoot) {
-            return res.status(404).json({ error: 'Project not found' });
-        }
-        // Handle both absolute and relative paths
-        const resolved = path.isAbsolute(filePath)
-            ? path.resolve(filePath)
-            : path.resolve(projectRoot, filePath);
-        const normalizedRoot = path.resolve(projectRoot) + path.sep;
-        if (!resolved.startsWith(normalizedRoot)) {
-            return res.status(403).json({ error: 'Path must be under project root' });
-        }
-        const content = await fsPromises.readFile(resolved, 'utf8');
-        res.json({ content, path: resolved });
+        const { targetPath } = await resolveProjectFilePath(projectName, filePath);
+        const content = await fsPromises.readFile(targetPath, 'utf8');
+        res.json({ content, path: targetPath });
     } catch (error) {
         console.error('Error reading file:', error);
-        if (error.code === 'ENOENT') {
-            res.status(404).json({ error: 'File not found' });
-        } else if (error.code === 'EACCES') {
-            res.status(403).json({ error: 'Permission denied' });
-        } else {
-            res.status(500).json({ error: error.message });
-        }
+        sendProjectFileError(res, error, 'File not found');
     }
 });
@@ -996,35 +1047,15 @@ app.get('/api/projects/:projectName/files/content', authenticateToken, async (re
         console.log('[DEBUG] Binary file serve request:', projectName, filePath);
-        // Security: ensure the requested path is inside the project root
-        if (!filePath) {
-            return res.status(400).json({ error: 'Invalid file path' });
-        }
-        const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
-        if (!projectRoot) {
-            return res.status(404).json({ error: 'Project not found' });
-        }
-        const resolved = path.resolve(filePath);
-        const normalizedRoot = path.resolve(projectRoot) + path.sep;
-        if (!resolved.startsWith(normalizedRoot)) {
-            return res.status(403).json({ error: 'Path must be under project root' });
-        }
-        // Check if file exists
-        try {
-            await fsPromises.access(resolved);
-        } catch (error) {
-            return res.status(404).json({ error: 'File not found' });
-        }
+        const { targetPath } = await resolveProjectFilePath(projectName, filePath);
+        await fsPromises.access(targetPath);
         // Get file extension and set appropriate content type
-        const mimeType = mime.lookup(resolved) || 'application/octet-stream';
+        const mimeType = mime.lookup(targetPath) || 'application/octet-stream';
         res.setHeader('Content-Type', mimeType);
         // Stream the file
-        const fileStream = fs.createReadStream(resolved);
+        const fileStream = fs.createReadStream(targetPath);
         fileStream.pipe(res);
         fileStream.on('error', (error) => {
@@ -1037,90 +1068,19 @@ app.get('/api/projects/:projectName/files/content', authenticateToken, async (re
     } catch (error) {
         console.error('Error serving binary file:', error);
         if (!res.headersSent) {
-            res.status(500).json({ error: error.message });
-        }
-    }
-});
-// Save file content endpoint
-app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) => {
-    try {
-        const { projectName } = req.params;
-        const { filePath, content } = req.body;
-        console.log('[DEBUG] File save request:', projectName, filePath);
-        // Security: ensure the requested path is inside the project root
-        if (!filePath) {
-            return res.status(400).json({ error: 'Invalid file path' });
-        }
-        if (content === undefined) {
-            return res.status(400).json({ error: 'Content is required' });
-        }
-        const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
-        if (!projectRoot) {
-            return res.status(404).json({ error: 'Project not found' });
-        }
-        // Handle both absolute and relative paths
-        const resolved = path.isAbsolute(filePath)
-            ? path.resolve(filePath)
-            : path.resolve(projectRoot, filePath);
-        const normalizedRoot = path.resolve(projectRoot) + path.sep;
-        if (!resolved.startsWith(normalizedRoot)) {
-            return res.status(403).json({ error: 'Path must be under project root' });
-        }
-        // Write the new content
-        await fsPromises.writeFile(resolved, content, 'utf8');
-        res.json({
-            success: true,
-            path: resolved,
-            message: 'File saved successfully'
-        });
-    } catch (error) {
-        console.error('Error saving file:', error);
-        if (error.code === 'ENOENT') {
-            res.status(404).json({ error: 'File or directory not found' });
-        } else if (error.code === 'EACCES') {
-            res.status(403).json({ error: 'Permission denied' });
-        } else {
-            res.status(500).json({ error: error.message });
+            sendProjectFileError(res, error, 'File not found');
         }
     }
 });
 app.get('/api/projects/:projectName/files', authenticateToken, async (req, res) => {
     try {
-        // Using fsPromises from import
-        // Use extractProjectDirectory to get the actual project path
-        let actualPath;
-        try {
-            actualPath = await extractProjectDirectory(req.params.projectName);
-        } catch (error) {
-            console.error('Error extracting project directory:', error);
-            // Fallback to simple dash replacement
-            actualPath = req.params.projectName.replace(/-/g, '/');
-        }
-        // Check if path exists
-        try {
-            await fsPromises.access(actualPath);
-        } catch (e) {
-            return res.status(404).json({ error: `Project path not found: ${actualPath}` });
-        }
-        const files = await getFileTree(actualPath, 10, 0, true);
-        const hiddenFiles = files.filter(f => f.name.startsWith('.'));
+        const projectRoot = await getResolvedProjectRoot(req.params.projectName);
+        const files = await getFileTree(projectRoot, 10, 0, true);
         res.json(files);
     } catch (error) {
         console.error('[ERROR] File tree error:', error.message);
-        res.status(500).json({ error: error.message });
+        sendProjectFileError(res, error, error.statusCode === 404 ? error.message : 'Failed to list files');
     }
 });
@@ -2189,6 +2149,7 @@ async function startServer() {
     try {
         // Initialize authentication database
         await initializeDatabase();
+        userDb.ensureDefaultUser();
         await getChannelManager().initialize();
         // Check if running in production mode (dist folder exists)

package/server/lan-access/core.js ADDED Viewed

@@ -0,0 +1,79 @@
+import os from 'os';
+function normalizeHost(value) {
+  const raw = String(value || '').trim().toLowerCase();
+  if (!raw) {
+    return '';
+  }
+  if (raw.startsWith('[')) {
+    const closingIndex = raw.indexOf(']');
+    return closingIndex >= 0 ? raw.slice(1, closingIndex) : raw;
+  }
+  const hostParts = raw.split(':');
+  if (hostParts.length === 2) {
+    return hostParts[0];
+  }
+  return raw;
+}
+function normalizeAddress(value) {
+  const raw = String(value || '').trim().toLowerCase();
+  if (!raw) {
+    return '';
+  }
+  return raw.replace(/^::ffff:/, '');
+}
+function isLoopbackHost(host) {
+  const normalizedHost = normalizeHost(host);
+  return normalizedHost === 'localhost'
+    || normalizedHost === '127.0.0.1'
+    || normalizedHost === '::1';
+}
+function isLoopbackAddress(address) {
+  const normalizedAddress = normalizeAddress(address);
+  return normalizedAddress === '127.0.0.1' || normalizedAddress === '::1';
+}
+function isLoopbackRequest(req) {
+  const forwardedHost = String(req?.headers?.['x-forwarded-host'] || '').split(',')[0].trim();
+  const host = forwardedHost || req?.headers?.host || req?.hostname || '';
+  return isLoopbackHost(host);
+}
+function isIPv4Family(value) {
+  return value === 'IPv4' || value === 4;
+}
+function collectLanIPv4Addresses(networkInterfaces = os.networkInterfaces()) {
+  const addresses = new Set();
+  for (const entries of Object.values(networkInterfaces || {})) {
+    for (const entry of entries || []) {
+      if (!entry || entry.internal || !isIPv4Family(entry.family)) {
+        continue;
+      }
+      const address = String(entry.address || '').trim();
+      if (!address) {
+        continue;
+      }
+      addresses.add(address);
+    }
+  }
+  return Array.from(addresses).sort((left, right) => left.localeCompare(right));
+}
+export {
+  collectLanIPv4Addresses,
+  isLoopbackAddress,
+  isLoopbackHost,
+  isLoopbackRequest,
+};

package/server/lan-access/state.js ADDED Viewed

@@ -0,0 +1,102 @@
+import fs from 'fs';
+import path from 'path';
+import bcrypt from 'bcrypt';
+import { getDataFilePath } from '../database/db.js';
+const DEFAULT_STATE = Object.freeze({
+  passwordHash: null,
+  sessionVersion: 0,
+  updatedAt: null,
+});
+function getLanAccessStatePath() {
+  if (process.env.LAN_ACCESS_STATE_PATH) {
+    return process.env.LAN_ACCESS_STATE_PATH;
+  }
+  return path.join(path.dirname(getDataFilePath()), 'lan-access-state.json');
+}
+function normalizeState(rawState) {
+  const source = rawState && typeof rawState === 'object' ? rawState : {};
+  return {
+    passwordHash: typeof source.passwordHash === 'string' && source.passwordHash.trim() ? source.passwordHash : null,
+    sessionVersion: Number.isInteger(source.sessionVersion) && source.sessionVersion >= 0 ? source.sessionVersion : 0,
+    updatedAt: typeof source.updatedAt === 'string' ? source.updatedAt : null,
+  };
+}
+function ensureStateDir() {
+  const statePath = getLanAccessStatePath();
+  const stateDir = path.dirname(statePath);
+  if (!fs.existsSync(stateDir)) {
+    fs.mkdirSync(stateDir, { recursive: true });
+  }
+}
+function readLanAccessState() {
+  const statePath = getLanAccessStatePath();
+  if (!fs.existsSync(statePath)) {
+    return { ...DEFAULT_STATE };
+  }
+  try {
+    const parsed = JSON.parse(fs.readFileSync(statePath, 'utf8'));
+    return normalizeState(parsed);
+  } catch {
+    return { ...DEFAULT_STATE };
+  }
+}
+function writeLanAccessState(nextState) {
+  ensureStateDir();
+  const statePath = getLanAccessStatePath();
+  const normalized = normalizeState(nextState);
+  const tempPath = `${statePath}.tmp`;
+  fs.writeFileSync(tempPath, `${JSON.stringify(normalized, null, 2)}\n`, 'utf8');
+  fs.renameSync(tempPath, statePath);
+  return normalized;
+}
+function hasLanAccessPassword() {
+  return Boolean(readLanAccessState().passwordHash);
+}
+function getLanSessionVersion() {
+  return readLanAccessState().sessionVersion;
+}
+async function setLanAccessPassword(password) {
+  const trimmedPassword = String(password || '').trim();
+  if (!trimmedPassword) {
+    throw new Error('Access password is required');
+  }
+  const currentState = readLanAccessState();
+  const passwordHash = await bcrypt.hash(trimmedPassword, 12);
+  return writeLanAccessState({
+    passwordHash,
+    sessionVersion: currentState.sessionVersion + 1,
+    updatedAt: new Date().toISOString(),
+  });
+}
+async function verifyLanAccessPassword(password) {
+  const state = readLanAccessState();
+  if (!state.passwordHash) {
+    return false;
+  }
+  return bcrypt.compare(String(password || ''), state.passwordHash);
+}
+export {
+  getLanAccessStatePath,
+  getLanSessionVersion,
+  hasLanAccessPassword,
+  readLanAccessState,
+  setLanAccessPassword,
+  verifyLanAccessPassword,
+  writeLanAccessState,
+};