@axhub/genie 0.2.8 → 0.2.10

package/server/routes/session-core.js

@@ -1,8 +1,18 @@
 import express from 'express';
-import { getProjects } from '../projects.js';
+import crypto from 'node:crypto';
+import path from 'path';
+import {
+  getClaudeSessionMetadata,
+  getCodexSessionMetadata,
+  getGeminiSessionMetadata,
+  getOpencodeSessionMetadata,
+  getProjects,
+  getProjectsList
+} from '../projects.js';
 import { discoverAllProviders, discoverProvider } from '../session-core/providerDiscovery.js';
 import { getProviderAdapter } from '../session-core/providerAdapters.js';
-import { listAcpSessions } from '../acp-runtime/session-store.js';
+import { findAcpSessionRecord, listAcpSessions } from '../acp-runtime/session-store.js';
+import { mergeSessionLists } from '../session-core/sessionListMerge.js';
 
 const router = express.Router();
 
@@ -21,12 +31,138 @@ async function flattenProjectSessions(project) {
   ];
 
   const acpSessions = await listAcpSessions({ projectPath });
+  const legacySessions = groups.flatMap(({ provider, items }) => (
+    items.map((item) => ({ ...item, provider, __provider: provider, source: item?.source || 'legacy' }))
+  ));
+  const normalizedAcpSessions = acpSessions.map((item) => ({
+    ...item,
+    provider: item.provider,
+    __provider: item.provider,
+    source: 'acp'
+  }));
 
-  return [
-    ...groups.flatMap(({ provider, items }) => items.map((item) => ({ ...item, provider, __provider: provider, source: item?.source || 'legacy' }))),
-    ...acpSessions.map((item) => ({ ...item, provider: item.provider, __provider: item.provider, source: 'acp' }))
-  ]
-    .sort((a, b) => new Date(b.lastActivity || b.updated_at || b.createdAt || 0) - new Date(a.lastActivity || a.updated_at || a.createdAt || 0));
+  return mergeSessionLists(legacySessions, normalizedAcpSessions);
+}
+
+async function resolveProviderSessionRoute({
+  provider,
+  sessionId,
+  projectList = null
+}) {
+  const normalizedProvider = String(provider || '').trim().toLowerCase();
+  const normalizedSessionId = String(sessionId || '').trim();
+
+  if (!normalizedProvider || !normalizedSessionId) {
+    return null;
+  }
+
+  const projects = Array.isArray(projectList) ? projectList : await getProjectsList();
+  const normalizeComparableProjectPath = (projectPath) => {
+    if (typeof projectPath !== 'string' || !projectPath.trim()) {
+      return '';
+    }
+
+    const withoutWindowsLongPathPrefix = projectPath.startsWith('\\\\?\\')
+      ? projectPath.slice(4)
+      : projectPath;
+
+    return path.normalize(withoutWindowsLongPathPrefix);
+  };
+
+  const findProjectByPath = (projectPath) => {
+    const normalizedProjectPath = normalizeComparableProjectPath(projectPath);
+    if (!normalizedProjectPath) {
+      return null;
+    }
+
+    return projects.find((project) => {
+      const candidatePath = project.fullPath || project.path || '';
+      return normalizeComparableProjectPath(candidatePath) === normalizedProjectPath;
+    }) || null;
+  };
+
+  const acpRecord = await findAcpSessionRecord(normalizedSessionId, normalizedProvider);
+  const acpProject = findProjectByPath(acpRecord?.projectPath || null);
+
+  let matchedProject = acpProject;
+  let resolvedSource = acpRecord ? 'acp' : 'legacy';
+
+  if (!matchedProject) {
+    switch (normalizedProvider) {
+      case 'claude': {
+        const metadata = await getClaudeSessionMetadata(normalizedSessionId);
+        matchedProject = findProjectByPath(metadata?.cwd || null);
+        break;
+      }
+      case 'codex': {
+        const metadata = await getCodexSessionMetadata(normalizedSessionId);
+        matchedProject = findProjectByPath(metadata?.cwd || null);
+        break;
+      }
+      case 'gemini': {
+        const metadata = await getGeminiSessionMetadata(normalizedSessionId);
+        const projectHash = String(metadata?.projectHash || '').trim();
+
+        if (projectHash) {
+          matchedProject = projects.find((project) => {
+            const projectPath = normalizeComparableProjectPath(project.fullPath || project.path || '');
+            if (!projectPath) {
+              return false;
+            }
+
+            const candidateHash = crypto.createHash('sha256').update(projectPath).digest('hex');
+            return candidateHash === projectHash;
+          }) || null;
+        }
+        break;
+      }
+      case 'opencode': {
+        const metadata = await getOpencodeSessionMetadata(normalizedSessionId);
+        matchedProject = findProjectByPath(metadata?.cwd || null);
+        break;
+      }
+      default:
+        break;
+    }
+  }
+
+  if (!matchedProject) {
+    return null;
+  }
+
+  const adapter = getProviderAdapter(normalizedProvider);
+  let sessions = [];
+
+  if (normalizedProvider === 'claude') {
+    sessions = await adapter.listSessions({
+      projectName: matchedProject.name,
+      projectPath: matchedProject.fullPath || matchedProject.path,
+      limit: 1000,
+      offset: 0
+    });
+  } else {
+    sessions = await adapter.listSessions({
+      projectPath: matchedProject.fullPath || matchedProject.path,
+      limit: 0
+    });
+  }
+
+  const matchedSession = (Array.isArray(sessions) ? sessions : []).find((session) => session.id === normalizedSessionId);
+  if (!matchedSession) {
+    return null;
+  }
+
+  return {
+    provider: normalizedProvider,
+    source: matchedSession.source || resolvedSource,
+    session: matchedSession,
+    project: {
+      name: matchedProject.name,
+      fullPath: matchedProject.fullPath || matchedProject.path,
+      path: matchedProject.path,
+      displayName: matchedProject.displayName || matchedProject.name
+    }
+  };
 }
 
 router.get('/providers', async (req, res) => {
@@ -68,98 +204,29 @@ router.get('/projects/:projectName/history-index', async (req, res) => {
   }
 });
 
-router.get('/sessions/:sessionId/resolve', async (req, res) => {
+router.get('/sessions/:provider/:sessionId/resolve', async (req, res) => {
   try {
-    const projects = await getProjects();
+    const requestedProvider = String(req.params.provider || '').trim().toLowerCase();
     const requestedSessionId = String(req.params.sessionId || '').trim();
-    const providerHint = typeof req.query.provider === 'string' ? req.query.provider.trim().toLowerCase() : '';
-
-    if (!requestedSessionId) {
-      return res.status(400).json({ success: false, error: 'Session id is required' });
-    }
 
-    const providerOrder = [
-      providerHint,
-      'codex',
-      'claude',
-      'gemini',
-      'opencode'
-    ].filter((provider, index, all) => provider && all.indexOf(provider) === index);
-
-    let directProjectMatch = null;
-    let directMatchSessions = [];
-
-    for (const project of projects) {
-      const flattened = await flattenProjectSessions(project);
-      if (flattened.some((session) => session.id === requestedSessionId)) {
-        directProjectMatch = project;
-        directMatchSessions = flattened;
-        break;
-      }
+    if (!requestedProvider || !requestedSessionId) {
+      return res.status(400).json({ success: false, error: 'provider and session id are required' });
     }
 
-    if (directProjectMatch) {
-      const matchedSession = directMatchSessions.find((session) => session.id === requestedSessionId);
-
-      return res.json({
-        success: true,
-        found: true,
-        provider: matchedSession.provider,
-        source: matchedSession.source || 'legacy',
-        session: matchedSession,
-        project: {
-          name: directProjectMatch.name,
-          fullPath: directProjectMatch.fullPath || directProjectMatch.path,
-          path: directProjectMatch.path,
-          displayName: directProjectMatch.displayName || directProjectMatch.name
-        }
-      });
-    }
-
-    for (const provider of providerOrder) {
-      const adapter = getProviderAdapter(provider);
-
-      for (const project of projects) {
-        let sessions = [];
-
-        try {
-          if (provider === 'claude') {
-            const result = await adapter.listSessions({
-              projectName: project.name,
-              projectPath: project.fullPath || project.path,
-              limit: 1000,
-              offset: 0
-            });
-            sessions = Array.isArray(result) ? result : [];
-          } else {
-            sessions = await adapter.listSessions({ projectPath: project.fullPath || project.path, limit: 0 });
-          }
-        } catch (error) {
-          continue;
-        }
-
-        const matchedSession = sessions.find((session) => session.id === requestedSessionId);
-        if (!matchedSession) {
-          continue;
-        }
+    const result = await resolveProviderSessionRoute({
+      provider: requestedProvider,
+      sessionId: requestedSessionId
+    });
 
-        return res.json({
-          success: true,
-          found: true,
-          provider,
-          source: matchedSession.source || 'legacy',
-          session: matchedSession,
-          project: {
-            name: project.name,
-            fullPath: project.fullPath || project.path,
-            path: project.path,
-            displayName: project.displayName || project.name
-          }
-        });
-      }
+    if (!result) {
+      return res.status(404).json({ success: true, found: false });
     }
 
-    res.status(404).json({ success: true, found: false });
+    res.json({
+      success: true,
+      found: true,
+      ...result
+    });
   } catch (error) {
     res.status(500).json({ success: false, error: error.message });
   }
@@ -208,4 +275,6 @@ router.get('/sessions/:provider/:sessionId/events', async (req, res) => {
   }
 });
 
+export { flattenProjectSessions, resolveProviderSessionRoute };
+
 export default router;

package/server/routes/settings.js

@@ -2,40 +2,50 @@ import express from 'express';
 import { apiKeysDb, credentialsDb } from '../database/db.js';
 
 const router = express.Router();
-
-// ===============================
-// API Keys Management
-// ===============================
-
-// Get all API keys for the authenticated user
-router.get('/api-keys', async (req, res) => {
+const DISALLOWED_CREDENTIAL_TYPES = new Set(['github_token']);
+
+function parseNumericId(rawValue) {
+  const parsed = Number.parseInt(String(rawValue || ''), 10);
+  return Number.isFinite(parsed) ? parsed : null;
+}
+
+function sanitizeApiKeyRecord(record) {
+  const visiblePrefix = String(record?.api_key || '').slice(0, 10);
+  return {
+    ...record,
+    api_key: visiblePrefix ? `${visiblePrefix}...` : ''
+  };
+}
+
+function badRequest(res, error) {
+  return res.status(400).json({ error });
+}
+
+function notFound(res, error) {
+  return res.status(404).json({ error });
+}
+
+router.get('/api-keys', (req, res) => {
   try {
-    const apiKeys = apiKeysDb.getApiKeys(req.user.id);
-    // Don't send the full API key in the list for security
-    const sanitizedKeys = apiKeys.map(key => ({
-      ...key,
-      api_key: key.api_key.substring(0, 10) + '...'
-    }));
-    res.json({ apiKeys: sanitizedKeys });
+    const apiKeys = apiKeysDb.getApiKeys(req.user.id).map(sanitizeApiKeyRecord);
+    res.json({ apiKeys });
   } catch (error) {
     console.error('Error fetching API keys:', error);
     res.status(500).json({ error: 'Failed to fetch API keys' });
   }
 });
 
-// Create a new API key
-router.post('/api-keys', async (req, res) => {
-  try {
-    const { keyName } = req.body;
-
-    if (!keyName || !keyName.trim()) {
-      return res.status(400).json({ error: 'Key name is required' });
-    }
+router.post('/api-keys', (req, res) => {
+  const keyName = String(req.body?.keyName || '').trim();
+  if (!keyName) {
+    return badRequest(res, 'Key name is required');
+  }
 
-    const result = apiKeysDb.createApiKey(req.user.id, keyName.trim());
+  try {
+    const apiKey = apiKeysDb.createApiKey(req.user.id, keyName);
     res.json({
       success: true,
-      apiKey: result
+      apiKey
     });
   } catch (error) {
     console.error('Error creating API key:', error);
@@ -43,56 +53,54 @@ router.post('/api-keys', async (req, res) => {
   }
 });
 
-// Delete an API key
-router.delete('/api-keys/:keyId', async (req, res) => {
-  try {
-    const { keyId } = req.params;
-    const success = apiKeysDb.deleteApiKey(req.user.id, parseInt(keyId));
+router.delete('/api-keys/:keyId', (req, res) => {
+  const keyId = parseNumericId(req.params.keyId);
+  if (keyId === null) {
+    return badRequest(res, 'Invalid API key id');
+  }
 
-    if (success) {
-      res.json({ success: true });
-    } else {
-      res.status(404).json({ error: 'API key not found' });
+  try {
+    const removed = apiKeysDb.deleteApiKey(req.user.id, keyId);
+    if (!removed) {
+      return notFound(res, 'API key not found');
     }
+
+    res.json({ success: true });
   } catch (error) {
     console.error('Error deleting API key:', error);
     res.status(500).json({ error: 'Failed to delete API key' });
   }
 });
 
-// Toggle API key active status
-router.patch('/api-keys/:keyId/toggle', async (req, res) => {
-  try {
-    const { keyId } = req.params;
-    const { isActive } = req.body;
+router.patch('/api-keys/:keyId/toggle', (req, res) => {
+  const keyId = parseNumericId(req.params.keyId);
+  const isActive = req.body?.isActive;
 
-    if (typeof isActive !== 'boolean') {
-      return res.status(400).json({ error: 'isActive must be a boolean' });
-    }
+  if (keyId === null) {
+    return badRequest(res, 'Invalid API key id');
+  }
 
-    const success = apiKeysDb.toggleApiKey(req.user.id, parseInt(keyId), isActive);
+  if (typeof isActive !== 'boolean') {
+    return badRequest(res, 'isActive must be a boolean');
+  }
 
-    if (success) {
-      res.json({ success: true });
-    } else {
-      res.status(404).json({ error: 'API key not found' });
+  try {
+    const updated = apiKeysDb.toggleApiKey(req.user.id, keyId, isActive);
+    if (!updated) {
+      return notFound(res, 'API key not found');
     }
+
+    res.json({ success: true });
   } catch (error) {
     console.error('Error toggling API key:', error);
     res.status(500).json({ error: 'Failed to toggle API key' });
   }
 });
 
-// ===============================
-// Generic Credentials Management
-// ===============================
-
-// Get all credentials for the authenticated user (optionally filtered by type)
-router.get('/credentials', async (req, res) => {
+router.get('/credentials', (req, res) => {
   try {
-    const { type } = req.query;
-    const credentials = credentialsDb.getCredentials(req.user.id, type || null);
-    // Don't send the actual credential values for security
+    const credentialType = typeof req.query.type === 'string' ? req.query.type.trim() : null;
+    const credentials = credentialsDb.getCredentials(req.user.id, credentialType || null);
     res.json({ credentials });
   } catch (error) {
     console.error('Error fetching credentials:', error);
@@ -100,38 +108,40 @@ router.get('/credentials', async (req, res) => {
   }
 });
 
-// Create a new credential
-router.post('/credentials', async (req, res) => {
-  try {
-    const { credentialName, credentialType, credentialValue, description } = req.body;
+router.post('/credentials', (req, res) => {
+  const credentialName = String(req.body?.credentialName || '').trim();
+  const credentialType = String(req.body?.credentialType || '').trim();
+  const credentialValue = String(req.body?.credentialValue || '').trim();
+  const description = String(req.body?.description || '').trim();
 
-    if (!credentialName || !credentialName.trim()) {
-      return res.status(400).json({ error: 'Credential name is required' });
-    }
+  if (!credentialName) {
+    return badRequest(res, 'Credential name is required');
+  }
 
-    if (!credentialType || !credentialType.trim()) {
-      return res.status(400).json({ error: 'Credential type is required' });
-    }
+  if (!credentialType) {
+    return badRequest(res, 'Credential type is required');
+  }
 
-    if (!credentialValue || !credentialValue.trim()) {
-      return res.status(400).json({ error: 'Credential value is required' });
-    }
+  if (!credentialValue) {
+    return badRequest(res, 'Credential value is required');
+  }
 
-    if (credentialType.trim() === 'github_token') {
-      return res.status(400).json({ error: 'GitHub tokens are no longer supported.' });
-    }
+  if (DISALLOWED_CREDENTIAL_TYPES.has(credentialType.toLowerCase())) {
+    return badRequest(res, 'GitHub tokens are no longer supported.');
+  }
 
-    const result = credentialsDb.createCredential(
+  try {
+    const credential = credentialsDb.createCredential(
       req.user.id,
-      credentialName.trim(),
-      credentialType.trim(),
-      credentialValue.trim(),
-      description?.trim() || null
+      credentialName,
+      credentialType,
+      credentialValue,
+      description || null
     );
 
     res.json({
       success: true,
-      credential: result
+      credential
     });
   } catch (error) {
     console.error('Error creating credential:', error);
@@ -139,40 +149,44 @@ router.post('/credentials', async (req, res) => {
   }
 });
 
-// Delete a credential
-router.delete('/credentials/:credentialId', async (req, res) => {
-  try {
-    const { credentialId } = req.params;
-    const success = credentialsDb.deleteCredential(req.user.id, parseInt(credentialId));
+router.delete('/credentials/:credentialId', (req, res) => {
+  const credentialId = parseNumericId(req.params.credentialId);
+  if (credentialId === null) {
+    return badRequest(res, 'Invalid credential id');
+  }
 
-    if (success) {
-      res.json({ success: true });
-    } else {
-      res.status(404).json({ error: 'Credential not found' });
+  try {
+    const removed = credentialsDb.deleteCredential(req.user.id, credentialId);
+    if (!removed) {
+      return notFound(res, 'Credential not found');
     }
+
+    res.json({ success: true });
   } catch (error) {
     console.error('Error deleting credential:', error);
     res.status(500).json({ error: 'Failed to delete credential' });
   }
 });
 
-// Toggle credential active status
-router.patch('/credentials/:credentialId/toggle', async (req, res) => {
-  try {
-    const { credentialId } = req.params;
-    const { isActive } = req.body;
+router.patch('/credentials/:credentialId/toggle', (req, res) => {
+  const credentialId = parseNumericId(req.params.credentialId);
+  const isActive = req.body?.isActive;
 
-    if (typeof isActive !== 'boolean') {
-      return res.status(400).json({ error: 'isActive must be a boolean' });
-    }
+  if (credentialId === null) {
+    return badRequest(res, 'Invalid credential id');
+  }
 
-    const success = credentialsDb.toggleCredential(req.user.id, parseInt(credentialId), isActive);
+  if (typeof isActive !== 'boolean') {
+    return badRequest(res, 'isActive must be a boolean');
+  }
 
-    if (success) {
-      res.json({ success: true });
-    } else {
-      res.status(404).json({ error: 'Credential not found' });
+  try {
+    const updated = credentialsDb.toggleCredential(req.user.id, credentialId, isActive);
+    if (!updated) {
+      return notFound(res, 'Credential not found');
     }
+
+    res.json({ success: true });
   } catch (error) {
     console.error('Error toggling credential:', error);
     res.status(500).json({ error: 'Failed to toggle credential' });