@cloudcli-ai/cloudcli 1.30.0 → 1.31.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (237) hide show
  1. package/dist/assets/{index-DI22MZMb.css → index-DF8TTVHl.css} +1 -1
  2. package/dist/assets/index-DbZAcc9z.js +1262 -0
  3. package/dist/index.html +2 -2
  4. package/dist-server/server/index.js +115 -955
  5. package/dist-server/server/index.js.map +1 -1
  6. package/dist-server/server/middleware/auth.js +1 -1
  7. package/dist-server/server/middleware/auth.js.map +1 -1
  8. package/dist-server/server/modules/database/connection.js +125 -0
  9. package/dist-server/server/modules/database/connection.js.map +1 -0
  10. package/dist-server/server/modules/database/index.js +13 -0
  11. package/dist-server/server/modules/database/index.js.map +1 -0
  12. package/dist-server/server/modules/database/init-db.js +18 -0
  13. package/dist-server/server/modules/database/init-db.js.map +1 -0
  14. package/dist-server/server/modules/database/migrations.js +370 -0
  15. package/dist-server/server/modules/database/migrations.js.map +1 -0
  16. package/dist-server/server/modules/database/repositories/api-keys.js +72 -0
  17. package/dist-server/server/modules/database/repositories/api-keys.js.map +1 -0
  18. package/dist-server/server/modules/database/repositories/app-config.js +47 -0
  19. package/dist-server/server/modules/database/repositories/app-config.js.map +1 -0
  20. package/dist-server/server/modules/database/repositories/credentials.js +68 -0
  21. package/dist-server/server/modules/database/repositories/credentials.js.map +1 -0
  22. package/dist-server/server/modules/database/repositories/github-tokens.js +54 -0
  23. package/dist-server/server/modules/database/repositories/github-tokens.js.map +1 -0
  24. package/dist-server/server/modules/database/repositories/notification-preferences.js +72 -0
  25. package/dist-server/server/modules/database/repositories/notification-preferences.js.map +1 -0
  26. package/dist-server/server/modules/database/repositories/projects.db.integration.test.js +64 -0
  27. package/dist-server/server/modules/database/repositories/projects.db.integration.test.js.map +1 -0
  28. package/dist-server/server/modules/database/repositories/projects.db.js +160 -0
  29. package/dist-server/server/modules/database/repositories/projects.db.js.map +1 -0
  30. package/dist-server/server/modules/database/repositories/push-subscriptions.js +49 -0
  31. package/dist-server/server/modules/database/repositories/push-subscriptions.js.map +1 -0
  32. package/dist-server/server/modules/database/repositories/scan-state.db.js +31 -0
  33. package/dist-server/server/modules/database/repositories/scan-state.db.js.map +1 -0
  34. package/dist-server/server/modules/database/repositories/sessions.db.js +109 -0
  35. package/dist-server/server/modules/database/repositories/sessions.db.js.map +1 -0
  36. package/dist-server/server/modules/database/repositories/users.js +88 -0
  37. package/dist-server/server/modules/database/repositories/users.js.map +1 -0
  38. package/dist-server/server/modules/database/repositories/vapid-keys.js +38 -0
  39. package/dist-server/server/modules/database/repositories/vapid-keys.js.map +1 -0
  40. package/dist-server/server/modules/database/schema.js +143 -0
  41. package/dist-server/server/modules/database/schema.js.map +1 -0
  42. package/dist-server/server/modules/projects/index.js +4 -0
  43. package/dist-server/server/modules/projects/index.js.map +1 -0
  44. package/dist-server/server/modules/projects/projects.routes.js +188 -0
  45. package/dist-server/server/modules/projects/projects.routes.js.map +1 -0
  46. package/dist-server/server/modules/projects/services/project-clone.service.js +219 -0
  47. package/dist-server/server/modules/projects/services/project-clone.service.js.map +1 -0
  48. package/dist-server/server/modules/projects/services/project-delete.service.js +65 -0
  49. package/dist-server/server/modules/projects/services/project-delete.service.js.map +1 -0
  50. package/dist-server/server/modules/projects/services/project-management.service.js +93 -0
  51. package/dist-server/server/modules/projects/services/project-management.service.js.map +1 -0
  52. package/dist-server/server/modules/projects/services/project-star.service.js +60 -0
  53. package/dist-server/server/modules/projects/services/project-star.service.js.map +1 -0
  54. package/dist-server/server/modules/projects/services/projects-has-taskmaster.service.js +167 -0
  55. package/dist-server/server/modules/projects/services/projects-has-taskmaster.service.js.map +1 -0
  56. package/dist-server/server/modules/projects/services/projects-with-sessions-fetch.service.js +169 -0
  57. package/dist-server/server/modules/projects/services/projects-with-sessions-fetch.service.js.map +1 -0
  58. package/dist-server/server/modules/projects/tests/project-clone.service.test.js +126 -0
  59. package/dist-server/server/modules/projects/tests/project-clone.service.test.js.map +1 -0
  60. package/dist-server/server/modules/projects/tests/project-management.service.test.js +85 -0
  61. package/dist-server/server/modules/projects/tests/project-management.service.test.js.map +1 -0
  62. package/dist-server/server/modules/projects/tests/project-star.service.test.js +95 -0
  63. package/dist-server/server/modules/projects/tests/project-star.service.test.js.map +1 -0
  64. package/dist-server/server/modules/projects/tests/projects-has-taskmaster.service.test.js +87 -0
  65. package/dist-server/server/modules/projects/tests/projects-has-taskmaster.service.test.js.map +1 -0
  66. package/dist-server/server/modules/providers/index.js +4 -0
  67. package/dist-server/server/modules/providers/index.js.map +1 -0
  68. package/dist-server/server/modules/providers/list/claude/claude-session-synchronizer.provider.js +63 -0
  69. package/dist-server/server/modules/providers/list/claude/claude-session-synchronizer.provider.js.map +1 -0
  70. package/dist-server/server/modules/providers/list/claude/claude-sessions.provider.js +144 -7
  71. package/dist-server/server/modules/providers/list/claude/claude-sessions.provider.js.map +1 -1
  72. package/dist-server/server/modules/providers/list/claude/claude.provider.js +2 -0
  73. package/dist-server/server/modules/providers/list/claude/claude.provider.js.map +1 -1
  74. package/dist-server/server/modules/providers/list/codex/codex-session-synchronizer.provider.js +71 -0
  75. package/dist-server/server/modules/providers/list/codex/codex-session-synchronizer.provider.js.map +1 -0
  76. package/dist-server/server/modules/providers/list/codex/codex-sessions.provider.js +225 -13
  77. package/dist-server/server/modules/providers/list/codex/codex-sessions.provider.js.map +1 -1
  78. package/dist-server/server/modules/providers/list/codex/codex.provider.js +2 -0
  79. package/dist-server/server/modules/providers/list/codex/codex.provider.js.map +1 -1
  80. package/dist-server/server/modules/providers/list/cursor/cursor-session-synchronizer.provider.js +127 -0
  81. package/dist-server/server/modules/providers/list/cursor/cursor-session-synchronizer.provider.js.map +1 -0
  82. package/dist-server/server/modules/providers/list/cursor/cursor.provider.js +2 -0
  83. package/dist-server/server/modules/providers/list/cursor/cursor.provider.js.map +1 -1
  84. package/dist-server/server/modules/providers/list/gemini/gemini-session-synchronizer.provider.js +296 -0
  85. package/dist-server/server/modules/providers/list/gemini/gemini-session-synchronizer.provider.js.map +1 -0
  86. package/dist-server/server/modules/providers/list/gemini/gemini-sessions.provider.js +277 -10
  87. package/dist-server/server/modules/providers/list/gemini/gemini-sessions.provider.js.map +1 -1
  88. package/dist-server/server/modules/providers/list/gemini/gemini.provider.js +2 -0
  89. package/dist-server/server/modules/providers/list/gemini/gemini.provider.js.map +1 -1
  90. package/dist-server/server/modules/providers/provider.routes.js +172 -0
  91. package/dist-server/server/modules/providers/provider.routes.js.map +1 -1
  92. package/dist-server/server/modules/providers/services/session-conversations-search.service.js +868 -0
  93. package/dist-server/server/modules/providers/services/session-conversations-search.service.js.map +1 -0
  94. package/dist-server/server/modules/providers/services/session-synchronizer.service.js +56 -0
  95. package/dist-server/server/modules/providers/services/session-synchronizer.service.js.map +1 -0
  96. package/dist-server/server/modules/providers/services/sessions-watcher.service.js +234 -0
  97. package/dist-server/server/modules/providers/services/sessions-watcher.service.js.map +1 -0
  98. package/dist-server/server/modules/providers/services/sessions.service.js +78 -3
  99. package/dist-server/server/modules/providers/services/sessions.service.js.map +1 -1
  100. package/dist-server/server/modules/providers/shared/base/abstract.provider.js.map +1 -1
  101. package/dist-server/server/modules/websocket/index.js +3 -0
  102. package/dist-server/server/modules/websocket/index.js.map +1 -0
  103. package/dist-server/server/modules/websocket/services/chat-websocket.service.js +188 -0
  104. package/dist-server/server/modules/websocket/services/chat-websocket.service.js.map +1 -0
  105. package/dist-server/server/modules/websocket/services/plugin-websocket-proxy.service.js +52 -0
  106. package/dist-server/server/modules/websocket/services/plugin-websocket-proxy.service.js.map +1 -0
  107. package/dist-server/server/modules/websocket/services/shell-websocket.service.js +334 -0
  108. package/dist-server/server/modules/websocket/services/shell-websocket.service.js.map +1 -0
  109. package/dist-server/server/modules/websocket/services/websocket-auth.service.js +32 -0
  110. package/dist-server/server/modules/websocket/services/websocket-auth.service.js.map +1 -0
  111. package/dist-server/server/modules/websocket/services/websocket-server.service.js +36 -0
  112. package/dist-server/server/modules/websocket/services/websocket-server.service.js.map +1 -0
  113. package/dist-server/server/modules/websocket/services/websocket-state.service.js +14 -0
  114. package/dist-server/server/modules/websocket/services/websocket-state.service.js.map +1 -0
  115. package/dist-server/server/modules/websocket/services/websocket-writer.service.js +32 -0
  116. package/dist-server/server/modules/websocket/services/websocket-writer.service.js.map +1 -0
  117. package/dist-server/server/routes/agent.js +10 -17
  118. package/dist-server/server/routes/agent.js.map +1 -1
  119. package/dist-server/server/routes/auth.js +3 -1
  120. package/dist-server/server/routes/auth.js.map +1 -1
  121. package/dist-server/server/routes/commands.js +1 -1
  122. package/dist-server/server/routes/commands.js.map +1 -1
  123. package/dist-server/server/routes/gemini.js +2 -2
  124. package/dist-server/server/routes/gemini.js.map +1 -1
  125. package/dist-server/server/routes/git.js +33 -29
  126. package/dist-server/server/routes/git.js.map +1 -1
  127. package/dist-server/server/routes/settings.js +1 -1
  128. package/dist-server/server/routes/settings.js.map +1 -1
  129. package/dist-server/server/routes/taskmaster.js +97 -110
  130. package/dist-server/server/routes/taskmaster.js.map +1 -1
  131. package/dist-server/server/routes/user.js +1 -1
  132. package/dist-server/server/routes/user.js.map +1 -1
  133. package/dist-server/server/services/notification-orchestrator.js +2 -2
  134. package/dist-server/server/services/notification-orchestrator.js.map +1 -1
  135. package/dist-server/server/services/vapid-keys.js +2 -1
  136. package/dist-server/server/services/vapid-keys.js.map +1 -1
  137. package/dist-server/server/shared/types.js +0 -1
  138. package/dist-server/server/shared/types.js.map +1 -1
  139. package/dist-server/server/shared/utils.js +408 -7
  140. package/dist-server/server/shared/utils.js.map +1 -1
  141. package/dist-server/server/utils/taskmaster-websocket.js +18 -12
  142. package/dist-server/server/utils/taskmaster-websocket.js.map +1 -1
  143. package/dist-server/shared/modelConstants.js +2 -1
  144. package/dist-server/shared/modelConstants.js.map +1 -1
  145. package/package.json +3 -1
  146. package/server/index.js +146 -1012
  147. package/server/middleware/auth.js +1 -1
  148. package/server/modules/database/connection.ts +143 -0
  149. package/server/modules/database/index.ts +12 -0
  150. package/server/modules/database/init-db.ts +17 -0
  151. package/server/modules/database/migrations.ts +442 -0
  152. package/server/modules/database/repositories/api-keys.ts +119 -0
  153. package/server/modules/database/repositories/app-config.ts +53 -0
  154. package/server/modules/database/repositories/credentials.ts +106 -0
  155. package/server/modules/database/repositories/github-tokens.ts +100 -0
  156. package/server/modules/database/repositories/notification-preferences.ts +103 -0
  157. package/server/modules/database/repositories/projects.db.integration.test.ts +72 -0
  158. package/server/modules/database/repositories/projects.db.ts +183 -0
  159. package/server/modules/database/repositories/push-subscriptions.ts +80 -0
  160. package/server/modules/database/repositories/scan-state.db.ts +42 -0
  161. package/server/modules/database/repositories/sessions.db.ts +174 -0
  162. package/server/modules/database/repositories/users.ts +140 -0
  163. package/server/modules/database/repositories/vapid-keys.ts +57 -0
  164. package/server/modules/database/schema.ts +152 -0
  165. package/server/modules/projects/index.ts +6 -0
  166. package/server/modules/projects/projects.routes.ts +247 -0
  167. package/server/modules/projects/services/project-clone.service.ts +321 -0
  168. package/server/modules/projects/services/project-delete.service.ts +75 -0
  169. package/server/modules/projects/services/project-management.service.ts +150 -0
  170. package/server/modules/projects/services/project-star.service.ts +78 -0
  171. package/server/modules/projects/services/projects-has-taskmaster.service.ts +248 -0
  172. package/server/modules/projects/services/projects-with-sessions-fetch.service.ts +285 -0
  173. package/server/modules/projects/tests/project-clone.service.test.ts +183 -0
  174. package/server/modules/projects/tests/project-management.service.test.ts +117 -0
  175. package/server/modules/projects/tests/project-star.service.test.ts +123 -0
  176. package/server/modules/projects/tests/projects-has-taskmaster.service.test.ts +105 -0
  177. package/server/modules/providers/index.ts +4 -0
  178. package/server/modules/providers/list/claude/claude-session-synchronizer.provider.ts +110 -0
  179. package/server/modules/providers/list/claude/claude-sessions.provider.ts +182 -13
  180. package/server/modules/providers/list/claude/claude.provider.ts +3 -1
  181. package/server/modules/providers/list/codex/codex-session-synchronizer.provider.ts +119 -0
  182. package/server/modules/providers/list/codex/codex-sessions.provider.ts +262 -17
  183. package/server/modules/providers/list/codex/codex.provider.ts +3 -1
  184. package/server/modules/providers/list/cursor/cursor-session-synchronizer.provider.ts +176 -0
  185. package/server/modules/providers/list/cursor/cursor.provider.ts +3 -1
  186. package/server/modules/providers/list/gemini/gemini-session-synchronizer.provider.ts +401 -0
  187. package/server/modules/providers/list/gemini/gemini-sessions.provider.ts +327 -13
  188. package/server/modules/providers/list/gemini/gemini.provider.ts +3 -1
  189. package/server/modules/providers/provider.routes.ts +220 -12
  190. package/server/modules/providers/services/session-conversations-search.service.ts +1167 -0
  191. package/server/modules/providers/services/session-synchronizer.service.ts +74 -0
  192. package/server/modules/providers/services/sessions-watcher.service.ts +283 -0
  193. package/server/modules/providers/services/sessions.service.ts +89 -4
  194. package/server/modules/providers/shared/base/abstract.provider.ts +8 -1
  195. package/server/modules/websocket/README.md +267 -0
  196. package/server/modules/websocket/index.ts +2 -0
  197. package/server/modules/websocket/services/chat-websocket.service.ts +271 -0
  198. package/server/modules/websocket/services/plugin-websocket-proxy.service.ts +65 -0
  199. package/server/modules/websocket/services/shell-websocket.service.ts +453 -0
  200. package/server/modules/websocket/services/websocket-auth.service.ts +54 -0
  201. package/server/modules/websocket/services/websocket-server.service.ts +58 -0
  202. package/server/modules/websocket/services/websocket-state.service.ts +16 -0
  203. package/server/modules/websocket/services/websocket-writer.service.ts +38 -0
  204. package/server/routes/agent.js +11 -16
  205. package/server/routes/auth.js +4 -2
  206. package/server/routes/commands.js +1 -1
  207. package/server/routes/gemini.js +3 -2
  208. package/server/routes/git.js +33 -28
  209. package/server/routes/settings.js +1 -1
  210. package/server/routes/taskmaster.js +108 -111
  211. package/server/routes/user.js +1 -1
  212. package/server/services/notification-orchestrator.js +3 -2
  213. package/server/services/vapid-keys.js +2 -1
  214. package/server/shared/interfaces.ts +39 -1
  215. package/server/shared/types.ts +185 -30
  216. package/server/shared/utils.ts +485 -9
  217. package/server/utils/taskmaster-websocket.js +19 -13
  218. package/shared/modelConstants.js +2 -1
  219. package/dist/assets/index-RX-W_g_Q.js +0 -1262
  220. package/dist-server/server/database/db.js +0 -535
  221. package/dist-server/server/database/db.js.map +0 -1
  222. package/dist-server/server/database/schema.js +0 -97
  223. package/dist-server/server/database/schema.js.map +0 -1
  224. package/dist-server/server/projects.js +0 -2325
  225. package/dist-server/server/projects.js.map +0 -1
  226. package/dist-server/server/routes/codex.js +0 -18
  227. package/dist-server/server/routes/codex.js.map +0 -1
  228. package/dist-server/server/routes/messages.js +0 -56
  229. package/dist-server/server/routes/messages.js.map +0 -1
  230. package/dist-server/server/routes/projects.js +0 -505
  231. package/dist-server/server/routes/projects.js.map +0 -1
  232. package/server/database/db.js +0 -593
  233. package/server/database/schema.js +0 -102
  234. package/server/projects.js +0 -2555
  235. package/server/routes/codex.js +0 -19
  236. package/server/routes/messages.js +0 -61
  237. package/server/routes/projects.js +0 -548
package/server/index.js CHANGED
@@ -1,39 +1,57 @@
1
1
  #!/usr/bin/env node
2
2
  // Load environment variables before other imports execute
3
3
  import './load-env.js';
4
- import fs from 'fs';
4
+ import fs, { promises as fsPromises } from 'fs';
5
5
  import path from 'path';
6
- import { findAppRoot, getModuleDir } from './utils/runtime-paths.js';
7
-
8
- import { AppError, createNormalizedMessage } from '@/shared/utils.js';
9
-
10
-
11
- const __dirname = getModuleDir(import.meta.url);
12
- // The server source runs from /server, while the compiled output runs from /dist-server/server.
13
- // Resolving the app root once keeps every repo-level lookup below aligned across both layouts.
14
- const APP_ROOT = findAppRoot(__dirname);
15
- const installMode = fs.existsSync(path.join(APP_ROOT, '.git')) ? 'git' : 'npm';
16
-
17
- import { c } from './utils/colors.js';
18
-
19
- console.log('SERVER_PORT from env:', process.env.SERVER_PORT);
20
-
21
- import express from 'express';
22
- import { WebSocketServer, WebSocket } from 'ws';
23
6
  import os from 'os';
24
7
  import http from 'http';
25
- import cors from 'cors';
26
- import { promises as fsPromises } from 'fs';
27
8
  import { spawn } from 'child_process';
28
- import pty from 'node-pty';
9
+
10
+ import express from 'express';
11
+ import cors from 'cors';
29
12
  import mime from 'mime-types';
30
13
 
31
- import { getProjects, getSessions, renameProject, deleteSession, deleteProject, extractProjectDirectory, clearProjectDirectoryCache, searchConversations } from './projects.js';
32
- import { queryClaudeSDK, abortClaudeSDKSession, isClaudeSDKSessionActive, getActiveClaudeSDKSessions, resolveToolApproval, getPendingApprovalsForSession, reconnectSessionWriter } from './claude-sdk.js';
33
- import { spawnCursor, abortCursorSession, isCursorSessionActive, getActiveCursorSessions } from './cursor-cli.js';
34
- import { queryCodex, abortCodexSession, isCodexSessionActive, getActiveCodexSessions } from './openai-codex.js';
35
- import { spawnGemini, abortGeminiSession, isGeminiSessionActive, getActiveGeminiSessions } from './gemini-cli.js';
14
+ import { AppError, WORKSPACES_ROOT, validateWorkspacePath } from '@/shared/utils.js';
15
+ import { closeSessionsWatcher, initializeSessionsWatcher } from '@/modules/providers/index.js';
16
+ import { createWebSocketServer } from '@/modules/websocket/index.js';
17
+
18
+ import { getConnectableHost } from '../shared/networkHosts.js';
19
+
20
+ import { findAppRoot, getModuleDir } from './utils/runtime-paths.js';
21
+ import {
22
+ queryClaudeSDK,
23
+ abortClaudeSDKSession,
24
+ isClaudeSDKSessionActive,
25
+ getActiveClaudeSDKSessions,
26
+ resolveToolApproval,
27
+ getPendingApprovalsForSession,
28
+ reconnectSessionWriter,
29
+ } from './claude-sdk.js';
30
+ import {
31
+ spawnCursor,
32
+ abortCursorSession,
33
+ isCursorSessionActive,
34
+ getActiveCursorSessions,
35
+ } from './cursor-cli.js';
36
+ import {
37
+ queryCodex,
38
+ abortCodexSession,
39
+ isCodexSessionActive,
40
+ getActiveCodexSessions,
41
+ } from './openai-codex.js';
42
+ import {
43
+ spawnGemini,
44
+ abortGeminiSession,
45
+ isGeminiSessionActive,
46
+ getActiveGeminiSessions,
47
+ } from './gemini-cli.js';
36
48
  import sessionManager from './sessionManager.js';
49
+ import {
50
+ stripAnsiSequences,
51
+ normalizeDetectedUrl,
52
+ extractUrlsFromText,
53
+ shouldAutoOpenUrlFromOutput,
54
+ } from './utils/url-detection.js';
37
55
  import gitRoutes from './routes/git.js';
38
56
  import authRoutes from './routes/auth.js';
39
57
  import cursorRoutes from './routes/cursor.js';
@@ -42,210 +60,64 @@ import mcpUtilsRoutes from './routes/mcp-utils.js';
42
60
  import commandsRoutes from './routes/commands.js';
43
61
  import settingsRoutes from './routes/settings.js';
44
62
  import agentRoutes from './routes/agent.js';
45
- import projectsRoutes, { WORKSPACES_ROOT, validateWorkspacePath } from './routes/projects.js';
63
+ import projectModuleRoutes from './modules/projects/projects.routes.js';
46
64
  import userRoutes from './routes/user.js';
47
- import codexRoutes from './routes/codex.js';
48
65
  import geminiRoutes from './routes/gemini.js';
49
66
  import pluginsRoutes from './routes/plugins.js';
50
- import messagesRoutes from './routes/messages.js';
51
67
  import providerRoutes from './modules/providers/provider.routes.js';
52
68
  import { startEnabledPluginServers, stopAllPlugins, getPluginPort } from './utils/plugin-process-manager.js';
53
- import { initializeDatabase, sessionNamesDb, applyCustomSessionNames } from './database/db.js';
69
+ import { initializeDatabase, projectsDb } from './modules/database/index.js';
54
70
  import { configureWebPush } from './services/vapid-keys.js';
55
71
  import { validateApiKey, authenticateToken, authenticateWebSocket } from './middleware/auth.js';
56
72
  import { IS_PLATFORM } from './constants/config.js';
57
- import { getConnectableHost } from '../shared/networkHosts.js';
58
-
59
- const VALID_PROVIDERS = ['claude', 'codex', 'cursor', 'gemini'];
60
-
61
- // File system watchers for provider project/session folders
62
- const PROVIDER_WATCH_PATHS = [
63
- { provider: 'claude', rootPath: path.join(os.homedir(), '.claude', 'projects') },
64
- { provider: 'cursor', rootPath: path.join(os.homedir(), '.cursor', 'chats') },
65
- { provider: 'codex', rootPath: path.join(os.homedir(), '.codex', 'sessions') },
66
- { provider: 'gemini', rootPath: path.join(os.homedir(), '.gemini', 'projects') },
67
- { provider: 'gemini_sessions', rootPath: path.join(os.homedir(), '.gemini', 'sessions') }
68
- ];
69
- const WATCHER_IGNORED_PATTERNS = [
70
- '**/node_modules/**',
71
- '**/.git/**',
72
- '**/dist/**',
73
- '**/build/**',
74
- '**/*.tmp',
75
- '**/*.swp',
76
- '**/.DS_Store'
77
- ];
78
- const WATCHER_DEBOUNCE_MS = 300;
79
- let projectsWatchers = [];
80
- let projectsWatcherDebounceTimer = null;
81
- const connectedClients = new Set();
82
- let isGetProjectsRunning = false; // Flag to prevent reentrant calls
83
-
84
- // Broadcast progress to all connected WebSocket clients
85
- function broadcastProgress(progress) {
86
- const message = JSON.stringify({
87
- type: 'loading_progress',
88
- ...progress
89
- });
90
- connectedClients.forEach(client => {
91
- if (client.readyState === WebSocket.OPEN) {
92
- client.send(message);
93
- }
94
- });
95
- }
96
-
97
- // Setup file system watchers for Claude, Cursor, and Codex project/session folders
98
- async function setupProjectsWatcher() {
99
- const chokidar = (await import('chokidar')).default;
100
-
101
- if (projectsWatcherDebounceTimer) {
102
- clearTimeout(projectsWatcherDebounceTimer);
103
- projectsWatcherDebounceTimer = null;
104
- }
105
-
106
- await Promise.all(
107
- projectsWatchers.map(async (watcher) => {
108
- try {
109
- await watcher.close();
110
- } catch (error) {
111
- console.error('[WARN] Failed to close watcher:', error);
112
- }
113
- })
114
- );
115
- projectsWatchers = [];
116
-
117
- const debouncedUpdate = (eventType, filePath, provider, rootPath) => {
118
- if (projectsWatcherDebounceTimer) {
119
- clearTimeout(projectsWatcherDebounceTimer);
120
- }
121
-
122
- projectsWatcherDebounceTimer = setTimeout(async () => {
123
- // Prevent reentrant calls
124
- if (isGetProjectsRunning) {
125
- return;
126
- }
127
-
128
- try {
129
- isGetProjectsRunning = true;
130
-
131
- // Clear project directory cache when files change
132
- clearProjectDirectoryCache();
133
-
134
- // Get updated projects list
135
- const updatedProjects = await getProjects(broadcastProgress);
136
-
137
- // Notify all connected clients about the project changes
138
- const updateMessage = JSON.stringify({
139
- type: 'projects_updated',
140
- projects: updatedProjects,
141
- timestamp: new Date().toISOString(),
142
- changeType: eventType,
143
- changedFile: path.relative(rootPath, filePath),
144
- watchProvider: provider
145
- });
146
-
147
- connectedClients.forEach(client => {
148
- if (client.readyState === WebSocket.OPEN) {
149
- client.send(updateMessage);
150
- }
151
- });
152
-
153
- } catch (error) {
154
- console.error('[ERROR] Error handling project changes:', error);
155
- } finally {
156
- isGetProjectsRunning = false;
157
- }
158
- }, WATCHER_DEBOUNCE_MS);
159
- };
160
-
161
- for (const { provider, rootPath } of PROVIDER_WATCH_PATHS) {
162
- try {
163
- // chokidar v4 emits ENOENT via the "error" event for missing roots and will not auto-recover.
164
- // Ensure provider folders exist before creating the watcher so watching stays active.
165
- await fsPromises.mkdir(rootPath, { recursive: true });
166
-
167
- // Initialize chokidar watcher with optimized settings
168
- const watcher = chokidar.watch(rootPath, {
169
- ignored: WATCHER_IGNORED_PATTERNS,
170
- persistent: true,
171
- ignoreInitial: true, // Don't fire events for existing files on startup
172
- followSymlinks: false,
173
- depth: 10, // Reasonable depth limit
174
- awaitWriteFinish: {
175
- stabilityThreshold: 100, // Wait 100ms for file to stabilize
176
- pollInterval: 50
177
- }
178
- });
179
-
180
- // Set up event listeners
181
- watcher
182
- .on('add', (filePath) => debouncedUpdate('add', filePath, provider, rootPath))
183
- .on('change', (filePath) => debouncedUpdate('change', filePath, provider, rootPath))
184
- .on('unlink', (filePath) => debouncedUpdate('unlink', filePath, provider, rootPath))
185
- .on('addDir', (dirPath) => debouncedUpdate('addDir', dirPath, provider, rootPath))
186
- .on('unlinkDir', (dirPath) => debouncedUpdate('unlinkDir', dirPath, provider, rootPath))
187
- .on('error', (error) => {
188
- console.error(`[ERROR] ${provider} watcher error:`, error);
189
- })
190
- .on('ready', () => {
191
- });
192
-
193
- projectsWatchers.push(watcher);
194
- } catch (error) {
195
- console.error(`[ERROR] Failed to setup ${provider} watcher for ${rootPath}:`, error);
196
- }
197
- }
73
+ import { c } from './utils/colors.js';
198
74
 
199
- if (projectsWatchers.length === 0) {
200
- console.error('[ERROR] Failed to setup any provider watchers');
201
- }
202
- }
75
+ const __dirname = getModuleDir(import.meta.url);
76
+ // The server source runs from /server, while the compiled output runs from /dist-server/server.
77
+ // Resolving the app root once keeps every repo-level lookup below aligned across both layouts.
78
+ const APP_ROOT = findAppRoot(__dirname);
79
+ const installMode = fs.existsSync(path.join(APP_ROOT, '.git')) ? 'git' : 'npm';
203
80
 
81
+ console.log('SERVER_PORT from env:', process.env.SERVER_PORT);
204
82
 
205
83
  const app = express();
206
84
  const server = http.createServer(app);
207
85
 
208
- const ptySessionsMap = new Map();
209
- const PTY_SESSION_TIMEOUT = 30 * 60 * 1000;
210
- const SHELL_URL_PARSE_BUFFER_LIMIT = 32768;
211
- import { stripAnsiSequences, normalizeDetectedUrl, extractUrlsFromText, shouldAutoOpenUrlFromOutput } from './utils/url-detection.js';
212
-
213
- // Single WebSocket server that handles both paths
214
- const wss = new WebSocketServer({
215
- server,
216
- verifyClient: (info) => {
217
- console.log('WebSocket connection attempt to:', info.req.url);
218
-
219
- // Platform mode: always allow connection
220
- if (IS_PLATFORM) {
221
- const user = authenticateWebSocket(null); // Will return first user
222
- if (!user) {
223
- console.log('[WARN] Platform mode: No user found in database');
224
- return false;
225
- }
226
- info.req.user = user;
227
- console.log('[OK] Platform mode WebSocket authenticated for user:', user.username);
228
- return true;
229
- }
230
-
231
- // Normal mode: verify token
232
- // Extract token from query parameters or headers
233
- const url = new URL(info.req.url, 'http://localhost');
234
- const token = url.searchParams.get('token') ||
235
- info.req.headers.authorization?.split(' ')[1];
236
-
237
- // Verify token
238
- const user = authenticateWebSocket(token);
239
- if (!user) {
240
- console.log('[WARN] WebSocket authentication failed');
241
- return false;
242
- }
243
-
244
- // Store user info in the request for later use
245
- info.req.user = user;
246
- console.log('[OK] WebSocket authenticated for user:', user.username);
247
- return true;
248
- }
86
+ // Single WebSocket server that handles chat, shell, and plugin proxy paths.
87
+ const wss = createWebSocketServer(server, {
88
+ verifyClient: {
89
+ isPlatform: IS_PLATFORM,
90
+ authenticateWebSocket,
91
+ },
92
+ chat: {
93
+ queryClaudeSDK,
94
+ spawnCursor,
95
+ queryCodex,
96
+ spawnGemini,
97
+ abortClaudeSDKSession,
98
+ abortCursorSession,
99
+ abortCodexSession,
100
+ abortGeminiSession,
101
+ resolveToolApproval,
102
+ isClaudeSDKSessionActive,
103
+ isCursorSessionActive,
104
+ isCodexSessionActive,
105
+ isGeminiSessionActive,
106
+ reconnectSessionWriter,
107
+ getPendingApprovalsForSession,
108
+ getActiveClaudeSDKSessions,
109
+ getActiveCursorSessions,
110
+ getActiveCodexSessions,
111
+ getActiveGeminiSessions,
112
+ },
113
+ shell: {
114
+ getSessionById: (sessionId) => sessionManager.getSession(sessionId),
115
+ stripAnsiSequences,
116
+ normalizeDetectedUrl,
117
+ extractUrlsFromText,
118
+ shouldAutoOpenUrlFromOutput,
119
+ },
120
+ getPluginPort,
249
121
  });
250
122
 
251
123
  // Make WebSocket server available to routes
@@ -281,7 +153,7 @@ app.use('/api', validateApiKey);
281
153
  app.use('/api/auth', authRoutes);
282
154
 
283
155
  // Projects API Routes (protected)
284
- app.use('/api/projects', authenticateToken, projectsRoutes);
156
+ app.use('/api/projects', authenticateToken, projectModuleRoutes);
285
157
 
286
158
  // Git API Routes (protected)
287
159
  app.use('/api/git', authenticateToken, gitRoutes);
@@ -304,18 +176,12 @@ app.use('/api/settings', authenticateToken, settingsRoutes);
304
176
  // User API Routes (protected)
305
177
  app.use('/api/user', authenticateToken, userRoutes);
306
178
 
307
- // Codex API Routes (protected)
308
- app.use('/api/codex', authenticateToken, codexRoutes);
309
-
310
179
  // Gemini API Routes (protected)
311
180
  app.use('/api/gemini', authenticateToken, geminiRoutes);
312
181
 
313
182
  // Plugins API Routes (protected)
314
183
  app.use('/api/plugins', authenticateToken, pluginsRoutes);
315
184
 
316
- // Unified session messages route (protected)
317
- app.use('/api/sessions', authenticateToken, messagesRoutes);
318
-
319
185
  // Unified provider MCP routes (protected)
320
186
  app.use('/api/providers', authenticateToken, providerRoutes);
321
187
 
@@ -419,138 +285,6 @@ app.post('/api/system/update', authenticateToken, async (req, res) => {
419
285
  }
420
286
  });
421
287
 
422
- app.get('/api/projects', authenticateToken, async (req, res) => {
423
- try {
424
- const projects = await getProjects(broadcastProgress);
425
- res.json(projects);
426
- } catch (error) {
427
- res.status(500).json({ error: error.message });
428
- }
429
- });
430
-
431
- app.get('/api/projects/:projectName/sessions', authenticateToken, async (req, res) => {
432
- try {
433
- const { limit = 5, offset = 0 } = req.query;
434
- const result = await getSessions(req.params.projectName, parseInt(limit), parseInt(offset));
435
- applyCustomSessionNames(result.sessions, 'claude');
436
- res.json(result);
437
- } catch (error) {
438
- res.status(500).json({ error: error.message });
439
- }
440
- });
441
-
442
- // Rename project endpoint
443
- app.put('/api/projects/:projectName/rename', authenticateToken, async (req, res) => {
444
- try {
445
- const { displayName } = req.body;
446
- await renameProject(req.params.projectName, displayName);
447
- res.json({ success: true });
448
- } catch (error) {
449
- res.status(500).json({ error: error.message });
450
- }
451
- });
452
-
453
- // Delete session endpoint
454
- app.delete('/api/projects/:projectName/sessions/:sessionId', authenticateToken, async (req, res) => {
455
- try {
456
- const { projectName, sessionId } = req.params;
457
- console.log(`[API] Deleting session: ${sessionId} from project: ${projectName}`);
458
- await deleteSession(projectName, sessionId);
459
- sessionNamesDb.deleteName(sessionId, 'claude');
460
- console.log(`[API] Session ${sessionId} deleted successfully`);
461
- res.json({ success: true });
462
- } catch (error) {
463
- console.error(`[API] Error deleting session ${req.params.sessionId}:`, error);
464
- res.status(500).json({ error: error.message });
465
- }
466
- });
467
-
468
- // Rename session endpoint
469
- app.put('/api/sessions/:sessionId/rename', authenticateToken, async (req, res) => {
470
- try {
471
- const { sessionId } = req.params;
472
- const safeSessionId = String(sessionId).replace(/[^a-zA-Z0-9._-]/g, '');
473
- if (!safeSessionId || safeSessionId !== String(sessionId)) {
474
- return res.status(400).json({ error: 'Invalid sessionId' });
475
- }
476
- const { summary, provider } = req.body;
477
- if (!summary || typeof summary !== 'string' || summary.trim() === '') {
478
- return res.status(400).json({ error: 'Summary is required' });
479
- }
480
- if (summary.trim().length > 500) {
481
- return res.status(400).json({ error: 'Summary must not exceed 500 characters' });
482
- }
483
- if (!provider || !VALID_PROVIDERS.includes(provider)) {
484
- return res.status(400).json({ error: `Provider must be one of: ${VALID_PROVIDERS.join(', ')}` });
485
- }
486
- sessionNamesDb.setName(safeSessionId, provider, summary.trim());
487
- res.json({ success: true });
488
- } catch (error) {
489
- console.error(`[API] Error renaming session ${req.params.sessionId}:`, error);
490
- res.status(500).json({ error: error.message });
491
- }
492
- });
493
-
494
- // Delete project endpoint
495
- // force=true to allow removal even when sessions exist
496
- // deleteData=true to also delete session/memory files on disk (destructive)
497
- app.delete('/api/projects/:projectName', authenticateToken, async (req, res) => {
498
- try {
499
- const { projectName } = req.params;
500
- const force = req.query.force === 'true';
501
- const deleteData = req.query.deleteData === 'true';
502
- await deleteProject(projectName, force, deleteData);
503
- res.json({ success: true });
504
- } catch (error) {
505
- res.status(500).json({ error: error.message });
506
- }
507
- });
508
-
509
- // Search conversations content (SSE streaming)
510
- app.get('/api/search/conversations', authenticateToken, async (req, res) => {
511
- const query = typeof req.query.q === 'string' ? req.query.q.trim() : '';
512
- const parsedLimit = Number.parseInt(String(req.query.limit), 10);
513
- const limit = Number.isNaN(parsedLimit) ? 50 : Math.max(1, Math.min(parsedLimit, 100));
514
-
515
- if (query.length < 2) {
516
- return res.status(400).json({ error: 'Query must be at least 2 characters' });
517
- }
518
-
519
- res.writeHead(200, {
520
- 'Content-Type': 'text/event-stream',
521
- 'Cache-Control': 'no-cache',
522
- 'Connection': 'keep-alive',
523
- 'X-Accel-Buffering': 'no',
524
- });
525
-
526
- let closed = false;
527
- const abortController = new AbortController();
528
- req.on('close', () => { closed = true; abortController.abort(); });
529
-
530
- try {
531
- await searchConversations(query, limit, ({ projectResult, totalMatches, scannedProjects, totalProjects }) => {
532
- if (closed) return;
533
- if (projectResult) {
534
- res.write(`event: result\ndata: ${JSON.stringify({ projectResult, totalMatches, scannedProjects, totalProjects })}\n\n`);
535
- } else {
536
- res.write(`event: progress\ndata: ${JSON.stringify({ totalMatches, scannedProjects, totalProjects })}\n\n`);
537
- }
538
- }, abortController.signal);
539
- if (!closed) {
540
- res.write(`event: done\ndata: {}\n\n`);
541
- }
542
- } catch (error) {
543
- console.error('Error searching conversations:', error);
544
- if (!closed) {
545
- res.write(`event: error\ndata: ${JSON.stringify({ error: 'Search failed' })}\n\n`);
546
- }
547
- } finally {
548
- if (!closed) {
549
- res.end();
550
- }
551
- }
552
- });
553
-
554
288
  const expandWorkspacePath = (inputPath) => {
555
289
  if (!inputPath) return inputPath;
556
290
  if (inputPath === '~') {
@@ -684,9 +418,9 @@ app.post('/api/create-folder', authenticateToken, async (req, res) => {
684
418
  });
685
419
 
686
420
  // Read file content endpoint
687
- app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) => {
421
+ app.get('/api/projects/:projectId/file', authenticateToken, async (req, res) => {
688
422
  try {
689
- const { projectName } = req.params;
423
+ const { projectId } = req.params;
690
424
  const { filePath } = req.query;
691
425
 
692
426
 
@@ -695,7 +429,9 @@ app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) =
695
429
  return res.status(400).json({ error: 'Invalid file path' });
696
430
  }
697
431
 
698
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
432
+ // Resolve the absolute project root via the DB-backed helper; the
433
+ // caller passes the DB-assigned `projectId`, not a folder name.
434
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
699
435
  if (!projectRoot) {
700
436
  return res.status(404).json({ error: 'Project not found' });
701
437
  }
@@ -724,9 +460,9 @@ app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) =
724
460
  });
725
461
 
726
462
  // Serve raw file bytes for previews and downloads.
727
- app.get('/api/projects/:projectName/files/content', authenticateToken, async (req, res) => {
463
+ app.get('/api/projects/:projectId/files/content', authenticateToken, async (req, res) => {
728
464
  try {
729
- const { projectName } = req.params;
465
+ const { projectId } = req.params;
730
466
  const { path: filePath } = req.query;
731
467
 
732
468
 
@@ -735,7 +471,8 @@ app.get('/api/projects/:projectName/files/content', authenticateToken, async (re
735
471
  return res.status(400).json({ error: 'Invalid file path' });
736
472
  }
737
473
 
738
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
474
+ // Projects are now addressed by DB `projectId`, resolved to their path here.
475
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
739
476
  if (!projectRoot) {
740
477
  return res.status(404).json({ error: 'Project not found' });
741
478
  }
@@ -781,9 +518,9 @@ app.get('/api/projects/:projectName/files/content', authenticateToken, async (re
781
518
  });
782
519
 
783
520
  // Save file content endpoint
784
- app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) => {
521
+ app.put('/api/projects/:projectId/file', authenticateToken, async (req, res) => {
785
522
  try {
786
- const { projectName } = req.params;
523
+ const { projectId } = req.params;
787
524
  const { filePath, content } = req.body;
788
525
 
789
526
 
@@ -796,7 +533,8 @@ app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) =
796
533
  return res.status(400).json({ error: 'Content is required' });
797
534
  }
798
535
 
799
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
536
+ // Projects are now addressed by DB `projectId`, resolved to their path here.
537
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
800
538
  if (!projectRoot) {
801
539
  return res.status(404).json({ error: 'Project not found' });
802
540
  }
@@ -830,19 +568,16 @@ app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) =
830
568
  }
831
569
  });
832
570
 
833
- app.get('/api/projects/:projectName/files', authenticateToken, async (req, res) => {
571
+ app.get('/api/projects/:projectId/files', authenticateToken, async (req, res) => {
834
572
  try {
835
573
 
836
574
  // Using fsPromises from import
837
575
 
838
- // Use extractProjectDirectory to get the actual project path
839
- let actualPath;
840
- try {
841
- actualPath = await extractProjectDirectory(req.params.projectName);
842
- } catch (error) {
843
- console.error('Error extracting project directory:', error);
844
- // Fallback to simple dash replacement
845
- actualPath = req.params.projectName.replace(/-/g, '/');
576
+ // Resolve the project's absolute path through the DB (projectId is the
577
+ // primary key of the `projects` table after the identifier migration).
578
+ const actualPath = await projectsDb.getProjectPathById(req.params.projectId);
579
+ if (!actualPath) {
580
+ return res.status(404).json({ error: 'Project not found' });
846
581
  }
847
582
 
848
583
  // Check if path exists
@@ -907,10 +642,10 @@ function validateFilename(name) {
907
642
  return { valid: true };
908
643
  }
909
644
 
910
- // POST /api/projects/:projectName/files/create - Create new file or directory
911
- app.post('/api/projects/:projectName/files/create', authenticateToken, async (req, res) => {
645
+ // POST /api/projects/:projectId/files/create - Create new file or directory
646
+ app.post('/api/projects/:projectId/files/create', authenticateToken, async (req, res) => {
912
647
  try {
913
- const { projectName } = req.params;
648
+ const { projectId } = req.params;
914
649
  const { path: parentPath, type, name } = req.body;
915
650
 
916
651
  // Validate input
@@ -927,8 +662,8 @@ app.post('/api/projects/:projectName/files/create', authenticateToken, async (re
927
662
  return res.status(400).json({ error: nameValidation.error });
928
663
  }
929
664
 
930
- // Get project root
931
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
665
+ // Resolve the project directory through the DB using the new projectId.
666
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
932
667
  if (!projectRoot) {
933
668
  return res.status(404).json({ error: 'Project not found' });
934
669
  }
@@ -984,10 +719,10 @@ app.post('/api/projects/:projectName/files/create', authenticateToken, async (re
984
719
  }
985
720
  });
986
721
 
987
- // PUT /api/projects/:projectName/files/rename - Rename file or directory
988
- app.put('/api/projects/:projectName/files/rename', authenticateToken, async (req, res) => {
722
+ // PUT /api/projects/:projectId/files/rename - Rename file or directory
723
+ app.put('/api/projects/:projectId/files/rename', authenticateToken, async (req, res) => {
989
724
  try {
990
- const { projectName } = req.params;
725
+ const { projectId } = req.params;
991
726
  const { oldPath, newName } = req.body;
992
727
 
993
728
  // Validate input
@@ -1000,8 +735,8 @@ app.put('/api/projects/:projectName/files/rename', authenticateToken, async (req
1000
735
  return res.status(400).json({ error: nameValidation.error });
1001
736
  }
1002
737
 
1003
- // Get project root
1004
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
738
+ // Resolve the project directory through the DB using the new projectId.
739
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
1005
740
  if (!projectRoot) {
1006
741
  return res.status(404).json({ error: 'Project not found' });
1007
742
  }
@@ -1061,10 +796,10 @@ app.put('/api/projects/:projectName/files/rename', authenticateToken, async (req
1061
796
  }
1062
797
  });
1063
798
 
1064
- // DELETE /api/projects/:projectName/files - Delete file or directory
1065
- app.delete('/api/projects/:projectName/files', authenticateToken, async (req, res) => {
799
+ // DELETE /api/projects/:projectId/files - Delete file or directory
800
+ app.delete('/api/projects/:projectId/files', authenticateToken, async (req, res) => {
1066
801
  try {
1067
- const { projectName } = req.params;
802
+ const { projectId } = req.params;
1068
803
  const { path: targetPath, type } = req.body;
1069
804
 
1070
805
  // Validate input
@@ -1072,8 +807,8 @@ app.delete('/api/projects/:projectName/files', authenticateToken, async (req, re
1072
807
  return res.status(400).json({ error: 'Path is required' });
1073
808
  }
1074
809
 
1075
- // Get project root
1076
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
810
+ // Resolve the project directory through the DB using the new projectId.
811
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
1077
812
  if (!projectRoot) {
1078
813
  return res.status(404).json({ error: 'Project not found' });
1079
814
  }
@@ -1126,7 +861,7 @@ app.delete('/api/projects/:projectName/files', authenticateToken, async (req, re
1126
861
  }
1127
862
  });
1128
863
 
1129
- // POST /api/projects/:projectName/files/upload - Upload files
864
+ // POST /api/projects/:projectId/files/upload - Upload files
1130
865
  // Dynamic import of multer for file uploads
1131
866
  const uploadFilesHandler = async (req, res) => {
1132
867
  // Dynamic import of multer
@@ -1165,7 +900,7 @@ const uploadFilesHandler = async (req, res) => {
1165
900
  }
1166
901
 
1167
902
  try {
1168
- const { projectName } = req.params;
903
+ const { projectId } = req.params;
1169
904
  const { targetPath, relativePaths } = req.body;
1170
905
 
1171
906
  // Parse relative paths if provided (for folder uploads)
@@ -1179,7 +914,7 @@ const uploadFilesHandler = async (req, res) => {
1179
914
  }
1180
915
 
1181
916
  console.log('[DEBUG] File upload request:', {
1182
- projectName,
917
+ projectId,
1183
918
  targetPath: JSON.stringify(targetPath),
1184
919
  targetPathType: typeof targetPath,
1185
920
  filesCount: req.files?.length,
@@ -1190,8 +925,8 @@ const uploadFilesHandler = async (req, res) => {
1190
925
  return res.status(400).json({ error: 'No files provided' });
1191
926
  }
1192
927
 
1193
- // Get project root
1194
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
928
+ // Resolve the project directory through the DB using the new projectId.
929
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
1195
930
  if (!projectRoot) {
1196
931
  return res.status(404).json({ error: 'Project not found' });
1197
932
  }
@@ -1288,615 +1023,12 @@ const uploadFilesHandler = async (req, res) => {
1288
1023
  });
1289
1024
  };
1290
1025
 
1291
- app.post('/api/projects/:projectName/files/upload', authenticateToken, uploadFilesHandler);
1292
-
1293
- /**
1294
- * Proxy an authenticated client WebSocket to a plugin's internal WS server.
1295
- * Auth is enforced by verifyClient before this function is reached.
1296
- */
1297
- function handlePluginWsProxy(clientWs, pathname) {
1298
- const pluginName = pathname.replace('/plugin-ws/', '');
1299
- if (!pluginName || /[^a-zA-Z0-9_-]/.test(pluginName)) {
1300
- clientWs.close(4400, 'Invalid plugin name');
1301
- return;
1302
- }
1303
-
1304
- const port = getPluginPort(pluginName);
1305
- if (!port) {
1306
- clientWs.close(4404, 'Plugin not running');
1307
- return;
1308
- }
1309
-
1310
- const upstream = new WebSocket(`ws://127.0.0.1:${port}/ws`);
1311
-
1312
- upstream.on('open', () => {
1313
- console.log(`[Plugins] WS proxy connected to "${pluginName}" on port ${port}`);
1314
- });
1315
-
1316
- // Relay messages bidirectionally
1317
- upstream.on('message', (data) => {
1318
- if (clientWs.readyState === WebSocket.OPEN) clientWs.send(data);
1319
- });
1320
- clientWs.on('message', (data) => {
1321
- if (upstream.readyState === WebSocket.OPEN) upstream.send(data);
1322
- });
1323
-
1324
- // Propagate close in both directions
1325
- upstream.on('close', () => { if (clientWs.readyState === WebSocket.OPEN) clientWs.close(); });
1326
- clientWs.on('close', () => { if (upstream.readyState === WebSocket.OPEN) upstream.close(); });
1327
-
1328
- upstream.on('error', (err) => {
1329
- console.error(`[Plugins] WS proxy error for "${pluginName}":`, err.message);
1330
- if (clientWs.readyState === WebSocket.OPEN) clientWs.close(4502, 'Upstream error');
1331
- });
1332
- clientWs.on('error', () => {
1333
- if (upstream.readyState === WebSocket.OPEN) upstream.close();
1334
- });
1335
- }
1336
-
1337
- // WebSocket connection handler that routes based on URL path
1338
- wss.on('connection', (ws, request) => {
1339
- const url = request.url;
1340
- console.log('[INFO] Client connected to:', url);
1341
-
1342
- // Parse URL to get pathname without query parameters
1343
- const urlObj = new URL(url, 'http://localhost');
1344
- const pathname = urlObj.pathname;
1345
-
1346
- if (pathname === '/shell') {
1347
- handleShellConnection(ws);
1348
- } else if (pathname === '/ws') {
1349
- handleChatConnection(ws, request);
1350
- } else if (pathname.startsWith('/plugin-ws/')) {
1351
- handlePluginWsProxy(ws, pathname);
1352
- } else {
1353
- console.log('[WARN] Unknown WebSocket path:', pathname);
1354
- ws.close();
1355
- }
1356
- });
1357
-
1358
- /**
1359
- * WebSocket Writer - Wrapper for WebSocket to match SSEStreamWriter interface
1360
- *
1361
- * Provider files use `createNormalizedMessage()` from `shared/utils.js` and
1362
- * adapter `normalizeMessage()` to produce unified NormalizedMessage events.
1363
- * The writer simply serialises and sends.
1364
- */
1365
- class WebSocketWriter {
1366
- constructor(ws, userId = null) {
1367
- this.ws = ws;
1368
- this.sessionId = null;
1369
- this.userId = userId;
1370
- this.isWebSocketWriter = true; // Marker for transport detection
1371
- }
1372
-
1373
- send(data) {
1374
- if (this.ws.readyState === 1) { // WebSocket.OPEN
1375
- this.ws.send(JSON.stringify(data));
1376
- }
1377
- }
1378
-
1379
- updateWebSocket(newRawWs) {
1380
- this.ws = newRawWs;
1381
- }
1382
-
1383
- setSessionId(sessionId) {
1384
- this.sessionId = sessionId;
1385
- }
1386
-
1387
- getSessionId() {
1388
- return this.sessionId;
1389
- }
1390
- }
1391
-
1392
- // Handle chat WebSocket connections
1393
- function handleChatConnection(ws, request) {
1394
- console.log('[INFO] Chat WebSocket connected');
1395
-
1396
- // Add to connected clients for project updates
1397
- connectedClients.add(ws);
1398
-
1399
- // Wrap WebSocket with writer for consistent interface with SSEStreamWriter
1400
- const writer = new WebSocketWriter(ws, request?.user?.id ?? request?.user?.userId ?? null);
1401
-
1402
- ws.on('message', async (message) => {
1403
- try {
1404
- const data = JSON.parse(message);
1405
-
1406
- if (data.type === 'claude-command') {
1407
- console.log('[DEBUG] User message:', data.command || '[Continue/Resume]');
1408
- console.log('📁 Project:', data.options?.projectPath || 'Unknown');
1409
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
1410
-
1411
- // Use Claude Agents SDK
1412
- await queryClaudeSDK(data.command, data.options, writer);
1413
- } else if (data.type === 'cursor-command') {
1414
- console.log('[DEBUG] Cursor message:', data.command || '[Continue/Resume]');
1415
- console.log('📁 Project:', data.options?.cwd || 'Unknown');
1416
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
1417
- console.log('🤖 Model:', data.options?.model || 'default');
1418
- await spawnCursor(data.command, data.options, writer);
1419
- } else if (data.type === 'codex-command') {
1420
- console.log('[DEBUG] Codex message:', data.command || '[Continue/Resume]');
1421
- console.log('📁 Project:', data.options?.projectPath || data.options?.cwd || 'Unknown');
1422
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
1423
- console.log('🤖 Model:', data.options?.model || 'default');
1424
- await queryCodex(data.command, data.options, writer);
1425
- } else if (data.type === 'gemini-command') {
1426
- console.log('[DEBUG] Gemini message:', data.command || '[Continue/Resume]');
1427
- console.log('📁 Project:', data.options?.projectPath || data.options?.cwd || 'Unknown');
1428
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
1429
- console.log('🤖 Model:', data.options?.model || 'default');
1430
- await spawnGemini(data.command, data.options, writer);
1431
- } else if (data.type === 'cursor-resume') {
1432
- // Backward compatibility: treat as cursor-command with resume and no prompt
1433
- console.log('[DEBUG] Cursor resume session (compat):', data.sessionId);
1434
- await spawnCursor('', {
1435
- sessionId: data.sessionId,
1436
- resume: true,
1437
- cwd: data.options?.cwd
1438
- }, writer);
1439
- } else if (data.type === 'abort-session') {
1440
- console.log('[DEBUG] Abort session request:', data.sessionId);
1441
- const provider = data.provider || 'claude';
1442
- let success;
1443
-
1444
- if (provider === 'cursor') {
1445
- success = abortCursorSession(data.sessionId);
1446
- } else if (provider === 'codex') {
1447
- success = abortCodexSession(data.sessionId);
1448
- } else if (provider === 'gemini') {
1449
- success = abortGeminiSession(data.sessionId);
1450
- } else {
1451
- // Use Claude Agents SDK
1452
- success = await abortClaudeSDKSession(data.sessionId);
1453
- }
1454
-
1455
- writer.send(createNormalizedMessage({ kind: 'complete', exitCode: success ? 0 : 1, aborted: true, success, sessionId: data.sessionId, provider }));
1456
- } else if (data.type === 'claude-permission-response') {
1457
- // Relay UI approval decisions back into the SDK control flow.
1458
- // This does not persist permissions; it only resolves the in-flight request,
1459
- // introduced so the SDK can resume once the user clicks Allow/Deny.
1460
- if (data.requestId) {
1461
- resolveToolApproval(data.requestId, {
1462
- allow: Boolean(data.allow),
1463
- updatedInput: data.updatedInput,
1464
- message: data.message,
1465
- rememberEntry: data.rememberEntry
1466
- });
1467
- }
1468
- } else if (data.type === 'cursor-abort') {
1469
- console.log('[DEBUG] Abort Cursor session:', data.sessionId);
1470
- const success = abortCursorSession(data.sessionId);
1471
- writer.send(createNormalizedMessage({ kind: 'complete', exitCode: success ? 0 : 1, aborted: true, success, sessionId: data.sessionId, provider: 'cursor' }));
1472
- } else if (data.type === 'check-session-status') {
1473
- // Check if a specific session is currently processing
1474
- const provider = data.provider || 'claude';
1475
- const sessionId = data.sessionId;
1476
- let isActive;
1477
-
1478
- if (provider === 'cursor') {
1479
- isActive = isCursorSessionActive(sessionId);
1480
- } else if (provider === 'codex') {
1481
- isActive = isCodexSessionActive(sessionId);
1482
- } else if (provider === 'gemini') {
1483
- isActive = isGeminiSessionActive(sessionId);
1484
- } else {
1485
- // Use Claude Agents SDK
1486
- isActive = isClaudeSDKSessionActive(sessionId);
1487
- if (isActive) {
1488
- // Reconnect the session's writer to the new WebSocket so
1489
- // subsequent SDK output flows to the refreshed client.
1490
- reconnectSessionWriter(sessionId, ws);
1491
- }
1492
- }
1493
-
1494
- writer.send({
1495
- type: 'session-status',
1496
- sessionId,
1497
- provider,
1498
- isProcessing: isActive
1499
- });
1500
- } else if (data.type === 'get-pending-permissions') {
1501
- // Return pending permission requests for a session
1502
- const sessionId = data.sessionId;
1503
- if (sessionId && isClaudeSDKSessionActive(sessionId)) {
1504
- const pending = getPendingApprovalsForSession(sessionId);
1505
- writer.send({
1506
- type: 'pending-permissions-response',
1507
- sessionId,
1508
- data: pending
1509
- });
1510
- }
1511
- } else if (data.type === 'get-active-sessions') {
1512
- // Get all currently active sessions
1513
- const activeSessions = {
1514
- claude: getActiveClaudeSDKSessions(),
1515
- cursor: getActiveCursorSessions(),
1516
- codex: getActiveCodexSessions(),
1517
- gemini: getActiveGeminiSessions()
1518
- };
1519
- writer.send({
1520
- type: 'active-sessions',
1521
- sessions: activeSessions
1522
- });
1523
- }
1524
- } catch (error) {
1525
- console.error('[ERROR] Chat WebSocket error:', error.message);
1526
- writer.send({
1527
- type: 'error',
1528
- error: error.message
1529
- });
1530
- }
1531
- });
1532
-
1533
- ws.on('close', () => {
1534
- console.log('🔌 Chat client disconnected');
1535
- // Remove from connected clients
1536
- connectedClients.delete(ws);
1537
- });
1538
- }
1539
-
1540
- // Handle shell WebSocket connections
1541
- function handleShellConnection(ws) {
1542
- console.log('🐚 Shell client connected');
1543
- let shellProcess = null;
1544
- let ptySessionKey = null;
1545
- let urlDetectionBuffer = '';
1546
- const announcedAuthUrls = new Set();
1547
-
1548
- ws.on('message', async (message) => {
1549
- try {
1550
- const data = JSON.parse(message);
1551
- console.log('📨 Shell message received:', data.type);
1552
-
1553
- if (data.type === 'init') {
1554
- const projectPath = data.projectPath || process.cwd();
1555
- const sessionId = data.sessionId;
1556
- const hasSession = data.hasSession;
1557
- const provider = data.provider || 'claude';
1558
- const initialCommand = data.initialCommand;
1559
- const isPlainShell = data.isPlainShell || (!!initialCommand && !hasSession) || provider === 'plain-shell';
1560
- urlDetectionBuffer = '';
1561
- announcedAuthUrls.clear();
1562
-
1563
- // Login commands (Claude/Cursor auth) should never reuse cached sessions
1564
- const isLoginCommand = initialCommand && (
1565
- initialCommand.includes('setup-token') ||
1566
- initialCommand.includes('cursor-agent login') ||
1567
- initialCommand.includes('auth login')
1568
- );
1569
-
1570
- // Include command hash in session key so different commands get separate sessions
1571
- const commandSuffix = isPlainShell && initialCommand
1572
- ? `_cmd_${Buffer.from(initialCommand).toString('base64').slice(0, 16)}`
1573
- : '';
1574
- ptySessionKey = `${projectPath}_${sessionId || 'default'}${commandSuffix}`;
1575
-
1576
- // Kill any existing login session before starting fresh
1577
- if (isLoginCommand) {
1578
- const oldSession = ptySessionsMap.get(ptySessionKey);
1579
- if (oldSession) {
1580
- console.log('🧹 Cleaning up existing login session:', ptySessionKey);
1581
- if (oldSession.timeoutId) clearTimeout(oldSession.timeoutId);
1582
- if (oldSession.pty && oldSession.pty.kill) oldSession.pty.kill();
1583
- ptySessionsMap.delete(ptySessionKey);
1584
- }
1585
- }
1586
-
1587
- const existingSession = isLoginCommand ? null : ptySessionsMap.get(ptySessionKey);
1588
- if (existingSession) {
1589
- console.log('♻️ Reconnecting to existing PTY session:', ptySessionKey);
1590
- shellProcess = existingSession.pty;
1591
-
1592
- clearTimeout(existingSession.timeoutId);
1593
-
1594
- ws.send(JSON.stringify({
1595
- type: 'output',
1596
- data: `\x1b[36m[Reconnected to existing session]\x1b[0m\r\n`
1597
- }));
1598
-
1599
- if (existingSession.buffer && existingSession.buffer.length > 0) {
1600
- console.log(`📜 Sending ${existingSession.buffer.length} buffered messages`);
1601
- existingSession.buffer.forEach(bufferedData => {
1602
- ws.send(JSON.stringify({
1603
- type: 'output',
1604
- data: bufferedData
1605
- }));
1606
- });
1607
- }
1608
-
1609
- existingSession.ws = ws;
1610
-
1611
- return;
1612
- }
1026
+ app.post('/api/projects/:projectId/files/upload', authenticateToken, uploadFilesHandler);
1613
1027
 
1614
- console.log('[INFO] Starting shell in:', projectPath);
1615
- console.log('📋 Session info:', hasSession ? `Resume session ${sessionId}` : (isPlainShell ? 'Plain shell mode' : 'New session'));
1616
- console.log('🤖 Provider:', isPlainShell ? 'plain-shell' : provider);
1617
- if (initialCommand) {
1618
- console.log('⚡ Initial command:', initialCommand);
1619
- }
1620
-
1621
- // First send a welcome message
1622
- let welcomeMsg;
1623
- if (isPlainShell) {
1624
- welcomeMsg = `\x1b[36mStarting terminal in: ${projectPath}\x1b[0m\r\n`;
1625
- } else {
1626
- const providerName = provider === 'cursor' ? 'Cursor' : (provider === 'codex' ? 'Codex' : (provider === 'gemini' ? 'Gemini' : 'Claude'));
1627
- welcomeMsg = hasSession ?
1628
- `\x1b[36mResuming ${providerName} session ${sessionId} in: ${projectPath}\x1b[0m\r\n` :
1629
- `\x1b[36mStarting new ${providerName} session in: ${projectPath}\x1b[0m\r\n`;
1630
- }
1631
-
1632
- ws.send(JSON.stringify({
1633
- type: 'output',
1634
- data: welcomeMsg
1635
- }));
1636
-
1637
- try {
1638
- // Validate projectPath — resolve to absolute and verify it exists
1639
- const resolvedProjectPath = path.resolve(projectPath);
1640
- try {
1641
- const stats = fs.statSync(resolvedProjectPath);
1642
- if (!stats.isDirectory()) {
1643
- throw new Error('Not a directory');
1644
- }
1645
- } catch (pathErr) {
1646
- ws.send(JSON.stringify({ type: 'error', message: 'Invalid project path' }));
1647
- return;
1648
- }
1649
-
1650
- // Validate sessionId — only allow safe characters
1651
- const safeSessionIdPattern = /^[a-zA-Z0-9_.\-:]+$/;
1652
- if (sessionId && !safeSessionIdPattern.test(sessionId)) {
1653
- ws.send(JSON.stringify({ type: 'error', message: 'Invalid session ID' }));
1654
- return;
1655
- }
1656
-
1657
- // Build shell command — use cwd for project path (never interpolate into shell string)
1658
- let shellCommand;
1659
- if (isPlainShell) {
1660
- // Plain shell mode - run the initial command in the project directory
1661
- shellCommand = initialCommand;
1662
- } else if (provider === 'cursor') {
1663
- if (hasSession && sessionId) {
1664
- shellCommand = `cursor-agent --resume="${sessionId}"`;
1665
- } else {
1666
- shellCommand = 'cursor-agent';
1667
- }
1668
- } else if (provider === 'codex') {
1669
- // Use codex command; attempt to resume and fall back to a new session when the resume fails.
1670
- if (hasSession && sessionId) {
1671
- if (os.platform() === 'win32') {
1672
- // PowerShell syntax for fallback
1673
- shellCommand = `codex resume "${sessionId}"; if ($LASTEXITCODE -ne 0) { codex }`;
1674
- } else {
1675
- shellCommand = `codex resume "${sessionId}" || codex`;
1676
- }
1677
- } else {
1678
- shellCommand = 'codex';
1679
- }
1680
- } else if (provider === 'gemini') {
1681
- const command = initialCommand || 'gemini';
1682
- let resumeId = sessionId;
1683
- if (hasSession && sessionId) {
1684
- try {
1685
- // Gemini CLI enforces its own native session IDs, unlike other agents that accept arbitrary string names.
1686
- // The UI only knows about its internal generated `sessionId` (e.g. gemini_1234).
1687
- // We must fetch the mapping from the backend session manager to pass the native `cliSessionId` to the shell.
1688
- const sess = sessionManager.getSession(sessionId);
1689
- if (sess && sess.cliSessionId) {
1690
- resumeId = sess.cliSessionId;
1691
- // Validate the looked-up CLI session ID too
1692
- if (!safeSessionIdPattern.test(resumeId)) {
1693
- resumeId = null;
1694
- }
1695
- }
1696
- } catch (err) {
1697
- console.error('Failed to get Gemini CLI session ID:', err);
1698
- }
1699
- }
1700
-
1701
- if (hasSession && resumeId) {
1702
- shellCommand = `${command} --resume "${resumeId}"`;
1703
- } else {
1704
- shellCommand = command;
1705
- }
1706
- } else {
1707
- // Claude (default provider)
1708
- const command = initialCommand || 'claude';
1709
- if (hasSession && sessionId) {
1710
- if (os.platform() === 'win32') {
1711
- shellCommand = `claude --resume "${sessionId}"; if ($LASTEXITCODE -ne 0) { claude }`;
1712
- } else {
1713
- shellCommand = `claude --resume "${sessionId}" || claude`;
1714
- }
1715
- } else {
1716
- shellCommand = command;
1717
- }
1718
- }
1719
-
1720
- console.log('🔧 Executing shell command:', shellCommand);
1721
-
1722
- // Use appropriate shell based on platform
1723
- const shell = os.platform() === 'win32' ? 'powershell.exe' : 'bash';
1724
- const shellArgs = os.platform() === 'win32' ? ['-Command', shellCommand] : ['-c', shellCommand];
1725
-
1726
- // Use terminal dimensions from client if provided, otherwise use defaults
1727
- const termCols = data.cols || 80;
1728
- const termRows = data.rows || 24;
1729
- console.log('📐 Using terminal dimensions:', termCols, 'x', termRows);
1730
-
1731
- shellProcess = pty.spawn(shell, shellArgs, {
1732
- name: 'xterm-256color',
1733
- cols: termCols,
1734
- rows: termRows,
1735
- cwd: resolvedProjectPath,
1736
- env: {
1737
- ...process.env,
1738
- TERM: 'xterm-256color',
1739
- COLORTERM: 'truecolor',
1740
- FORCE_COLOR: '3'
1741
- }
1742
- });
1743
-
1744
- console.log('🟢 Shell process started with PTY, PID:', shellProcess.pid);
1745
-
1746
- ptySessionsMap.set(ptySessionKey, {
1747
- pty: shellProcess,
1748
- ws: ws,
1749
- buffer: [],
1750
- timeoutId: null,
1751
- projectPath,
1752
- sessionId
1753
- });
1754
-
1755
- // Handle data output
1756
- shellProcess.onData((data) => {
1757
- const session = ptySessionsMap.get(ptySessionKey);
1758
- if (!session) return;
1759
-
1760
- if (session.buffer.length < 5000) {
1761
- session.buffer.push(data);
1762
- } else {
1763
- session.buffer.shift();
1764
- session.buffer.push(data);
1765
- }
1766
-
1767
- if (session.ws && session.ws.readyState === WebSocket.OPEN) {
1768
- let outputData = data;
1769
-
1770
- const cleanChunk = stripAnsiSequences(data);
1771
- urlDetectionBuffer = `${urlDetectionBuffer}${cleanChunk}`.slice(-SHELL_URL_PARSE_BUFFER_LIMIT);
1772
-
1773
- outputData = outputData.replace(
1774
- /OPEN_URL:\s*(https?:\/\/[^\s\x1b\x07]+)/g,
1775
- '[INFO] Opening in browser: $1'
1776
- );
1777
-
1778
- const emitAuthUrl = (detectedUrl, autoOpen = false) => {
1779
- const normalizedUrl = normalizeDetectedUrl(detectedUrl);
1780
- if (!normalizedUrl) return;
1781
-
1782
- const isNewUrl = !announcedAuthUrls.has(normalizedUrl);
1783
- if (isNewUrl) {
1784
- announcedAuthUrls.add(normalizedUrl);
1785
- session.ws.send(JSON.stringify({
1786
- type: 'auth_url',
1787
- url: normalizedUrl,
1788
- autoOpen
1789
- }));
1790
- }
1791
-
1792
- };
1793
-
1794
- const normalizedDetectedUrls = extractUrlsFromText(urlDetectionBuffer)
1795
- .map((url) => normalizeDetectedUrl(url))
1796
- .filter(Boolean);
1797
-
1798
- // Prefer the most complete URL if shorter prefix variants are also present.
1799
- const dedupedDetectedUrls = Array.from(new Set(normalizedDetectedUrls)).filter((url, _, urls) =>
1800
- !urls.some((otherUrl) => otherUrl !== url && otherUrl.startsWith(url))
1801
- );
1802
-
1803
- dedupedDetectedUrls.forEach((url) => emitAuthUrl(url, false));
1804
-
1805
- if (shouldAutoOpenUrlFromOutput(cleanChunk) && dedupedDetectedUrls.length > 0) {
1806
- const bestUrl = dedupedDetectedUrls.reduce((longest, current) =>
1807
- current.length > longest.length ? current : longest
1808
- );
1809
- emitAuthUrl(bestUrl, true);
1810
- }
1811
-
1812
- // Send regular output
1813
- session.ws.send(JSON.stringify({
1814
- type: 'output',
1815
- data: outputData
1816
- }));
1817
- }
1818
- });
1819
-
1820
- // Handle process exit
1821
- shellProcess.onExit((exitCode) => {
1822
- console.log('🔚 Shell process exited with code:', exitCode.exitCode, 'signal:', exitCode.signal);
1823
- const session = ptySessionsMap.get(ptySessionKey);
1824
- if (session && session.ws && session.ws.readyState === WebSocket.OPEN) {
1825
- session.ws.send(JSON.stringify({
1826
- type: 'output',
1827
- data: `\r\n\x1b[33mProcess exited with code ${exitCode.exitCode}${exitCode.signal ? ` (${exitCode.signal})` : ''}\x1b[0m\r\n`
1828
- }));
1829
- }
1830
- if (session && session.timeoutId) {
1831
- clearTimeout(session.timeoutId);
1832
- }
1833
- ptySessionsMap.delete(ptySessionKey);
1834
- shellProcess = null;
1835
- });
1836
-
1837
- } catch (spawnError) {
1838
- console.error('[ERROR] Error spawning process:', spawnError);
1839
- ws.send(JSON.stringify({
1840
- type: 'output',
1841
- data: `\r\n\x1b[31mError: ${spawnError.message}\x1b[0m\r\n`
1842
- }));
1843
- }
1844
-
1845
- } else if (data.type === 'input') {
1846
- // Send input to shell process
1847
- if (shellProcess && shellProcess.write) {
1848
- try {
1849
- shellProcess.write(data.data);
1850
- } catch (error) {
1851
- console.error('Error writing to shell:', error);
1852
- }
1853
- } else {
1854
- console.warn('No active shell process to send input to');
1855
- }
1856
- } else if (data.type === 'resize') {
1857
- // Handle terminal resize
1858
- if (shellProcess && shellProcess.resize) {
1859
- console.log('Terminal resize requested:', data.cols, 'x', data.rows);
1860
- shellProcess.resize(data.cols, data.rows);
1861
- }
1862
- }
1863
- } catch (error) {
1864
- console.error('[ERROR] Shell WebSocket error:', error.message);
1865
- if (ws.readyState === WebSocket.OPEN) {
1866
- ws.send(JSON.stringify({
1867
- type: 'output',
1868
- data: `\r\n\x1b[31mError: ${error.message}\x1b[0m\r\n`
1869
- }));
1870
- }
1871
- }
1872
- });
1873
-
1874
- ws.on('close', () => {
1875
- console.log('🔌 Shell client disconnected');
1876
-
1877
- if (ptySessionKey) {
1878
- const session = ptySessionsMap.get(ptySessionKey);
1879
- if (session) {
1880
- console.log('⏳ PTY session kept alive, will timeout in 30 minutes:', ptySessionKey);
1881
- session.ws = null;
1882
-
1883
- session.timeoutId = setTimeout(() => {
1884
- console.log('⏰ PTY session timeout, killing process:', ptySessionKey);
1885
- if (session.pty && session.pty.kill) {
1886
- session.pty.kill();
1887
- }
1888
- ptySessionsMap.delete(ptySessionKey);
1889
- }, PTY_SESSION_TIMEOUT);
1890
- }
1891
- }
1892
- });
1893
-
1894
- ws.on('error', (error) => {
1895
- console.error('[ERROR] Shell WebSocket error:', error);
1896
- });
1897
- }
1898
- // Image upload endpoint
1899
- app.post('/api/projects/:projectName/upload-images', authenticateToken, async (req, res) => {
1028
+ // Image upload endpoint. Accepts the DB-assigned `projectId` (not a folder name)
1029
+ // but the current implementation doesn't need to touch the project directory,
1030
+ // so we just leave the param rename for consistency with the rest of the API.
1031
+ app.post('/api/projects/:projectId/upload-images', authenticateToken, async (req, res) => {
1900
1032
  try {
1901
1033
  const multer = (await import('multer')).default;
1902
1034
  const path = (await import('path')).default;
@@ -1980,10 +1112,11 @@ app.post('/api/projects/:projectName/upload-images', authenticateToken, async (r
1980
1112
  }
1981
1113
  });
1982
1114
 
1983
- // Get token usage for a specific session
1984
- app.get('/api/projects/:projectName/sessions/:sessionId/token-usage', authenticateToken, async (req, res) => {
1115
+ // Get token usage for a specific session. `projectId` is the DB primary key;
1116
+ // the Claude branch below resolves it to an absolute path via the DB.
1117
+ app.get('/api/projects/:projectId/sessions/:sessionId/token-usage', authenticateToken, async (req, res) => {
1985
1118
  try {
1986
- const { projectName, sessionId } = req.params;
1119
+ const { projectId, sessionId } = req.params;
1987
1120
  const { provider = 'claude' } = req.query;
1988
1121
  const homeDir = os.homedir();
1989
1122
 
@@ -2087,13 +1220,13 @@ app.get('/api/projects/:projectName/sessions/:sessionId/token-usage', authentica
2087
1220
  }
2088
1221
 
2089
1222
  // Handle Claude sessions (default)
2090
- // Extract actual project path
2091
- let projectPath;
2092
- try {
2093
- projectPath = await extractProjectDirectory(projectName);
2094
- } catch (error) {
2095
- console.error('Error extracting project directory:', error);
2096
- return res.status(500).json({ error: 'Failed to determine project path' });
1223
+ // Resolve the project path through the DB using the caller-supplied
1224
+ // `projectId`. Legacy code here called extractProjectDirectory with a
1225
+ // folder-encoded project name; the migration centralizes that lookup
1226
+ // in the projects table.
1227
+ const projectPath = await projectsDb.getProjectPathById(projectId);
1228
+ if (!projectPath) {
1229
+ return res.status(404).json({ error: 'Project not found' });
2097
1230
  }
2098
1231
 
2099
1232
  // Construct the JSONL file path
@@ -2343,7 +1476,7 @@ async function startServer() {
2343
1476
  console.log('');
2344
1477
 
2345
1478
  // Start watching the projects folder for changes
2346
- await setupProjectsWatcher();
1479
+ await initializeSessionsWatcher();
2347
1480
 
2348
1481
  // Start server-side plugin processes for enabled plugins
2349
1482
  startEnabledPluginServers().catch(err => {
@@ -2351,6 +1484,7 @@ async function startServer() {
2351
1484
  });
2352
1485
  });
2353
1486
 
1487
+ await closeSessionsWatcher();
2354
1488
  // Clean up plugin processes on shutdown
2355
1489
  const shutdownPlugins = async () => {
2356
1490
  await stopAllPlugins();