@cursorpool-dev/cli 0.5.6

package/node_modules/@cursor-pool/service/test/platformSession.test.ts

@@ -0,0 +1,2428 @@
+import assert from 'node:assert/strict';
+import { createServer, type IncomingMessage, type ServerResponse } from 'node:http';
+import { chmod, mkdtemp, readFile, rm, stat, writeFile } from 'node:fs/promises';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import test from 'node:test';
+import {
+  loginWithPassword,
+  loginWithCode,
+  logoutPlatform,
+  platformCatalog,
+  platformStatus,
+  selectPlatformProduct,
+  sendHeartbeat,
+  startPlatformMode,
+  stopPlatformMode,
+} from '../src/platformSession';
+
+type RouteResult = Record<string, unknown> | { statusCode: number; body: Record<string, unknown> };
+type RouteHandler = (
+  body: Record<string, unknown>,
+  request: IncomingMessage,
+) => RouteResult | Promise<RouteResult>;
+
+function normalizeRouteResult(result: RouteResult) {
+  if ('statusCode' in result && 'body' in result) {
+    return result;
+  }
+
+  return { statusCode: 200, body: result };
+}
+
+function jsonResponse(response: ServerResponse, statusCode: number, body: Record<string, unknown>) {
+  const payload = JSON.stringify(body);
+  response.writeHead(statusCode, {
+    'content-type': 'application/json',
+    'content-length': Buffer.byteLength(payload),
+  });
+  response.end(payload);
+}
+
+async function readBody(request: IncomingMessage) {
+  const chunks: Buffer[] = [];
+  for await (const chunk of request) {
+    chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+  }
+  const body = Buffer.concat(chunks).toString('utf8');
+  return body ? (JSON.parse(body) as Record<string, unknown>) : {};
+}
+
+async function createApiServer(routes: Record<string, RouteHandler>) {
+  const server = createServer(async (request, response) => {
+    const key = `${request.method} ${request.url}`;
+    const route = routes[key];
+    if (!route) {
+      jsonResponse(response, 404, { ok: false });
+      return;
+    }
+
+    const result = normalizeRouteResult(await route(await readBody(request), request));
+    jsonResponse(response, result.statusCode, result.body);
+  });
+
+  await new Promise<void>((resolve) => server.listen(0, '127.0.0.1', resolve));
+  const address = server.address();
+  assert.equal(typeof address, 'object');
+
+  return {
+    apiBaseUrl: `http://127.0.0.1:${address?.port}`,
+    close: () => new Promise<void>((resolve, reject) => {
+      server.close((error) => (error ? reject(error) : resolve()));
+    }),
+  };
+}
+
+test('loginWithCode exchanges code and writes a minimal session file', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': (body) => {
+      assert.equal(body.code, 'CODE-123');
+      assert.deepEqual(body.device, { name: 'Lin Mac', os: 'darwin', arch: 'arm64' });
+      return {
+        deviceToken: 'cp_dev_secret',
+        user: { id: 'usr_1', email: 'dev@example.com' },
+        device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+      };
+    },
+  });
+
+  try {
+    const status = await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.equal(status.state, 'logged-in');
+    assert.deepEqual(status.user, { id: 'usr_1', email: 'dev@example.com' });
+    assert.deepEqual(status.device, {
+      id: 'dev_1',
+      status: 'active',
+      lastHeartbeatAt: '2026-05-30T00:00:00Z',
+    });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    const savedStat = await stat(sessionFile);
+    assert.equal(saved.apiBaseUrl, api.apiBaseUrl);
+    assert.equal(saved.deviceToken, 'cp_dev_secret');
+    assert.equal(savedStat.mode & 0o777, 0o600);
+    assert.equal(typeof saved.createdAt, 'string');
+    assert.match(saved.createdAt, /^\d{4}-\d{2}-\d{2}T/);
+    assert.deepEqual(saved.user, status.user);
+    assert.deepEqual(saved.device, status.device);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('loginWithPassword exchanges credentials and writes a minimal session file', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-password-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/password-device-token': (body) => {
+      assert.equal(body.email, 'dev@example.com');
+      assert.equal(body.password, 'correct-password');
+      assert.deepEqual(body.device, { name: 'Lin Mac', os: 'darwin', arch: 'arm64' });
+      return {
+        deviceToken: 'cp_dev_secret',
+        user: { id: 'usr_1', email: 'dev@example.com' },
+        device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+      };
+    },
+  });
+
+  try {
+    const status = await loginWithPassword({
+      email: 'dev@example.com',
+      password: 'correct-password',
+      apiBaseUrl: `${api.apiBaseUrl}/`,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.equal(status.state, 'logged-in');
+    assert.deepEqual(status.user, { id: 'usr_1', email: 'dev@example.com' });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    const savedStat = await stat(sessionFile);
+    assert.equal(saved.apiBaseUrl, api.apiBaseUrl);
+    assert.equal(saved.deviceToken, 'cp_dev_secret');
+    assert.equal(savedStat.mode & 0o777, 0o600);
+    assert.deepEqual(saved.user, status.user);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('loginWithPassword preserves platform password login error code', async () => {
+  const api = await createApiServer({
+    'POST /auth/password-device-token': () => ({
+      statusCode: 401,
+      body: { detail: { code: 'PASSWORD_LOGIN_INVALID' } },
+    }),
+  });
+
+  try {
+    await assert.rejects(
+      loginWithPassword({
+        email: 'dev@example.com',
+        password: 'wrong-password',
+        apiBaseUrl: api.apiBaseUrl,
+      }),
+      (error: unknown) => {
+        assert.equal((error as { platformCode?: unknown }).platformCode, 'PASSWORD_LOGIN_INVALID');
+        return true;
+      },
+    );
+  } finally {
+    await api.close();
+  }
+});
+
+test('platformStatus propagates local session write failures after /me succeeds', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:02:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await chmod(sessionFile, 0o400);
+
+    await assert.rejects(
+      platformStatus({ sessionFile }),
+      (error: unknown) => (error as NodeJS.ErrnoException).code === 'EACCES',
+    );
+  } finally {
+    await chmod(sessionFile, 0o600).catch(() => {});
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformStatus distinguishes logged-out and offline states', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    assert.deepEqual(await platformStatus({ sessionFile }), { state: 'logged-out' });
+
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+  } finally {
+    await api.close();
+  }
+
+  try {
+    const status = await platformStatus({ sessionFile });
+    assert.equal(status.state, 'offline');
+    assert.deepEqual(status.user, { id: 'usr_1', email: 'dev@example.com' });
+    assert.equal(status.device?.id, 'dev_1');
+  } finally {
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformStatus returns invalid-token when /me responds with HTTP 401', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_INVALID' } } }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    const status = await platformStatus({ sessionFile });
+
+    assert.equal(status.state, 'invalid-token');
+    assert.deepEqual(status.user, { id: 'usr_1', email: 'dev@example.com' });
+    assert.equal(status.device?.id, 'dev_1');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformStatus releases active mode when token becomes invalid', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const status = await platformStatus({ sessionFile });
+
+    assert.equal(status.state, 'invalid-token');
+    assert.equal(status.mode?.state, 'inactive');
+    assert.equal(status.mode?.releaseReason, 'invalid-token');
+    assert.match(status.mode?.releasedAt ?? '', /^\d{4}-\d{2}-\d{2}T/);
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(updated.lastModeReleaseReason, 'invalid-token');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+const poolSession = {
+  id: 'pool_sess_1',
+  productId: 'prod_basic',
+  providerType: 'mock-provider',
+  status: 'active' as const,
+  startedAt: '2026-05-31T00:00:00.000Z',
+  expiresAt: '2026-05-31T01:00:00.000Z',
+  routeTokenExpiresAt: '2026-05-31T00:10:00.000Z',
+  routeStrategy: 'platform-gateway' as const,
+  bannedModels: [],
+  capabilities: {
+    streaming: true,
+    usageEstimate: false,
+    hardSpendLimit: false,
+  },
+};
+
+test('platform session accepts pool session and route token fields', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:05:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        poolSession,
+        routeToken: {
+          token: 'rt_secret_value',
+          expiresAt: '2026-05-31T00:10:00.000Z',
+        },
+      }, null, 2)}\n`,
+    );
+
+    const status = await platformStatus({ sessionFile });
+
+    assert.equal(status.state, 'logged-in');
+    assert.equal(status.mode.state, 'active');
+    assert.equal(status.mode.productId, 'prod_basic');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('soft release clears pool session and route token', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        poolSession,
+        routeToken: {
+          token: 'rt_secret_value',
+          expiresAt: '2026-05-31T00:10:00.000Z',
+        },
+      }, null, 2)}\n`,
+    );
+
+    const status = await platformStatus({ sessionFile });
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+
+    assert.equal(status.state, 'invalid-token');
+    assert.equal(status.mode?.state, 'inactive');
+    assert.equal(Object.hasOwn(updated, 'poolSession'), false);
+    assert.equal(Object.hasOwn(updated, 'routeToken'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformStatus releases active mode when device is no longer active', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'removed', lastHeartbeatAt: '2026-05-30T00:05:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const status = await platformStatus({ sessionFile });
+
+    assert.equal(status.state, 'logged-in');
+    assert.equal(status.device.status, 'removed');
+    assert.equal(status.mode.state, 'inactive');
+    assert.equal(status.mode.releaseReason, 'device-inactive');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformStatus does not resurrect mode stopped while status request is in flight', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  let releaseMe: ((value: void) => void) | undefined;
+  const meCanReturn = new Promise<void>((resolve) => {
+    releaseMe = resolve;
+  });
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': async () => {
+      await meCanReturn;
+      return {
+        user: { id: 'usr_1', email: 'dev@example.com' },
+        device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:05:00Z' },
+      };
+    },
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const statusPromise = platformStatus({ sessionFile });
+    await stopPlatformMode({ sessionFile });
+    releaseMe?.();
+    const status = await statusPromise;
+
+    assert.equal(status.state, 'logged-in');
+    assert.equal(status.mode.state, 'inactive');
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(Object.hasOwn(updated, 'activeProductId'), false);
+    assert.equal(Object.hasOwn(updated, 'platformModeStartedAt'), false);
+    assert.equal(Object.hasOwn(updated, 'lastModeReleaseReason'), false);
+  } finally {
+    releaseMe?.();
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('sendHeartbeat posts payload and updates session lastHeartbeatAt', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'POST /devices/heartbeat': (body, request) => {
+      assert.equal(request.headers.authorization, 'Bearer cp_dev_secret');
+      assert.deepEqual(body, { serviceStatus: 'running' });
+      return {
+        ok: true,
+        device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:01:00Z' },
+      };
+    },
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    const status = await sendHeartbeat({ sessionFile, payload: { serviceStatus: 'running' } });
+
+    assert.equal(status.state, 'logged-in');
+    assert.equal(status.device?.lastHeartbeatAt, '2026-05-30T00:01:00Z');
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.deepEqual(saved.device, status.device);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('sendHeartbeat returns invalid-token when heartbeat responds with HTTP 401', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'POST /devices/heartbeat': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    const status = await sendHeartbeat({ sessionFile, payload: { serviceStatus: 'running' } });
+
+    assert.equal(status.state, 'invalid-token');
+    assert.deepEqual(status.user, { id: 'usr_1', email: 'dev@example.com' });
+    assert.equal(status.device?.id, 'dev_1');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('sendHeartbeat releases active mode on invalid token and inactive device', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const invalidTokenSessionFile = join(tempDir, 'invalid-token-session.json');
+  const inactiveDeviceSessionFile = join(tempDir, 'inactive-device-session.json');
+  const invalidApi = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'POST /devices/heartbeat': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+  });
+  const inactiveApi = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'POST /devices/heartbeat': () => ({
+      ok: true,
+      device: { id: 'dev_1', status: 'disabled', lastHeartbeatAt: '2026-05-30T00:05:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: invalidApi.apiBaseUrl,
+      sessionFile: invalidTokenSessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: inactiveApi.apiBaseUrl,
+      sessionFile: inactiveDeviceSessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    for (const file of [invalidTokenSessionFile, inactiveDeviceSessionFile]) {
+      const saved = JSON.parse(await readFile(file, 'utf8')) as Record<string, unknown>;
+      await writeFile(
+        file,
+        `${JSON.stringify({
+          ...saved,
+          platformMode: 'active',
+          activeProductId: 'prod_basic',
+          platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        }, null, 2)}\n`,
+      );
+    }
+
+    const invalidStatus = await sendHeartbeat({ sessionFile: invalidTokenSessionFile });
+    assert.equal(invalidStatus.state, 'invalid-token');
+    assert.equal(invalidStatus.mode?.state, 'inactive');
+    assert.equal(invalidStatus.mode?.releaseReason, 'invalid-token');
+
+    const inactiveStatus = await sendHeartbeat({ sessionFile: inactiveDeviceSessionFile });
+    assert.equal(inactiveStatus.state, 'logged-in');
+    assert.equal(inactiveStatus.mode.state, 'inactive');
+    assert.equal(inactiveStatus.mode.releaseReason, 'device-inactive');
+  } finally {
+    await invalidApi.close();
+    await inactiveApi.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('sendHeartbeat does not resurrect mode stopped while heartbeat is in flight', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const heartbeat = await sendHeartbeat({
+      sessionFile,
+      postHeartbeat: async () => {
+        await stopPlatformMode({ sessionFile });
+        return {
+          ok: true,
+          device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:05:00Z' },
+        };
+      },
+    });
+
+    assert.equal(heartbeat.state, 'logged-in');
+    assert.equal(heartbeat.mode.state, 'inactive');
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(Object.hasOwn(updated, 'activeProductId'), false);
+    assert.equal(Object.hasOwn(updated, 'platformModeStartedAt'), false);
+    assert.equal(Object.hasOwn(updated, 'lastModeReleaseReason'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('sendHeartbeat propagates local session write failures after heartbeat succeeds', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'POST /devices/heartbeat': () => ({
+      ok: true,
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:03:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await chmod(sessionFile, 0o400);
+
+    await assert.rejects(
+      sendHeartbeat({ sessionFile, payload: { serviceStatus: 'running' } }),
+      (error: unknown) => (error as NodeJS.ErrnoException).code === 'EACCES',
+    );
+  } finally {
+    await chmod(sessionFile, 0o600).catch(() => {});
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('logoutPlatform deletes the local session even when API is offline', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+  } finally {
+    await api.close();
+  }
+
+  try {
+    assert.equal((await logoutPlatform({ sessionFile })).state, 'logged-out');
+    assert.deepEqual(await platformStatus({ sessionFile }), { state: 'logged-out' });
+  } finally {
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog returns logged-out without a local session and does not call platform API', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  let requestCount = 0;
+  const api = await createApiServer({
+    'GET /account/summary': () => {
+      requestCount += 1;
+      return { credits: 1000 };
+    },
+    'GET /products': () => {
+      requestCount += 1;
+      return { products: [] };
+    },
+  });
+
+  try {
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'logged-out',
+      products: [],
+    });
+    assert.equal(requestCount, 0);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog fetches account summary and products with device token', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': (_body, request) => {
+      assert.equal(request.headers.authorization, 'Bearer cp_dev_secret');
+      return { credits: 1000 };
+    },
+    'GET /products': (_body, request) => {
+      assert.equal(request.headers.authorization, 'Bearer cp_dev_secret');
+      return {
+        products: [
+          {
+            id: 'prod_basic',
+            name: '基础组',
+            description: '开发态基础商品，用于验证扩展展示。',
+            status: 'available',
+            minCredits: 100,
+            usageLabel: '按请求消耗，倍率 1x',
+            billingRate: 1,
+            billingUnitCredits: 1,
+          },
+          {
+            id: 'prod_missing_status',
+            name: '缺少状态',
+            description: '缺少状态字段，应该被过滤。',
+            minCredits: 1,
+            usageLabel: '不展示',
+          },
+          {
+            id: 'prod_negative_credits',
+            name: '负数积分',
+            description: 'minCredits 为负数，应该被过滤。',
+            status: 'available',
+            minCredits: -1,
+            usageLabel: '不展示',
+          },
+          {
+            id: 'prod_decimal_credits',
+            name: '小数积分',
+            description: 'minCredits 为小数，应该被过滤。',
+            status: 'available',
+            minCredits: 1.5,
+            usageLabel: '不展示',
+          },
+          {
+            id: 'prod_zero_credits',
+            name: '零积分组',
+            description: 'minCredits 为非负整数，应该保留。',
+            status: 'available',
+            minCredits: 0,
+            usageLabel: '按请求消耗，倍率 1x',
+          },
+        ],
+      };
+    },
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'logged-in',
+      account: { credits: 1000 },
+      mode: { state: 'inactive' },
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '开发态基础商品，用于验证扩展展示。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+        {
+          id: 'prod_zero_credits',
+          name: '零积分组',
+          description: 'minCredits 为非负整数，应该保留。',
+          status: 'available',
+          minCredits: 0,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog returns invalid-token when account summary responds with HTTP 401', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+    'GET /products': () => ({ products: [] }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'invalid-token',
+      mode: { state: 'inactive' },
+      products: [],
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog releases active mode when account summary responds with HTTP 401', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+    'GET /products': () => ({ products: [] }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const catalog = await platformCatalog({ sessionFile });
+
+    assert.equal(catalog.state, 'invalid-token');
+    assert.equal(catalog.mode?.state, 'inactive');
+    assert.equal(catalog.mode?.releaseReason, 'invalid-token');
+    assert.match(catalog.mode?.releasedAt ?? '', /^\d{4}-\d{2}-\d{2}T/);
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(updated.lastModeReleaseReason, 'invalid-token');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog returns invalid-token when products responds with HTTP 401', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'invalid-token',
+      mode: { state: 'inactive' },
+      products: [],
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog prioritizes delayed product 401 over earlier account summary 500', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ statusCode: 500, body: { ok: false } }),
+    'GET /products': async () => {
+      await new Promise((resolve) => setTimeout(resolve, 30));
+      return { statusCode: 401, body: { detail: { code: 'TOKEN_REVOKED' } } };
+    },
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'invalid-token',
+      mode: { state: 'inactive' },
+      products: [],
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog returns offline when platform API is unreachable', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+  } finally {
+    await api.close();
+  }
+
+  try {
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'offline',
+      products: [],
+    });
+  } finally {
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog returns offline when platform API responds with non-401 error', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ statusCode: 500, body: { ok: false } }),
+    'GET /products': () => ({ products: [] }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'offline',
+      products: [],
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('selectPlatformProduct stores an available product in the local session', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '开发态基础商品，用于验证扩展展示。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await selectPlatformProduct({ sessionFile, productId: 'prod_basic' }), {
+      state: 'selected',
+      selectedProductId: 'prod_basic',
+    });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(saved.selectedProductId, 'prod_basic');
+    assert.equal(Object.hasOwn(saved, 'products'), false);
+    assert.equal(Object.hasOwn(saved, 'account'), false);
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'logged-in',
+      account: { credits: 1000 },
+      mode: { state: 'inactive' },
+      selectedProductId: 'prod_basic',
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '开发态基础商品，用于验证扩展展示。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('selectPlatformProduct reports logged-out without a local session', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+
+  try {
+    assert.deepEqual(await selectPlatformProduct({ sessionFile, productId: 'prod_basic' }), {
+      state: 'logged-out',
+    });
+  } finally {
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('selectPlatformProduct rejects missing and unavailable products without writing selection', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_pro',
+          name: '高级组',
+          description: '开发态高级商品，用于验证多商品展示。',
+          status: 'unavailable',
+          minCredits: 500,
+          usageLabel: '按请求消耗，倍率 2x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await selectPlatformProduct({ sessionFile, productId: 'prod_missing' }), {
+      state: 'product-not-found',
+      productId: 'prod_missing',
+    });
+    assert.deepEqual(await selectPlatformProduct({ sessionFile, productId: 'prod_pro' }), {
+      state: 'product-unavailable',
+      productId: 'prod_pro',
+    });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(saved, 'selectedProductId'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('selectPlatformProduct returns catalog failure states without writing selection', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const invalidSessionFile = join(tempDir, 'invalid-session.json');
+  const offlineSessionFile = join(tempDir, 'offline-session.json');
+  const invalidApi = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ statusCode: 401, body: { detail: { code: 'TOKEN_INVALID' } } }),
+    'GET /products': () => ({ products: [] }),
+  });
+  const offlineApi = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ statusCode: 500, body: { ok: false } }),
+    'GET /products': () => ({ products: [] }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: invalidApi.apiBaseUrl,
+      sessionFile: invalidSessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: offlineApi.apiBaseUrl,
+      sessionFile: offlineSessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await selectPlatformProduct({ sessionFile: invalidSessionFile, productId: 'prod_basic' }), {
+      state: 'invalid-token',
+    });
+    assert.deepEqual(await selectPlatformProduct({ sessionFile: offlineSessionFile, productId: 'prod_basic' }), {
+      state: 'offline',
+    });
+
+    const invalidSaved = JSON.parse(await readFile(invalidSessionFile, 'utf8')) as Record<string, unknown>;
+    const offlineSaved = JSON.parse(await readFile(offlineSessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(invalidSaved, 'selectedProductId'), false);
+    assert.equal(Object.hasOwn(offlineSaved, 'selectedProductId'), false);
+  } finally {
+    await invalidApi.close();
+    await offlineApi.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('selectPlatformProduct does not resurrect active mode cleaned during catalog refresh', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '可选择商品。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_removed',
+        platformMode: 'active',
+        activeProductId: 'prod_removed',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    assert.deepEqual(await selectPlatformProduct({ sessionFile, productId: 'prod_basic' }), {
+      state: 'selected',
+      selectedProductId: 'prod_basic',
+    });
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(updated.selectedProductId, 'prod_basic');
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(Object.hasOwn(updated, 'activeProductId'), false);
+    assert.equal(Object.hasOwn(updated, 'platformModeStartedAt'), false);
+    assert.equal(updated.lastModeReleaseReason, 'product-missing');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog clears stale selectedProductId when product disappears', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({ products: [] }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(sessionFile, `${JSON.stringify({ ...saved, selectedProductId: 'prod_missing' }, null, 2)}\n`);
+
+    assert.deepEqual(await platformCatalog({ sessionFile }), {
+      state: 'logged-in',
+      account: { credits: 1000 },
+      mode: { state: 'inactive' },
+      products: [],
+    });
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'selectedProductId'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog releases active mode when active product disappears but keeps selection when still selected', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '仍然被选择，但 active 商品已消失。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_removed',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const catalog = await platformCatalog({ sessionFile });
+
+    assert.equal(catalog.state, 'logged-in');
+    assert.equal(catalog.selectedProductId, 'prod_basic');
+    assert.equal(catalog.mode.state, 'inactive');
+    assert.equal(catalog.mode.releaseReason, 'product-missing');
+    assert.match(catalog.mode.releasedAt ?? '', /^\d{4}-\d{2}-\d{2}T/);
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(updated.selectedProductId, 'prod_basic');
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(updated.lastModeReleaseReason, 'product-missing');
+    assert.equal(typeof updated.lastModeReleasedAt, 'string');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog releases active mode when active product becomes unavailable', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '商品已经下架。',
+          status: 'unavailable',
+          minCredits: 100,
+          usageLabel: '不可用',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const catalog = await platformCatalog({ sessionFile });
+
+    assert.equal(catalog.state, 'logged-in');
+    assert.equal(catalog.mode.state, 'inactive');
+    assert.equal(catalog.mode.releaseReason, 'product-unavailable');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog releases active mode when credits fall below active product minimum', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 80 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '余额不足。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const catalog = await platformCatalog({ sessionFile });
+
+    assert.equal(catalog.state, 'logged-in');
+    assert.equal(catalog.mode.state, 'inactive');
+    assert.equal(catalog.mode.releaseReason, 'insufficient-credits');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platform mode starts after selected available product and stops while preserving selection', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /me': () => ({
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:30Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '开发态基础商品，用于验证扩展展示。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await platformStatus({ sessionFile }), {
+      state: 'logged-in',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:30Z' },
+      mode: { state: 'inactive' },
+    });
+
+    await selectPlatformProduct({ sessionFile, productId: 'prod_basic' });
+    const started = await startPlatformMode({
+      sessionFile,
+      startPoolSession: async () => ({
+        state: 'started',
+        session: poolSession,
+        routeToken: 'rt_secret_value',
+      }),
+    });
+
+    assert.equal(started.state, 'active');
+    assert.equal(started.productId, 'prod_basic');
+    assert.match(started.startedAt, /^\d{4}-\d{2}-\d{2}T/);
+
+    const activeCatalog = await platformCatalog({ sessionFile });
+    assert.equal(activeCatalog.state, 'logged-in');
+    assert.deepEqual(activeCatalog.mode, {
+      state: 'active',
+      productId: 'prod_basic',
+      startedAt: started.startedAt,
+    });
+
+    const stopped = await stopPlatformMode({ sessionFile });
+    assert.deepEqual(stopped, { state: 'inactive' });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(saved.selectedProductId, 'prod_basic');
+    assert.equal(Object.hasOwn(saved, 'platformMode'), false);
+    assert.equal(Object.hasOwn(saved, 'activeProductId'), false);
+    assert.equal(Object.hasOwn(saved, 'platformModeStartedAt'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode creates a pool session and stores route token', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [{
+        id: 'prod_basic',
+        name: '基础组',
+        description: '开发态基础商品，用于验证扩展展示。',
+        status: 'available',
+        minCredits: 100,
+        usageLabel: '按请求消耗，倍率 1x',
+      }],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await selectPlatformProduct({ sessionFile, productId: 'prod_basic' });
+
+    const mode = await startPlatformMode({
+      sessionFile,
+      startPoolSession: async ({ session, productId }) => {
+        assert.equal(session.deviceToken, 'cp_dev_secret');
+        assert.equal(productId, 'prod_basic');
+        return {
+          state: 'started',
+          session: poolSession,
+          routeToken: 'rt_secret_value',
+        };
+      },
+    });
+
+    assert.equal(mode.state, 'active');
+    assert.equal(mode.productId, 'prod_basic');
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.deepEqual(saved.poolSession, poolSession);
+    assert.deepEqual(saved.routeToken, {
+      token: 'rt_secret_value',
+      expiresAt: '2026-05-31T00:10:00.000Z',
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode calls default pool session endpoint without body device token', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [{
+        id: 'prod_basic',
+        name: '基础组',
+        description: '开发态基础商品，用于验证扩展展示。',
+        status: 'available',
+        minCredits: 100,
+        usageLabel: '按请求消耗，倍率 1x',
+      }],
+    }),
+    'POST /pool-sessions/start': (body, request) => {
+      assert.equal(request.headers.authorization, 'Bearer cp_dev_secret');
+      assert.deepEqual(body, { productId: 'prod_basic' });
+      return {
+        state: 'started',
+        session: poolSession,
+        routeToken: 'rt_secret_value',
+      };
+    },
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await selectPlatformProduct({ sessionFile, productId: 'prod_basic' });
+
+    const mode = await startPlatformMode({ sessionFile });
+
+    assert.equal(mode.state, 'active');
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.deepEqual(saved.poolSession, poolSession);
+    assert.deepEqual(saved.routeToken, {
+      token: 'rt_secret_value',
+      expiresAt: '2026-05-31T00:10:00.000Z',
+    });
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode does not activate when pool session start fails', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [{
+        id: 'prod_basic',
+        name: '基础组',
+        description: '开发态基础商品，用于验证扩展展示。',
+        status: 'available',
+        minCredits: 100,
+        usageLabel: '按请求消耗，倍率 1x',
+      }],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await selectPlatformProduct({ sessionFile, productId: 'prod_basic' });
+
+    const mode = await startPlatformMode({
+      sessionFile,
+      startPoolSession: async () => ({ state: 'failed', reason: 'PROVIDER_UNAVAILABLE' }),
+    });
+
+    assert.deepEqual(mode, { state: 'provider-unavailable' });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(saved, 'platformMode'), false);
+    assert.equal(Object.hasOwn(saved, 'poolSession'), false);
+    assert.equal(Object.hasOwn(saved, 'routeToken'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode sanitizes pool session response before saving', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [{
+        id: 'prod_basic',
+        name: '基础组',
+        description: '开发态基础商品，用于验证扩展展示。',
+        status: 'available',
+        minCredits: 100,
+        usageLabel: '按请求消耗，倍率 1x',
+      }],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    await selectPlatformProduct({ sessionFile, productId: 'prod_basic' });
+
+    const mode = await startPlatformMode({
+      sessionFile,
+      startPoolSession: async () => ({
+        state: 'started',
+        session: {
+          ...poolSession,
+          providerSecret: 'discard-me',
+          authorization: 'Bearer secret',
+          routeToken: 'rt_nested_secret',
+          bannedModels: ['bad-model', 'sk-secret-token'],
+          availableModels: ['gpt-test', 'apiKey=secret'],
+        } as typeof poolSession,
+        routeToken: 'rt_secret_value',
+      }),
+    });
+
+    assert.equal(mode.state, 'active');
+
+    const savedText = await readFile(sessionFile, 'utf8');
+    const saved = JSON.parse(savedText) as Record<string, unknown>;
+
+    assert.deepEqual(saved.poolSession, {
+      ...poolSession,
+      bannedModels: ['bad-model'],
+      availableModels: ['gpt-test'],
+    });
+    assert.deepEqual(saved.routeToken, {
+      token: 'rt_secret_value',
+      expiresAt: '2026-05-31T00:10:00.000Z',
+    });
+    assert.doesNotMatch(savedText, /discard-me|Bearer secret|rt_nested_secret|sk-secret-token|apiKey=secret/);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode clears previous release reason on successful start', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '可重新启动。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        lastModeReleaseReason: 'insufficient-credits',
+        lastModeReleasedAt: '2026-05-31T00:05:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const started = await startPlatformMode({
+      sessionFile,
+      startPoolSession: async () => ({
+        state: 'started',
+        session: poolSession,
+        routeToken: 'rt_secret_value',
+      }),
+    });
+    assert.equal(started.state, 'active');
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'lastModeReleaseReason'), false);
+    assert.equal(Object.hasOwn(updated, 'lastModeReleasedAt'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('stopPlatformMode does not record a release reason', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    assert.deepEqual(await stopPlatformMode({ sessionFile }), { state: 'inactive' });
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'lastModeReleaseReason'), false);
+    assert.equal(Object.hasOwn(updated, 'lastModeReleasedAt'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('stopPlatformMode stops pool session and clears route capability', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+  const stopCalls: Array<Record<string, unknown>> = [];
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        poolSession,
+        routeToken: {
+          token: 'rt_secret_value',
+          expiresAt: '2026-05-31T00:10:00.000Z',
+        },
+      }, null, 2)}\n`,
+    );
+
+    const mode = await stopPlatformMode({
+      sessionFile,
+      stopPoolSession: async (request) => {
+        stopCalls.push(request);
+        return { state: 'stopped', sessionId: request.poolSessionId };
+      },
+    });
+
+    assert.deepEqual(mode, { state: 'inactive' });
+    assert.deepEqual(stopCalls, [{
+      session: {
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        poolSession,
+        routeToken: {
+          token: 'rt_secret_value',
+          expiresAt: '2026-05-31T00:10:00.000Z',
+        },
+      },
+      poolSessionId: 'pool_sess_1',
+      reason: 'user-stop',
+    }]);
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(updated.selectedProductId, 'prod_basic');
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(Object.hasOwn(updated, 'poolSession'), false);
+    assert.equal(Object.hasOwn(updated, 'routeToken'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('stopPlatformMode calls default pool stop endpoint without body device token', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'POST /pool-sessions/pool_sess_1/stop': (body, request) => {
+      assert.equal(request.headers.authorization, 'Bearer cp_dev_secret');
+      assert.deepEqual(body, { reason: 'user-stop' });
+      return { state: 'stopped', sessionId: 'pool_sess_1' };
+    },
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_basic',
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        poolSession,
+        routeToken: {
+          token: 'rt_secret_value',
+          expiresAt: '2026-05-31T00:10:00.000Z',
+        },
+      }, null, 2)}\n`,
+    );
+
+    assert.deepEqual(await stopPlatformMode({ sessionFile }), { state: 'inactive' });
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'poolSession'), false);
+    assert.equal(Object.hasOwn(updated, 'routeToken'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('stopPlatformMode clears route capability when pool stop fails', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        platformMode: 'active',
+        activeProductId: 'prod_basic',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+        poolSession,
+        routeToken: {
+          token: 'rt_secret_value',
+          expiresAt: '2026-05-31T00:10:00.000Z',
+        },
+      }, null, 2)}\n`,
+    );
+
+    const mode = await stopPlatformMode({
+      sessionFile,
+      stopPoolSession: async () => {
+        throw new Error('offline');
+      },
+    });
+
+    assert.deepEqual(mode, { state: 'inactive' });
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'poolSession'), false);
+    assert.equal(Object.hasOwn(updated, 'routeToken'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode returns explicit failure states without writing active mode', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 50 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: '开发态基础商品，用于验证扩展展示。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+        {
+          id: 'prod_disabled',
+          name: 'Disabled',
+          description: 'Disabled product',
+          status: 'unavailable',
+          minCredits: 10,
+          usageLabel: '不可用',
+        },
+      ],
+    }),
+  });
+
+  try {
+    assert.deepEqual(await startPlatformMode({ sessionFile }), { state: 'logged-out' });
+
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    assert.deepEqual(await startPlatformMode({ sessionFile }), { state: 'product-not-selected' });
+
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...(JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>),
+        selectedProductId: 'prod_missing',
+      }, null, 2)}\n`,
+    );
+    assert.deepEqual(await startPlatformMode({ sessionFile }), { state: 'product-not-selected' });
+
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...(JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>),
+        selectedProductId: 'prod_disabled',
+      }, null, 2)}\n`,
+    );
+    assert.deepEqual(await startPlatformMode({ sessionFile }), {
+      state: 'product-unavailable',
+      productId: 'prod_disabled',
+    });
+
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...(JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>),
+        selectedProductId: 'prod_basic',
+      }, null, 2)}\n`,
+    );
+    assert.deepEqual(await startPlatformMode({ sessionFile }), {
+      state: 'insufficient-credits',
+      productId: 'prod_basic',
+      requiredCredits: 100,
+      currentCredits: 50,
+    });
+
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(saved, 'platformMode'), false);
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('startPlatformMode uses session cleaned during catalog refresh', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({
+      products: [
+        {
+          id: 'prod_basic',
+          name: '基础组',
+          description: 'catalog 中存在但本地旧选择不存在。',
+          status: 'available',
+          minCredits: 100,
+          usageLabel: '按请求消耗，倍率 1x',
+        },
+      ],
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_removed',
+        platformMode: 'active',
+        activeProductId: 'prod_removed',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    assert.deepEqual(await startPlatformMode({ sessionFile }), { state: 'product-not-selected' });
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'selectedProductId'), false);
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(updated.lastModeReleaseReason, 'product-missing');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformCatalog clears active mode when stale selected product is removed', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+    'GET /account/summary': () => ({ credits: 1000 }),
+    'GET /products': () => ({ products: [] }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile,
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+    const saved = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    await writeFile(
+      sessionFile,
+      `${JSON.stringify({
+        ...saved,
+        selectedProductId: 'prod_missing',
+        platformMode: 'active',
+        activeProductId: 'prod_missing',
+        platformModeStartedAt: '2026-05-31T00:00:00.000Z',
+      }, null, 2)}\n`,
+    );
+
+    const catalog = await platformCatalog({ sessionFile });
+
+    assert.equal(catalog.state, 'logged-in');
+    assert.deepEqual(catalog.account, { credits: 1000 });
+    assert.equal(catalog.mode.state, 'inactive');
+    assert.equal(catalog.mode.releaseReason, 'product-missing');
+    assert.match(catalog.mode.releasedAt ?? '', /^\d{4}-\d{2}-\d{2}T/);
+    assert.deepEqual(catalog.products, []);
+
+    const updated = JSON.parse(await readFile(sessionFile, 'utf8')) as Record<string, unknown>;
+    assert.equal(Object.hasOwn(updated, 'selectedProductId'), false);
+    assert.equal(Object.hasOwn(updated, 'platformMode'), false);
+    assert.equal(updated.lastModeReleaseReason, 'product-missing');
+    assert.equal(typeof updated.lastModeReleasedAt, 'string');
+  } finally {
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('platformStatus treats corrupted and incomplete session files as logged-out', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-platform-'));
+  const sessionFile = join(tempDir, 'session.json');
+
+  try {
+    await writeFile(sessionFile, '{not-json', 'utf8');
+    assert.deepEqual(await platformStatus({ sessionFile }), { state: 'logged-out' });
+
+    await writeFile(sessionFile, JSON.stringify({
+      apiBaseUrl: 'http://127.0.0.1:9',
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }), 'utf8');
+    assert.deepEqual(await platformStatus({ sessionFile }), { state: 'logged-out' });
+  } finally {
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test('loginWithCode expands ~/ session files under HOME', async () => {
+  const tempDir = await mkdtemp(join(tmpdir(), 'cursor-pool-home-'));
+  const previousHome = process.env.HOME;
+  process.env.HOME = tempDir;
+  const api = await createApiServer({
+    'POST /auth/device-token': () => ({
+      deviceToken: 'cp_dev_secret',
+      user: { id: 'usr_1', email: 'dev@example.com' },
+      device: { id: 'dev_1', status: 'active', lastHeartbeatAt: '2026-05-30T00:00:00Z' },
+    }),
+  });
+
+  try {
+    await loginWithCode({
+      code: 'CODE-123',
+      apiBaseUrl: api.apiBaseUrl,
+      sessionFile: '~/.cursor-pool/session.json',
+      device: { name: 'Lin Mac', os: 'darwin', arch: 'arm64' },
+    });
+
+    const saved = JSON.parse(
+      await readFile(join(tempDir, '.cursor-pool', 'session.json'), 'utf8'),
+    ) as Record<string, unknown>;
+    assert.equal(saved.deviceToken, 'cp_dev_secret');
+    assert.equal(typeof saved.createdAt, 'string');
+  } finally {
+    if (previousHome === undefined) {
+      delete process.env.HOME;
+    } else {
+      process.env.HOME = previousHome;
+    }
+    await api.close();
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});