@h-rig/server 0.0.6-alpha.0 → 0.0.6-alpha.10

package/dist/src/server-helpers/github-auth-store.js

@@ -1,5 +1,6 @@
 // @bun
 // packages/server/src/server-helpers/github-auth-store.ts
+import { randomBytes } from "crypto";
 import { chmodSync, existsSync, mkdirSync, readFileSync, writeFileSync } from "fs";
 import { resolve as resolve2 } from "path";
 
@@ -39,6 +40,24 @@ function cleanScopes(value) {
     return clean ? [clean] : [];
   });
 }
+function parseApiSessions(value) {
+  if (!Array.isArray(value))
+    return [];
+  return value.flatMap((entry) => {
+    if (!entry || typeof entry !== "object" || Array.isArray(entry))
+      return [];
+    const record = entry;
+    const token = cleanString(record.token);
+    if (!token)
+      return [];
+    return [{
+      token,
+      login: cleanString(record.login),
+      userId: cleanString(record.userId),
+      createdAt: cleanString(record.createdAt) ?? undefined
+    }];
+  });
+}
 function readStoredAuth(stateFile) {
   if (!existsSync(stateFile))
     return {};
@@ -52,6 +71,7 @@ function readStoredAuth(stateFile) {
       selectedRepo: cleanString(parsed.selectedRepo),
       tokenSource: parsed.tokenSource === "oauth-device" || parsed.tokenSource === "manual-token" || parsed.tokenSource === "env" ? parsed.tokenSource : undefined,
       pendingDevice: parsePendingDevice(parsed.pendingDevice),
+      apiSessions: parseApiSessions(parsed.apiSessions),
       updatedAt: cleanString(parsed.updatedAt) ?? undefined
     };
   } catch {
@@ -70,6 +90,9 @@ function parsePendingDevice(value) {
     return null;
   return { pollId, deviceCode, expiresAt, intervalSeconds };
 }
+function newApiSessionToken() {
+  return `rig_${randomBytes(32).toString("base64url")}`;
+}
 function writeStoredAuth(stateFile, payload) {
   mkdirSync(resolve2(stateFile, ".."), { recursive: true });
   writeFileSync(stateFile, `${JSON.stringify(payload, null, 2)}
@@ -112,9 +135,38 @@ function createGitHubAuthStore(projectRoot) {
         scopes: input.scopes ?? [],
         selectedRepo: input.selectedRepo ?? previous.selectedRepo ?? null,
         pendingDevice: null,
+        apiSessions: previous.apiSessions ?? [],
         updatedAt: new Date().toISOString()
       });
     },
+    createApiSession() {
+      const previous = readStoredAuth(stateFile);
+      const token = newApiSessionToken();
+      const session = {
+        token,
+        login: cleanString(previous.login),
+        userId: cleanString(previous.userId),
+        createdAt: new Date().toISOString()
+      };
+      writeStoredAuth(stateFile, {
+        ...previous,
+        apiSessions: [...(previous.apiSessions ?? []).slice(-9), session],
+        updatedAt: new Date().toISOString()
+      });
+      return { token, login: session.login ?? null, userId: session.userId ?? null };
+    },
+    readApiSession(token) {
+      const clean = cleanString(token);
+      if (!clean)
+        return null;
+      const previous = readStoredAuth(stateFile);
+      const session = (previous.apiSessions ?? []).find((candidate) => candidate.token === clean);
+      return session ? { login: cleanString(session.login), userId: cleanString(session.userId) } : null;
+    },
+    copyToProjectRoot(projectRoot2) {
+      const targetFile = resolveGitHubAuthStateFile(projectRoot2);
+      writeStoredAuth(targetFile, readStoredAuth(stateFile));
+    },
     savePendingDevice(input) {
       const previous = readStoredAuth(stateFile);
       writeStoredAuth(stateFile, {