npm - @hermit-org/cli - Versions diffs - 0.0.1-alpha.0 - Mend

@hermit-org/cli 0.0.1-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +73 -0
package/README.zh-CN.md +72 -0
package/package.json +22 -0
package/src/commands/index.ts +54 -0
package/src/commands/pair.ts +95 -0
package/src/commands/start/index.ts +247 -0
package/src/index.ts +17 -0
package/src/lib/config.ts +142 -0
package/src/lib/gateway.test.ts +143 -0
package/src/lib/gateway.ts +404 -0
package/src/lib/pairing.ts +106 -0
package/src/lib/qr.ts +44 -0

package/src/lib/pairing.ts ADDED Viewed

@@ -0,0 +1,106 @@
+import { randomBytes } from "node:crypto";
+import {
+  readHermitJson,
+  writeHermitJson,
+  loadConfig,
+  saveConfig,
+} from "./config";
+export interface PendingPair {
+  code: string;
+  token: string;
+  createdAt: string;
+}
+export interface AuthorizedTokensFile {
+  tokens: string[];
+}
+const PENDING_PAIRS_FILE = "pending-pairs.json";
+const AUTHORIZED_TOKENS_FILE = "authorized-tokens.json";
+/**
+ * Generate a random 6-digit pairing code.
+ */
+export function generatePairingCode(): string {
+  return String(Math.floor(100000 + Math.random() * 900000));
+}
+/**
+ * Generate a secure bearer token.
+ */
+export function generateToken(): string {
+  return `tok_${randomBytes(24).toString("hex")}`;
+}
+/**
+ * Create a pending pairing request and return the human-readable code.
+ */
+export async function createPendingPair(): Promise<{
+  code: string;
+  token: string;
+}> {
+  const code = generatePairingCode();
+  const token = generateToken();
+  const pending = (await readHermitJson<PendingPair[]>(PENDING_PAIRS_FILE)) ?? [];
+  // Remove expired entries older than 5 minutes.
+  const cutoff = Date.now() - 5 * 60 * 1000;
+  const fresh = pending.filter(
+    (p) => new Date(p.createdAt).getTime() > cutoff,
+  );
+  fresh.push({ code, token, createdAt: new Date().toISOString() });
+  await writeHermitJson(PENDING_PAIRS_FILE, fresh);
+  return { code, token };
+}
+/**
+ * Validate a pairing code and return the corresponding bearer token.
+ */
+export async function validatePairingCode(
+  code: string,
+): Promise<string | null> {
+  const pending = (await readHermitJson<PendingPair[]>(PENDING_PAIRS_FILE)) ?? [];
+  const match = pending.find((p) => p.code === code);
+  if (!match) return null;
+  // Authorize the token persistently.
+  await authorizeToken(match.token);
+  // Remove the used code.
+  const remaining = pending.filter((p) => p.code !== code);
+  await writeHermitJson(PENDING_PAIRS_FILE, remaining);
+  return match.token;
+}
+/**
+ * Add a token to the authorized list.
+ */
+export async function authorizeToken(token: string): Promise<void> {
+  const file =
+    (await readHermitJson<AuthorizedTokensFile>(AUTHORIZED_TOKENS_FILE)) ?? {
+      tokens: [],
+    };
+  if (!file.tokens.includes(token)) {
+    file.tokens.push(token);
+    await writeHermitJson(AUTHORIZED_TOKENS_FILE, file);
+  }
+}
+/**
+ * Check whether a bearer token is authorized.
+ */
+export async function isTokenAuthorized(token: string): Promise<boolean> {
+  const file =
+    (await readHermitJson<AuthorizedTokensFile>(AUTHORIZED_TOKENS_FILE)) ?? {
+      tokens: [],
+    };
+  if (file.tokens.includes(token)) return true;
+  // Also allow tokens configured directly in hermit.config.json.
+  const config = await loadConfig();
+  return config.authorizedTokens?.includes(token) ?? false;
+}

package/src/lib/qr.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import QRCode from "qrcode";
+export interface ConnectionPayload {
+  url: string;
+  sendUrl: string;
+  token: string;
+}
+export function encodeConnectionPayload(payload: ConnectionPayload): string {
+  return JSON.stringify(payload);
+}
+export function decodeConnectionPayload(input: string): ConnectionPayload {
+  const trimmed = input.trim();
+  // Accept either raw JSON or a hermit://connect?payload=... deep link.
+  const deepLinkMatch = trimmed.match(/^hermit:\/\/connect\?payload=(.+)$/);
+  const json = deepLinkMatch ? decodeURIComponent(deepLinkMatch[1]) : trimmed;
+  return JSON.parse(json) as ConnectionPayload;
+}
+export async function generateQrTerminal(payload: ConnectionPayload): Promise<string> {
+  return QRCode.toString(encodeConnectionPayload(payload), {
+    type: "terminal",
+    errorCorrectionLevel: "M",
+    margin: 1,
+  });
+}
+export async function generateQrDataUrl(payload: ConnectionPayload): Promise<string> {
+  return QRCode.toDataURL(encodeConnectionPayload(payload), {
+    errorCorrectionLevel: "M",
+    margin: 2,
+    width: 400,
+  });
+}
+export async function generateQrBuffer(payload: ConnectionPayload): Promise<Buffer> {
+  return QRCode.toBuffer(encodeConnectionPayload(payload), {
+    errorCorrectionLevel: "M",
+    margin: 2,
+    width: 400,
+    type: "png",
+  });
+}