@karpeleslab/teamclaude 1.0.3 → 1.0.5

package/README.md

@@ -10,8 +10,9 @@ Sits transparently between Claude Code and the Anthropic API, managing multiple
 
 - **Automatic account rotation** — switches to the next account when session (5h) or weekly (7d) quota reaches the configured threshold (default 98%)
 - **Auto-retry on 429** — if an account is rate-limited, transparently retries with the next one
-- **Interactive TUI** — real-time dashboard with quota bars, activity log, and keyboard controls
-- **OAuth token refresh** — proactively refreshes expiring tokens and persists them to config
+- **Interactive TUI** — real-time dashboard with color-coded quota bars showing reset countdowns, activity log, and keyboard controls
+- **OAuth token refresh** — proactively refreshes expiring tokens, intercepts client token renewals, and persists them to config
+- **Hot-reload accounts** — add accounts via `import` or `login` while the server is running, press **R** to pick them up
 - **Request logging** — optional full request/response logging for debugging
 - **Zero dependencies** — uses only Node.js built-in modules
 
@@ -23,12 +24,11 @@ Requires Node.js 18+.
 # Install
 npm install -g @karpeleslab/teamclaude
 
-# Import your current Claude Code credentials
-teamclaude import
+# Add your first account (opens browser for OAuth)
+teamclaude login
 
-# Import a second account (log into it in Claude Code first, then import)
-# claude /login
-# teamclaude import
+# Add a second account
+teamclaude login
 
 # Start the proxy
 teamclaude server
@@ -37,27 +37,37 @@ teamclaude server
 teamclaude run
 ```
 
+You can also import existing Claude Code credentials instead of logging in:
+
+```bash
+claude /login           # Log into an account in Claude Code
+teamclaude import       # Import its credentials
+```
+
 ## Adding Accounts
 
-### Import from Claude Code (recommended)
+### OAuth Login (recommended)
 
-The easiest way to add accounts. Log into each account in Claude Code, then import:
+The easiest way to add accounts — opens your browser for authentication:
 
 ```bash
-# Log into your first account in Claude Code
-claude /login
+teamclaude login
+```
+
+Uses the same OAuth flow as Claude Code. Auto-detects the account email and subscription tier. Logging in with the same account again updates its credentials.
 
-# Import it
-teamclaude import
+You can add accounts while the server is running — press **R** in the TUI to reload.
 
-# Switch to another account in Claude Code
-claude /login
+### Import from Claude Code
 
-# Import that one too
-teamclaude import
+If you already have Claude Code set up, you can import its credentials directly:
+
+```bash
+claude /login           # Log into an account in Claude Code
+teamclaude import       # Import its credentials
 ```
 
-Each import auto-detects the account email and subscription tier. Re-importing the same account updates its credentials.
+Re-importing the same account updates its credentials.
 
 ### API Key
 
@@ -67,16 +77,6 @@ For Anthropic API key accounts (billed via Console):
 teamclaude login --api
 ```
 
-### OAuth Login (experimental)
-
-Direct browser-based OAuth login without needing Claude Code:
-
-```bash
-teamclaude login
-```
-
-> **Note:** OAuth login is currently experimental. Tokens obtained this way may not work for proxying `/v1/messages` requests. Use `teamclaude import` as the reliable method.
-
 ## Usage
 
 ### Start the proxy server
@@ -88,7 +88,7 @@ teamclaude server
 When running from a TTY, shows an interactive TUI with:
 - Account table with session/weekly quota progress bars
 - Real-time activity log with request tracking
-- Keyboard shortcuts: **s**witch, **a**dd, **r**emove, **q**uit
+- Keyboard shortcuts: **s**witch, **a**dd, **r**emove, **R**eload, **q**uit
 
 Falls back to plain log output when not a TTY (e.g. running as a service).
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@karpeleslab/teamclaude",
-  "version": "1.0.3",
+  "version": "1.0.5",
   "description": "Multi-account Claude proxy with automatic quota-based rotation",
   "type": "module",
   "main": "src/index.js",

package/src/account-manager.js

@@ -23,6 +23,7 @@ export class AccountManager {
       index,
       name: acct.name,
       type: acct.type,
+      accountUuid: acct.accountUuid || null,
       credential: acct.accessToken || acct.apiKey,
       refreshToken: acct.refreshToken || null,
       expiresAt: acct.expiresAt || null,
@@ -268,42 +269,21 @@ export class AccountManager {
   }
 
   /**
-   * Capture a fresh token from a client request or intercepted token refresh.
-   * Updates the first OAuth account whose credential matches the old token,
-   * or the first expired/error OAuth account if none match.
-   *
-   * @param {string} accessToken - The new access token
-   * @param {string} [refreshToken] - New refresh token (if available from intercepted refresh)
-   * @param {number} [expiresAt] - Token expiry timestamp
+   * Update a specific account's OAuth tokens (e.g. after intercepting a token refresh).
    */
-  captureClientToken(accessToken, refreshToken, expiresAt) {
-    if (!accessToken) return;
-
-    // Check if any account already has this exact token
-    const existing = this.accounts.find(a => a.type === 'oauth' && a.credential === accessToken);
-    if (existing) {
-      // Update expiry/refresh if we have better info
-      if (expiresAt && expiresAt > (existing.expiresAt || 0)) existing.expiresAt = expiresAt;
-      if (refreshToken) existing.refreshToken = refreshToken;
-      return;
-    }
-
-    // Find the best OAuth account to update: prefer expired/error accounts
-    const candidate = this.accounts.find(a =>
-      a.type === 'oauth' && (a.status === 'error' || isTokenExpiringSoon(a.expiresAt, 0))
-    ) || this.accounts.find(a => a.type === 'oauth');
-
-    if (!candidate) return;
-
-    candidate.credential = accessToken;
-    if (refreshToken) candidate.refreshToken = refreshToken;
-    candidate.expiresAt = expiresAt || Date.now() + 3600 * 1000;
-    if (candidate.status === 'error') candidate.status = 'active';
-    console.log(`[TeamClaude] Captured fresh token for account "${candidate.name}"`);
-    this._onTokenRefresh?.(candidate.index, {
+  updateAccountTokens(accountIndex, { accessToken, refreshToken, expiresAt }) {
+    const account = this.accounts[accountIndex];
+    if (!account || account.type !== 'oauth') return;
+
+    account.credential = accessToken;
+    if (refreshToken) account.refreshToken = refreshToken;
+    account.expiresAt = expiresAt;
+    if (account.status === 'error') account.status = 'active';
+    console.log(`[TeamClaude] Updated tokens for account "${account.name}"`);
+    this._onTokenRefresh?.(accountIndex, {
       accessToken,
-      refreshToken: candidate.refreshToken,
-      expiresAt: candidate.expiresAt,
+      refreshToken: account.refreshToken,
+      expiresAt: account.expiresAt,
     });
   }
 
@@ -316,6 +296,7 @@ export class AccountManager {
       index,
       name: acctData.name,
       type: acctData.type,
+      accountUuid: acctData.accountUuid || null,
       credential: acctData.accessToken || acctData.apiKey,
       refreshToken: acctData.refreshToken || null,
       expiresAt: acctData.expiresAt || null,

package/src/config.js

@@ -46,3 +46,15 @@ export async function saveConfig(config) {
   await mkdir(dirname(path), { recursive: true });
   await writeFile(path, JSON.stringify(config, null, 2) + '\n', { mode: 0o600 });
 }
+
+/**
+ * Atomically update the config: re-reads from disk, calls updater(config),
+ * then saves. Returns the updated config. This prevents overwriting changes
+ * made by other processes (e.g. `teamclaude import` while the server runs).
+ */
+export async function atomicConfigUpdate(updater) {
+  const config = await loadConfig() || createDefaultConfig();
+  await updater(config);
+  await saveConfig(config);
+  return config;
+}

package/src/index.js

@@ -2,7 +2,7 @@
 
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';
-import { loadOrCreateConfig, saveConfig, getConfigPath } from './config.js';
+import { loadOrCreateConfig, loadConfig, saveConfig, atomicConfigUpdate, getConfigPath } from './config.js';
 import { AccountManager } from './account-manager.js';
 import { createProxyServer } from './server.js';
 import { importCredentials, loginOAuth, fetchProfile } from './oauth.js';
@@ -15,29 +15,36 @@ switch (command) {
   case 'server':
     await serverCommand();
     break;
+  case 'run':
+    await runCommand();
+    break;
   case 'import':
     await importCommand();
+    process.exit(0);
     break;
   case 'login':
     await loginCommand();
+    process.exit(0);
     break;
   case 'env':
     await envCommand();
-    break;
-  case 'run':
-    await runCommand();
+    process.exit(0);
     break;
   case 'status':
     await statusCommand();
+    process.exit(0);
     break;
   case 'accounts':
     await accountsCommand();
+    process.exit(0);
     break;
   case 'remove':
     await removeCommand();
+    process.exit(0);
     break;
   case 'api':
     await apiCommand();
+    process.exit(0);
     break;
   case 'help':
   case '--help':
@@ -82,15 +89,21 @@ async function serverCommand() {
   const threshold = config.switchThreshold || 0.98;
   const accountManager = new AccountManager(accounts, threshold);
 
-  // Persist refreshed tokens back to config
+  // Persist refreshed tokens back to config (re-read from disk to avoid clobbering
+  // accounts added externally, e.g. by `teamclaude import` while server is running)
   accountManager.onTokenRefresh((idx, newTokens) => {
-    const cfgAcct = config.accounts[idx];
-    if (cfgAcct) {
-      cfgAcct.accessToken = newTokens.accessToken;
-      cfgAcct.refreshToken = newTokens.refreshToken;
-      cfgAcct.expiresAt = newTokens.expiresAt;
-      saveConfig(config).catch(err => console.error(`[TeamClaude] Failed to save refreshed token: ${err.message}`));
-    }
+    const account = accountManager.accounts[idx];
+    if (!account) return;
+    atomicConfigUpdate(diskConfig => {
+      syncNewAccountsFromDisk(diskConfig, config, accountManager);
+      // Match by UUID first, then by name — index may have shifted
+      const cfgIdx = findConfigAccount(diskConfig, account);
+      if (cfgIdx >= 0) {
+        diskConfig.accounts[cfgIdx].accessToken = newTokens.accessToken;
+        diskConfig.accounts[cfgIdx].refreshToken = newTokens.refreshToken;
+        diskConfig.accounts[cfgIdx].expiresAt = newTokens.expiresAt;
+      }
+    }).catch(err => console.error(`[TeamClaude] Failed to save refreshed token: ${err.message}`));
   });
   const port = config.proxy.port;
   const useTUI = process.stdout.isTTY && process.stdin.isTTY;
@@ -100,7 +113,24 @@ async function serverCommand() {
 
   if (useTUI) {
     tui = new TUI({
-      accountManager, config, saveConfig,
+      accountManager, config,
+      saveConfig: () => atomicConfigUpdate(diskConfig => {
+        syncNewAccountsFromDisk(diskConfig, config, accountManager);
+        // Write in-memory accounts back, preserving extra disk-only fields
+        diskConfig.accounts = config.accounts.map(a => {
+          const diskAcct = diskConfig.accounts.find(
+            d => (a.accountUuid && d.accountUuid === a.accountUuid) || d.name === a.name
+          );
+          return diskAcct ? { ...diskAcct, ...a } : a;
+        });
+      }),
+      syncAccounts: async () => {
+        const diskConfig = await loadConfig();
+        if (!diskConfig) return 0;
+        const before = accountManager.accounts.length;
+        syncNewAccountsFromDisk(diskConfig, config, accountManager);
+        return accountManager.accounts.length - before;
+      },
       onQuit: () => { server.close(() => process.exit(0)); },
     });
     hooks = {
@@ -559,6 +589,38 @@ async function upsertOAuthAccount(config, name, creds, source = 'unknown') {
   console.log(`Saved to ${getConfigPath()}`);
 }
 
+// ── config sync helpers ─────────────────────────────────────
+
+/**
+ * Find a config account entry matching an in-memory account (by UUID, then name).
+ */
+function findConfigAccount(diskConfig, account) {
+  if (account.accountUuid) {
+    const idx = diskConfig.accounts.findIndex(a => a.accountUuid === account.accountUuid);
+    if (idx >= 0) return idx;
+  }
+  return diskConfig.accounts.findIndex(a => a.name === account.name);
+}
+
+/**
+ * Detect accounts added to disk config by external processes and add them
+ * to the running AccountManager + in-memory config.
+ */
+function syncNewAccountsFromDisk(diskConfig, memConfig, accountManager) {
+  for (const diskAcct of diskConfig.accounts) {
+    const knownByUuid = diskAcct.accountUuid &&
+      memConfig.accounts.some(a => a.accountUuid === diskAcct.accountUuid);
+    const knownByName = memConfig.accounts.some(a => a.name === diskAcct.name);
+
+    if (!knownByUuid && !knownByName) {
+      // New account discovered on disk — add to running server
+      memConfig.accounts.push(diskAcct);
+      accountManager.addAccount(diskAcct);
+      console.log(`[TeamClaude] Picked up new account "${diskAcct.name}" from config`);
+    }
+  }
+}
+
 // ── helpers ─────────────────────────────────────────────────
 
 async function resolveAccounts(config) {

package/src/server.js

@@ -118,13 +118,16 @@ async function handleTokenRefresh(req, res, accountManager, hooks) {
 
     const responseBody = await upstreamRes.text();
 
-    // Capture tokens from successful refresh
+    // Capture tokens from successful refresh — update the current account directly
     if (upstreamRes.ok) {
       try {
         const tokens = JSON.parse(responseBody);
         if (tokens.access_token) {
-          accountManager.captureClientToken(tokens.access_token, tokens.refresh_token,
-            tokens.expires_at || (Date.now() + (tokens.expires_in || 3600) * 1000));
+          accountManager.updateAccountTokens(accountManager.currentIndex, {
+            accessToken: tokens.access_token,
+            refreshToken: tokens.refresh_token,
+            expiresAt: tokens.expires_at || (Date.now() + (tokens.expires_in || 3600) * 1000),
+          });
         }
       } catch {}
     }
@@ -226,12 +229,6 @@ async function forwardRequest(req, res, body, accountManager, upstream, retryCou
     headers['x-api-key'] = account.credential;
   }
 
-  // Capture fresh Bearer tokens from the client to keep stored credentials up to date
-  const clientBearer = req.headers['authorization']?.match(/^Bearer (.+)/i)?.[1];
-  if (clientBearer) {
-    accountManager.captureClientToken(clientBearer);
-  }
-
   const upstreamUrl = `${upstream}${req.url}`;
   const method = req.method;
 
@@ -332,7 +329,7 @@ async function forwardRequest(req, res, body, accountManager, upstream, retryCou
       writeRequestLog(logDir, reqId, logSections);
     }
 
-    if (retryCount < maxRetries) {
+    if (retryCount < maxRetries && !res.headersSent) {
       account.status = 'error';
       return forwardRequest(req, res, body, accountManager, upstream, retryCount + 1, hooks, reqId, ctx, logDir);
     }

package/src/tui.js

@@ -17,7 +17,8 @@ const red = s => fg(31, s);
 const cyan = s => fg(36, s);
 const gray = s => fg(90, s);
 
-const strip = s => s.replace(/\x1b\[[0-9;]*m/g, '');
+const ANSI_RE = /\x1b\[[0-9;]*m/g;
+const strip = s => s.replace(ANSI_RE, '');
 const vw = s => strip(s).length;
 
 function rpad(s, w) {
@@ -25,13 +26,85 @@ function rpad(s, w) {
   return gap > 0 ? s + ' '.repeat(gap) : s;
 }
 
-function bar(ratio, w = 10) {
-  if (ratio == null || isNaN(ratio)) return gray('░'.repeat(w)) + '   - ';
+/** Truncate a string with ANSI codes to exactly w visible characters, then reset. */
+function truncate(s, w) {
+  let visible = 0;
+  let out = '';
+  let i = 0;
+  while (i < s.length && visible < w) {
+    if (s[i] === '\x1b') {
+      const end = s.indexOf('m', i);
+      if (end >= 0) { out += s.slice(i, end + 1); i = end + 1; continue; }
+    }
+    out += s[i];
+    visible++;
+    i++;
+  }
+  return out + RESET;
+}
+
+/** Fit a line to exactly w columns: truncate if too long, pad if too short. */
+function fitLine(s, w) {
+  const v = vw(s);
+  if (v > w) return truncate(s, w);
+  if (v < w) return s + ' '.repeat(w - v);
+  return s;
+}
+
+function formatReset(resetTs) {
+  if (!resetTs) return '';
+  const ms = resetTs - Date.now();
+  if (ms <= 0) return '';
+  const mins = Math.ceil(ms / 60000);
+  if (mins < 60) return `${mins}m`;
+  const hrs = Math.floor(mins / 60);
+  const rm = mins % 60;
+  if (hrs < 24) return rm > 0 ? `${hrs}h${rm}m` : `${hrs}h`;
+  const days = Math.floor(hrs / 24);
+  const rh = hrs % 24;
+  return rh > 0 ? `${days}d${rh}h` : `${days}d`;
+}
+
+/**
+ * Render a progress bar using background colors with text overlaid.
+ * The label (e.g. "Ses 2h30m" or "45%") is drawn on top of the bar.
+ */
+function bar(ratio, w = 10, resetTs) {
+  const rst = formatReset(resetTs);
+
+  if (ratio == null || isNaN(ratio)) {
+    // No data — dim background, show label or dash
+    const label = rst || '-';
+    const text = label.slice(0, w);
+    const pad = w - text.length;
+    const lp = Math.floor(pad / 2);
+    const rp = pad - lp;
+    return `${ESC}100m${' '.repeat(lp)}${text}${' '.repeat(rp)}${RESET}`;
+  }
+
   ratio = Math.max(0, Math.min(1, ratio));
   const f = Math.round(ratio * w);
-  const c = ratio < 0.7 ? 32 : ratio < 0.9 ? 33 : 31;
-  const pct = (ratio * 100).toFixed(0).padStart(3) + '%';
-  return `${ESC}${c}m${'█'.repeat(f)}${ESC}90m${'░'.repeat(w - f)}${RESET} ${pct}`;
+  // Background colors: 42=green, 43=yellow, 41=red; 100=bright black (gray) for empty
+  const bg = ratio < 0.7 ? 42 : ratio < 0.9 ? 43 : 41;
+
+  // Build the label to overlay: show reset time if available, else percentage
+  const pct = (ratio * 100).toFixed(0) + '%';
+  const label = rst || pct;
+  const text = label.slice(0, w);
+  const pad = w - text.length;
+  const lp = Math.floor(pad / 2);
+  const rp = pad - lp;
+  const chars = (' '.repeat(lp) + text + ' '.repeat(rp));
+
+  // Split chars into filled (colored bg) and empty (gray bg) portions
+  const filled = chars.slice(0, f);
+  const empty = chars.slice(f);
+
+  let out = '';
+  if (filled) out += `${ESC}${bg};97m${filled}`;
+  if (empty) out += `${ESC}100;37m${empty}`;
+  out += RESET;
+  return out;
 }
 
 function timestamp() {
@@ -41,10 +114,11 @@ function timestamp() {
 // ── TUI class ────────────────────────────────────────────────
 
 export class TUI {
-  constructor({ accountManager, config, saveConfig, onQuit }) {
+  constructor({ accountManager, config, saveConfig, syncAccounts, onQuit }) {
     this.am = accountManager;
     this.config = config;
     this.saveConfig = saveConfig;
+    this.syncAccounts = syncAccounts;
     this.onQuit = onQuit;
 
     this.log = [];           // completed activity entries
@@ -159,6 +233,7 @@ export class TUI {
       this.mode = 'select'; this.selAction = 'remove'; this.selIdx = 0;
     }
     else if (k === 'a') { this.mode = 'add'; }
+    else if (k === 'R') { this._doSync(); }
   }
 
   _keySelect(k) {
@@ -202,6 +277,19 @@ export class TUI {
 
   // ── account operations ─────────────────────────────
 
+  async _doSync() {
+    try {
+      const count = await this.syncAccounts();
+      if (count > 0) {
+        this._addLog(`Synced ${count} new account(s) from config`);
+      } else {
+        this._addLog('Config reloaded, no new accounts');
+      }
+    } catch (e) {
+      this._addLog(`Sync failed: ${e.message}`);
+    }
+  }
+
   async _doImport() {
     try {
       const creds = await importCredentials('~/.claude/.credentials.json');
@@ -311,7 +399,7 @@ export class TUI {
     // Write buffer
     let buf = `${ESC}H`;
     for (let i = 0; i < H; i++) {
-      buf += rpad(lines[i] || '', W);
+      buf += fitLine(lines[i] || '', W);
       if (i < H - 1) buf += '\r\n';
     }
     // Show cursor only in input mode
@@ -348,11 +436,13 @@ export class TUI {
 
     // Quota ratios — prefer unified (Claude Max), fall back to standard (API key)
     const q = a.quota;
-    let r1 = null, r2 = null, l1 = 'Ses', l2 = 'Wk ';
+    let r1 = null, r2 = null, l1 = 'Ses', l2 = 'Wk ', t1 = null, t2 = null;
 
     if (q.unified5h != null || q.unified7d != null) {
       r1 = q.unified5h;
       r2 = q.unified7d;
+      t1 = q.unified5hReset;
+      t2 = q.unified7dReset;
     } else {
       l1 = 'Tok';
       l2 = 'Req';
@@ -360,11 +450,13 @@ export class TUI {
         ? 1 - q.tokensRemaining / q.tokensLimit : null;
       r2 = (q.requestsLimit != null && q.requestsRemaining != null)
         ? 1 - q.requestsRemaining / q.requestsLimit : null;
+      t1 = q.resetsAt ? new Date(q.resetsAt).getTime() : null;
+      t2 = t1;
     }
 
-    let line = ` ${sel}${cur} ${name} ${type} ${status} ${l1} ${bar(r1, bw)}`;
+    let line = ` ${sel}${cur} ${name} ${type} ${status} ${l1} ${bar(r1, bw, t1)}`;
     if (showBoth) {
-      line += `  ${l2} ${bar(r2, bw)}`;
+      line += `  ${l2} ${bar(r2, bw, t2)}`;
     }
     return line;
   }
@@ -372,7 +464,7 @@ export class TUI {
   _renderFooter() {
     switch (this.mode) {
       case 'normal':
-        return ` ${bold('s')}witch  ${bold('a')}dd  ${bold('r')}emove  ${bold('q')}uit`;
+        return ` ${bold('s')}witch  ${bold('a')}dd  ${bold('r')}emove  ${bold('R')}eload  ${bold('q')}uit`;
       case 'select': {
         const act = this.selAction === 'switch' ? 'switch' : 'remove';
         return ` ${dim('↑↓')} select  ${bold('Enter')} ${act}  ${bold('Esc')} cancel`;