@kinqs/brainrouter-mcp-server 0.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +144 -0
- package/README.md +56 -0
- package/agents/README.md +120 -0
- package/agents/code-reviewer.md +97 -0
- package/agents/security-auditor.md +101 -0
- package/agents/test-engineer.md +95 -0
- package/dist/__tests__/agent_mode.test.d.ts +1 -0
- package/dist/__tests__/api-routes.test.d.ts +1 -0
- package/dist/__tests__/api-routes.test.js +170 -0
- package/dist/__tests__/crypto.test.d.ts +1 -0
- package/dist/__tests__/crypto.test.js +28 -0
- package/dist/__tests__/host-integrations.test.d.ts +1 -0
- package/dist/__tests__/host-integrations.test.js +82 -0
- package/dist/__tests__/integration.test.d.ts +1 -0
- package/dist/__tests__/integration.test.js +50 -0
- package/dist/__tests__/loader.test.d.ts +1 -0
- package/dist/__tests__/loader.test.js +89 -0
- package/dist/__tests__/neural-spark.test.d.ts +1 -0
- package/dist/__tests__/neural-spark.test.js +112 -0
- package/dist/__tests__/pagination.test.d.ts +1 -0
- package/dist/__tests__/pagination.test.js +23 -0
- package/dist/__tests__/redaction.test.d.ts +1 -0
- package/dist/__tests__/redaction.test.js +17 -0
- package/dist/__tests__/registry.test.d.ts +1 -0
- package/dist/__tests__/registry.test.js +56 -0
- package/dist/__tests__/retry.test.d.ts +1 -0
- package/dist/__tests__/retry.test.js +30 -0
- package/dist/__tests__/skill-activation.test.d.ts +1 -0
- package/dist/__tests__/skill-activation.test.js +112 -0
- package/dist/__tests__/working-memory.test.d.ts +1 -0
- package/dist/__tests__/working-memory.test.js +200 -0
- package/dist/__tests__/workspace-paths.test.d.ts +1 -0
- package/dist/__tests__/workspace-paths.test.js +56 -0
- package/dist/__tests__/writer.test.d.ts +1 -0
- package/dist/__tests__/writer.test.js +94 -0
- package/dist/api/auth/crypto.d.ts +4 -0
- package/dist/api/auth/crypto.js +54 -0
- package/dist/api/middleware/auth.d.ts +12 -0
- package/dist/api/middleware/auth.js +90 -0
- package/dist/api/pagination.d.ts +18 -0
- package/dist/api/pagination.js +32 -0
- package/dist/api/routes/auth.d.ts +1 -0
- package/dist/api/routes/auth.js +130 -0
- package/dist/api/routes/chat-completions.d.ts +7 -0
- package/dist/api/routes/chat-completions.js +474 -0
- package/dist/api/routes/contradictions.d.ts +1 -0
- package/dist/api/routes/contradictions.js +28 -0
- package/dist/api/routes/evidence.d.ts +1 -0
- package/dist/api/routes/evidence.js +59 -0
- package/dist/api/routes/governance.d.ts +1 -0
- package/dist/api/routes/governance.js +95 -0
- package/dist/api/routes/graph.d.ts +1 -0
- package/dist/api/routes/graph.js +25 -0
- package/dist/api/routes/hooks.d.ts +1 -0
- package/dist/api/routes/hooks.js +88 -0
- package/dist/api/routes/memories.d.ts +1 -0
- package/dist/api/routes/memories.js +92 -0
- package/dist/api/routes/persona.d.ts +1 -0
- package/dist/api/routes/persona.js +9 -0
- package/dist/api/routes/scenes.d.ts +1 -0
- package/dist/api/routes/scenes.js +35 -0
- package/dist/api/routes/skills.d.ts +1 -0
- package/dist/api/routes/skills.js +14 -0
- package/dist/api/routes/stats.d.ts +1 -0
- package/dist/api/routes/stats.js +8 -0
- package/dist/api/routes/users.d.ts +1 -0
- package/dist/api/routes/users.js +82 -0
- package/dist/api/routes/working.d.ts +1 -0
- package/dist/api/routes/working.js +88 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.js +492 -0
- package/dist/integrations/claude-code.d.ts +12 -0
- package/dist/integrations/claude-code.js +35 -0
- package/dist/integrations/codex.d.ts +12 -0
- package/dist/integrations/codex.js +34 -0
- package/dist/integrations/generic-mcp.d.ts +52 -0
- package/dist/integrations/generic-mcp.js +118 -0
- package/dist/loader.d.ts +29 -0
- package/dist/loader.js +200 -0
- package/dist/memory/capture.d.ts +35 -0
- package/dist/memory/capture.js +230 -0
- package/dist/memory/config.d.ts +2 -0
- package/dist/memory/config.js +3 -0
- package/dist/memory/engine.d.ts +203 -0
- package/dist/memory/engine.js +626 -0
- package/dist/memory/llm-semaphore.d.ts +41 -0
- package/dist/memory/llm-semaphore.js +81 -0
- package/dist/memory/memory-type-config.d.ts +11 -0
- package/dist/memory/memory-type-config.js +65 -0
- package/dist/memory/pipeline/cognitive-contradiction.d.ts +7 -0
- package/dist/memory/pipeline/cognitive-contradiction.js +59 -0
- package/dist/memory/pipeline/cognitive-dedup.d.ts +23 -0
- package/dist/memory/pipeline/cognitive-dedup.js +38 -0
- package/dist/memory/pipeline/cognitive-extractor.d.ts +21 -0
- package/dist/memory/pipeline/cognitive-extractor.js +183 -0
- package/dist/memory/pipeline/contextual-focus-builder.d.ts +13 -0
- package/dist/memory/pipeline/contextual-focus-builder.js +135 -0
- package/dist/memory/pipeline/focus-direction-shift.d.ts +10 -0
- package/dist/memory/pipeline/focus-direction-shift.js +27 -0
- package/dist/memory/pipeline/graph-builder.d.ts +11 -0
- package/dist/memory/pipeline/graph-builder.js +88 -0
- package/dist/memory/pipeline/graph-recall.d.ts +13 -0
- package/dist/memory/pipeline/graph-recall.js +55 -0
- package/dist/memory/pipeline/identity-distiller.d.ts +15 -0
- package/dist/memory/pipeline/identity-distiller.js +40 -0
- package/dist/memory/pipeline/l1-contradiction.d.ts +7 -0
- package/dist/memory/pipeline/l1-contradiction.js +66 -0
- package/dist/memory/pipeline/l1-dedup.d.ts +23 -0
- package/dist/memory/pipeline/l1-dedup.js +39 -0
- package/dist/memory/pipeline/l1-extractor.d.ts +21 -0
- package/dist/memory/pipeline/l1-extractor.js +180 -0
- package/dist/memory/pipeline/l2-direction-shift.d.ts +10 -0
- package/dist/memory/pipeline/l2-direction-shift.js +27 -0
- package/dist/memory/pipeline/l2-scene.d.ts +15 -0
- package/dist/memory/pipeline/l2-scene.js +140 -0
- package/dist/memory/pipeline/l3-distiller.d.ts +15 -0
- package/dist/memory/pipeline/l3-distiller.js +40 -0
- package/dist/memory/pipeline/neural-spark.d.ts +27 -0
- package/dist/memory/pipeline/neural-spark.js +78 -0
- package/dist/memory/pipeline/skill-prewarm.d.ts +63 -0
- package/dist/memory/pipeline/skill-prewarm.js +127 -0
- package/dist/memory/pipeline/task-queue.d.ts +54 -0
- package/dist/memory/pipeline/task-queue.js +117 -0
- package/dist/memory/prompts/cognitive-contradiction.d.ts +1 -0
- package/dist/memory/prompts/cognitive-contradiction.js +25 -0
- package/dist/memory/prompts/cognitive-extraction.d.ts +10 -0
- package/dist/memory/prompts/cognitive-extraction.js +114 -0
- package/dist/memory/prompts/core-identity.d.ts +6 -0
- package/dist/memory/prompts/core-identity.js +60 -0
- package/dist/memory/prompts/focus-direction-shift.d.ts +5 -0
- package/dist/memory/prompts/focus-direction-shift.js +32 -0
- package/dist/memory/prompts/focus-scene-cluster.d.ts +2 -0
- package/dist/memory/prompts/focus-scene-cluster.js +33 -0
- package/dist/memory/prompts/focus-scene.d.ts +7 -0
- package/dist/memory/prompts/focus-scene.js +40 -0
- package/dist/memory/prompts/graph-extraction-batch.d.ts +14 -0
- package/dist/memory/prompts/graph-extraction-batch.js +54 -0
- package/dist/memory/prompts/graph-extraction.d.ts +2 -0
- package/dist/memory/prompts/graph-extraction.js +53 -0
- package/dist/memory/prompts/l1-contradiction-batch.d.ts +16 -0
- package/dist/memory/prompts/l1-contradiction-batch.js +47 -0
- package/dist/memory/prompts/l1-contradiction.d.ts +1 -0
- package/dist/memory/prompts/l1-contradiction.js +25 -0
- package/dist/memory/prompts/l1-extraction.d.ts +10 -0
- package/dist/memory/prompts/l1-extraction.js +114 -0
- package/dist/memory/prompts/l2-direction-shift.d.ts +5 -0
- package/dist/memory/prompts/l2-direction-shift.js +32 -0
- package/dist/memory/prompts/l2-scene-cluster.d.ts +2 -0
- package/dist/memory/prompts/l2-scene-cluster.js +33 -0
- package/dist/memory/prompts/l2-scene.d.ts +7 -0
- package/dist/memory/prompts/l2-scene.js +40 -0
- package/dist/memory/prompts/l3-persona.d.ts +6 -0
- package/dist/memory/prompts/l3-persona.js +60 -0
- package/dist/memory/recall.d.ts +47 -0
- package/dist/memory/recall.js +427 -0
- package/dist/memory/redaction.d.ts +1 -0
- package/dist/memory/redaction.js +24 -0
- package/dist/memory/retry.d.ts +13 -0
- package/dist/memory/retry.js +53 -0
- package/dist/memory/scheduler.d.ts +9 -0
- package/dist/memory/scheduler.js +16 -0
- package/dist/memory/skill-hints-loader.d.ts +30 -0
- package/dist/memory/skill-hints-loader.js +100 -0
- package/dist/memory/store/embedding.d.ts +16 -0
- package/dist/memory/store/embedding.js +68 -0
- package/dist/memory/store/reranker.d.ts +24 -0
- package/dist/memory/store/reranker.js +83 -0
- package/dist/memory/store/sqlite.d.ts +167 -0
- package/dist/memory/store/sqlite.js +1816 -0
- package/dist/memory/store/types.d.ts +101 -0
- package/dist/memory/store/types.js +1 -0
- package/dist/memory/types.d.ts +207 -0
- package/dist/memory/types.js +7 -0
- package/dist/memory/validation.d.ts +441 -0
- package/dist/memory/validation.js +129 -0
- package/dist/memory/working/canvas.d.ts +5 -0
- package/dist/memory/working/canvas.js +43 -0
- package/dist/memory/working/offload.d.ts +71 -0
- package/dist/memory/working/offload.js +211 -0
- package/dist/memory/working/step-log.d.ts +16 -0
- package/dist/memory/working/step-log.js +35 -0
- package/dist/registry.d.ts +34 -0
- package/dist/registry.js +305 -0
- package/dist/resolver.d.ts +17 -0
- package/dist/resolver.js +126 -0
- package/dist/scripts/validate-foreign-workspace-path.d.ts +1 -0
- package/dist/scripts/validate-foreign-workspace-path.js +39 -0
- package/dist/tools/agent_memory_tools.d.ts +485 -0
- package/dist/tools/agent_memory_tools.js +793 -0
- package/dist/tools/create_skill.d.ts +46 -0
- package/dist/tools/create_skill.js +46 -0
- package/dist/tools/get_doc.d.ts +21 -0
- package/dist/tools/get_doc.js +24 -0
- package/dist/tools/get_persona.d.ts +15 -0
- package/dist/tools/get_persona.js +20 -0
- package/dist/tools/get_reference.d.ts +15 -0
- package/dist/tools/get_reference.js +20 -0
- package/dist/tools/get_skill.d.ts +34 -0
- package/dist/tools/get_skill.js +65 -0
- package/dist/tools/get_template_doc.d.ts +21 -0
- package/dist/tools/get_template_doc.js +24 -0
- package/dist/tools/list_docs.d.ts +15 -0
- package/dist/tools/list_docs.js +16 -0
- package/dist/tools/list_skills.d.ts +18 -0
- package/dist/tools/list_skills.js +17 -0
- package/dist/tools/list_template_docs.d.ts +15 -0
- package/dist/tools/list_template_docs.js +16 -0
- package/dist/tools/memory-engineering.d.ts +225 -0
- package/dist/tools/memory-engineering.js +284 -0
- package/dist/tools/memory-explain.d.ts +34 -0
- package/dist/tools/memory-explain.js +109 -0
- package/dist/tools/memory-governance.d.ts +171 -0
- package/dist/tools/memory-governance.js +224 -0
- package/dist/tools/memory-hooks.d.ts +67 -0
- package/dist/tools/memory-hooks.js +102 -0
- package/dist/tools/memory-working.d.ts +98 -0
- package/dist/tools/memory-working.js +101 -0
- package/dist/tools/memory_capture_turn.d.ts +66 -0
- package/dist/tools/memory_capture_turn.js +85 -0
- package/dist/tools/memory_consolidate.d.ts +55 -0
- package/dist/tools/memory_consolidate.js +176 -0
- package/dist/tools/memory_contradictions.d.ts +53 -0
- package/dist/tools/memory_contradictions.js +52 -0
- package/dist/tools/memory_graph_query.d.ts +51 -0
- package/dist/tools/memory_graph_query.js +35 -0
- package/dist/tools/memory_mark_cited.d.ts +43 -0
- package/dist/tools/memory_mark_cited.js +63 -0
- package/dist/tools/memory_recall.d.ts +77 -0
- package/dist/tools/memory_recall.js +81 -0
- package/dist/tools/memory_register_skill_hints.d.ts +49 -0
- package/dist/tools/memory_register_skill_hints.js +55 -0
- package/dist/tools/memory_resolve_session.d.ts +24 -0
- package/dist/tools/memory_resolve_session.js +133 -0
- package/dist/tools/memory_search.d.ts +146 -0
- package/dist/tools/memory_search.js +84 -0
- package/dist/tools/search_skills.d.ts +18 -0
- package/dist/tools/search_skills.js +17 -0
- package/dist/tools/update_doc.d.ts +24 -0
- package/dist/tools/update_doc.js +35 -0
- package/dist/tools/update_skill.d.ts +30 -0
- package/dist/tools/update_skill.js +80 -0
- package/dist/types.d.ts +81 -0
- package/dist/types.js +4 -0
- package/dist/writer.d.ts +30 -0
- package/dist/writer.js +220 -0
- package/docs/TEMPLATE ONLY +1 -0
- package/docs/api/API.md +64 -0
- package/docs/api/security/SECURITY.md +58 -0
- package/docs/deployment/DockerDeployment.md +30 -0
- package/docs/design/Design.md +59 -0
- package/docs/design/themes/apple.md +101 -0
- package/docs/design/themes/dieter-grid.md +100 -0
- package/docs/design/themes/gallery-white.md +100 -0
- package/docs/design/themes/pinterest.md +101 -0
- package/docs/design/themes/realty-open-house.md +101 -0
- package/docs/design/themes/vodafone.md +101 -0
- package/docs/hooks/Hooks.md +30 -0
- package/docs/schema/Schema.md +35 -0
- package/docs/strategy/ScalingStrategy.md +19 -0
- package/package.json +88 -0
- package/references/accessibility-checklist.md +160 -0
- package/references/orchestration-patterns.md +370 -0
- package/references/performance-checklist.md +153 -0
- package/references/security-checklist.md +134 -0
- package/references/testing-patterns.md +236 -0
- package/skills/agent/adr-skill/SKILL.md +299 -0
- package/skills/agent/agentic-engineering-workflow/SKILL.md +95 -0
- package/skills/agent/bootstrap-skill/SKILL.md +103 -0
- package/skills/agent/context-engineering/SKILL.md +307 -0
- package/skills/agent/debugging-and-error-recovery/SKILL.md +308 -0
- package/skills/agent/developer-growth-analysis/SKILL.md +328 -0
- package/skills/agent/doubt-driven-skill/SKILL.md +249 -0
- package/skills/agent/handover-skill/SKILL.md +112 -0
- package/skills/agent/idea-refine-skill/SKILL.md +185 -0
- package/skills/agent/idea-refine-skill/examples.md +238 -0
- package/skills/agent/idea-refine-skill/frameworks.md +99 -0
- package/skills/agent/idea-refine-skill/refinement-criteria.md +113 -0
- package/skills/agent/interview-skill/SKILL.md +226 -0
- package/skills/agent/planning-skill/SKILL.md +270 -0
- package/skills/agent/skill-authoring/SKILL.md +189 -0
- package/skills/agent/source-driven-skill/SKILL.md +197 -0
- package/skills/agent/spec-driven-skill/SKILL.md +221 -0
- package/skills/agent/sync-skill/SKILL.md +92 -0
- package/skills/agent/using-agent-skills/SKILL.md +189 -0
- package/skills/api/a11y-skill/SKILL.md +88 -0
- package/skills/api/api-skill/SKILL.md +123 -0
- package/skills/api/auth-skill/SKILL.md +80 -0
- package/skills/api/debug-skill/SKILL.md +535 -0
- package/skills/api/performance-skill/SKILL.md +100 -0
- package/skills/api/testing-skill/SKILL.md +100 -0
- package/skills/codebase/code-review-and-quality/SKILL.md +228 -0
- package/skills/codebase/code-simplification/SKILL.md +352 -0
- package/skills/codebase/code-structure-cleanup/SKILL.md +142 -0
- package/skills/codebase/concerns-skill/SKILL.md +89 -0
- package/skills/codebase/conventions-skill/SKILL.md +95 -0
- package/skills/codebase/doc-management-skill/SKILL.md +47 -0
- package/skills/codebase/git-workflow-skill/SKILL.md +312 -0
- package/skills/communication/1-3-1-rule/SKILL.md +120 -0
- package/skills/design/brutalist-skill/SKILL.md +131 -0
- package/skills/design/concept-diagrams/SKILL.md +387 -0
- package/skills/design/concept-diagrams/examples/apartment-floor-plan-conversion.md +244 -0
- package/skills/design/concept-diagrams/examples/automated-password-reset-flow.md +276 -0
- package/skills/design/concept-diagrams/examples/autonomous-llm-research-agent-flow.md +240 -0
- package/skills/design/concept-diagrams/examples/banana-journey-tree-to-smoothie.md +161 -0
- package/skills/design/concept-diagrams/examples/commercial-aircraft-structure.md +209 -0
- package/skills/design/concept-diagrams/examples/cpu-ooo-microarchitecture.md +236 -0
- package/skills/design/concept-diagrams/examples/electricity-grid-flow.md +182 -0
- package/skills/design/concept-diagrams/examples/feature-film-production-pipeline.md +172 -0
- package/skills/design/concept-diagrams/examples/hospital-emergency-department-flow.md +165 -0
- package/skills/design/concept-diagrams/examples/ml-benchmark-grouped-bar-chart.md +114 -0
- package/skills/design/concept-diagrams/examples/place-order-uml-sequence.md +325 -0
- package/skills/design/concept-diagrams/examples/smart-city-infrastructure.md +173 -0
- package/skills/design/concept-diagrams/examples/smartphone-layer-anatomy.md +154 -0
- package/skills/design/concept-diagrams/examples/sn2-reaction-mechanism.md +247 -0
- package/skills/design/concept-diagrams/examples/wind-turbine-structure.md +338 -0
- package/skills/design/concept-diagrams/references/dashboard-patterns.md +43 -0
- package/skills/design/concept-diagrams/references/infrastructure-patterns.md +144 -0
- package/skills/design/concept-diagrams/references/physical-shape-cookbook.md +42 -0
- package/skills/design/concept-diagrams/templates/template.html +174 -0
- package/skills/design/gpt-tasteskill/SKILL.md +114 -0
- package/skills/design/minimalist-skill/SKILL.md +116 -0
- package/skills/design/output-skill/SKILL.md +87 -0
- package/skills/design/redesign-skill/SKILL.md +213 -0
- package/skills/design/soft-skill/SKILL.md +132 -0
- package/skills/design/stitch-skill/EXAMPLE.md +121 -0
- package/skills/design/stitch-skill/SKILL.md +222 -0
- package/skills/design/taste-skill/SKILL.md +269 -0
- package/skills/devops/ci-cd-skill/SKILL.md +402 -0
- package/skills/devops/docker-skill/SKILL.md +297 -0
- package/skills/devops/domain-skill/SKILL.md +234 -0
- package/skills/lifecycle/changelog-generator/SKILL.md +135 -0
- package/skills/lifecycle/incremental-skill/SKILL.md +257 -0
- package/skills/lifecycle/migration-skill/SKILL.md +218 -0
- package/skills/lifecycle/shipping-skill/SKILL.md +321 -0
- package/skills/memory/agent-memory/SKILL.md +122 -0
- package/skills/qa/browser-testing-skill/SKILL.md +314 -0
- package/skills/ux/adversarial-ux-skill/SKILL.md +168 -0
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
import { memoryEngine } from "../../memory/engine.js";
|
|
2
|
+
import { randomBytes } from "node:crypto";
|
|
3
|
+
import { verifyJwt } from "../auth/crypto.js";
|
|
4
|
+
const configuredJwtSecret = process.env.BRAINROUTER_JWT_SECRET?.trim();
|
|
5
|
+
const generatedJwtSecret = randomBytes(32).toString("hex");
|
|
6
|
+
export const USING_FALLBACK_JWT_SECRET = !configuredJwtSecret;
|
|
7
|
+
export const JWT_SECRET = configuredJwtSecret || generatedJwtSecret;
|
|
8
|
+
if (USING_FALLBACK_JWT_SECRET) {
|
|
9
|
+
console.error("[BrainRouter] WARNING: BRAINROUTER_JWT_SECRET not set. Using random secret — sessions will not survive restarts.");
|
|
10
|
+
}
|
|
11
|
+
export function requireAuth(req, res, next) {
|
|
12
|
+
const header = req.headers.authorization;
|
|
13
|
+
const key = header?.startsWith("Bearer ") ? header.slice(7).trim() : "";
|
|
14
|
+
if (!key) {
|
|
15
|
+
res.status(401).json({ error: "API key required" });
|
|
16
|
+
return;
|
|
17
|
+
}
|
|
18
|
+
const user = memoryEngine.getUserByApiKey(key);
|
|
19
|
+
if (!user) {
|
|
20
|
+
res.status(403).json({ error: "Invalid API key" });
|
|
21
|
+
return;
|
|
22
|
+
}
|
|
23
|
+
req.userId = user.userId;
|
|
24
|
+
req.isAdmin = user.isAdmin;
|
|
25
|
+
req.email = user.email;
|
|
26
|
+
next();
|
|
27
|
+
}
|
|
28
|
+
export function requireJwt(req, res, next) {
|
|
29
|
+
const header = req.headers.authorization;
|
|
30
|
+
const token = header?.startsWith("Bearer ") ? header.slice(7).trim() : "";
|
|
31
|
+
if (!token) {
|
|
32
|
+
res.status(401).json({ error: "JWT required" });
|
|
33
|
+
return;
|
|
34
|
+
}
|
|
35
|
+
const payload = verifyJwt(token, JWT_SECRET);
|
|
36
|
+
if (!payload) {
|
|
37
|
+
res.status(403).json({ error: "Invalid or expired token" });
|
|
38
|
+
return;
|
|
39
|
+
}
|
|
40
|
+
req.userId = typeof payload.userId === "string" ? payload.userId : undefined;
|
|
41
|
+
req.isAdmin = Boolean(payload.isAdmin);
|
|
42
|
+
req.email = typeof payload.email === "string" ? payload.email : undefined;
|
|
43
|
+
if (!req.userId) {
|
|
44
|
+
res.status(403).json({ error: "Invalid or expired token" });
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
47
|
+
const user = memoryEngine.getUserById(req.userId);
|
|
48
|
+
if (!user) {
|
|
49
|
+
res.status(403).json({ error: "Invalid or expired token" });
|
|
50
|
+
return;
|
|
51
|
+
}
|
|
52
|
+
if (user.status === "disabled") {
|
|
53
|
+
res.status(403).json({ error: "Account disabled" });
|
|
54
|
+
return;
|
|
55
|
+
}
|
|
56
|
+
next();
|
|
57
|
+
}
|
|
58
|
+
export function requireAnyAuth(req, res, next) {
|
|
59
|
+
const header = req.headers.authorization;
|
|
60
|
+
const bearer = header?.startsWith("Bearer ") ? header.slice(7).trim() : "";
|
|
61
|
+
if (!bearer) {
|
|
62
|
+
res.status(401).json({ error: "Authentication required" });
|
|
63
|
+
return;
|
|
64
|
+
}
|
|
65
|
+
if (bearer.split(".").length === 3) {
|
|
66
|
+
const payload = verifyJwt(bearer, JWT_SECRET);
|
|
67
|
+
if (payload && typeof payload.userId === "string") {
|
|
68
|
+
req.userId = payload.userId;
|
|
69
|
+
req.isAdmin = Boolean(payload.isAdmin);
|
|
70
|
+
req.email = typeof payload.email === "string" ? payload.email : undefined;
|
|
71
|
+
return next();
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
const user = memoryEngine.getUserByApiKey(bearer);
|
|
75
|
+
if (!user) {
|
|
76
|
+
res.status(401).json({ error: "Authentication required" });
|
|
77
|
+
return;
|
|
78
|
+
}
|
|
79
|
+
req.userId = user.userId;
|
|
80
|
+
req.isAdmin = user.isAdmin;
|
|
81
|
+
req.email = user.email;
|
|
82
|
+
next();
|
|
83
|
+
}
|
|
84
|
+
export function requireAdmin(req, res, next) {
|
|
85
|
+
if (!req.isAdmin) {
|
|
86
|
+
res.status(403).json({ error: "Admin access required" });
|
|
87
|
+
return;
|
|
88
|
+
}
|
|
89
|
+
next();
|
|
90
|
+
}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export declare const PaginationQuerySchema: z.ZodObject<{
|
|
3
|
+
cursor: z.ZodOptional<z.ZodString>;
|
|
4
|
+
limit: z.ZodDefault<z.ZodNumber>;
|
|
5
|
+
}, "strip", z.ZodTypeAny, {
|
|
6
|
+
limit: number;
|
|
7
|
+
cursor?: string | undefined;
|
|
8
|
+
}, {
|
|
9
|
+
cursor?: string | undefined;
|
|
10
|
+
limit?: number | undefined;
|
|
11
|
+
}>;
|
|
12
|
+
export type PaginationQuery = z.infer<typeof PaginationQuerySchema>;
|
|
13
|
+
export declare function encodeCursor(payload: Record<string, unknown>): string;
|
|
14
|
+
export declare function decodeCursor<T extends Record<string, unknown>>(cursor?: string): T | undefined;
|
|
15
|
+
export declare function pageItems<T>(items: T[], limit: number, getCursorPayload: (item: T) => Record<string, unknown>): {
|
|
16
|
+
items: T[];
|
|
17
|
+
nextCursor: string | null;
|
|
18
|
+
};
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export const PaginationQuerySchema = z.object({
|
|
3
|
+
cursor: z.string().min(1).optional(),
|
|
4
|
+
limit: z.coerce.number().int().min(1).max(100).default(20),
|
|
5
|
+
});
|
|
6
|
+
export function encodeCursor(payload) {
|
|
7
|
+
return Buffer.from(JSON.stringify(payload), "utf8").toString("base64url");
|
|
8
|
+
}
|
|
9
|
+
export function decodeCursor(cursor) {
|
|
10
|
+
if (!cursor)
|
|
11
|
+
return undefined;
|
|
12
|
+
try {
|
|
13
|
+
const decoded = Buffer.from(cursor, "base64url").toString("utf8");
|
|
14
|
+
const parsed = JSON.parse(decoded);
|
|
15
|
+
if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
|
|
16
|
+
throw new Error("Cursor must decode to an object");
|
|
17
|
+
}
|
|
18
|
+
return parsed;
|
|
19
|
+
}
|
|
20
|
+
catch (error) {
|
|
21
|
+
throw new Error("Invalid cursor");
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
export function pageItems(items, limit, getCursorPayload) {
|
|
25
|
+
const page = items.slice(0, limit);
|
|
26
|
+
const hasMore = items.length > limit;
|
|
27
|
+
const last = page.at(-1);
|
|
28
|
+
return {
|
|
29
|
+
items: page,
|
|
30
|
+
nextCursor: hasMore && last ? encodeCursor(getCursorPayload(last)) : null,
|
|
31
|
+
};
|
|
32
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const authRouter: import("express-serve-static-core").Router;
|
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
import { Router } from "express";
|
|
2
|
+
import { randomBytes } from "node:crypto";
|
|
3
|
+
import path from "node:path";
|
|
4
|
+
import { memoryEngine } from "../../memory/engine.js";
|
|
5
|
+
import { hashPassword, signJwt, verifyPassword } from "../auth/crypto.js";
|
|
6
|
+
import { JWT_SECRET, requireJwt } from "../middleware/auth.js";
|
|
7
|
+
const jwtExpiry = Number.parseInt(process.env.BRAINROUTER_JWT_EXPIRES_SECS ?? "86400", 10);
|
|
8
|
+
function createJwt(user) {
|
|
9
|
+
return signJwt({
|
|
10
|
+
userId: user.userId,
|
|
11
|
+
isAdmin: user.isAdmin,
|
|
12
|
+
email: user.email,
|
|
13
|
+
displayName: user.displayName,
|
|
14
|
+
}, JWT_SECRET, Number.isFinite(jwtExpiry) ? jwtExpiry : 86400);
|
|
15
|
+
}
|
|
16
|
+
function userIdFromEmail(email) {
|
|
17
|
+
const base = email
|
|
18
|
+
.split("@")[0]
|
|
19
|
+
?.toLowerCase()
|
|
20
|
+
.replace(/[^a-z0-9_]+/g, "_")
|
|
21
|
+
.replace(/^_+|_+$/g, "") || "user";
|
|
22
|
+
let userId = base;
|
|
23
|
+
while (memoryEngine.getUserById(userId)) {
|
|
24
|
+
userId = `${base}_${randomBytes(3).toString("hex")}`;
|
|
25
|
+
}
|
|
26
|
+
return userId;
|
|
27
|
+
}
|
|
28
|
+
export const authRouter = Router();
|
|
29
|
+
authRouter.post("/signin", async (req, res) => {
|
|
30
|
+
const email = String(req.body?.email ?? "").trim();
|
|
31
|
+
const password = String(req.body?.password ?? "");
|
|
32
|
+
if (!email || !password) {
|
|
33
|
+
res.status(400).json({ error: "email and password are required" });
|
|
34
|
+
return;
|
|
35
|
+
}
|
|
36
|
+
const user = memoryEngine.getUserByEmail(email);
|
|
37
|
+
if (!user || !user.passwordHash) {
|
|
38
|
+
res.status(401).json({ error: "Invalid email or password" });
|
|
39
|
+
return;
|
|
40
|
+
}
|
|
41
|
+
if (user.status === "disabled") {
|
|
42
|
+
res.status(403).json({ error: "Account disabled" });
|
|
43
|
+
return;
|
|
44
|
+
}
|
|
45
|
+
const ok = await verifyPassword(password, user.passwordHash);
|
|
46
|
+
if (!ok) {
|
|
47
|
+
res.status(401).json({ error: "Invalid email or password" });
|
|
48
|
+
return;
|
|
49
|
+
}
|
|
50
|
+
const jwt = createJwt(user);
|
|
51
|
+
res.json({ jwt, userId: user.userId, isAdmin: user.isAdmin, displayName: user.displayName, apiKey: user.apiKey });
|
|
52
|
+
});
|
|
53
|
+
authRouter.post("/signup", async (req, res) => {
|
|
54
|
+
const email = String(req.body?.email ?? "").trim();
|
|
55
|
+
const password = String(req.body?.password ?? "");
|
|
56
|
+
const displayName = String(req.body?.displayName ?? "").trim();
|
|
57
|
+
if (!email || !password) {
|
|
58
|
+
res.status(400).json({ error: "email and password are required" });
|
|
59
|
+
return;
|
|
60
|
+
}
|
|
61
|
+
if (email.length > 254) {
|
|
62
|
+
res.status(400).json({ error: "Email too long" });
|
|
63
|
+
return;
|
|
64
|
+
}
|
|
65
|
+
if (password.length < 8) {
|
|
66
|
+
res.status(400).json({ error: "Password must be at least 8 characters" });
|
|
67
|
+
return;
|
|
68
|
+
}
|
|
69
|
+
if (displayName.length > 100) {
|
|
70
|
+
res.status(400).json({ error: "Display name too long" });
|
|
71
|
+
return;
|
|
72
|
+
}
|
|
73
|
+
if (memoryEngine.getUserByEmail(email)) {
|
|
74
|
+
res.status(409).json({ error: "Email already registered" });
|
|
75
|
+
return;
|
|
76
|
+
}
|
|
77
|
+
const userId = userIdFromEmail(email);
|
|
78
|
+
const apiKey = `br_${randomBytes(24).toString("hex")}`;
|
|
79
|
+
const passwordHash = await hashPassword(password);
|
|
80
|
+
try {
|
|
81
|
+
const created = memoryEngine.createUser(userId, apiKey, displayName || userId, false);
|
|
82
|
+
memoryEngine.updateUserEmail(created.userId, email);
|
|
83
|
+
memoryEngine.updatePassword(created.userId, passwordHash);
|
|
84
|
+
const user = memoryEngine.getUserById(created.userId);
|
|
85
|
+
if (!user) {
|
|
86
|
+
res.status(500).json({ error: "Failed to load user after signup" });
|
|
87
|
+
return;
|
|
88
|
+
}
|
|
89
|
+
const jwt = createJwt(user);
|
|
90
|
+
res.status(201).json({ jwt, userId: user.userId, isAdmin: user.isAdmin, displayName: user.displayName });
|
|
91
|
+
}
|
|
92
|
+
catch (error) {
|
|
93
|
+
res.status(400).json({ error: error?.message ?? "Failed to create user" });
|
|
94
|
+
}
|
|
95
|
+
});
|
|
96
|
+
authRouter.get("/me", requireJwt, (req, res) => {
|
|
97
|
+
const user = memoryEngine.getUserById(req.userId);
|
|
98
|
+
if (!user) {
|
|
99
|
+
res.status(404).json({ error: "User not found" });
|
|
100
|
+
return;
|
|
101
|
+
}
|
|
102
|
+
res.json({
|
|
103
|
+
userId: user.userId,
|
|
104
|
+
displayName: user.displayName,
|
|
105
|
+
email: user.email,
|
|
106
|
+
isAdmin: user.isAdmin,
|
|
107
|
+
apiKey: user.apiKey,
|
|
108
|
+
createdAt: user.createdAt,
|
|
109
|
+
status: user.status,
|
|
110
|
+
mcpPath: path.resolve(process.cwd(), "dist/index.js")
|
|
111
|
+
});
|
|
112
|
+
});
|
|
113
|
+
authRouter.put("/me", requireJwt, (req, res) => {
|
|
114
|
+
const displayName = String(req.body?.displayName ?? "").trim();
|
|
115
|
+
if (!displayName) {
|
|
116
|
+
res.status(400).json({ error: "displayName required" });
|
|
117
|
+
return;
|
|
118
|
+
}
|
|
119
|
+
if (displayName.length > 100) {
|
|
120
|
+
res.status(400).json({ error: "Display name too long" });
|
|
121
|
+
return;
|
|
122
|
+
}
|
|
123
|
+
memoryEngine.updateUserDisplayName(req.userId, displayName);
|
|
124
|
+
res.json({ success: true });
|
|
125
|
+
});
|
|
126
|
+
authRouter.post("/rotate-key", requireJwt, (req, res) => {
|
|
127
|
+
const apiKey = `br_${randomBytes(24).toString("hex")}`;
|
|
128
|
+
memoryEngine.updateUserApiKey(req.userId, apiKey);
|
|
129
|
+
res.json({ apiKey });
|
|
130
|
+
});
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export declare const chatCompletionsRouter: import("express-serve-static-core").Router;
|
|
2
|
+
/** Lightweight per-user memory counts for the chat status badge. */
|
|
3
|
+
export declare function getMemoryStatusForUser(userId: string): {
|
|
4
|
+
cognitive: number;
|
|
5
|
+
scenes: number;
|
|
6
|
+
hasPersona: boolean;
|
|
7
|
+
};
|