@kinqs/brainrouter-mcp-server 0.3.4

package/dist/api/routes/graph.js

@@ -0,0 +1,25 @@
+import { Router } from "express";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+export const graphRouter = Router();
+graphRouter.use(requireAnyAuth);
+graphRouter.get("/", (req, res) => {
+    const entity = typeof req.query.entity === "string" ? req.query.entity.trim() : "";
+    if (!entity) {
+        res.status(400).json({ error: "entity query param is required" });
+        return;
+    }
+    const hops = Number(req.query.hops ?? 2);
+    const skillTag = typeof req.query.skillTag === "string" ? req.query.skillTag : undefined;
+    const result = memoryEngine.queryGraph(req.userId, entity, skillTag, Number.isFinite(hops) ? hops : 2);
+    res.json(result);
+});
+graphRouter.get("/connections", (req, res) => {
+    try {
+        const result = memoryEngine.store.getAllConnections(req.userId);
+        res.json(result);
+    }
+    catch (err) {
+        res.status(500).json({ error: err.message });
+    }
+});

package/dist/api/routes/hooks.d.ts

@@ -0,0 +1 @@
+export declare const hooksRouter: import("express-serve-static-core").Router;

package/dist/api/routes/hooks.js

@@ -0,0 +1,88 @@
+import { Router } from "express";
+import { z } from "zod";
+import { processClaudeCodeHook } from "../../integrations/claude-code.js";
+import { processCodexHook } from "../../integrations/codex.js";
+import { listHostHooks, processGenericMcpHook, registerHostHook, } from "../../integrations/generic-mcp.js";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+export const hooksRouter = Router();
+hooksRouter.use(requireAnyAuth);
+const hookSourceSchema = z.enum(["claude-code", "codex", "generic-mcp"]);
+function scopedUserId(req, requested) {
+    const requestedUserId = typeof requested === "string" && requested.trim() ? requested.trim() : undefined;
+    if (!requestedUserId || requestedUserId === req.userId)
+        return req.userId;
+    if (req.isAdmin)
+        return requestedUserId;
+    throw new Error("Cannot register hooks for another user");
+}
+hooksRouter.post("/register", async (req, res) => {
+    try {
+        const params = z.object({
+            source: hookSourceSchema,
+            events: z.array(z.string()).optional(),
+            userId: z.string().optional(),
+            sessionKey: z.string().optional(),
+            sessionId: z.string().optional(),
+            workspacePath: z.string().optional(),
+            event: z.string().optional(),
+            payload: z.record(z.unknown()).optional(),
+            metadata: z.record(z.unknown()).optional(),
+        }).parse(req.body ?? {});
+        const userId = scopedUserId(req, params.userId);
+        const hook = registerHostHook({
+            userId,
+            source: params.source,
+            events: params.events,
+            sessionKey: params.sessionKey,
+            workspacePath: params.workspacePath,
+            metadata: params.metadata,
+        });
+        if (!params.event) {
+            res.status(201).json({ registered: hook });
+            return;
+        }
+        const payload = {
+            ...(params.payload ?? {}),
+            event: params.event,
+            userId,
+            sessionKey: params.sessionKey,
+            sessionId: params.sessionId,
+            workspacePath: params.workspacePath,
+        };
+        const captureResult = params.source === "claude-code"
+            ? await processClaudeCodeHook(memoryEngine, payload, userId)
+            : params.source === "codex"
+                ? await processCodexHook(memoryEngine, payload, userId)
+                : await processGenericMcpHook(memoryEngine, {
+                    source: "generic-mcp",
+                    event: params.event,
+                    userId,
+                    sessionKey: params.sessionKey ?? hook.sessionKey ?? "generic-mcp",
+                    sessionId: params.sessionId,
+                    workspacePath: params.workspacePath,
+                    args: params.payload,
+                    metadata: params.metadata,
+                });
+        res.status(201).json({ registered: hook, captureResult });
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "Invalid hook registration body";
+        res.status(message.includes("another user") ? 403 : 400).json({ error: message });
+    }
+});
+hooksRouter.get("/status", (req, res) => {
+    try {
+        const params = z.object({
+            source: hookSourceSchema.optional(),
+            userId: z.string().optional(),
+        }).parse(req.query);
+        const userId = scopedUserId(req, params.userId);
+        const hooks = listHostHooks(userId).filter((hook) => !params.source || hook.source === params.source);
+        res.json({ hooks });
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "Invalid hook status parameters";
+        res.status(message.includes("another user") ? 403 : 400).json({ error: message });
+    }
+});

package/dist/api/routes/memories.d.ts

@@ -0,0 +1 @@
+export declare const memoriesRouter: import("express-serve-static-core").Router;

package/dist/api/routes/memories.js

@@ -0,0 +1,92 @@
+import { Router } from "express";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+import { decodeCursor, pageItems, PaginationQuerySchema } from "../pagination.js";
+import { z } from "zod";
+export const memoriesRouter = Router();
+memoriesRouter.use(requireAnyAuth);
+memoriesRouter.get("/", (req, res) => {
+    try {
+        const pagination = PaginationQuerySchema.parse(req.query);
+        const archived = req.query.archived;
+        const filters = {
+            query: typeof req.query.query === "string" ? req.query.query : undefined,
+            type: typeof req.query.type === "string" ? req.query.type : undefined,
+            scene: typeof req.query.scene === "string" ? req.query.scene : undefined,
+            skill: typeof req.query.skill === "string" ? req.query.skill : undefined,
+            archived: typeof archived === "string" ? archived === "true" : undefined,
+        };
+        const memories = memoryEngine.listMemories(req.userId, filters, {
+            cursor: decodeCursor(pagination.cursor),
+            limit: pagination.limit + 1,
+        });
+        const page = pageItems(memories, pagination.limit, (memory) => ({
+            createdTime: memory.createdTime,
+            recordId: memory.recordId,
+        }));
+        res.json({ memories: page.items, nextCursor: page.nextCursor, limit: pagination.limit, hasMore: Boolean(page.nextCursor) });
+    }
+    catch (error) {
+        res.status(400).json({ error: error instanceof Error ? error.message : "Invalid pagination parameters" });
+    }
+});
+memoriesRouter.get("/:recordId", (req, res) => {
+    const result = memoryEngine.getMemoryById(req.userId, String(req.params.recordId));
+    if (!result) {
+        res.status(404).json({ error: "Memory not found" });
+        return;
+    }
+    res.json(result);
+});
+memoriesRouter.patch("/:recordId", (req, res) => {
+    try {
+        const body = z.object({
+            content: z.string().optional(),
+            status: z.enum(["active", "superseded", "archived", "needs_verification"]).optional(),
+            confidence: z.number().min(0).max(1).optional(),
+            verificationStatus: z.enum(["", "verified", "unverified", "stale"]).optional(),
+            note: z.string().optional(),
+        }).parse(req.body ?? {});
+        if (body.content && body.content.length > 10000) {
+            res.status(400).json({ error: "Content too long" });
+            return;
+        }
+        const result = memoryEngine.updateMemory(req.userId, String(req.params.recordId), body);
+        if (!result) {
+            res.status(404).json({ error: "Memory not found" });
+            return;
+        }
+        res.json(result);
+    }
+    catch (error) {
+        res.status(400).json({ error: error instanceof Error ? error.message : "Invalid request body" });
+    }
+});
+memoriesRouter.post("/:recordId/evidence", (req, res) => {
+    try {
+        const body = z.object({
+            kind: z.enum(["file", "command", "url", "test", "benchmark", "memory", "other"]),
+            ref: z.string().min(1),
+            excerpt: z.string().optional().default(""),
+            metadata: z.record(z.unknown()).optional().default({}),
+        }).parse(req.body ?? {});
+        const evidence = memoryEngine.addEvidence(req.userId, String(req.params.recordId), body);
+        res.status(201).json({ evidence });
+    }
+    catch (error) {
+        res.status(400).json({ error: error instanceof Error ? error.message : "Invalid request body" });
+    }
+});
+memoriesRouter.get("/:recordId/evidence", (req, res) => {
+    res.json({ evidence: memoryEngine.getEvidence(req.userId, String(req.params.recordId)) });
+});
+memoriesRouter.delete("/:id", (req, res) => {
+    const reason = typeof req.body?.reason === "string" ? req.body.reason : "";
+    if (reason) {
+        memoryEngine.governanceDelete(req.userId, String(req.params.id), reason);
+    }
+    else {
+        memoryEngine.deleteMemory(req.userId, String(req.params.id));
+    }
+    res.json({ success: true });
+});

package/dist/api/routes/persona.d.ts

@@ -0,0 +1 @@
+export declare const personaRouter: import("express-serve-static-core").Router;

package/dist/api/routes/persona.js

@@ -0,0 +1,9 @@
+import { Router } from "express";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+export const personaRouter = Router();
+personaRouter.use(requireAnyAuth);
+personaRouter.get("/", (req, res) => {
+    const persona = memoryEngine.getPersona(req.userId);
+    res.json({ persona });
+});

package/dist/api/routes/scenes.d.ts

@@ -0,0 +1 @@
+export declare const scenesRouter: import("express-serve-static-core").Router;

package/dist/api/routes/scenes.js

@@ -0,0 +1,35 @@
+import { Router } from "express";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+import { decodeCursor, pageItems, PaginationQuerySchema } from "../pagination.js";
+export const scenesRouter = Router();
+scenesRouter.use(requireAnyAuth);
+scenesRouter.get("/", (req, res) => {
+    try {
+        const pagination = PaginationQuerySchema.parse(req.query);
+        const scenes = memoryEngine.getTopScenes(req.userId, pagination.limit + 1, decodeCursor(pagination.cursor));
+        const page = pageItems(scenes, pagination.limit, (scene) => ({
+            heatScore: scene.heatScore,
+            id: scene.id,
+        }));
+        res.json({ scenes: page.items, nextCursor: page.nextCursor, limit: pagination.limit, hasMore: Boolean(page.nextCursor) });
+    }
+    catch (error) {
+        res.status(400).json({ error: error instanceof Error ? error.message : "Invalid pagination parameters" });
+    }
+});
+scenesRouter.delete("/:id", (req, res) => {
+    try {
+        const sceneId = req.params.id;
+        if (!sceneId) {
+            res.status(400).json({ error: "Scene ID required" });
+            return;
+        }
+        const targetId = typeof sceneId === "string" ? sceneId : sceneId[0];
+        memoryEngine.store.deleteContextualFocus(req.userId, [targetId]);
+        res.json({ success: true });
+    }
+    catch (error) {
+        res.status(500).json({ error: error instanceof Error ? error.message : "Failed to delete scene" });
+    }
+});

package/dist/api/routes/skills.d.ts

@@ -0,0 +1 @@
+export declare const skillsRouter: import("express-serve-static-core").Router;

package/dist/api/routes/skills.js

@@ -0,0 +1,14 @@
+import { Router } from "express";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+export const skillsRouter = Router();
+skillsRouter.use(requireAnyAuth);
+skillsRouter.get("/activations", (req, res) => {
+    try {
+        const activations = memoryEngine.getSkillActivations(req.userId);
+        res.json(activations);
+    }
+    catch (error) {
+        res.status(500).json({ error: error.message });
+    }
+});

package/dist/api/routes/stats.d.ts

@@ -0,0 +1 @@
+export declare const statsRouter: import("express-serve-static-core").Router;

package/dist/api/routes/stats.js

@@ -0,0 +1,8 @@
+import { Router } from "express";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+export const statsRouter = Router();
+statsRouter.use(requireAnyAuth);
+statsRouter.get("/", (req, res) => {
+    res.json(memoryEngine.getStats(req.userId));
+});

package/dist/api/routes/users.d.ts

@@ -0,0 +1 @@
+export declare const usersRouter: import("express-serve-static-core").Router;

package/dist/api/routes/users.js

@@ -0,0 +1,82 @@
+import { Router } from "express";
+import { randomBytes } from "node:crypto";
+import { memoryEngine } from "../../memory/engine.js";
+import { requireJwt, requireAdmin } from "../middleware/auth.js";
+import { decodeCursor, pageItems, PaginationQuerySchema } from "../pagination.js";
+export const usersRouter = Router();
+usersRouter.use(requireJwt, requireAdmin);
+usersRouter.get("/", (req, res) => {
+    try {
+        const pagination = PaginationQuerySchema.parse(req.query);
+        const users = memoryEngine.listUsers({
+            cursor: decodeCursor(pagination.cursor),
+            limit: pagination.limit + 1,
+        }).map((u) => ({
+            userId: u.userId,
+            displayName: u.displayName,
+            email: u.email,
+            isAdmin: u.isAdmin,
+            status: u.status,
+            createdAt: u.createdAt,
+        }));
+        const page = pageItems(users, pagination.limit, (user) => ({
+            createdAt: user.createdAt,
+            userId: user.userId,
+        }));
+        res.json({ users: page.items, nextCursor: page.nextCursor, limit: pagination.limit, hasMore: Boolean(page.nextCursor) });
+    }
+    catch (error) {
+        res.status(400).json({ error: error instanceof Error ? error.message : "Invalid pagination parameters" });
+    }
+});
+usersRouter.post("/", (req, res) => {
+    const userId = String(req.body?.userId ?? "").trim();
+    if (!userId) {
+        res.status(400).json({ error: "userId is required" });
+        return;
+    }
+    const displayName = String(req.body?.displayName ?? "").trim();
+    const isAdmin = Boolean(req.body?.isAdmin);
+    const apiKey = `br_${randomBytes(24).toString("hex")}`;
+    try {
+        const user = memoryEngine.createUser(userId, apiKey, displayName, isAdmin);
+        res.status(201).json({ user });
+    }
+    catch (error) {
+        res.status(400).json({ error: error?.message ?? "Failed to create user" });
+    }
+});
+usersRouter.put("/:id/status", (req, res) => {
+    const userId = String(req.params.id);
+    const status = req.body?.status === "disabled" ? "disabled" : req.body?.status === "active" ? "active" : null;
+    if (!status) {
+        res.status(400).json({ error: "status must be active or disabled" });
+        return;
+    }
+    if (userId === req.userId && status === "disabled") {
+        res.status(400).json({ error: "Cannot disable the current admin user" });
+        return;
+    }
+    memoryEngine.updateUserStatus(userId, status);
+    res.json({ success: true });
+});
+usersRouter.post("/:id/reset-key", (req, res) => {
+    const userId = String(req.params.id);
+    const user = memoryEngine.getUserById(userId);
+    if (!user) {
+        res.status(404).json({ error: "User not found" });
+        return;
+    }
+    const apiKey = `br_${randomBytes(24).toString("hex")}`;
+    memoryEngine.updateUserApiKey(userId, apiKey);
+    res.json({ apiKey });
+});
+usersRouter.delete("/:id", (req, res) => {
+    const userId = String(req.params.id);
+    if (userId === req.userId) {
+        res.status(400).json({ error: "Cannot delete the current admin user" });
+        return;
+    }
+    memoryEngine.deleteUser(userId);
+    res.json({ success: true });
+});

package/dist/api/routes/working.d.ts

@@ -0,0 +1 @@
+export declare const workingRouter: import("express-serve-static-core").Router;

package/dist/api/routes/working.js

@@ -0,0 +1,88 @@
+import { Router } from "express";
+import { z } from "zod";
+import { getWorkingContext, offloadWorkingPayload, resetWorkingMemory, listActiveSessions, } from "../../memory/working/offload.js";
+import { requireAnyAuth } from "../middleware/auth.js";
+export const workingRouter = Router();
+workingRouter.use(requireAnyAuth);
+const optionalPositiveInt = z.coerce.number().int().positive().optional();
+const optionalNonnegativeInt = z.coerce.number().int().nonnegative().optional();
+function scopedUserId(req, requested) {
+    const requestedUserId = typeof requested === "string" && requested.trim() ? requested.trim() : undefined;
+    if (!requestedUserId || requestedUserId === req.userId)
+        return req.userId;
+    if (req.isAdmin)
+        return requestedUserId;
+    throw new Error("Cannot access another user's working memory");
+}
+workingRouter.get("/context", (req, res) => {
+    try {
+        const params = z.object({
+            workspacePath: z.string().optional(),
+            userId: z.string().optional(),
+            sessionKey: z.string().min(1),
+            nodeId: z.string().optional(),
+            activeNodeId: z.string().optional(),
+            contextWindowTokens: optionalPositiveInt,
+            estimatedTokens: optionalNonnegativeInt,
+        }).parse(req.query);
+        const userId = scopedUserId(req, params.userId);
+        res.json(getWorkingContext(params.workspacePath, userId, params.sessionKey, {
+            nodeId: params.nodeId,
+            activeNodeId: params.activeNodeId,
+            contextWindowTokens: params.contextWindowTokens,
+            estimatedTokens: params.estimatedTokens,
+        }));
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "Invalid working context parameters";
+        res.status(message.includes("another user") ? 403 : 400).json({ error: message });
+    }
+});
+workingRouter.post("/offload", (req, res) => {
+    try {
+        const params = z.object({
+            workspacePath: z.string().optional(),
+            userId: z.string().optional(),
+            sessionKey: z.string().min(1),
+            payload: z.string().min(1),
+            title: z.string().optional(),
+            summary: z.string().optional(),
+            kind: z.string().optional(),
+            contextWindowTokens: z.number().int().positive().optional(),
+            estimatedTokens: z.number().int().nonnegative().optional(),
+            forceAggressive: z.boolean().optional(),
+        }).parse(req.body ?? {});
+        const userId = scopedUserId(req, params.userId);
+        res.status(201).json(offloadWorkingPayload({ ...params, userId }));
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "Invalid working offload body";
+        res.status(message.includes("another user") ? 403 : 400).json({ error: message });
+    }
+});
+workingRouter.post("/reset", (req, res) => {
+    try {
+        const params = z.object({
+            workspacePath: z.string().optional(),
+            userId: z.string().optional(),
+            sessionKey: z.string().min(1),
+        }).parse(req.body ?? {});
+        const userId = scopedUserId(req, params.userId);
+        res.json(resetWorkingMemory(params.workspacePath, userId, params.sessionKey));
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "Invalid working reset body";
+        res.status(message.includes("another user") ? 403 : 400).json({ error: message });
+    }
+});
+workingRouter.get("/sessions", (req, res) => {
+    try {
+        const userId = scopedUserId(req, req.query.userId);
+        const sessions = listActiveSessions(userId);
+        res.json({ sessions });
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "Failed to list active sessions";
+        res.status(message.includes("another user") ? 403 : 400).json({ error: message });
+    }
+});

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};