@lifeaitools/clauth 1.5.74 → 1.5.76

package/cli/commands/serve.js

@@ -17,9 +17,10 @@ import ora from "ora";
 import { execSync as execSyncTop } from "child_process";
 import Conf from "conf";
 import { getConfOptions } from "../conf-path.js";
-import { readdir, readFile, writeFile, rm, mkdir, stat, rename } from "node:fs/promises";
-import fg from "fast-glob";
-import { rgPath } from "@vscode/ripgrep";
+import { readdir, readFile, writeFile, rm, mkdir, stat, rename } from "node:fs/promises";
+import fg from "fast-glob";
+import { rgPath } from "@vscode/ripgrep";
+import { createStudioDebugRuntime } from "../studio-debug.js";
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const pkg = JSON.parse(fs.readFileSync(path.join(__dirname, "../../package.json"), "utf8"));
@@ -2405,7 +2406,7 @@ function readBody(req) {
 }
 
 // ── Server logic (shared by foreground + daemon) ─────────────
-function createServer(initPassword, whitelist, port, tunnelHostnameInit = null, isStaged = false) {
+function createServer(initPassword, whitelist, port, tunnelHostnameInit = null, isStaged = false) {
   // tunnelHostname may be updated at runtime (fetched from DB after unlock)
   let tunnelHostname = tunnelHostnameInit;
 
@@ -2435,11 +2436,12 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
   // Rotation engine — starts after unlock
   const rotationEngine = createRotationEngine(initPassword, machineHash, LOG_FILE);
 
-  const CORS = {
+  const CORS = {
     "Access-Control-Allow-Origin": "*",
     "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
     "Access-Control-Allow-Headers": "Content-Type, Authorization, Mcp-Session-Id, mcp-protocol-version, mcp-session-id",
-  };
+  };
+  const studioDebugRuntime = createStudioDebugRuntime({ port, logFile: LOG_FILE });
 
   // ── MCP SSE session tracking ──────────────────────────────
   const sseSessions = new Map(); // sessionId → { res, initialized }
@@ -2840,11 +2842,14 @@ function createServer(initPassword, whitelist, port, tunnelHostnameInit = null,
       return strike(res, 403, `Rejected non-local address: ${remote}`);
     }
 
-    // CORS preflight
-    if (req.method === "OPTIONS") {
-      res.writeHead(204, CORS);
-      return res.end();
-    }
+    // CORS preflight
+    if (req.method === "OPTIONS") {
+      res.writeHead(204, CORS);
+      return res.end();
+    }
+
+    const studioDebugHandled = await studioDebugRuntime.handle(req, res, url, CORS);
+    if (studioDebugHandled !== false) return;
 
     // ── Hosts that bypass OAuth (fresh domains for claude.ai compatibility) ──
     const NOAUTH_HOSTS = ["fs.regendevcorp.com", "clauth.regendevcorp.com", "chitchat.regendevcorp.com"];

package/cli/studio-debug.js

@@ -0,0 +1,410 @@
+import crypto from "crypto";
+import fs from "fs";
+import os from "os";
+import path from "path";
+import { spawn } from "child_process";
+
+const DEFAULT_POLL_TIMEOUT = 600_000;
+const MAX_POLL_TIMEOUT = 600_000;
+const MAX_EVENT_QUEUE = 100;
+const MAX_SNIPPET = 2_000;
+
+const APP_TARGETS = {
+  prt: {
+    appSlug: "prt",
+    brandSlug: "prt",
+    packageName: "@regen/prt-portal",
+    command: "pnpm --filter @regen/prt-portal dev",
+    url: "http://localhost:3006",
+  },
+  "prt-portal": {
+    appSlug: "prt",
+    brandSlug: "prt",
+    packageName: "@regen/prt-portal",
+    command: "pnpm --filter @regen/prt-portal dev",
+    url: "http://localhost:3006",
+  },
+};
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function safeString(value, max = MAX_SNIPPET) {
+  if (typeof value !== "string") return value;
+  return value.length > max ? value.slice(0, max) : value;
+}
+
+function normalizeEvent(session, body) {
+  const type = body.type || body.mode || "direct_edit";
+  const id = body.id || `evt_${crypto.randomUUID()}`;
+  const target = body.target && typeof body.target === "object" ? { ...body.target } : {};
+  if (typeof target.textSnippet === "string") target.textSnippet = safeString(target.textSnippet, 500);
+  if (typeof target.outerHTMLSnippet === "string") target.outerHTMLSnippet = safeString(target.outerHTMLSnippet, MAX_SNIPPET);
+  if (typeof target.outerHTML === "string" && !target.outerHTMLSnippet) {
+    target.outerHTMLSnippet = safeString(target.outerHTML, MAX_SNIPPET);
+    delete target.outerHTML;
+  }
+
+  return {
+    type,
+    id,
+    mode: body.mode || type,
+    sessionId: session.sessionId,
+    brandSlug: session.brandSlug,
+    appSlug: session.appSlug,
+    target,
+    reference: body.reference || null,
+    instruction: safeString(body.instruction || body.prompt || "", 4_000),
+    createdAt: nowIso(),
+  };
+}
+
+function readBody(req, maxBytes = 128 * 1024) {
+  return new Promise((resolve, reject) => {
+    let data = "";
+    req.on("data", chunk => {
+      data += chunk;
+      if (data.length > maxBytes) reject(new Error("Body too large"));
+    });
+    req.on("end", () => {
+      if (!data.trim()) return resolve({});
+      try {
+        resolve(JSON.parse(data));
+      } catch {
+        reject(new Error("Invalid JSON"));
+      }
+    });
+    req.on("error", reject);
+  });
+}
+
+function writeJson(res, status, data, cors) {
+  res.writeHead(status, { "Content-Type": "application/json", ...cors });
+  res.end(JSON.stringify(data));
+}
+
+async function isUrlReachable(url) {
+  try {
+    const response = await fetch(url, {
+      method: "GET",
+      signal: AbortSignal.timeout(1_500),
+    });
+    return response.status < 500;
+  } catch {
+    return false;
+  }
+}
+
+function resolveTarget(input = {}) {
+  const slug = String(input.appSlug || input.brandSlug || "prt").toLowerCase();
+  const configured = APP_TARGETS[slug];
+  if (!configured && !input.devCommand && !input.devUrl) {
+    return {
+      error: "unknown_app",
+      message: `No local debug target is configured for appSlug "${slug}".`,
+      appSlug: slug,
+    };
+  }
+
+  const base = configured || {
+    appSlug: slug,
+    brandSlug: input.brandSlug || slug,
+    command: input.devCommand,
+    url: input.devUrl,
+  };
+
+  return {
+    appSlug: input.appSlug || base.appSlug,
+    brandSlug: input.brandSlug || base.brandSlug || input.appSlug || base.appSlug,
+    command: input.devCommand || base.command,
+    url: input.devUrl || base.url,
+    cwd: input.cwd || input.repoRoot || process.cwd(),
+  };
+}
+
+function splitCommand(command) {
+  if (!command || typeof command !== "string") return null;
+  const parts = command.match(/(?:[^\s"]+|"[^"]*")+/g) || [];
+  return parts.map(part => part.replace(/^"|"$/g, ""));
+}
+
+function startDevProcess(target, logFile) {
+  const parts = splitCommand(target.command);
+  if (!parts || parts.length === 0) {
+    return { started: false, error: "missing_command" };
+  }
+
+  const logDir = path.join(os.tmpdir(), "clauth-studio-debug");
+  fs.mkdirSync(logDir, { recursive: true });
+  const stamp = new Date().toISOString().replace(/[:.]/g, "-");
+  const outPath = path.join(logDir, `${target.appSlug}-${stamp}.out.log`);
+  const errPath = path.join(logDir, `${target.appSlug}-${stamp}.err.log`);
+  const out = fs.openSync(outPath, "a");
+  const err = fs.openSync(errPath, "a");
+
+  const proc = spawn(parts[0], parts.slice(1), {
+    cwd: target.cwd,
+    env: process.env,
+    stdio: ["ignore", out, err],
+    shell: process.platform === "win32",
+    detached: true,
+    windowsHide: true,
+  });
+  proc.unref();
+  try {
+    fs.appendFileSync(logFile, `[${nowIso()}] studio-debug dev start pid=${proc.pid} command=${target.command}\n`);
+  } catch {}
+
+  return {
+    started: true,
+    pid: proc.pid,
+    command: target.command,
+    url: target.url,
+    stdout: outPath,
+    stderr: errPath,
+    process: proc,
+  };
+}
+
+export class StudioDebugSessionStore {
+  constructor({ port = 52437, logFile = path.join(os.tmpdir(), "clauth-serve.log") } = {}) {
+    this.port = port;
+    this.logFile = logFile;
+    this.sessions = new Map();
+  }
+
+  async start(input = {}) {
+    const target = resolveTarget(input);
+    if (target.error) {
+      return { ok: false, error: target.error, message: target.message, status: "error" };
+    }
+
+    const reachable = await isUrlReachable(target.url);
+    const shouldLaunch = input.launchDevServer !== false;
+    const launch = reachable
+      ? { started: false, command: target.command, url: target.url, alreadyRunning: true }
+      : shouldLaunch
+        ? startDevProcess(target, this.logFile)
+        : { started: false, command: target.command, url: target.url, skipped: true };
+
+    const sessionId = input.sessionId || `studio-${crypto.randomUUID()}`;
+    const token = crypto.randomBytes(24).toString("base64url");
+    const session = {
+      sessionId,
+      token,
+      brandSlug: target.brandSlug,
+      appSlug: target.appSlug,
+      repoRoot: input.repoRoot || target.cwd,
+      cwd: target.cwd,
+      devCommand: target.command,
+      devUrl: target.url,
+      modeDefault: input.modeDefault || "direct_edit",
+      status: "waiting_for_agent",
+      createdAt: nowIso(),
+      updatedAt: nowIso(),
+      stopped: false,
+      events: [],
+      replies: [],
+      pendingPolls: [],
+      launch,
+    };
+    this.sessions.set(sessionId, session);
+
+    return {
+      ok: true,
+      sessionId,
+      token,
+      devUrl: target.url,
+      relayBaseUrl: `http://127.0.0.1:${this.port}/studio/debug/${sessionId}`,
+      status: session.status,
+      launch: {
+        started: !!launch.started,
+        alreadyRunning: !!launch.alreadyRunning,
+        command: launch.command,
+        url: launch.url,
+        pid: launch.pid || null,
+      },
+      pollCommand: `node scripts/studio-debug-poll.mjs --session ${sessionId} --token ${token} --relay http://127.0.0.1:${this.port}/studio/claude/${sessionId}`,
+      claudeBaseUrl: `http://127.0.0.1:${this.port}/studio/claude/${sessionId}`,
+    };
+  }
+
+  get(sessionId) {
+    return this.sessions.get(sessionId) || null;
+  }
+
+  authenticate(sessionId, token) {
+    const session = this.get(sessionId);
+    if (!session) return { error: "not_found" };
+    if (session.token !== token) return { error: "unauthorized" };
+    return { session };
+  }
+
+  submitEvent(sessionId, body) {
+    const auth = this.authenticate(sessionId, body.token);
+    if (auth.error) return auth;
+    const session = auth.session;
+    const event = normalizeEvent(session, body);
+
+    session.updatedAt = nowIso();
+    session.status = "event_pending";
+    if (session.pendingPolls.length > 0) {
+      const poll = session.pendingPolls.shift();
+      poll(event);
+    } else {
+      session.events.push(event);
+      if (session.events.length > MAX_EVENT_QUEUE) session.events.shift();
+    }
+    return { ok: true, eventId: event.id, status: session.status };
+  }
+
+  poll(sessionId, token, timeoutMs = DEFAULT_POLL_TIMEOUT) {
+    const auth = this.authenticate(sessionId, token);
+    if (auth.error) return Promise.resolve(auth);
+    const session = auth.session;
+    if (session.events.length > 0) {
+      session.status = "agent_received";
+      session.updatedAt = nowIso();
+      return Promise.resolve(session.events.shift());
+    }
+    if (session.stopped) return Promise.resolve({ type: "stopped" });
+
+    const timeout = Math.min(Math.max(Number(timeoutMs) || DEFAULT_POLL_TIMEOUT, 1), MAX_POLL_TIMEOUT);
+    session.status = "waiting_for_event";
+    session.updatedAt = nowIso();
+
+    return new Promise(resolve => {
+      const timer = setTimeout(() => {
+        session.pendingPolls = session.pendingPolls.filter(fn => fn !== finish);
+        resolve({ type: "timeout" });
+      }, timeout);
+      const finish = event => {
+        clearTimeout(timer);
+        session.status = "agent_received";
+        session.updatedAt = nowIso();
+        resolve(event);
+      };
+      session.pendingPolls.push(finish);
+    });
+  }
+
+  reply(sessionId, body) {
+    const auth = this.authenticate(sessionId, body.token);
+    if (auth.error) return auth;
+    const session = auth.session;
+    const reply = {
+      eventId: body.eventId,
+      status: body.status || body.type || "done",
+      message: body.message || "",
+      filesChanged: Array.isArray(body.filesChanged)
+        ? body.filesChanged
+        : body.file
+          ? [body.file]
+          : [],
+      createdAt: nowIso(),
+    };
+    session.replies.push(reply);
+    session.status = reply.status === "done" ? "done" : reply.status;
+    session.updatedAt = nowIso();
+    return { ok: true, status: session.status, reply };
+  }
+
+  status(sessionId, token) {
+    const auth = this.authenticate(sessionId, token);
+    if (auth.error) return auth;
+    const session = auth.session;
+    return {
+      ok: true,
+      sessionId: session.sessionId,
+      brandSlug: session.brandSlug,
+      appSlug: session.appSlug,
+      devUrl: session.devUrl,
+      status: session.status,
+      createdAt: session.createdAt,
+      updatedAt: session.updatedAt,
+      pendingEvents: session.events.length,
+      pendingPolls: session.pendingPolls.length,
+      replies: session.replies,
+      launch: {
+        started: !!session.launch?.started,
+        alreadyRunning: !!session.launch?.alreadyRunning,
+        command: session.launch?.command || session.devCommand,
+        url: session.launch?.url || session.devUrl,
+        pid: session.launch?.pid || null,
+      },
+    };
+  }
+
+  stop(sessionId, token) {
+    const auth = this.authenticate(sessionId, token);
+    if (auth.error) return auth;
+    const session = auth.session;
+    session.stopped = true;
+    session.status = "stopped";
+    session.updatedAt = nowIso();
+    if (session.launch?.process && !session.launch.process.killed) {
+      try {
+        session.launch.process.kill();
+      } catch {}
+    }
+    for (const poll of session.pendingPolls.splice(0)) poll({ type: "stopped" });
+    this.sessions.delete(sessionId);
+    return { ok: true, status: "stopped", sessionId };
+  }
+}
+
+export function createStudioDebugRuntime(options) {
+  const store = new StudioDebugSessionStore(options);
+
+  async function handle(req, res, url, cors) {
+    const reqPath = url.pathname;
+    const method = req.method;
+
+    if (method === "POST" && reqPath === "/studio/debug/start") {
+      try {
+        const body = await readBody(req);
+        const result = await store.start(body);
+        return writeJson(res, result.ok ? 200 : 400, result, cors);
+      } catch (err) {
+        return writeJson(res, 400, { ok: false, error: err.message }, cors);
+      }
+    }
+
+    const debugMatch = reqPath.match(/^\/studio\/debug\/([^/]+)\/(events|status|stop)$/);
+    const claudeMatch = reqPath.match(/^\/studio\/claude\/([^/]+)\/(poll|reply|status)$/);
+    if (!debugMatch && !claudeMatch) return false;
+    const [, sessionId, action] = debugMatch || claudeMatch;
+
+    try {
+      if (method === "POST" && action === "events") {
+        const result = store.submitEvent(sessionId, await readBody(req));
+        return writeJson(res, result.error === "unauthorized" ? 401 : result.error ? 404 : 200, result, cors);
+      }
+      if (method === "GET" && action === "poll") {
+        const result = await store.poll(sessionId, url.searchParams.get("token"), url.searchParams.get("timeout"));
+        return writeJson(res, result.error === "unauthorized" ? 401 : result.error ? 404 : 200, result, cors);
+      }
+      if (method === "POST" && action === "reply") {
+        const result = store.reply(sessionId, await readBody(req));
+        return writeJson(res, result.error === "unauthorized" ? 401 : result.error ? 404 : 200, result, cors);
+      }
+      if (method === "GET" && action === "status") {
+        const result = store.status(sessionId, url.searchParams.get("token"));
+        return writeJson(res, result.error === "unauthorized" ? 401 : result.error ? 404 : 200, result, cors);
+      }
+      if (method === "POST" && action === "stop") {
+        const body = await readBody(req);
+        const result = store.stop(sessionId, body.token || url.searchParams.get("token"));
+        return writeJson(res, result.error === "unauthorized" ? 401 : result.error ? 404 : 200, result, cors);
+      }
+      return writeJson(res, 405, { ok: false, error: "method_not_allowed" }, cors);
+    } catch (err) {
+      return writeJson(res, 400, { ok: false, error: err.message }, cors);
+    }
+  }
+
+  return { store, handle };
+}
+
+export const studioDebugTargets = APP_TARGETS;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lifeaitools/clauth",
-  "version": "1.5.74",
+  "version": "1.5.76",
   "description": "Hardware-bound credential vault for the LIFEAI infrastructure stack",
   "type": "module",
   "bin": {