@lightupai/polaris 0.0.1

package/src/service/server.ts

@@ -0,0 +1,406 @@
+import { type Server, type ServerWebSocket } from "bun";
+import { z } from "zod";
+import {
+  createDb,
+  createOrg,
+  createProject,
+  getProject,
+  createSession,
+  getSession,
+  setDriver,
+  clearDriver,
+  pushEvent,
+  getProjectEvents,
+  getSessionEvents,
+  getEventsSince,
+  type Sql,
+} from "./db";
+import { verifyToken, type TokenPayload } from "./auth";
+import type { PolarisEvent, ParticipantId } from "../types";
+import { HookPayload, ParticipantId as ParticipantIdSchema } from "../types";
+
+// --- WebSocket subscriber management ---
+
+type WsData = { project: string; session?: string };
+const projectSubs = new Map<string, Set<ServerWebSocket<WsData>>>();
+const sessionSubs = new Map<string, Set<ServerWebSocket<WsData>>>();
+
+function subKey(project: string, session?: string): string {
+  return session ? `${project}/${session}` : project;
+}
+
+function addSub(ws: ServerWebSocket<WsData>) {
+  const { project, session } = ws.data;
+  if (session) {
+    const key = subKey(project, session);
+    if (!sessionSubs.has(key)) sessionSubs.set(key, new Set());
+    sessionSubs.get(key)!.add(ws);
+  } else {
+    if (!projectSubs.has(project)) projectSubs.set(project, new Set());
+    projectSubs.get(project)!.add(ws);
+  }
+}
+
+function removeSub(ws: ServerWebSocket<WsData>) {
+  const { project, session } = ws.data;
+  if (session) {
+    sessionSubs.get(subKey(project, session))?.delete(ws);
+  } else {
+    projectSubs.get(project)?.delete(ws);
+  }
+}
+
+function broadcastEvent(event: PolarisEvent) {
+  const msg = JSON.stringify(event);
+  for (const ws of projectSubs.get(event.project) ?? []) {
+    ws.send(msg);
+  }
+  const sessionKey = subKey(event.project, event.session);
+  for (const ws of sessionSubs.get(sessionKey) ?? []) {
+    if (!projectSubs.get(event.project)?.has(ws)) {
+      ws.send(msg);
+    }
+  }
+}
+
+// --- SSE helpers ---
+
+type SseController = ReadableStreamDefaultController<Uint8Array>;
+const projectSseClients = new Map<string, Set<SseController>>();
+const sessionSseClients = new Map<string, Set<SseController>>();
+
+function addSse(controller: SseController, project: string, session?: string) {
+  if (session) {
+    const key = subKey(project, session);
+    if (!sessionSseClients.has(key)) sessionSseClients.set(key, new Set());
+    sessionSseClients.get(key)!.add(controller);
+  } else {
+    if (!projectSseClients.has(project)) projectSseClients.set(project, new Set());
+    projectSseClients.get(project)!.add(controller);
+  }
+}
+
+function removeSse(controller: SseController, project: string, session?: string) {
+  if (session) {
+    sessionSseClients.get(subKey(project, session))?.delete(controller);
+  } else {
+    projectSseClients.get(project)?.delete(controller);
+  }
+}
+
+function broadcastSse(event: PolarisEvent) {
+  const data = `data: ${JSON.stringify(event)}\n\n`;
+  const bytes = new TextEncoder().encode(data);
+  for (const ctrl of projectSseClients.get(event.project) ?? []) {
+    try { ctrl.enqueue(bytes); } catch { /* client disconnected */ }
+  }
+  const sessionKey = subKey(event.project, event.session);
+  for (const ctrl of sessionSseClients.get(sessionKey) ?? []) {
+    if (!projectSseClients.get(event.project)?.has(ctrl)) {
+      try { ctrl.enqueue(bytes); } catch { /* client disconnected */ }
+    }
+  }
+}
+
+// --- Route matching ---
+
+type RouteParams = Record<string, string>;
+
+function matchRoute(method: string, pathname: string, pattern: string, expectedMethod: string): RouteParams | null {
+  if (method !== expectedMethod) return null;
+  const patternParts = pattern.split("/");
+  const pathParts = pathname.split("/");
+  if (patternParts.length !== pathParts.length) return null;
+  const params: RouteParams = {};
+  for (let i = 0; i < patternParts.length; i++) {
+    if (patternParts[i].startsWith(":")) {
+      params[patternParts[i].slice(1)] = pathParts[i];
+    } else if (patternParts[i] !== pathParts[i]) {
+      return null;
+    }
+  }
+  return params;
+}
+
+// --- Helpers ---
+
+async function jsonBody(req: Request): Promise<unknown> {
+  try {
+    return await req.json();
+  } catch {
+    return null;
+  }
+}
+
+function json(data: unknown, status = 200): Response {
+  return new Response(JSON.stringify(data), {
+    status,
+    headers: { "Content-Type": "application/json" },
+  });
+}
+
+function error(message: string, status: number): Response {
+  return json({ error: message }, status);
+}
+
+// --- Auth helper ---
+
+async function resolveOrgId(req: Request, defaultOrgId: string): Promise<string> {
+  const auth = req.headers.get("Authorization");
+  if (auth?.startsWith("Bearer ")) {
+    const token = auth.slice(7);
+    const payload = await verifyToken(token);
+    if (payload) return payload.org_id;
+  }
+  return defaultOrgId;
+}
+
+// --- Server factory ---
+
+export async function startServer(opts: {
+  port?: number;
+  databaseUrl?: string;
+  defaultOrgId?: string;
+} = {}): Promise<{
+  server: Server;
+  sql: Sql;
+  defaultOrgId: string;
+  stop: () => Promise<void>;
+}> {
+  const sql = await createDb(opts.databaseUrl);
+  const port = opts.port ?? Number(process.env.PORT ?? 4321);
+  const defaultOrgId = opts.defaultOrgId ?? "default";
+
+  // Ensure default org exists for backward compat (tests, daemon without auth)
+  try {
+    await createOrg(sql, defaultOrgId, "Default", undefined);
+  } catch {
+    // Already exists
+  }
+
+  const server = Bun.serve<WsData>({
+    port,
+    hostname: "0.0.0.0",
+
+    websocket: {
+      open(ws) { addSub(ws); },
+      close(ws) { removeSub(ws); },
+      message() {},
+    },
+
+    async fetch(req, server) {
+      const url = new URL(req.url);
+      const { pathname } = url;
+      const method = req.method;
+      let params: RouteParams | null;
+
+      // Resolve org from auth token or use default
+      const orgId = await resolveOrgId(req, defaultOrgId);
+
+      // --- WebSocket upgrade ---
+      params = matchRoute(method, pathname, "/projects/:proj/ws", "GET");
+      if (params) {
+        const upgraded = server.upgrade(req, { data: { project: params.proj } });
+        return upgraded ? undefined : error("WebSocket upgrade failed", 400);
+      }
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/ws", "GET");
+      if (params) {
+        const upgraded = server.upgrade(req, { data: { project: params.proj, session: params.sess } });
+        return upgraded ? undefined : error("WebSocket upgrade failed", 400);
+      }
+
+      // --- Project endpoints ---
+
+      params = matchRoute(method, pathname, "/projects", "POST");
+      if (params) {
+        const body = await jsonBody(req);
+        const parsed = z.object({ name: z.string().min(1) }).safeParse(body);
+        if (!parsed.success) return error("Invalid body: name is required", 400);
+        try {
+          const project = await createProject(sql, orgId, parsed.data.name);
+          return json(project, 201);
+        } catch {
+          return error("Project already exists", 409);
+        }
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj", "GET");
+      if (params) {
+        const project = await getProject(sql, orgId, params.proj);
+        if (!project) return error("Project not found", 404);
+        return json(project);
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/messages", "GET");
+      if (params) {
+        const project = await getProject(sql, orgId, params.proj);
+        if (!project) return error("Project not found", 404);
+        const since = url.searchParams.get("since");
+        const events = since
+          ? await getEventsSince(sql, orgId, params.proj, since)
+          : await getProjectEvents(sql, orgId, params.proj);
+        return json(events);
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/events", "GET");
+      if (params) {
+        const project = await getProject(sql, orgId, params.proj);
+        if (!project) return error("Project not found", 404);
+        const proj = params.proj;
+        let controller: SseController;
+        const stream = new ReadableStream<Uint8Array>({
+          start(ctrl) { controller = ctrl; addSse(controller, proj); },
+          cancel() { removeSse(controller, proj); },
+        });
+        return new Response(stream, {
+          headers: { "Content-Type": "text/event-stream", "Cache-Control": "no-cache", Connection: "keep-alive" },
+        });
+      }
+
+      // --- Session endpoints ---
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions", "POST");
+      if (params) {
+        const project = await getProject(sql, orgId, params.proj);
+        if (!project) return error("Project not found", 404);
+        const body = await jsonBody(req);
+        const parsed = z
+          .object({ name: z.string().min(1), driver: ParticipantIdSchema.nullable().default(null) })
+          .safeParse(body);
+        if (!parsed.success) return error("Invalid body: name is required", 400);
+        try {
+          const session = await createSession(sql, orgId, params.proj, parsed.data.name, parsed.data.driver);
+          return json(session, 201);
+        } catch {
+          return error("Session already exists in this project", 409);
+        }
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess", "GET");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        return json(session);
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/events", "POST");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        const body = await jsonBody(req);
+        const parsed = z
+          .object({ sender: ParticipantIdSchema, payload: HookPayload })
+          .safeParse(body);
+        if (!parsed.success) return error(`Invalid body: ${parsed.error.message}`, 400);
+        const event: PolarisEvent = {
+          id: crypto.randomUUID(),
+          project: params.proj,
+          session: params.sess,
+          timestamp: new Date().toISOString(),
+          source: "hook",
+          sender: parsed.data.sender,
+          payload: parsed.data.payload,
+        };
+        await pushEvent(sql, orgId, event);
+        broadcastEvent(event);
+        broadcastSse(event);
+        return json(event, 201);
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/events", "GET");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        const proj = params.proj;
+        const sess = params.sess;
+        let controller: SseController;
+        const stream = new ReadableStream<Uint8Array>({
+          start(ctrl) { controller = ctrl; addSse(controller, proj, sess); },
+          cancel() { removeSse(controller, proj, sess); },
+        });
+        return new Response(stream, {
+          headers: { "Content-Type": "text/event-stream", "Cache-Control": "no-cache", Connection: "keep-alive" },
+        });
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/inject", "POST");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        const body = await jsonBody(req);
+        const parsed = z
+          .object({ content: z.string().min(1), sender: ParticipantIdSchema })
+          .safeParse(body);
+        if (!parsed.success) return error(`Invalid body: ${parsed.error.message}`, 400);
+        const event: PolarisEvent = {
+          id: crypto.randomUUID(),
+          project: params.proj,
+          session: params.sess,
+          timestamp: new Date().toISOString(),
+          source: "inject",
+          sender: parsed.data.sender,
+          payload: {
+            type: "inject" as const,
+            content: parsed.data.content,
+            sender: parsed.data.sender,
+            target: params.sess,
+          },
+        };
+        await pushEvent(sql, orgId, event);
+        broadcastEvent(event);
+        broadcastSse(event);
+        return json(event, 201);
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/messages", "GET");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        const events = await getSessionEvents(sql, orgId, params.proj, params.sess);
+        return json(events);
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/handoff", "POST");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        if (!session.driver) return error("Session has no driver to hand off", 400);
+        await clearDriver(sql, orgId, params.proj, params.sess);
+        return json({ status: "open", session: params.sess });
+      }
+
+      params = matchRoute(method, pathname, "/projects/:proj/sessions/:sess/driver", "POST");
+      if (params) {
+        const session = await getSession(sql, orgId, params.proj, params.sess);
+        if (!session) return error("Session not found", 404);
+        if (session.driver) return error(`Session already has driver: ${session.driver}`, 409);
+        const body = await jsonBody(req);
+        const parsed = z.object({ driver: ParticipantIdSchema }).safeParse(body);
+        if (!parsed.success) return error("Invalid body: driver is required", 400);
+        await setDriver(sql, orgId, params.proj, params.sess, parsed.data.driver);
+        return json({ status: "claimed", driver: parsed.data.driver, session: params.sess });
+      }
+
+      if (method === "GET" && pathname === "/status") {
+        return json({ ok: true, version: "0.0.1" });
+      }
+
+      return error("Not found", 404);
+    },
+  });
+
+  return {
+    server,
+    sql,
+    defaultOrgId,
+    stop: async () => {
+      server.stop(true);
+      await sql.end();
+    },
+  };
+}
+
+if (import.meta.main) {
+  const { server } = await startServer();
+  console.error(`Polaris server listening on port ${server.port}`);
+}

package/src/slack/system.ts

@@ -0,0 +1,107 @@
+// --- Slack system channel: create, post events ---
+
+const SYSTEM_CHANNEL_NAME = "polaris-system";
+
+async function slackApi(token: string, method: string, body?: Record<string, unknown>): Promise<Record<string, unknown>> {
+  const res = await fetch(`https://slack.com/api/${method}`, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/json",
+    },
+    body: body ? JSON.stringify(body) : undefined,
+  });
+  return (await res.json()) as Record<string, unknown>;
+}
+
+// Look up a Slack user ID by email.
+async function lookupSlackUser(botToken: string, email: string): Promise<string | null> {
+  const res = await slackApi(botToken, "users.lookupByEmail", { email });
+  if (res.ok) return (res.user as { id: string }).id;
+  return null;
+}
+
+// Create the #polaris-system channel and return its ID.
+// If it already exists, join it and return its ID.
+// Optionally invites a user (by email) to the channel.
+export async function createSystemChannel(botToken: string, inviteEmail?: string): Promise<string> {
+  // Try to create
+  const createRes = await slackApi(botToken, "conversations.create", {
+    name: SYSTEM_CHANNEL_NAME,
+    is_private: false,
+  });
+
+  if (createRes.ok) {
+    const channelId = (createRes.channel as { id: string }).id;
+    await slackApi(botToken, "conversations.setTopic", {
+      channel: channelId,
+      topic: "Polaris system events — device connections, sessions, handoffs",
+    });
+    if (inviteEmail) {
+      const slackUserId = await lookupSlackUser(botToken, inviteEmail);
+      if (slackUserId) {
+        await slackApi(botToken, "conversations.invite", { channel: channelId, users: slackUserId });
+      }
+    }
+    return channelId;
+  }
+
+  // Channel already exists — find it and join
+  if (createRes.error === "name_taken") {
+    // Search for it
+    let cursor: string | undefined;
+    do {
+      const listRes = await slackApi(botToken, "conversations.list", {
+        types: "public_channel",
+        limit: 200,
+        exclude_archived: true,
+        ...(cursor ? { cursor } : {}),
+      }) as { ok: boolean; channels?: Array<{ id: string; name: string }>; response_metadata?: { next_cursor?: string } };
+
+      if (listRes.ok && listRes.channels) {
+        const found = listRes.channels.find((c) => c.name === SYSTEM_CHANNEL_NAME);
+        if (found) {
+          await slackApi(botToken, "conversations.join", { channel: found.id });
+          if (inviteEmail) {
+            const slackUserId = await lookupSlackUser(botToken, inviteEmail);
+            if (slackUserId) {
+              await slackApi(botToken, "conversations.invite", { channel: found.id, users: slackUserId });
+            }
+          }
+          return found.id;
+        }
+      }
+      cursor = listRes.response_metadata?.next_cursor || undefined;
+    } while (cursor);
+  }
+
+  throw new Error(`Failed to create or find #${SYSTEM_CHANNEL_NAME} channel: ${createRes.error}`);
+}
+
+// Post a system event to the #polaris channel.
+export async function postSystemEvent(
+  botToken: string,
+  channelId: string,
+  text: string,
+  context?: string
+): Promise<void> {
+  const blocks: Array<Record<string, unknown>> = [
+    {
+      type: "section",
+      text: { type: "mrkdwn", text },
+    },
+  ];
+
+  if (context) {
+    blocks.push({
+      type: "context",
+      elements: [{ type: "mrkdwn", text: context }],
+    });
+  }
+
+  await slackApi(botToken, "chat.postMessage", {
+    channel: channelId,
+    text, // fallback for notifications
+    blocks,
+  });
+}

package/src/types.ts

@@ -0,0 +1,108 @@
+import { z } from "zod";
+
+// --- Participant Identity ---
+
+export const ParticipantId = z
+  .string()
+  .regex(
+    /^(user|agent):[a-z0-9][a-z0-9._-]*$/,
+    "Must be user:<name> or agent:<name> (lowercase alphanumeric, dots, hyphens, underscores)"
+  );
+
+export type ParticipantId = z.infer<typeof ParticipantId>;
+
+// --- Hook Event Payloads ---
+
+const HookCommon = z.object({
+  session_id: z.string(),
+  transcript_path: z.string().optional(),
+  cwd: z.string().optional(),
+  permission_mode: z.string().optional(),
+});
+
+export const UserPromptSubmitPayload = HookCommon.extend({
+  hook_event_name: z.literal("UserPromptSubmit"),
+  prompt: z.string(),
+});
+
+export const StopPayload = HookCommon.extend({
+  hook_event_name: z.literal("Stop"),
+  stop_response: z.string(),
+});
+
+export const PreToolUsePayload = HookCommon.extend({
+  hook_event_name: z.literal("PreToolUse"),
+  tool_name: z.string(),
+  tool_input: z.record(z.unknown()),
+});
+
+export const PostToolUsePayload = HookCommon.extend({
+  hook_event_name: z.literal("PostToolUse"),
+  tool_name: z.string(),
+  tool_input: z.record(z.unknown()),
+  tool_result: z.unknown(),
+});
+
+export const HookPayload = z.discriminatedUnion("hook_event_name", [
+  UserPromptSubmitPayload,
+  StopPayload,
+  PreToolUsePayload,
+  PostToolUsePayload,
+]);
+
+export type HookPayload = z.infer<typeof HookPayload>;
+
+// --- Inject & Reply Messages ---
+
+export const InjectMessage = z.object({
+  type: z.literal("inject"),
+  content: z.string(),
+  sender: ParticipantId,
+  target: z.string().min(1, "target session is required"),
+});
+
+export type InjectMessage = z.infer<typeof InjectMessage>;
+
+export const ReplyMessage = z.object({
+  type: z.literal("reply"),
+  content: z.string(),
+  sender: ParticipantId,
+  in_reply_to: z.string().optional(),
+});
+
+export type ReplyMessage = z.infer<typeof ReplyMessage>;
+
+// --- Event Envelope ---
+
+export const EventSource = z.enum(["hook", "inject", "reply"]);
+export type EventSource = z.infer<typeof EventSource>;
+
+export const PolarisEvent = z.object({
+  id: z.string().uuid(),
+  project: z.string().min(1),
+  session: z.string().min(1),
+  timestamp: z.string().datetime(),
+  source: EventSource,
+  sender: ParticipantId,
+  payload: z.union([HookPayload, InjectMessage, ReplyMessage]),
+});
+
+export type PolarisEvent = z.infer<typeof PolarisEvent>;
+
+// --- Project & Session Models ---
+
+export const Project = z.object({
+  name: z.string().min(1),
+  created_at: z.string().datetime(),
+});
+
+export type Project = z.infer<typeof Project>;
+
+export const Session = z.object({
+  name: z.string().min(1),
+  project: z.string().min(1),
+  driver: ParticipantId.nullable(),
+  created_at: z.string().datetime(),
+});
+
+export type Session = z.infer<typeof Session>;