@linkshell/gateway 0.2.26 → 0.2.27

package/src/state-store.ts

@@ -0,0 +1,131 @@
+export interface StoredTokenRecord {
+  token: string;
+  sessionIds: string[];
+  createdAt: number;
+  lastUsedAt: number;
+}
+
+export interface StoredPairingRecord {
+  sessionId: string;
+  pairingCode: string;
+  expiresAt: number;
+  claimed: boolean;
+}
+
+export interface GatewayStateStore {
+  loadTokens(): Promise<StoredTokenRecord[]>;
+  saveToken(record: StoredTokenRecord): Promise<void>;
+  deleteToken(token: string): Promise<void>;
+  loadPairings(): Promise<StoredPairingRecord[]>;
+  savePairing(record: StoredPairingRecord): Promise<void>;
+  deletePairing(pairingCode: string): Promise<void>;
+}
+
+const TOKEN_TABLE = process.env.SUPABASE_GATEWAY_TOKEN_TABLE ?? "linkshell_gateway_tokens";
+const PAIRING_TABLE = process.env.SUPABASE_GATEWAY_PAIRING_TABLE ?? "linkshell_gateway_pairings";
+
+function msToIso(ms: number): string {
+  return new Date(ms).toISOString();
+}
+
+function isoToMs(value: unknown): number {
+  if (typeof value !== "string") return Date.now();
+  const parsed = Date.parse(value);
+  return Number.isNaN(parsed) ? Date.now() : parsed;
+}
+
+export function createSupabaseStateStore(): GatewayStateStore | undefined {
+  const url = process.env.SUPABASE_URL?.replace(/\/+$/, "");
+  const key = process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.SUPABASE_ANON_KEY;
+  if (!url || !key) return undefined;
+
+  const headers = {
+    apikey: key,
+    Authorization: `Bearer ${key}`,
+    "Content-Type": "application/json",
+  };
+
+  async function request<T>(path: string, init?: RequestInit): Promise<T> {
+    const res = await fetch(`${url}/rest/v1/${path}`, {
+      ...init,
+      headers: {
+        ...headers,
+        ...(init?.headers ?? {}),
+      },
+    });
+    if (!res.ok) {
+      const body = await res.text().catch(() => "");
+      throw new Error(`Supabase state store ${res.status}: ${body || res.statusText}`);
+    }
+    if (res.status === 204) return undefined as T;
+    return (await res.json()) as T;
+  }
+
+  return {
+    async loadTokens() {
+      const rows = await request<Array<Record<string, unknown>>>(
+        `${TOKEN_TABLE}?select=token,session_ids,created_at,last_used_at`,
+      );
+      return rows.map((row) => ({
+        token: String(row.token ?? ""),
+        sessionIds: Array.isArray(row.session_ids)
+          ? row.session_ids.map(String)
+          : [],
+        createdAt: isoToMs(row.created_at),
+        lastUsedAt: isoToMs(row.last_used_at),
+      })).filter((record) => record.token);
+    },
+    async saveToken(record) {
+      await request(
+        `${TOKEN_TABLE}?on_conflict=token`,
+        {
+          method: "POST",
+          headers: { Prefer: "resolution=merge-duplicates" },
+          body: JSON.stringify({
+            token: record.token,
+            session_ids: record.sessionIds,
+            created_at: msToIso(record.createdAt),
+            last_used_at: msToIso(record.lastUsedAt),
+          }),
+        },
+      );
+    },
+    async deleteToken(token) {
+      await request(`${TOKEN_TABLE}?token=eq.${encodeURIComponent(token)}`, {
+        method: "DELETE",
+      });
+    },
+    async loadPairings() {
+      const rows = await request<Array<Record<string, unknown>>>(
+        `${PAIRING_TABLE}?select=pairing_code,session_id,expires_at,claimed`,
+      );
+      return rows.map((row) => ({
+        pairingCode: String(row.pairing_code ?? ""),
+        sessionId: String(row.session_id ?? ""),
+        expiresAt: isoToMs(row.expires_at),
+        claimed: row.claimed === true,
+      })).filter((record) => record.pairingCode && record.sessionId);
+    },
+    async savePairing(record) {
+      await request(
+        `${PAIRING_TABLE}?on_conflict=pairing_code`,
+        {
+          method: "POST",
+          headers: { Prefer: "resolution=merge-duplicates" },
+          body: JSON.stringify({
+            pairing_code: record.pairingCode,
+            session_id: record.sessionId,
+            expires_at: msToIso(record.expiresAt),
+            claimed: record.claimed,
+          }),
+        },
+      );
+    },
+    async deletePairing(pairingCode) {
+      await request(
+        `${PAIRING_TABLE}?pairing_code=eq.${encodeURIComponent(pairingCode)}`,
+        { method: "DELETE" },
+      );
+    },
+  };
+}

package/src/tokens.ts

@@ -1,4 +1,5 @@
 import { randomUUID } from "node:crypto";
+import type { GatewayStateStore } from "./state-store.js";
 
 const CLEANUP_INTERVAL = 5 * 60_000;
 const SESSION_TTL = 7 * 24 * 60 * 60_000; // 7 days — prune stale bindings
@@ -15,14 +16,40 @@ export class TokenManager {
   private sessionToToken = new Map<string, string>();
   private cleanupTimer: ReturnType<typeof setInterval>;
 
-  constructor() {
+  constructor(private readonly store?: GatewayStateStore) {
     this.cleanupTimer = setInterval(() => this.cleanup(), CLEANUP_INTERVAL);
   }
 
+  async hydrate(): Promise<void> {
+    if (!this.store) return;
+    try {
+      const records = await this.store.loadTokens();
+      const now = Date.now();
+      for (const record of records) {
+        if (now - record.lastUsedAt > SESSION_TTL) {
+          void this.store.deleteToken(record.token).catch(() => {});
+          continue;
+        }
+        this.tokens.set(record.token, {
+          token: record.token,
+          sessionIds: new Set(record.sessionIds),
+          createdAt: record.createdAt,
+          lastUsedAt: record.lastUsedAt,
+        });
+        for (const sessionId of record.sessionIds) {
+          this.sessionToToken.set(sessionId, record.token);
+        }
+      }
+    } catch (err) {
+      process.stderr.write(`[gateway] token store hydrate failed, using memory only: ${err}\n`);
+    }
+  }
+
   register(deviceToken?: string): string {
     if (deviceToken && this.tokens.has(deviceToken)) {
       const record = this.tokens.get(deviceToken)!;
       record.lastUsedAt = Date.now();
+      this.persist(record);
       return deviceToken;
     }
     const token = deviceToken || randomUUID();
@@ -32,6 +59,7 @@ export class TokenManager {
       createdAt: Date.now(),
       lastUsedAt: Date.now(),
     });
+    this.persist(this.tokens.get(token)!);
     return token;
   }
 
@@ -41,6 +69,7 @@ export class TokenManager {
     record.sessionIds.add(sessionId);
     record.lastUsedAt = Date.now();
     this.sessionToToken.set(sessionId, token);
+    this.persist(record);
     return true;
   }
 
@@ -48,6 +77,7 @@ export class TokenManager {
     const record = this.tokens.get(token);
     if (!record) return false;
     record.lastUsedAt = Date.now();
+    this.persist(record);
     return true;
   }
 
@@ -55,6 +85,7 @@ export class TokenManager {
     const record = this.tokens.get(token);
     if (!record) return false;
     record.lastUsedAt = Date.now();
+    this.persist(record);
     return record.sessionIds.has(sessionId);
   }
 
@@ -62,6 +93,7 @@ export class TokenManager {
     const record = this.tokens.get(token);
     if (!record) return new Set();
     record.lastUsedAt = Date.now();
+    this.persist(record);
     return record.sessionIds;
   }
 
@@ -77,10 +109,22 @@ export class TokenManager {
           this.sessionToToken.delete(sid);
         }
         this.tokens.delete(token);
+        void this.store?.deleteToken(token).catch(() => {});
       }
     }
   }
 
+  private persist(record: TokenRecord): void {
+    void this.store?.saveToken({
+      token: record.token,
+      sessionIds: [...record.sessionIds],
+      createdAt: record.createdAt,
+      lastUsedAt: record.lastUsedAt,
+    }).catch((err) => {
+      process.stderr.write(`[gateway] token store save failed: ${err}\n`);
+    });
+  }
+
   destroy(): void {
     clearInterval(this.cleanupTimer);
   }