@mcp-weave/webui 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/README.md +7 -7
  2. package/dist/index.d.mts +5 -0
  3. package/dist/index.d.ts +5 -0
  4. package/dist/index.js +25 -5
  5. package/dist/index.js.map +1 -1
  6. package/dist/index.mjs +27 -6
  7. package/dist/index.mjs.map +1 -1
  8. package/package.json +2 -2
package/dist/index.mjs CHANGED
@@ -1123,7 +1123,8 @@ import {
1123
1123
  getServerMetadata,
1124
1124
  getToolsMetadata,
1125
1125
  getResourcesMetadata,
1126
- getPromptsMetadata
1126
+ getPromptsMetadata,
1127
+ createAuthMiddleware
1127
1128
  } from "@mcp-weave/nestjs";
1128
1129
  var McpWebUI = class extends EventEmitter {
1129
1130
  serverClass;
@@ -1133,6 +1134,7 @@ var McpWebUI = class extends EventEmitter {
1133
1134
  serverInfo = null;
1134
1135
  callHistory = [];
1135
1136
  logs = [];
1137
+ authMiddleware;
1136
1138
  constructor(serverClass, options = {}) {
1137
1139
  super();
1138
1140
  if (!isMcpServer(serverClass)) {
@@ -1144,8 +1146,10 @@ var McpWebUI = class extends EventEmitter {
1144
1146
  host: options.host ?? "localhost",
1145
1147
  title: options.title ?? "MCP Server Dashboard",
1146
1148
  theme: options.theme ?? "dark",
1147
- enableLogs: options.enableLogs ?? true
1149
+ enableLogs: options.enableLogs ?? true,
1150
+ auth: options.auth
1148
1151
  };
1152
+ this.authMiddleware = createAuthMiddleware(options.auth);
1149
1153
  }
1150
1154
  /**
1151
1155
  * Initialize server instance and extract metadata
@@ -1250,12 +1254,12 @@ var McpWebUI = class extends EventEmitter {
1250
1254
  /**
1251
1255
  * Handle HTTP requests
1252
1256
  */
1253
- handleRequest(req, res) {
1257
+ async handleRequest(req, res) {
1254
1258
  const parsedUrl = url.parse(req.url ?? "/", true);
1255
1259
  const pathname = parsedUrl.pathname ?? "/";
1256
1260
  res.setHeader("Access-Control-Allow-Origin", "*");
1257
1261
  res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
1258
- res.setHeader("Access-Control-Allow-Headers", "Content-Type");
1262
+ res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Api-Key");
1259
1263
  if (req.method === "OPTIONS") {
1260
1264
  res.writeHead(200);
1261
1265
  res.end();
@@ -1263,7 +1267,19 @@ var McpWebUI = class extends EventEmitter {
1263
1267
  }
1264
1268
  if (pathname === "/" && req.method === "GET") {
1265
1269
  this.serveDashboard(res);
1266
- } else if (pathname === "/api/info" && req.method === "GET") {
1270
+ return;
1271
+ }
1272
+ if (pathname.startsWith("/api/")) {
1273
+ const authResult = await this.authMiddleware(req, res);
1274
+ if (!authResult) return;
1275
+ if (this.options.auth?.enabled) {
1276
+ this.log(
1277
+ `[${authResult.requestId}] ${authResult.auth.clientName ?? authResult.auth.clientId} - ${req.method} ${pathname}`
1278
+ );
1279
+ }
1280
+ res.setHeader("X-Request-Id", authResult.requestId);
1281
+ }
1282
+ if (pathname === "/api/info" && req.method === "GET") {
1267
1283
  this.serveServerInfo(res);
1268
1284
  } else if (pathname === "/api/tools" && req.method === "GET") {
1269
1285
  this.serveTools(res);
@@ -1299,7 +1315,12 @@ var McpWebUI = class extends EventEmitter {
1299
1315
  */
1300
1316
  serveServerInfo(res) {
1301
1317
  res.writeHead(200, { "Content-Type": "application/json" });
1302
- res.end(JSON.stringify(this.serverInfo));
1318
+ res.end(
1319
+ JSON.stringify({
1320
+ ...this.serverInfo,
1321
+ authEnabled: this.options.auth?.enabled ?? false
1322
+ })
1323
+ );
1303
1324
  }
1304
1325
  /**
1305
1326
  * Serve tools list