@mjasano/devtunnel 1.2.0 → 1.4.0

package/.claude/settings.local.json

@@ -12,7 +12,11 @@
       "Bash(npm whoami:*)",
       "Bash(npm config set:*)",
       "Bash(npm view:*)",
-      "Bash(npm publish:*)"
+      "Bash(npm publish:*)",
+      "Bash(git add:*)",
+      "Bash(git commit:*)",
+      "Bash(git push:*)",
+      "Bash(gh release create:*)"
     ]
   }
 }

package/.prettierignore

@@ -0,0 +1,2 @@
+node_modules
+package-lock.json

package/.prettierrc

@@ -0,0 +1,8 @@
+{
+  "semi": true,
+  "singleQuote": true,
+  "tabWidth": 2,
+  "trailingComma": "es5",
+  "printWidth": 100,
+  "bracketSpacing": true
+}

package/CHANGELOG.md

@@ -5,6 +5,40 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.4.0] - 2026-01-02
+
+### Added
+- Passcode authentication system
+- Login page with passcode entry
+- Logout button in header
+- CLI `--passcode` option (auto-generate or custom)
+- Auth API endpoints (`/api/auth/status`, `/api/auth/login`, `/api/auth/logout`)
+
+### Security
+- Token-based session authentication (24h expiry)
+- WebSocket connection authentication
+- HTTP-only secure cookies for auth tokens
+
+## [1.3.0] - 2026-01-02
+
+### Added
+- File delete and rename functionality (right-click context menu)
+- File search filter in file explorer
+- WebSocket security (message size limit, rate limiting)
+- README.md documentation with API reference
+- ESLint and Prettier configuration
+- Test suite using Node.js built-in test runner
+
+### Changed
+- Express upgraded from 4.x to 5.x
+- Frontend split into separate files (styles.css, app.js)
+- CLI version now reads from package.json instead of hardcoded value
+
+### Security
+- Added 1MB max message size for WebSocket
+- Added rate limiting (100 messages/second per connection)
+- Added request body size limit (5MB) for JSON payloads
+
 ## [1.2.0] - 2025-01-02
 
 ### Added

package/README.md

@@ -0,0 +1,138 @@
+# DevTunnel
+
+Web-based terminal with integrated code editor and Cloudflare tunnel management. Access your development environment from anywhere.
+
+## Features
+
+- **Web Terminal**: Full-featured terminal with xterm.js
+  - Multiple terminal sessions with tabs
+  - Session persistence (24h timeout)
+  - tmux session integration
+- **Code Editor**: Monaco Editor (VS Code engine)
+  - File explorer with breadcrumb navigation
+  - 20+ language syntax highlighting
+  - Multi-file tabs with unsaved change indicators
+  - Keyboard shortcuts (Ctrl+S to save)
+- **Tunnel Manager**: Expose local ports via Cloudflare
+  - Quick tunnel creation
+  - Real-time status updates
+  - Copy-to-clipboard functionality
+- **System Monitor**: Real-time resource monitoring
+  - CPU and memory usage
+  - Uptime and load average
+
+## Installation
+
+```bash
+npm install -g @mjasano/devtunnel
+```
+
+### Prerequisites
+
+- Node.js 18+
+- cloudflared (auto-installed on macOS/Linux)
+
+## Usage
+
+```bash
+# Start DevTunnel with tunnel
+devtunnel
+
+# Use custom port
+devtunnel --port 8080
+
+# Enable passcode authentication (auto-generated)
+devtunnel --passcode
+
+# Enable passcode authentication (custom)
+devtunnel --passcode=MYCODE
+
+# Show help
+devtunnel --help
+
+# Show version
+devtunnel --version
+```
+
+## Authentication
+
+When running with `--passcode`, DevTunnel requires authentication:
+
+- A login page is shown before accessing the terminal
+- Passcode is displayed in the CLI output when auto-generated
+- Sessions remain authenticated for 24 hours
+- Use the Logout button in the header to end your session
+
+## Development
+
+```bash
+# Clone the repository
+git clone https://github.com/mjasano/web-terminal.git
+cd web-terminal
+
+# Install dependencies
+npm install
+
+# Start development server
+npm start
+```
+
+## Docker
+
+```bash
+# Build and run
+docker-compose up -d
+
+# Or with Docker
+docker build -t devtunnel .
+docker run -p 3000:3000 -v $(pwd):/workspace devtunnel
+```
+
+## Environment Variables
+
+| Variable | Description | Default |
+|----------|-------------|---------|
+| `PORT` | Server port | 3000 |
+| `WORKSPACE` | Root directory for file browser | Home directory |
+| `PASSCODE` | Authentication passcode | None (no auth) |
+
+## API Endpoints
+
+### REST API
+
+| Method | Endpoint | Description |
+|--------|----------|-------------|
+| GET | `/api/auth/status` | Check auth status |
+| POST | `/api/auth/login` | Login with passcode |
+| POST | `/api/auth/logout` | Logout |
+| GET | `/api/system` | System information |
+| GET | `/api/files` | File listing |
+| GET | `/api/files/read` | Read file content |
+| POST | `/api/files/write` | Write file content |
+| POST | `/api/files/delete` | Delete file/directory |
+| POST | `/api/files/rename` | Rename file/directory |
+| GET | `/api/sessions` | Terminal sessions |
+| DELETE | `/api/sessions/:id` | Kill session |
+| GET | `/api/tunnels` | Active tunnels |
+| POST | `/api/tunnels` | Create tunnel |
+| DELETE | `/api/tunnels/:id` | Stop tunnel |
+| GET | `/health` | Health check |
+
+### WebSocket Messages
+
+| Type | Direction | Description |
+|------|-----------|-------------|
+| `attach` | Client | Attach to session |
+| `detach` | Client | Detach from session |
+| `input` | Client | Terminal input |
+| `resize` | Client | Terminal resize |
+| `create-tunnel` | Client | Create tunnel |
+| `stop-tunnel` | Client | Stop tunnel |
+| `output` | Server | Terminal output |
+| `attached` | Server | Session attached |
+| `sessions` | Server | Session list |
+| `tunnels` | Server | Tunnel list |
+
+## License
+
+MIT

package/bin/cli.js

@@ -3,8 +3,14 @@
 const { spawn, execSync } = require('child_process');
 const path = require('path');
 const http = require('http');
+const crypto = require('crypto');
 
-const VERSION = '1.0.0';
+const { version: VERSION } = require('../package.json');
+
+// Generate random passcode
+function generatePasscode(length = 6) {
+  return crypto.randomBytes(length).toString('hex').slice(0, length).toUpperCase();
+}
 
 // Colors
 const c = {
@@ -97,11 +103,16 @@ function waitForServer(port, timeout = 10000) {
   });
 }
 
-function startServer(port) {
+function startServer(port, passcode = null) {
   const serverPath = path.join(__dirname, '..', 'server.js');
 
+  const env = { ...process.env, PORT: port };
+  if (passcode) {
+    env.PASSCODE = passcode;
+  }
+
   const server = spawn('node', [serverPath], {
-    env: { ...process.env, PORT: port },
+    env,
     stdio: ['ignore', 'pipe', 'pipe'],
     detached: false
   });
@@ -151,12 +162,17 @@ function startTunnel(port) {
   });
 }
 
-function showSuccess(url) {
+function showSuccess(url, passcode = null) {
   log('');
   log(`${c.green}${c.bold}  Ready!${c.reset}`);
   log('');
   log(`${c.bold}  Access from anywhere:${c.reset}`);
   log(`  ${c.cyan}${c.bold}${url}${c.reset}`);
+  if (passcode) {
+    log('');
+    log(`${c.bold}  Passcode:${c.reset}`);
+    log(`  ${c.yellow}${c.bold}${passcode}${c.reset}`);
+  }
   log('');
   log(`${c.dim}  Features:${c.reset}`);
   log(`${c.dim}  - Web terminal with session persistence${c.reset}`);
@@ -174,11 +190,13 @@ async function main() {
   if (command === '--help' || command === '-h') {
     banner();
     log(`${c.bold}Usage:${c.reset}`);
-    log(`  devtunnel              Start DevTunnel`);
-    log(`  devtunnel start        Start DevTunnel`);
-    log(`  devtunnel --port 8080  Use custom port`);
-    log(`  devtunnel --help       Show this help`);
-    log(`  devtunnel --version    Show version`);
+    log(`  devtunnel                       Start DevTunnel`);
+    log(`  devtunnel start                 Start DevTunnel`);
+    log(`  devtunnel --port 8080           Use custom port`);
+    log(`  devtunnel --passcode            Enable auth with auto-generated passcode`);
+    log(`  devtunnel --passcode=MYCODE     Enable auth with custom passcode`);
+    log(`  devtunnel --help                Show this help`);
+    log(`  devtunnel --version             Show version`);
     log('');
     return;
   }
@@ -195,6 +213,17 @@ async function main() {
     port = parseInt(args[portIndex + 1]);
   }
 
+  // Parse passcode
+  let passcode = null;
+  const passcodeArg = args.find(arg => arg.startsWith('--passcode'));
+  if (passcodeArg) {
+    if (passcodeArg.includes('=')) {
+      passcode = passcodeArg.split('=')[1];
+    } else {
+      passcode = generatePasscode();
+    }
+  }
+
   banner();
 
   // Check cloudflared
@@ -206,7 +235,7 @@ async function main() {
 
   // Start server
   log(`${c.dim}Starting server on port ${port}...${c.reset}`);
-  const server = startServer(port);
+  const server = startServer(port, passcode);
 
   try {
     await waitForServer(port);
@@ -223,7 +252,7 @@ async function main() {
     const { tunnel, url } = await startTunnel(port);
     log(`${c.green}✓${c.reset} Tunnel created`);
 
-    showSuccess(url);
+    showSuccess(url, passcode);
 
     // Handle shutdown
     const cleanup = () => {

package/eslint.config.js

@@ -0,0 +1,32 @@
+module.exports = [
+  {
+    ignores: ['node_modules/**', 'public/app.js'],
+  },
+  {
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: 'commonjs',
+      globals: {
+        console: 'readonly',
+        process: 'readonly',
+        Buffer: 'readonly',
+        __dirname: 'readonly',
+        require: 'readonly',
+        module: 'readonly',
+        exports: 'readonly',
+        setInterval: 'readonly',
+        clearInterval: 'readonly',
+        setTimeout: 'readonly',
+        clearTimeout: 'readonly',
+      },
+    },
+    rules: {
+      'no-unused-vars': ['error', { argsIgnorePattern: '^_', varsIgnorePattern: '^_' }],
+      'no-console': 'off',
+      'prefer-const': 'error',
+      'no-var': 'error',
+      eqeqeq: ['error', 'always'],
+      curly: ['error', 'multi-line'],
+    },
+  },
+];

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mjasano/devtunnel",
-  "version": "1.2.0",
+  "version": "1.4.0",
   "description": "Web terminal with code editor and tunnel manager - access your dev environment from anywhere",
   "main": "server.js",
   "bin": {
@@ -8,7 +8,12 @@
   },
   "scripts": {
     "start": "node server.js",
-    "dev": "node server.js"
+    "dev": "node server.js",
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
+    "format": "prettier --write .",
+    "format:check": "prettier --check .",
+    "test": "node --test"
   },
   "keywords": [
     "terminal",
@@ -21,7 +26,11 @@
   "license": "MIT",
   "dependencies": {
     "@homebridge/node-pty-prebuilt-multiarch": "^0.13.1",
-    "express": "^4.18.2",
+    "express": "^5.0.1",
     "ws": "^8.14.2"
+  },
+  "devDependencies": {
+    "eslint": "^9.17.0",
+    "prettier": "^3.4.2"
   }
 }