@mooncompany/uplink-chat 0.5.0

package/server/config.js

@@ -0,0 +1,159 @@
+/**
+ * Config Module - Environment variables and constants
+ */
+
+import { config } from 'dotenv';
+import path from 'path';
+import { fileURLToPath } from 'url';
+import { createLogger } from './logger.js';
+
+const log = createLogger('config');
+
+// Load environment variables
+config();
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+export const ROOT_DIR = path.dirname(__dirname);
+
+// Server
+export const PORT = process.env.PORT || 3456;
+
+// Gateway
+export const GATEWAY_URL = process.env.GATEWAY_URL || 'http://127.0.0.1:18789';
+export const GATEWAY_TOKEN = process.env.GATEWAY_TOKEN;
+
+// TTS
+export const ELEVENLABS_API_KEY = process.env.ELEVENLABS_API_KEY;
+export const ELEVENLABS_VOICE_ID = process.env.ELEVENLABS_VOICE_ID || 'OPnx2r3vaTlo7wQIPhcM';
+export const TTS_VOICE_NAME = process.env.TTS_VOICE_NAME || 'Assistant';
+
+// Session
+export const SESSION_USER = process.env.SESSION_USER || 'uplink-user';
+export const ASSISTANT_NAME = process.env.ASSISTANT_NAME || 'Assistant';
+
+// Whisper
+export const OPENAI_API_KEY = process.env.OPENAI_API_KEY;
+export const TRANSCRIBE_SCRIPT = process.env.TRANSCRIBE_SCRIPT || '/usr/local/bin/transcribe.sh';
+
+// Wake word
+export const WAKE_WORD = (process.env.WAKE_WORD || 'uplink').toLowerCase();
+
+// Webhooks
+export const WEBHOOK_TOKEN = process.env.WEBHOOK_TOKEN;
+
+// OpenClaw Channel Integration
+export const OPENCLAW_CALLBACK_SECRET = process.env.OPENCLAW_CALLBACK_SECRET || '';
+export const OPENCLAW_WEBHOOK_URL = process.env.OPENCLAW_WEBHOOK_URL || ''; // e.g., http://localhost:18789/uplink-webhook
+export const USE_CHANNEL_WEBHOOK = process.env.USE_CHANNEL_WEBHOOK === 'true'; // Enable to route through channel plugin
+
+// CORS
+export const ALLOWED_ORIGINS = process.env.ALLOWED_ORIGINS
+  ? process.env.ALLOWED_ORIGINS.split(',').map(o => o.trim())
+  : ['http://localhost:3456'];
+
+// Security: Allowed file types (magic bytes)
+export const ALLOWED_IMAGE_TYPES = ['image/jpeg', 'image/png', 'image/webp', 'image/gif'];
+export const ALLOWED_AUDIO_TYPES = ['audio/webm', 'audio/mp4', 'audio/mpeg', 'audio/ogg', 'audio/wav', 'video/webm'];
+export const ALLOWED_VIDEO_TYPES = ['video/webm', 'video/mp4', 'video/quicktime', 'video/x-matroska'];
+
+// Reliability
+export const MAX_CONCURRENT_REQUESTS = 3;
+export const REQUEST_TIMEOUT = 300000; // 5 minutes (for longer responses with thinking)
+export const CHANNEL_FETCH_TIMEOUT_MS = 300000; // 5 minutes for initial fetch
+export const STREAM_READ_TIMEOUT_MS = 300000; // 5 minutes between stream chunks (allows for tool use)
+export const RPC_CALL_TIMEOUT_MS = 10000; // 10 seconds for gateway RPC calls
+export const SSE_KEEPALIVE_INTERVAL_MS = 5000; // 5 seconds between SSE keepalive comments
+export const GATEWAY_RESTART_DELAY_MS = 2000; // 2 seconds delay before gateway restart
+export const FILE_EXTRACTION_TIMEOUT_MS = 30000; // 30 seconds for file text extraction
+export const MAX_FILE_EXTRACT_SIZE = 500 * 1024; // 500KB max extracted text
+export const IMAGE_COMPRESSION_THRESHOLD = 500000; // 500KB threshold for image compression
+export const GATEWAY_VALIDATION_TIMEOUT_MS = 5000; // 5 seconds for gateway validation
+export const FILE_CLEANUP_DELAY_MS = 15000; // 15 seconds before cleaning up uploaded files
+export const GATEWAY_HEALTH_CHECK_TIMEOUT_MS = 10000; // 10 seconds for gateway health checks
+export const MIN_RECONNECT_INTERVAL_MS = 1000; // Minimum reconnect interval (1 second)
+
+// WebSocket Configuration
+export const WEBSOCKET = {
+  heartbeatIntervalMs: 30 * 1000,      // 30 seconds (relaxed for mobile/cellular)
+  maxMissedPongs: 4,                   // Close connection after 4 missed pongs (2 min timeout)
+  syncDeltaThrottleMs: 150,            // Throttle sync deltas to 150ms
+  messageRateLimitWindow: 60 * 1000,   // 1 minute rate limit window
+  maxMessagesPerWindow: 30,            // Max 30 messages per minute per client
+  maxRateLimitEntries: 500,            // Max rate limit entries to prevent unbounded growth
+  maxStreamingRequests: 100,           // Max active streaming requests
+  maxRecentBroadcasts: 500,            // Max broadcast dedup cache size
+  dedupWindowMs: 5000,                 // 5 second dedup window for broadcasts
+  connectionLimits: {
+    maxPerIp: 10,                      // Max connections per IP
+    maxTotal: 100,                     // Max total connections
+  },
+  maxMessageSize: 1024 * 1024,         // 1MB message size limit
+  broadcastCircuitBreaker: {
+    threshold: 10,                     // Open circuit after 10 failures
+    resetTimeMs: 30000,                // Reset after 30 seconds
+  },
+  syncBroadcastRateLimit: {
+    maxPerSecond: 10,                  // Max 10 sync broadcasts per second
+  },
+};
+
+// Directories
+export const AUDIO_DIR = path.join(ROOT_DIR, 'public', 'audio');
+export const UPLOADS_DIR = path.join(ROOT_DIR, 'uploads');
+export const SHARES_DIR = path.join(ROOT_DIR, 'shared-conversations');
+export const SYNC_DIR = path.join(ROOT_DIR, 'sync-data');
+export const ACTIVITY_FILE = path.join(ROOT_DIR, 'activity.json');
+export const MESSAGES_FILE = path.join(ROOT_DIR, 'messages-sync.json');
+
+// Agent media configuration
+// Allowed directories for agent-generated media (security whitelist)
+const homeDir = process.env.HOME || process.env.USERPROFILE || process.cwd();
+export const AGENT_MEDIA_DIRS = [
+  // OpenClaw media directory (screenshots, TTS, generated files)
+  process.env.OPENCLAW_MEDIA_DIR || path.join(homeDir, '.openclaw', 'media'),
+  // Workspace artifacts directory
+  path.join(ROOT_DIR, 'artifacts'),
+  // Uploads directory (for compatibility)
+  UPLOADS_DIR,
+];
+
+// Allowed file extensions for agent media (security whitelist)
+export const AGENT_MEDIA_ALLOWED_EXTENSIONS = [
+  '.jpg', '.jpeg', '.png', '.gif', '.webp', '.svg',  // Images
+  '.pdf',  // Documents
+  '.mp3', '.wav', '.ogg', '.m4a',  // Audio
+];
+
+// Maximum agent media file size (10MB)
+export const AGENT_MEDIA_MAX_SIZE = 10 * 1024 * 1024;
+
+// Cleanup
+export const AUDIO_MAX_AGE_MS = 60 * 60 * 1000; // 1 hour
+export const UPLOADS_MAX_AGE_MS = 24 * 60 * 60 * 1000; // 24 hours
+
+// Limits
+export const MAX_ACTIVITY_ITEMS = 100;
+export const MAX_SYNC_MESSAGES = 50;
+
+// Input length validation limits (security)
+export const MAX_INPUT_LENGTHS = {
+  MESSAGE: 50000,      // Chat messages, webhook messages
+  CAPTION: 500,        // Image/video captions
+  SATELLITE_ID: 100,   // Satellite identifier
+  ACTION: 100,         // Trigger action names
+  TITLE: 200,          // Notification titles
+  BODY: 5000,          // Notification bodies
+  TYPE: 32,            // Activity type
+  SUMMARY: 500,        // Activity summary
+  DETAILS: 5000,       // Activity details
+  SOURCE: 50,          // Webhook source name
+  METADATA_KEY: 100,   // Metadata object keys
+};
+
+// Warnings
+if (!GATEWAY_TOKEN) {
+  log.error('⚠️  GATEWAY_TOKEN not set. Create a .env file with your gateway token.');
+}
+if (!process.env.TRANSCRIBE_SCRIPT) {
+  log.warn('⚠️  TRANSCRIBE_SCRIPT not set. Using default:', TRANSCRIBE_SCRIPT);
+}

package/server/context.js

@@ -0,0 +1,131 @@
+/**
+ * Context Module - Standardized request context for route handlers
+ * 
+ * Provides a clean, consistent API for route modules to access shared
+ * functionality without tight coupling to implementation details.
+ */
+
+import { log, fetchWithTimeout } from './utils.js';
+
+/**
+ * Create a standardized request context object for route handlers
+ * 
+ * This replaces the ad-hoc baseDeps pattern with a clean interface that
+ * explicitly documents what's available to route handlers.
+ * 
+ * @param {Object} options - Context dependencies
+ * @param {Object} options.config - Configuration constants
+ * @param {Function} options.log - Logging utility
+ * @param {Function} options.fetchWithTimeout - HTTP fetch with timeout
+ * @param {Function} options.transcribe - Speech-to-text
+ * @param {Function} options.chat - Chat function
+ * @param {Function} options.chatWithParallelTTS - Chat with parallel TTS
+ * @param {Function} options.generateTTS - Text-to-speech generation
+ * @param {Function} options.sendMessage - Unified message sending
+ * @param {Function} options.saveMessageToSync - Save message to sync file
+ * @param {Function} options.broadcastOpenClawPush - Broadcast OpenClaw push messages
+ * @param {Function} options.broadcastToAll - Broadcast to all WebSocket clients
+ * @param {Map} options.wsClients - WebSocket clients map
+ * @param {Function} options.verifyWebhookToken - Webhook auth middleware
+ * @param {Function} options.strictLimiter - Rate limiting middleware
+ * @param {Function} options.isPrivateIP - SSRF prevention
+ * @param {Function} options.loadConfig - Load runtime config
+ * @param {Function} options.getClientConfig - Get client-safe config
+ * @param {Function} options.saveConfig - Save runtime config
+ * @param {Function} options.needsOnboarding - Check if onboarding needed
+ * @param {Object} options.audioUpload - Multer audio upload handler
+ * @param {Object} options.imageUpload - Multer image upload handler
+ * @param {Object} options.videoUpload - Multer video upload handler
+ * @param {Object} options.fileUpload - Multer file upload handler
+ * @param {string} options.uploadsDir - Uploads directory path
+ * @param {string} options.tempDir - Temp directory path
+ * @param {Object} options.requestHelpers - Request tracking helpers
+ * @returns {Object} Standardized context object
+ */
+export function createRequestContext({
+  config,
+  log: logger,
+  fetchWithTimeout: fetch,
+  transcribe,
+  chat,
+  chatWithParallelTTS,
+  generateTTS,
+  sendMessage,
+  saveMessageToSync,
+  broadcastOpenClawPush,
+  broadcastToAll,
+  wsClients,
+  verifyWebhookToken,
+  strictLimiter,
+  isPrivateIP,
+  loadConfig,
+  getClientConfig,
+  saveConfig,
+  needsOnboarding,
+  audioUpload,
+  imageUpload,
+  videoUpload,
+  fileUpload,
+  uploadsDir,
+  tempDir,
+  requestHelpers,
+}) {
+  return {
+    // Configuration
+    config,
+    
+    // Core utilities
+    log: logger || log,
+    fetch: fetch || fetchWithTimeout,
+    
+    // Chat functions
+    transcribe,
+    chat,
+    chatWithParallelTTS,
+    generateTTS,
+    sendMessage,
+    saveMessageToSync,
+    
+    // WebSocket broadcasting
+    broadcastOpenClawPush,
+    broadcastToAll,
+    wsClients,
+    
+    // Middleware
+    verifyWebhookToken,
+    strictLimiter,
+    isPrivateIP,
+    
+    // Config management
+    loadConfig,
+    getClientConfig,
+    saveConfig,
+    needsOnboarding,
+    
+    // File uploads
+    audioUpload,
+    imageUpload,
+    videoUpload,
+    fileUpload,
+    
+    // Directories
+    uploadsDir,
+    tempDir,
+    
+    // Request tracking
+    requestHelpers,
+    
+    // Backwards compatibility aliases (can be removed in future cleanup)
+    // These ensure existing route code doesn't break during migration
+    // Remove these once all routes are updated to use the context object directly
+  };
+}
+
+/**
+ * Extract request helpers from context for backwards compatibility
+ * @param {Object} context - Request context
+ * @returns {Object} Request helpers
+ */
+export function getRequestHelpers(context) {
+  return context.requestHelpers;
+}

package/server/gateway-commands.js

@@ -0,0 +1,211 @@
+/**
+ * Gateway Commands - Route slash commands through the gateway WebSocket RPC
+ * 
+ * The /v1/chat/completions HTTP endpoint doesn't process slash commands.
+ * Commands like /compact need the gateway's reply pipeline which only
+ * runs through WebSocket RPC (chat.send).
+ * 
+ * Protocol: JSON-RPC over WebSocket
+ * 1. Connect to ws://localhost:18789/ws
+ * 2. Send connect request with auth token
+ * 3. Send chat.send with message and sessionKey
+ * 4. Collect response events until lifecycle.end
+ */
+
+import WebSocket from 'ws';
+import { randomUUID } from 'crypto';
+import { log } from './utils.js';
+import { loadConfig } from './runtime-config.js';
+
+const STATIC_GATEWAY_WS_URL = process.env.GATEWAY_WS_URL || 'ws://localhost:18789/ws';
+const STATIC_GATEWAY_TOKEN = process.env.GATEWAY_TOKEN || '';
+
+/**
+ * Get gateway WS URL and token dynamically (includes auto-discovered values)
+ */
+async function getGatewayWsConfig() {
+  try {
+    const config = await loadConfig();
+    const gatewayUrl = config.gatewayUrl || 'http://127.0.0.1:18789';
+    // Convert HTTP URL to WS URL
+    const wsUrl = gatewayUrl.replace(/^http:/, 'ws:').replace(/^https:/, 'wss:') + '/ws';
+    return {
+      wsUrl: process.env.GATEWAY_WS_URL || wsUrl,
+      token: config.gatewayToken || STATIC_GATEWAY_TOKEN,
+    };
+  } catch {
+    return { wsUrl: STATIC_GATEWAY_WS_URL, token: STATIC_GATEWAY_TOKEN };
+  }
+}
+
+// Gateway slash commands that should be routed via RPC
+const GATEWAY_COMMANDS = new Set([
+  'help', 'commands', 'skill', 'status', 'allowlist', 'approve',
+  'context', 'tts', 'whoami', 'subagents', 'config', 'debug',
+  'usage', 'stop', 'restart', 'activation', 'send', 'reset',
+  'new', 'compact', 'think', 'verbose', 'reasoning', 'elevated',
+  'exec', 'model', 'models', 'queue', 'bash',
+]);
+
+/**
+ * Check if a message is a gateway slash command
+ */
+export function isGatewayCommand(message) {
+  if (!message || !message.startsWith('/')) return false;
+  const cmd = message.slice(1).split(/\s/)[0].toLowerCase();
+  return GATEWAY_COMMANDS.has(cmd);
+}
+
+/**
+ * Send a JSON-RPC request over a WebSocket
+ */
+function sendRequest(ws, method, params) {
+  const id = randomUUID();
+  const frame = { type: 'req', id, method, params };
+  ws.send(JSON.stringify(frame));
+  return id;
+}
+
+/**
+ * Send a gateway command via WebSocket RPC (chat.send)
+ * 
+ * @param {string} command - The slash command (e.g. "/compact")
+ * @param {string} sessionKey - Session key
+ * @param {number} timeoutMs - Timeout (default 60s)
+ * @returns {Promise<{response: string}>}
+ */
+export async function sendGatewayCommand(command, sessionKey, timeoutMs = 60000) {
+  const gw = await getGatewayWsConfig();
+  
+  return new Promise((resolve, reject) => {
+    let ws;
+    let response = '';
+    let settled = false;
+    let connectId = null;
+    let chatId = null;
+    let timer;
+
+    const finish = (result) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      try { ws?.close(); } catch (e) {}
+      resolve(result);
+    };
+
+    const fail = (err) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      try { ws?.close(); } catch (e) {}
+      reject(err);
+    };
+
+    timer = setTimeout(() => {
+      finish({ response: response || 'Command sent (timeout).' });
+    }, timeoutMs);
+
+    try {
+      ws = new WebSocket(gw.wsUrl);
+
+      ws.on('open', () => {
+        log('debug', `[GatewayCmd] Connected to ${gw.wsUrl}, sending connect...`);
+        // Step 1: Send connect with auth
+        // Client ID must be a valid GATEWAY_CLIENT_ID constant
+        connectId = sendRequest(ws, 'connect', {
+          minProtocol: 3,
+          maxProtocol: 3,
+          client: {
+            id: 'gateway-client',
+            displayName: 'Uplink',
+            version: '1.0.0',
+            platform: process.platform,
+            mode: 'backend',
+          },
+          caps: [],
+          auth: gw.token ? { token: gw.token } : undefined,
+          role: 'operator',
+          scopes: ['operator.admin'],
+        });
+      });
+
+      ws.on('message', (raw) => {
+        try {
+          const msg = JSON.parse(raw.toString());
+
+          // Handle RPC responses
+          if (msg.type === 'res') {
+            if (msg.id === connectId) {
+              if (msg.ok) {
+                log('debug', '[GatewayCmd] Connected OK, sending chat.send...');
+                // Step 2: Send the command via chat.send
+                chatId = sendRequest(ws, 'chat.send', {
+                  sessionKey,
+                  message: command,
+                  idempotencyKey: `uplink-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+                });
+              } else {
+                fail(new Error(`Gateway connect failed: ${msg.error?.message || 'unknown'}`));
+              }
+            } else if (msg.id === chatId) {
+              // chat.send response — the command has been processed
+              log('debug', `[GatewayCmd] chat.send response: ok=${msg.ok}`);
+              if (!msg.ok) {
+                finish({ response: `Error: ${msg.error?.message || 'Command failed'}` });
+              }
+              // Don't finish yet — wait for the agent events with the actual response
+              // But set a shorter timeout since the command was accepted
+              clearTimeout(timer);
+              timer = setTimeout(() => {
+                finish({ response: response || 'Command executed.' });
+              }, 10000);
+            }
+          }
+
+          // Handle events pushed by the gateway
+          if (msg.type === 'event') {
+            const event = msg.event;
+            const payload = msg.payload;
+
+            // Chat events contain the response
+            if (event === 'chat') {
+              const state = payload?.state;
+              
+              // Delta events — accumulate text
+              if (state === 'delta') {
+                const text = payload?.message?.content?.[0]?.text || payload?.delta || '';
+                if (text) response += text;
+              }
+
+              // Final event — complete response
+              if (state === 'final') {
+                const content = payload?.message?.content;
+                if (Array.isArray(content)) {
+                  const text = content
+                    .filter(c => c.type === 'text')
+                    .map(c => c.text)
+                    .join('\n');
+                  if (text) response = text;
+                }
+                finish({ response: response || 'Command executed.' });
+              }
+            }
+          }
+        } catch (e) {
+          // Non-JSON, skip
+        }
+      });
+
+      ws.on('error', (err) => {
+        fail(new Error(`Gateway WebSocket error: ${err.message}`));
+      });
+
+      ws.on('close', () => {
+        finish({ response: response || 'Command executed.' });
+      });
+
+    } catch (err) {
+      fail(err);
+    }
+  });
+}