@mooncompany/uplink-chat 0.5.0

package/server/routes/config-settings.js

@@ -0,0 +1,345 @@
+/**
+ * Config & Settings Routes
+ * ========================
+ * Express routes for the Uplink Configuration System.
+ * 
+ * Endpoints:
+ *   GET    /api/config                      — Non-sensitive config
+ *   POST   /api/config/test-gateway         — Test OpenClaw gateway connection
+ *   POST   /api/config/test-voice           — Test TTS with current settings
+ *   POST   /api/onboarding/step/:stepNumber — Save onboarding step progress
+ *   POST   /api/onboarding/complete         — Finalize onboarding
+ *   PUT    /api/settings/connections         — Update gateway/connection settings
+ *   PUT    /api/settings/voice              — Update TTS/voice settings
+ *   PUT    /api/settings/security           — Update password/security settings
+ *   POST   /api/settings/export             — Download encrypted config backup
+ *   POST   /api/settings/import             — Restore config from uploaded backup
+ */
+
+import { Router } from 'express';
+import http from 'http';
+import https from 'https';
+import { GATEWAY_HEALTH_CHECK_TIMEOUT_MS, MIN_RECONNECT_INTERVAL_MS } from '../config.js';
+import configStore from '../config-store.js';
+import { createLogger } from '../logger.js';
+
+const log = createLogger('config-routes');
+
+const router = Router();
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+function asyncHandler(fn) {
+  return (req, res, next) => Promise.resolve(fn(req, res, next)).catch(next);
+}
+
+function ok(res, data = {}, status = 200) {
+  return res.status(status).json({ success: true, ...data });
+}
+
+function fail(res, message, status = 400) {
+  return res.status(status).json({ success: false, error: message });
+}
+
+// ---------------------------------------------------------------------------
+// 1. GET /api/config
+// ---------------------------------------------------------------------------
+router.get('/api/config', asyncHandler(async (_req, res) => {
+  return ok(res, { config: configStore.getSafe() });
+}));
+
+// ---------------------------------------------------------------------------
+// 2. POST /api/config/test-gateway
+// ---------------------------------------------------------------------------
+router.post('/api/config/test-gateway', asyncHandler(async (req, res) => {
+  const { gatewayUrl, gatewayToken } = req.body || {};
+  const raw = configStore.getRaw();
+  const url = gatewayUrl || raw.connections.gatewayUrl;
+  const token = gatewayToken || raw.connections.gatewayToken;
+
+  if (!url) {
+    return fail(res, 'No gateway URL configured or provided.');
+  }
+
+  try {
+    const result = await testGateway(url, token);
+    return ok(res, result);
+  } catch (err) {
+    return ok(res, { reachable: false, latencyMs: null, error: err.message });
+  }
+}));
+
+function testGateway(gatewayUrl, token) {
+  return new Promise((resolve, reject) => {
+    let parsed;
+    try {
+      parsed = new URL(gatewayUrl);
+    } catch {
+      return reject(new Error('Invalid gateway URL'));
+    }
+
+    parsed.pathname = parsed.pathname.replace(/\/$/, '') + '/status';
+    const transport = parsed.protocol === 'https:' ? https : http;
+    const headers = {};
+    if (token) headers['Authorization'] = `Bearer ${token}`;
+
+    const start = Date.now();
+    const request = transport.get(parsed.toString(), { headers, timeout: GATEWAY_HEALTH_CHECK_TIMEOUT_MS }, (response) => {
+      const latencyMs = Date.now() - start;
+      let body = '';
+      response.on('data', (chunk) => { body += chunk; });
+      response.on('end', () => {
+        const reachable = response.statusCode >= 200 && response.statusCode < 400;
+        let version = null;
+        try {
+          const json = JSON.parse(body);
+          version = json.version || json.serverVersion || null;
+        } catch { /* not JSON */ }
+        resolve({ reachable, latencyMs, version });
+      });
+    });
+
+    request.on('error', (err) => reject(err));
+    request.on('timeout', () => {
+      request.destroy();
+      reject(new Error('Gateway connection timed out'));
+    });
+  });
+}
+
+// ---------------------------------------------------------------------------
+// 3. POST /api/config/test-voice
+// ---------------------------------------------------------------------------
+router.post('/api/config/test-voice', asyncHandler(async (req, res) => {
+  const { text } = req.body || {};
+  const sampleText = text || 'Hello! This is a test of the voice configuration.';
+  const raw = configStore.getRaw();
+
+  if (!raw.voice.enabled) {
+    return fail(res, 'Voice/TTS is not enabled in the current configuration.');
+  }
+
+  // TODO: Wire to actual TTS provider when integrated
+  return ok(res, {
+    played: true,
+    provider: raw.voice.ttsProvider,
+    voice: raw.voice.ttsVoice,
+    textUsed: sampleText,
+    durationMs: Math.ceil(sampleText.length * 60),
+  });
+}));
+
+// ---------------------------------------------------------------------------
+// 4. POST /api/onboarding/step/:stepNumber
+// ---------------------------------------------------------------------------
+router.post('/api/onboarding/step/:stepNumber', asyncHandler(async (req, res) => {
+  const stepNumber = parseInt(req.params.stepNumber, 10);
+
+  if (isNaN(stepNumber) || stepNumber < 1) {
+    return fail(res, 'Invalid step number. Must be a positive integer.');
+  }
+
+  const data = req.body;
+  if (!data || Object.keys(data).length === 0) {
+    return fail(res, 'Step data is required in the request body.');
+  }
+
+  configStore.saveOnboardingStep(stepNumber, data);
+  await configStore.save();
+
+  return ok(res, {
+    step: stepNumber,
+    currentStep: configStore.getSafe().onboarding.currentStep,
+  });
+}));
+
+// ---------------------------------------------------------------------------
+// 5. POST /api/onboarding/complete
+// ---------------------------------------------------------------------------
+router.post('/api/onboarding/complete', asyncHandler(async (req, res) => {
+  const { password } = req.body || {};
+
+  if (!password || typeof password !== 'string' || password.length < 8) {
+    return fail(res, 'A password of at least 8 characters is required.');
+  }
+
+  const current = configStore.getSafe();
+  if (current.onboarding.completed) {
+    return fail(res, 'Onboarding has already been completed.', 409);
+  }
+
+  configStore.setPassword(password);
+  configStore.completeOnboarding();
+  await configStore.save();
+
+  return ok(res, {
+    onboarding: configStore.getSafe().onboarding,
+    message: 'Onboarding complete. Configuration encrypted and saved.',
+  }, 201);
+}));
+
+// ---------------------------------------------------------------------------
+// 6. PUT /api/settings/connections
+// ---------------------------------------------------------------------------
+router.put('/api/settings/connections', asyncHandler(async (req, res) => {
+  const allowed = ['gatewayUrl', 'gatewayToken', 'autoReconnect', 'reconnectIntervalMs'];
+  const updates = {};
+  let hasUpdate = false;
+
+  for (const key of allowed) {
+    if (req.body[key] !== undefined) {
+      updates[key] = req.body[key];
+      hasUpdate = true;
+    }
+  }
+
+  if (!hasUpdate) {
+    return fail(res, `No valid fields provided. Allowed: ${allowed.join(', ')}`);
+  }
+
+  if (updates.gatewayUrl !== undefined && typeof updates.gatewayUrl !== 'string') {
+    return fail(res, 'gatewayUrl must be a string.');
+  }
+  if (updates.reconnectIntervalMs !== undefined) {
+    const ms = Number(updates.reconnectIntervalMs);
+    if (isNaN(ms) || ms < MIN_RECONNECT_INTERVAL_MS) return fail(res, `reconnectIntervalMs must be >= ${MIN_RECONNECT_INTERVAL_MS}.`);
+    updates.reconnectIntervalMs = ms;
+  }
+
+  const updated = configStore.updateSection('connections', updates);
+  await configStore.save();
+  return ok(res, { connections: updated.connections });
+}));
+
+// ---------------------------------------------------------------------------
+// 7. PUT /api/settings/voice
+// ---------------------------------------------------------------------------
+router.put('/api/settings/voice', asyncHandler(async (req, res) => {
+  const allowed = ['enabled', 'ttsProvider', 'ttsVoice', 'volume', 'speed'];
+  const updates = {};
+  let hasUpdate = false;
+
+  for (const key of allowed) {
+    if (req.body[key] !== undefined) {
+      updates[key] = req.body[key];
+      hasUpdate = true;
+    }
+  }
+
+  if (!hasUpdate) {
+    return fail(res, `No valid fields provided. Allowed: ${allowed.join(', ')}`);
+  }
+
+  if (updates.volume !== undefined) {
+    const v = Number(updates.volume);
+    if (isNaN(v) || v < 0 || v > 1) return fail(res, 'volume must be 0-1.');
+    updates.volume = v;
+  }
+  if (updates.speed !== undefined) {
+    const s = Number(updates.speed);
+    if (isNaN(s) || s < 0.25 || s > 4) return fail(res, 'speed must be 0.25-4.');
+    updates.speed = s;
+  }
+
+  const updated = configStore.updateSection('voice', updates);
+  await configStore.save();
+  return ok(res, { voice: updated.voice });
+}));
+
+// ---------------------------------------------------------------------------
+// 8. PUT /api/settings/security
+// ---------------------------------------------------------------------------
+router.put('/api/settings/security', asyncHandler(async (req, res) => {
+  const { currentPassword, newPassword, lockTimeoutMin, requirePasswordOnStart } = req.body || {};
+
+  if (newPassword !== undefined) {
+    if (!currentPassword) {
+      return fail(res, 'currentPassword is required when setting a new password.', 401);
+    }
+    if (!configStore.verifyPassword(currentPassword)) {
+      return fail(res, 'Current password is incorrect.', 401);
+    }
+    if (typeof newPassword !== 'string' || newPassword.length < 8) {
+      return fail(res, 'newPassword must be at least 8 characters.');
+    }
+    configStore.setPassword(newPassword);
+  }
+
+  const sectionUpdates = {};
+  if (lockTimeoutMin !== undefined) {
+    const t = Number(lockTimeoutMin);
+    if (isNaN(t) || t < 1) return fail(res, 'lockTimeoutMin must be positive.');
+    sectionUpdates.lockTimeoutMin = t;
+  }
+  if (requirePasswordOnStart !== undefined) {
+    sectionUpdates.requirePasswordOnStart = Boolean(requirePasswordOnStart);
+  }
+
+  if (Object.keys(sectionUpdates).length) {
+    configStore.updateSection('security', sectionUpdates);
+  }
+
+  await configStore.save();
+  return ok(res, { security: configStore.getSafe().security });
+}));
+
+// ---------------------------------------------------------------------------
+// 9. POST /api/settings/export
+// ---------------------------------------------------------------------------
+router.post('/api/settings/export', asyncHandler(async (req, res) => {
+  const { password } = req.body || {};
+
+  if (!password) return fail(res, 'Password is required.', 401);
+  if (!configStore.verifyPassword(password)) return fail(res, 'Incorrect password.', 401);
+
+  const envelope = configStore.exportEncrypted(password);
+  const payload = JSON.stringify(envelope, null, 2);
+
+  res.setHeader('Content-Type', 'application/json');
+  res.setHeader('Content-Disposition', 'attachment; filename="uplink-config-backup.json"');
+  return res.status(200).send(payload);
+}));
+
+// ---------------------------------------------------------------------------
+// 10. POST /api/settings/import
+// ---------------------------------------------------------------------------
+router.post('/api/settings/import', asyncHandler(async (req, res) => {
+  const { password, backup } = req.body || {};
+
+  if (!password) return fail(res, 'Password is required.', 401);
+  if (!backup || typeof backup !== 'object') {
+    return fail(res, 'A "backup" object is required in the request body.');
+  }
+
+  const required = ['salt', 'iv', 'tag', 'ciphertext'];
+  const missing = required.filter((f) => !backup[f]);
+  if (missing.length) {
+    return fail(res, `Invalid backup. Missing: ${missing.join(', ')}`);
+  }
+
+  try {
+    const restored = configStore.importEncrypted(backup, password);
+    await configStore.save();
+    return ok(res, { message: 'Configuration restored.', config: restored });
+  } catch (err) {
+    const msg = err.message.includes('unable to authenticate')
+      ? 'Decryption failed. Wrong password or corrupted backup.'
+      : `Import failed: ${err.message}`;
+    return fail(res, msg, 401);
+  }
+}));
+
+// ---------------------------------------------------------------------------
+// Error handler
+// ---------------------------------------------------------------------------
+router.use((err, _req, res, _next) => {
+  log.error(err);
+  return res.status(500).json({
+    success: false,
+    error: process.env.NODE_ENV === 'production' ? 'Internal server error' : err.message,
+  });
+});
+
+export default router;