@rubytech/taskmaster 1.12.0 → 1.12.1

package/dist/control-ui/index.html

@@ -6,7 +6,7 @@
     <title>Taskmaster Control</title>
     <meta name="color-scheme" content="dark light" />
     <link rel="icon" type="image/png" href="./favicon.png" />
-    <script type="module" crossorigin src="./assets/index-DpMaqt-b.js"></script>
+    <script type="module" crossorigin src="./assets/index-4h8fLLNN.js"></script>
     <link rel="stylesheet" crossorigin href="./assets/index-CpaEIgQy.css">
   </head>
   <body>

package/dist/gateway/control-ui.js

@@ -527,7 +527,9 @@ export function handlePublicChatHttpRequest(req, res, opts) {
     const avatarValue = resolvedAvatar && /^(https?:\/\/|data:image\/|\/)/i.test(resolvedAvatar)
         ? resolvedAvatar
         : undefined;
-    const authMode = config.publicChat.auth ?? "anonymous";
+    const authMode = (config.publicChat?.accountSettings?.[accountId]?.auth ??
+        config.publicChat?.auth ??
+        "anonymous");
     const cookieTtlDays = config.publicChat.cookieTtlDays ?? 30;
     const brandName = config.ui?.brand?.name;
     const brandIconUrl = resolveBrandIconUrl(config.ui?.brand?.icon, root);
@@ -570,7 +572,7 @@ export function handlePublicChatHttpRequest(req, res, opts) {
     // Inject public-chat globals before </head>
     const publicScript = `<script>` +
         `window.__TASKMASTER_PUBLIC_CHAT__=true;` +
-        `window.__TASKMASTER_PUBLIC_CHAT_CONFIG__=${JSON.stringify({ accountId, auth: authMode, cookieTtlDays, otpChannels, verifyMethods: normalizeVerifyMethods(config.publicChat?.verifyMethods ?? ["whatsapp", "sms"]), greeting: config.publicChat?.greetings?.[accountId] || undefined })};` +
+        `window.__TASKMASTER_PUBLIC_CHAT_CONFIG__=${JSON.stringify({ accountId, auth: authMode, cookieTtlDays, otpChannels, verifyMethods: normalizeVerifyMethods(config.publicChat?.accountSettings?.[accountId]?.verifyMethods ?? config.publicChat?.verifyMethods ?? ["whatsapp", "sms"]), greeting: config.publicChat?.greetings?.[accountId] || undefined })};` +
         `</script>`;
     const headClose = baseInjected.indexOf("</head>");
     const withPublic = headClose !== -1
@@ -584,24 +586,37 @@ export function handlePublicChatHttpRequest(req, res, opts) {
 /** Widget script content — self-contained JS for embedding. */
 const WIDGET_SCRIPT = `(function(){
   "use strict";
-  var cfg={server:"",accountId:"",color:"#1a1a2e",bgColor:"#1a1a2e"};
+  var cfg={server:"",accountId:"",color:"",bgColor:"#1a1a2e",btnColor:""};
   var isOpen=false;
   var btn,overlay,iframe;
+  var SVG_NS="http://www.w3.org/2000/svg";
+  function svgEl(tag,attrs){var e=document.createElementNS(SVG_NS,tag);for(var k in attrs)e.setAttribute(k,attrs[k]);return e;}
+  function makeChatIcon(){var s=svgEl("svg",{width:"22",height:"22",viewBox:"0 0 24 24",fill:"none",stroke:"currentColor","stroke-width":"2","stroke-linecap":"round","stroke-linejoin":"round"});s.appendChild(svgEl("path",{d:"M7.9 20A9 9 0 1 0 4 16.1L2 22Z"}));return s;}
+  function makeCloseIcon(){var s=svgEl("svg",{width:"20",height:"20",viewBox:"0 0 24 24",fill:"none",stroke:"currentColor","stroke-width":"2.5","stroke-linecap":"round","stroke-linejoin":"round"});s.appendChild(svgEl("line",{x1:"18",y1:"6",x2:"6",y2:"18"}));s.appendChild(svgEl("line",{x1:"6",y1:"6",x2:"18",y2:"18"}));return s;}
+  function setIcon(el,fn){while(el.firstChild)el.removeChild(el.firstChild);el.appendChild(fn());}
 
   function init(opts){
     if(opts&&opts.server) cfg.server=opts.server.replace(/\\/$/,"");
     if(opts&&opts.accountId) cfg.accountId=opts.accountId;
-    if(opts&&opts.color) cfg.color=opts.color;
+    if(opts&&opts.color) cfg.btnColor=opts.color;
     if(opts&&opts.bgColor) cfg.bgColor=opts.bgColor;
-    build();
+    if(!cfg.btnColor){
+      fetch(cfg.server+"/public/api/v1/"+encodeURIComponent(cfg.accountId)+"/capabilities")
+        .then(function(r){return r.json()})
+        .then(function(d){if(d.background_color) cfg.btnColor=d.background_color; else if(d.accent_color) cfg.btnColor=d.accent_color; build();})
+        .catch(function(){build();});
+    } else {
+      build();
+    }
   }
 
   function build(){
+    if(!cfg.btnColor) cfg.btnColor="#1a1a2e";
     var css=document.createElement("style");
     css.textContent=[
       ".tm-widget-btn{position:fixed;bottom:20px;right:20px;width:48px;height:48px;",
-      "border-radius:50%;background:"+cfg.color+";color:#fff;border:none;cursor:pointer;",
-      "box-shadow:0 2px 8px rgba(0,0,0,.3);z-index:999999;font-size:22px;",
+      "border-radius:50%;background:"+cfg.btnColor+";color:#fff;border:none;cursor:pointer;",
+      "box-shadow:0 2px 8px rgba(0,0,0,.3);z-index:999999;",
       "display:flex;align-items:center;justify-content:center;transition:transform .2s}",
       ".tm-widget-btn:hover{transform:scale(1.08)}",
       ".tm-widget-overlay{position:fixed;bottom:78px;right:20px;width:400px;height:600px;",
@@ -618,7 +633,7 @@ const WIDGET_SCRIPT = `(function(){
 
     btn=document.createElement("button");
     btn.className="tm-widget-btn";
-    btn.textContent="\\uD83D\\uDCAC";
+    setIcon(btn,makeChatIcon);
     btn.setAttribute("aria-label","Chat");
     btn.onclick=toggle;
     document.body.appendChild(btn);
@@ -635,7 +650,7 @@ const WIDGET_SCRIPT = `(function(){
   function toggle(){
     isOpen=!isOpen;
     overlay.classList.toggle("open",isOpen);
-    btn.textContent=isOpen?"\\u2715":"\\uD83D\\uDCAC";
+    setIcon(btn,isOpen?makeCloseIcon:makeChatIcon);
   }
 
   window.Taskmaster={init:init};

package/dist/gateway/public-chat/deliver-email.js

@@ -45,24 +45,24 @@ async function fetchVerifiedSender(apiKey) {
  * in order: explicit config value → cached sender → live Brevo API lookup.
  * Returns null if no API key is configured.
  */
-export async function resolveEmailCredentials() {
+export async function resolveEmailCredentials(fromName) {
     const cfg = loadConfig();
     const email = cfg.publicChat?.email;
     if (!email?.apiKey)
         return null;
     // Explicit from address in config — use it directly
     if (email.from)
-        return { apiKey: email.apiKey, from: email.from };
+        return { apiKey: email.apiKey, from: email.from, fromName };
     // Cached sender for this API key
     if (cachedSender && cachedSender.apiKey === email.apiKey) {
-        return { apiKey: email.apiKey, from: cachedSender.from };
+        return { apiKey: email.apiKey, from: cachedSender.from, fromName };
     }
     // Auto-detect from Brevo senders API
     const sender = await fetchVerifiedSender(email.apiKey);
     if (!sender)
         return null;
     cachedSender = { apiKey: email.apiKey, from: sender };
-    return { apiKey: email.apiKey, from: sender };
+    return { apiKey: email.apiKey, from: sender, fromName };
 }
 /**
  * Send an email via the Brevo transactional email API.
@@ -76,7 +76,7 @@ export async function sendEmail(to, subject, body, creds) {
             Accept: "application/json",
         },
         body: JSON.stringify({
-            sender: { email: creds.from },
+            sender: creds.fromName ? { email: creds.from, name: creds.fromName } : { email: creds.from },
             to: [{ email: to }],
             subject,
             textContent: body,

package/dist/gateway/public-chat/deliver-otp.js

@@ -55,12 +55,12 @@ export function detectOtpChannels(whatsappAccountId) {
  * Phone identifiers try WhatsApp then SMS, but only channels that
  * are enabled in `enabledMethods` are attempted.
  */
-export async function deliverOtp(identifier, code, accountId, enabledMethods) {
+export async function deliverOtp(identifier, code, accountId, enabledMethods, brandName) {
     const message = `Your verification code is: ${code}`;
     const methods = enabledMethods ?? ["whatsapp", "sms", "email"];
     // Email identifiers — deliver via Brevo email API
     if (isEmail(identifier)) {
-        const emailCreds = await resolveEmailCredentials();
+        const emailCreds = await resolveEmailCredentials(brandName);
         if (!emailCreds) {
             throw new Error("Email verification is not configured. Add a Brevo API key and verify a sender in the Brevo console.");
         }
@@ -80,7 +80,7 @@ export async function deliverOtp(identifier, code, accountId, enabledMethods) {
         }
     }
     if (trySms) {
-        const smsCreds = await resolveSmsCredentials();
+        const smsCreds = await resolveSmsCredentials(brandName);
         if (smsCreds) {
             await sendSms(identifier, message, smsCreds);
             return { channel: "sms" };

package/dist/gateway/public-chat/deliver-sms.js

@@ -72,11 +72,15 @@ export function hasSmsApiKey() {
  * brand identity. The name is truncated to 11 characters (GSM limit).
  * Returns null if no API key is configured.
  */
-export async function resolveSmsCredentials() {
+export async function resolveSmsCredentials(brandName) {
     const cfg = loadConfig();
     const apiKey = cfg.publicChat?.email?.apiKey;
     if (!apiKey)
         return null;
+    // Brand name override takes precedence — use it directly (truncated to GSM limit)
+    if (brandName) {
+        return { apiKey, sender: truncateSender(brandName) };
+    }
     if (cachedSenderName &&
         cachedSenderName.apiKey === apiKey &&
         cachedSenderName.name.length <= 11) {

package/dist/gateway/public-chat-api.js

@@ -98,14 +98,23 @@ function isValidEmail(email) {
 function normalizePhone(raw) {
     return raw.replace(/[\s\-()]/g, "");
 }
+/** Resolve the auth mode for a specific account, falling back to the global setting. */
+function resolveAccountAuthMode(cfg, accountId) {
+    return cfg.publicChat?.accountSettings?.[accountId]?.auth ?? cfg.publicChat?.auth ?? "anonymous";
+}
+/** Resolve the verify methods for a specific account, falling back to the global setting. */
+function resolveAccountVerifyMethods(cfg, accountId) {
+    return (cfg.publicChat?.accountSettings?.[accountId]?.verifyMethods ??
+        cfg.publicChat?.verifyMethods ?? ["whatsapp", "sms"]);
+}
 /** Check whether the auth mode allows anonymous sessions. */
-function allowsAnonymous(cfg) {
-    const mode = cfg.publicChat?.auth ?? "anonymous";
+function allowsAnonymous(cfg, accountId) {
+    const mode = resolveAccountAuthMode(cfg, accountId);
     return mode === "anonymous" || mode === "choice";
 }
 /** Check whether the auth mode allows OTP verification. */
-function allowsVerified(cfg) {
-    const mode = cfg.publicChat?.auth ?? "anonymous";
+function allowsVerified(cfg, accountId) {
+    const mode = resolveAccountAuthMode(cfg, accountId);
     return mode === "verified" || mode === "choice";
 }
 function writeSse(res, data) {
@@ -184,7 +193,7 @@ async function handleSession(req, res, accountId, cfg, maxBodyBytes) {
         sendMethodNotAllowed(res);
         return;
     }
-    if (!allowsAnonymous(cfg)) {
+    if (!allowsAnonymous(cfg, accountId)) {
         sendForbidden(res, "anonymous sessions are disabled — use OTP verification");
         return;
     }
@@ -214,7 +223,7 @@ async function handleOtpRequest(req, res, accountId, cfg, maxBodyBytes) {
         sendMethodNotAllowed(res);
         return;
     }
-    if (!allowsVerified(cfg)) {
+    if (!allowsVerified(cfg, accountId)) {
         sendForbidden(res, "OTP verification is disabled for this account");
         return;
     }
@@ -229,7 +238,7 @@ async function handleOtpRequest(req, res, accountId, cfg, maxBodyBytes) {
             ? payload.phone.trim()
             : "";
     const isEmailId = rawIdentifier.includes("@");
-    const verifyMethods = normalizeVerifyMethods(cfg.publicChat?.verifyMethods ?? ["whatsapp", "sms"]);
+    const verifyMethods = normalizeVerifyMethods(resolveAccountVerifyMethods(cfg, accountId));
     let identifier;
     if (isEmailId) {
         if (!verifyMethods.includes("email")) {
@@ -270,8 +279,9 @@ async function handleOtpRequest(req, res, accountId, cfg, maxBodyBytes) {
     const deliveryMethods = preferredChannel && verifyMethods.includes(preferredChannel)
         ? [preferredChannel]
         : verifyMethods;
+    const brandName = accountId || undefined;
     try {
-        const delivery = await deliverOtp(identifier, result.code, whatsappAccountId, deliveryMethods);
+        const delivery = await deliverOtp(identifier, result.code, whatsappAccountId, deliveryMethods, brandName);
         sendJson(res, 200, { ok: true, channel: delivery.channel });
     }
     catch (err) {
@@ -287,7 +297,7 @@ async function handleOtpVerify(req, res, accountId, cfg, maxBodyBytes) {
         sendMethodNotAllowed(res);
         return;
     }
-    if (!allowsVerified(cfg)) {
+    if (!allowsVerified(cfg, accountId)) {
         sendForbidden(res, "OTP verification is disabled for this account");
         return;
     }
@@ -755,14 +765,19 @@ async function handleCapabilities(req, res, accountId, cfg) {
         sendMethodNotAllowed(res, "GET");
         return;
     }
-    const authMode = cfg.publicChat?.auth ?? "anonymous";
-    const verifyMethods = normalizeVerifyMethods(cfg.publicChat?.verifyMethods ?? ["whatsapp", "sms"]);
+    const authMode = resolveAccountAuthMode(cfg, accountId);
+    const verifyMethods = normalizeVerifyMethods(resolveAccountVerifyMethods(cfg, accountId));
     const agentId = resolvePublicAgentId(cfg, accountId);
     const whatsappAccountId = resolveAgentBoundAccountId(cfg, agentId, "whatsapp") ?? undefined;
     const channels = detectOtpChannels(whatsappAccountId);
+    const wsBrand = cfg.workspaces?.[accountId]?.brand;
+    const accentColor = wsBrand?.accentColor ?? cfg.ui?.seamColor ?? null;
+    const backgroundColor = wsBrand?.backgroundColor ?? null;
     sendJson(res, 200, {
         auth: authMode,
         verify_methods: verifyMethods,
+        accent_color: accentColor,
+        background_color: backgroundColor,
         otp: {
             available: channels.length > 0,
             channels,

package/dist/gateway/server-methods/public-chat.js

@@ -47,7 +47,8 @@ export const publicChatHandlers = {
             return;
         }
         const isEmailId = rawIdentifier.includes("@");
-        const verifyMethods = normalizeVerifyMethods(cfg.publicChat?.verifyMethods ?? ["whatsapp", "sms"]);
+        const verifyMethods = normalizeVerifyMethods(cfg.publicChat?.accountSettings?.[accountId ?? ""]?.verifyMethods ??
+            cfg.publicChat?.verifyMethods ?? ["whatsapp", "sms"]);
         let identifier;
         if (isEmailId) {
             if (!verifyMethods.includes("email")) {
@@ -87,8 +88,9 @@ export const publicChatHandlers = {
         const deliveryMethods = preferredChannel && verifyMethods.includes(preferredChannel)
             ? [preferredChannel]
             : verifyMethods;
+        const brandName = accountId || undefined;
         try {
-            const delivery = await deliverOtp(identifier, result.code, whatsappAccountId, deliveryMethods);
+            const delivery = await deliverOtp(identifier, result.code, whatsappAccountId, deliveryMethods, brandName);
             respond(true, { ok: true, channel: delivery.channel });
         }
         catch (err) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/taskmaster",
-  "version": "1.12.0",
+  "version": "1.12.1",
   "description": "AI-powered business assistant for small businesses",
   "publishConfig": {
     "access": "public"