@siteboon/claude-code-ui 1.19.1 → 1.21.0

package/server/routes/agent.js

@@ -9,6 +9,7 @@ import { addProjectManually } from '../projects.js';
 import { queryClaudeSDK } from '../claude-sdk.js';
 import { spawnCursor } from '../cursor-cli.js';
 import { queryCodex } from '../openai-codex.js';
+import { spawnGemini } from '../gemini-cli.js';
 import { Octokit } from '@octokit/rest';
 import { CLAUDE_MODELS, CURSOR_MODELS, CODEX_MODELS } from '../../shared/modelConstants.js';
 import { IS_PLATFORM } from '../constants/config.js';
@@ -629,7 +630,7 @@ class ResponseCollector {
  *                          - Source for auto-generated branch names (if createBranch=true and no branchName)
  *                          - Fallback for PR title if no commits are made
  *
- * @param {string} provider - (Optional) AI provider to use. Options: 'claude' | 'cursor'
+ * @param {string} provider - (Optional) AI provider to use. Options: 'claude' | 'cursor' | 'codex' | 'gemini'
  *                           Default: 'claude'
  *
  * @param {boolean} stream - (Optional) Enable Server-Sent Events (SSE) streaming for real-time updates.
@@ -747,7 +748,7 @@ class ResponseCollector {
  * Input Validations (400 Bad Request):
  *   - Either githubUrl OR projectPath must be provided (not neither)
  *   - message must be non-empty string
- *   - provider must be 'claude' or 'cursor'
+ *   - provider must be 'claude', 'cursor', 'codex', or 'gemini'
  *   - createBranch/createPR requires githubUrl OR projectPath (not neither)
  *   - branchName must pass Git naming rules (if provided)
  *
@@ -855,8 +856,8 @@ router.post('/', validateExternalApiKey, async (req, res) => {
     return res.status(400).json({ error: 'message is required' });
   }
 
-  if (!['claude', 'cursor', 'codex'].includes(provider)) {
-    return res.status(400).json({ error: 'provider must be "claude", "cursor", or "codex"' });
+  if (!['claude', 'cursor', 'codex', 'gemini'].includes(provider)) {
+    return res.status(400).json({ error: 'provider must be "claude", "cursor", "codex", or "gemini"' });
   }
 
   // Validate GitHub branch/PR creation requirements
@@ -971,6 +972,16 @@ router.post('/', validateExternalApiKey, async (req, res) => {
         model: model || CODEX_MODELS.DEFAULT,
         permissionMode: 'bypassPermissions'
       }, writer);
+    } else if (provider === 'gemini') {
+      console.log('✨ Starting Gemini CLI session');
+
+      await spawnGemini(message.trim(), {
+        projectPath: finalProjectPath,
+        cwd: finalProjectPath,
+        sessionId: null,
+        model: model,
+        skipPermissions: true // CLI mode bypasses permissions
+      }, writer);
     }
 
     // Handle GitHub branch and PR creation after successful agent completion

package/server/routes/auth.js

@@ -53,11 +53,11 @@ router.post('/register', async (req, res) => {
       // Generate token
       const token = generateToken(user);
       
-      // Update last login
+      db.prepare('COMMIT').run();
+
+      // Update last login (non-fatal, outside transaction)
       userDb.updateLastLogin(user.id);
 
-      db.prepare('COMMIT').run();
-      
       res.json({
         success: true,
         user: { id: user.id, username: user.username },

package/server/routes/cli-auth.js

@@ -74,6 +74,46 @@ router.get('/codex/status', async (req, res) => {
   }
 });
 
+router.get('/gemini/status', async (req, res) => {
+  try {
+    const result = await checkGeminiCredentials();
+
+    res.json({
+      authenticated: result.authenticated,
+      email: result.email,
+      error: result.error
+    });
+
+  } catch (error) {
+    console.error('Error checking Gemini auth status:', error);
+    res.status(500).json({
+      authenticated: false,
+      email: null,
+      error: error.message
+    });
+  }
+});
+
+/**
+ * Checks Claude authentication credentials using two methods with priority order:
+ *
+ * Priority 1: ANTHROPIC_API_KEY environment variable
+ * Priority 2: ~/.claude/.credentials.json OAuth tokens
+ *
+ * The Claude Agent SDK prioritizes environment variables over authenticated subscriptions.
+ * This matching behavior ensures consistency with how the SDK authenticates.
+ *
+ * References:
+ * - https://support.claude.com/en/articles/12304248-managing-api-key-environment-variables-in-claude-code
+ *   "Claude Code prioritizes environment variable API keys over authenticated subscriptions"
+ * - https://platform.claude.com/docs/en/agent-sdk/overview
+ *   SDK authentication documentation
+ *
+ * @returns {Promise<Object>} Authentication status with { authenticated, email, method }
+ *   - authenticated: boolean indicating if valid credentials exist
+ *   - email: user email or auth method identifier
+ *   - method: 'api_key' for env var, 'credentials_file' for OAuth tokens
+ */
 async function checkClaudeCredentials() {
   try {
     const credPath = path.join(os.homedir(), '.claude', '.credentials.json');
@@ -260,4 +300,78 @@ async function checkCodexCredentials() {
   }
 }
 
+async function checkGeminiCredentials() {
+  if (process.env.GEMINI_API_KEY && process.env.GEMINI_API_KEY.trim()) {
+    return {
+      authenticated: true,
+      email: 'API Key Auth'
+    };
+  }
+
+  try {
+    const credsPath = path.join(os.homedir(), '.gemini', 'oauth_creds.json');
+    const content = await fs.readFile(credsPath, 'utf8');
+    const creds = JSON.parse(content);
+
+    if (creds.access_token) {
+      let email = 'OAuth Session';
+
+      try {
+        // Validate token against Google API
+        const tokenRes = await fetch(`https://oauth2.googleapis.com/tokeninfo?access_token=${creds.access_token}`);
+        if (tokenRes.ok) {
+          const tokenInfo = await tokenRes.json();
+          if (tokenInfo.email) {
+            email = tokenInfo.email;
+          }
+        } else if (!creds.refresh_token) {
+          // Token invalid and no refresh token available
+          return {
+            authenticated: false,
+            email: null,
+            error: 'Access token invalid and no refresh token found'
+          };
+        } else {
+          // Token might be expired but we have a refresh token, so CLI will refresh it
+          try {
+            const accPath = path.join(os.homedir(), '.gemini', 'google_accounts.json');
+            const accContent = await fs.readFile(accPath, 'utf8');
+            const accounts = JSON.parse(accContent);
+            if (accounts.active) {
+              email = accounts.active;
+            }
+          } catch (e) { }
+        }
+      } catch (e) {
+        // Network error, fallback to checking local accounts file
+        try {
+          const accPath = path.join(os.homedir(), '.gemini', 'google_accounts.json');
+          const accContent = await fs.readFile(accPath, 'utf8');
+          const accounts = JSON.parse(accContent);
+          if (accounts.active) {
+            email = accounts.active;
+          }
+        } catch (err) { }
+      }
+
+      return {
+        authenticated: true,
+        email: email
+      };
+    }
+
+    return {
+      authenticated: false,
+      email: null,
+      error: 'No valid tokens found in oauth_creds'
+    };
+  } catch (error) {
+    return {
+      authenticated: false,
+      email: null,
+      error: 'Gemini CLI not configured'
+    };
+  }
+}
+
 export default router;

package/server/routes/gemini.js

@@ -0,0 +1,46 @@
+import express from 'express';
+import sessionManager from '../sessionManager.js';
+
+const router = express.Router();
+
+router.get('/sessions/:sessionId/messages', async (req, res) => {
+    try {
+        const { sessionId } = req.params;
+
+        if (!sessionId || typeof sessionId !== 'string' || !/^[a-zA-Z0-9_.-]{1,100}$/.test(sessionId)) {
+            return res.status(400).json({ success: false, error: 'Invalid session ID format' });
+        }
+
+        const messages = sessionManager.getSessionMessages(sessionId);
+
+        res.json({
+            success: true,
+            messages: messages,
+            total: messages.length,
+            hasMore: false,
+            offset: 0,
+            limit: messages.length
+        });
+    } catch (error) {
+        console.error('Error fetching Gemini session messages:', error);
+        res.status(500).json({ success: false, error: error.message });
+    }
+});
+
+router.delete('/sessions/:sessionId', async (req, res) => {
+    try {
+        const { sessionId } = req.params;
+
+        if (!sessionId || typeof sessionId !== 'string' || !/^[a-zA-Z0-9_.-]{1,100}$/.test(sessionId)) {
+            return res.status(400).json({ success: false, error: 'Invalid session ID format' });
+        }
+
+        await sessionManager.deleteSession(sessionId);
+        res.json({ success: true });
+    } catch (error) {
+        console.error(`Error deleting Gemini session ${req.params.sessionId}:`, error);
+        res.status(500).json({ success: false, error: error.message });
+    }
+});
+
+export default router;

package/server/sessionManager.js

@@ -0,0 +1,226 @@
+import { promises as fs } from 'fs';
+import path from 'path';
+import os from 'os';
+
+class SessionManager {
+  constructor() {
+    // Store sessions in memory with conversation history
+    this.sessions = new Map();
+    this.maxSessions = 100;
+    this.sessionsDir = path.join(os.homedir(), '.gemini', 'sessions');
+    this.ready = this.init();
+  }
+
+  async init() {
+    await this.initSessionsDir();
+    await this.loadSessions();
+  }
+
+  async initSessionsDir() {
+    try {
+      await fs.mkdir(this.sessionsDir, { recursive: true });
+    } catch (error) {
+      // console.error('Error creating sessions directory:', error);
+    }
+  }
+
+  // Create a new session
+  createSession(sessionId, projectPath) {
+    const session = {
+      id: sessionId,
+      projectPath: projectPath,
+      messages: [],
+      createdAt: new Date(),
+      lastActivity: new Date()
+    };
+
+    // Evict oldest session from memory if we exceed limit
+    if (this.sessions.size >= this.maxSessions) {
+      const oldestKey = this.sessions.keys().next().value;
+      if (oldestKey) this.sessions.delete(oldestKey);
+    }
+
+    this.sessions.set(sessionId, session);
+    this.saveSession(sessionId);
+
+    return session;
+  }
+
+  // Add a message to session
+  addMessage(sessionId, role, content) {
+    let session = this.sessions.get(sessionId);
+
+    if (!session) {
+      // Create session if it doesn't exist
+      session = this.createSession(sessionId, '');
+    }
+
+    const message = {
+      role: role, // 'user' or 'assistant'
+      content: content,
+      timestamp: new Date()
+    };
+
+    session.messages.push(message);
+    session.lastActivity = new Date();
+
+    this.saveSession(sessionId);
+
+    return session;
+  }
+
+  // Get session by ID
+  getSession(sessionId) {
+    return this.sessions.get(sessionId);
+  }
+
+  // Get all sessions for a project
+  getProjectSessions(projectPath) {
+    const sessions = [];
+
+    for (const [id, session] of this.sessions) {
+      if (session.projectPath === projectPath) {
+        sessions.push({
+          id: session.id,
+          summary: this.getSessionSummary(session),
+          messageCount: session.messages.length,
+          lastActivity: session.lastActivity
+        });
+      }
+    }
+
+    return sessions.sort((a, b) =>
+      new Date(b.lastActivity) - new Date(a.lastActivity)
+    );
+  }
+
+  // Get session summary
+  getSessionSummary(session) {
+    if (session.messages.length === 0) {
+      return 'New Session';
+    }
+
+    // Find first user message
+    const firstUserMessage = session.messages.find(m => m.role === 'user');
+    if (firstUserMessage) {
+      const content = firstUserMessage.content;
+      return content.length > 50 ? content.substring(0, 50) + '...' : content;
+    }
+
+    return 'New Session';
+  }
+
+  // Build conversation context for Gemini
+  buildConversationContext(sessionId, maxMessages = 10) {
+    const session = this.sessions.get(sessionId);
+
+    if (!session || session.messages.length === 0) {
+      return '';
+    }
+
+    // Get last N messages for context
+    const recentMessages = session.messages.slice(-maxMessages);
+
+    let context = 'Here is the conversation history:\n\n';
+
+    for (const msg of recentMessages) {
+      if (msg.role === 'user') {
+        context += `User: ${msg.content}\n`;
+      } else {
+        context += `Assistant: ${msg.content}\n`;
+      }
+    }
+
+    context += '\nBased on the conversation history above, please answer the following:\n';
+
+    return context;
+  }
+
+  // Prevent path traversal
+  _safeFilePath(sessionId) {
+    const safeId = String(sessionId).replace(/[/\\]|\.\./g, '');
+    return path.join(this.sessionsDir, `${safeId}.json`);
+  }
+
+  // Save session to disk
+  async saveSession(sessionId) {
+    const session = this.sessions.get(sessionId);
+    if (!session) return;
+
+    try {
+      const filePath = this._safeFilePath(sessionId);
+      await fs.writeFile(filePath, JSON.stringify(session, null, 2));
+    } catch (error) {
+      // console.error('Error saving session:', error);
+    }
+  }
+
+  // Load sessions from disk
+  async loadSessions() {
+    try {
+      const files = await fs.readdir(this.sessionsDir);
+
+      for (const file of files) {
+        if (file.endsWith('.json')) {
+          try {
+            const filePath = path.join(this.sessionsDir, file);
+            const data = await fs.readFile(filePath, 'utf8');
+            const session = JSON.parse(data);
+
+            // Convert dates
+            session.createdAt = new Date(session.createdAt);
+            session.lastActivity = new Date(session.lastActivity);
+            session.messages.forEach(msg => {
+              msg.timestamp = new Date(msg.timestamp);
+            });
+
+            this.sessions.set(session.id, session);
+          } catch (error) {
+            // console.error(`Error loading session ${file}:`, error);
+          }
+        }
+      }
+
+      // Enforce eviction after loading to prevent massive memory usage
+      while (this.sessions.size > this.maxSessions) {
+        const oldestKey = this.sessions.keys().next().value;
+        if (oldestKey) this.sessions.delete(oldestKey);
+      }
+    } catch (error) {
+      // console.error('Error loading sessions:', error);
+    }
+  }
+
+  // Delete a session
+  async deleteSession(sessionId) {
+    this.sessions.delete(sessionId);
+
+    try {
+      const filePath = this._safeFilePath(sessionId);
+      await fs.unlink(filePath);
+    } catch (error) {
+      // console.error('Error deleting session file:', error);
+    }
+  }
+
+  // Get session messages for display
+  getSessionMessages(sessionId) {
+    const session = this.sessions.get(sessionId);
+    if (!session) return [];
+
+    return session.messages.map(msg => ({
+      type: 'message',
+      message: {
+        role: msg.role,
+        content: msg.content
+      },
+      timestamp: msg.timestamp.toISOString()
+    }));
+  }
+}
+
+// Singleton instance
+const sessionManager = new SessionManager();
+
+export const ready = sessionManager.ready;
+export default sessionManager;

package/shared/modelConstants.js

@@ -65,3 +65,22 @@ export const CODEX_MODELS = {
 
   DEFAULT: 'gpt-5.3-codex'
 };
+
+/**
+ * Gemini Models
+ */
+export const GEMINI_MODELS = {
+  OPTIONS: [
+    { value: 'gemini-3.1-pro-preview', label: 'Gemini 3.1 Pro Preview' },
+    { value: 'gemini-3-pro-preview', label: 'Gemini 3 Pro Preview' },
+    { value: 'gemini-3-flash-preview', label: 'Gemini 3 Flash Preview' },
+    { value: 'gemini-2.5-flash', label: 'Gemini 2.5 Flash' },
+    { value: 'gemini-2.5-pro', label: 'Gemini 2.5 Pro' },
+    { value: 'gemini-2.0-flash-lite', label: 'Gemini 2.0 Flash Lite' },
+    { value: 'gemini-2.0-flash', label: 'Gemini 2.0 Flash' },
+    { value: 'gemini-2.0-pro-exp', label: 'Gemini 2.0 Pro Experimental' },
+    { value: 'gemini-2.0-flash-thinking-exp', label: 'Gemini 2.0 Flash Thinking' }
+  ],
+
+  DEFAULT: 'gemini-2.5-flash'
+};