@sleep2agi/commhub-server 0.5.0-preview.34 → 0.5.0-preview.36

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sleep2agi/commhub-server",
-  "version": "0.5.0-preview.34",
+  "version": "0.5.0-preview.36",
   "description": "CommHub Server \u2014 AI Agent communication hub with MCP protocol, multi-network isolation, user auth, and 18 MCP tools.",
   "type": "module",
   "main": "src/index.ts",

package/src/auth.ts

@@ -85,22 +85,15 @@ export function login(username: string, password: string): AuthResult {
   if (!user) return { ok: false, error: "invalid username or password" };
   if (user.password_hash !== hashPassword(password)) return { ok: false, error: "invalid username or password" };
 
-  // Generate/rotate user token (utok_, not bound to network)
-  let userTokenRow = db.get<any>(
-    "SELECT token_id FROM api_tokens WHERE user_id = ?1 AND scope = 'user' ORDER BY created_at DESC LIMIT 1",
-    user.user_id);
-
+  // Issue a NEW user token — do NOT rotate/invalidate existing ones. Each
+  // login (cli, dashboard, second machine) gets its own row so they don't
+  // kick each other out of session. Tokens can be revoked via /api/auth/tokens.
   const userToken = generateUserToken();
-  if (userTokenRow) {
-    db.run("UPDATE api_tokens SET token_hash = ?1, last_used_at = datetime('now') WHERE token_id = ?2",
-      [hashToken(userToken), userTokenRow.token_id]);
-  } else {
-    const tokenId = generateId("tok");
-    db.run(
-      "INSERT INTO api_tokens (token_id, token_hash, user_id, network_id, name, scope) VALUES (?1, ?2, ?3, ?4, ?5, ?6)",
-      [tokenId, hashToken(userToken), user.user_id, null, "user-login", "user"]
-    );
-  }
+  const tokenId = generateId("tok");
+  db.run(
+    "INSERT INTO api_tokens (token_id, token_hash, user_id, network_id, name, scope) VALUES (?1, ?2, ?3, ?4, ?5, ?6)",
+    [tokenId, hashToken(userToken), user.user_id, null, "user-login", "user"]
+  );
 
   // Find default network
   const defaultNet = db.get<any>(

package/src/index.ts

@@ -10,6 +10,14 @@ const PORT = Number(process.env.PORT) || 9200;
 const HOST = process.env.HOST || "0.0.0.0";
 const AUTH_TOKEN = process.env.COMMHUB_AUTH_TOKEN;
 
+// Read version from package.json so banners and /health stay in sync.
+const SERVER_VERSION = (() => {
+  try {
+    const url = new URL("../package.json", import.meta.url);
+    return JSON.parse(require("fs").readFileSync(url, "utf8")).version || "?";
+  } catch { return "?"; }
+})();
+
 // ── Rate limiter (in-memory, per IP) ──
 const rateLimits = new Map<string, { count: number; resetAt: number }>();
 function checkRateLimit(ip: string, maxPerMinute = 60): boolean {
@@ -594,7 +602,7 @@ Bun.serve({
       const license = db.get<any>("SELECT type, expires_at FROM licenses LIMIT 1");
       return withCors(req, Response.json({
         ok: true,
-        version: "0.5.0-preview.33",
+        version: SERVER_VERSION,
         api_version: "v3",
         transport: "streamable-http",
         sessions_count: count?.cnt ?? 0,
@@ -913,7 +921,7 @@ Bun.serve({
     }
 
     return withCors(req, new Response(
-      `CommHub MCP Server v0.5.0-preview.33 (Streamable HTTP + SSE Push)
+      `CommHub MCP Server v${SERVER_VERSION} (Streamable HTTP + SSE Push)
 
 Endpoints:
   POST /mcp               - MCP Streamable HTTP (for Claude Code / Codex)
@@ -1025,7 +1033,7 @@ process.on("SIGINT", shutdown);
 
 console.log(`
 ╔══════════════════════════════════════════════════╗
-║   CommHub MCP Server v0.5.0-preview.33                     ║
+║   CommHub MCP Server v${SERVER_VERSION}                     ║
 ║   Transport: Streamable HTTP (Bun native)         ║
 ║   Auth: ${AUTH_TOKEN ? "ENABLED (Bearer token)" : "DISABLED (set COMMHUB_AUTH_TOKEN)"}${"".padEnd(AUTH_TOKEN ? 5 : 0)}║
 ║                                                   ║