@sleep2agi/commhub-server 0.5.0-preview.8 → 0.5.0

package/src/index.ts

@@ -2,39 +2,156 @@ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
 import { z } from "zod/v4";
 import { registerTools } from "./tools.js";
-import { db, logTaskEvent } from "./db.js";
+import { db, logTaskEvent, logAudit } from "./db.js";
 import { createSSEStream, pushEvent, pushBroadcast, getSSEStats } from "./push.js";
+import { register, login, resolveToken, getUserNetworks, getUserAllNetworks, createNetwork, deleteNetwork, renameNetwork, changePassword, listTokens, createToken, revokeToken, getNetworkMembers, getUserNetworkRole, addNetworkMember, updateMemberRole, removeNetworkMember, createInvite, joinByInvite, createNetworkTokenForNode, type AuthUser } from "./auth.js";
 
 const PORT = Number(process.env.PORT) || 9200;
+const HOST = process.env.HOST || "0.0.0.0";
 const AUTH_TOKEN = process.env.COMMHUB_AUTH_TOKEN;
 
+// Read version from package.json so banners and /health stay in sync.
+const SERVER_VERSION = (() => {
+  try {
+    const url = new URL("../package.json", import.meta.url);
+    return JSON.parse(require("fs").readFileSync(url, "utf8")).version || "?";
+  } catch { return "?"; }
+})();
+
+// ── Rate limiter (in-memory, per IP) ──
+const rateLimits = new Map<string, { count: number; resetAt: number }>();
+function checkRateLimit(ip: string, maxPerMinute = 60): boolean {
+  // Skip rate limiting for localhost/internal/unknown (dev/test)
+  if (!ip || ip === "unknown" || ip === "127.0.0.1" || ip === "::1") return true;
+  const now = Date.now();
+  const entry = rateLimits.get(ip);
+  if (!entry || now > entry.resetAt) {
+    rateLimits.set(ip, { count: 1, resetAt: now + 60000 });
+    return true;
+  }
+  if (entry.count >= maxPerMinute) return false;
+  entry.count++;
+  return true;
+}
+// Cleanup stale entries every 5 minutes
+setInterval(() => {
+  const now = Date.now();
+  for (const [ip, entry] of rateLimits) {
+    if (now > entry.resetAt) rateLimits.delete(ip);
+  }
+}, 300000);
+
 // ── Factory: 每个请求创建新的 McpServer（stateless 模式）──
-function createServer(clientIP?: string): McpServer {
+function createServer(clientIP?: string, enforceNetworkId?: string | null, enforceUserId?: string | null, callerAlias?: string | null): McpServer {
   const server = new McpServer({
     name: "commhub",
-    version: "0.4.1",
+    version: "0.5.0",
   });
-  registerTools(server, clientIP);
+  registerTools(server, clientIP, enforceNetworkId, enforceUserId, callerAlias);
   return server;
 }
 
 // ── Auth helper ─────────────────────────────────────
 function requireAuth(req: Request): Response | null {
-  if (!AUTH_TOKEN) return null; // no token = open mode (dev)
-  const header = req.headers.get("Authorization");
-  if (header === `Bearer ${AUTH_TOKEN}`) return null;
-  // Also check query param for MCP clients that can't set headers
+  const header = req.headers.get("Authorization")?.replace("Bearer ", "");
   const url = new URL(req.url);
-  if (url.searchParams.get("token") === AUTH_TOKEN) return null;
+  const token = header || url.searchParams.get("token") || "";
+
+  // V3: check api_tokens first
+  if (token) {
+    const resolved = resolveToken(token);
+    if (resolved) return null; // valid user token
+  }
+
+  // Legacy: check global COMMHUB_AUTH_TOKEN
+  if (!AUTH_TOKEN) return null; // no token = open mode (dev)
+  if (token === AUTH_TOKEN) return null;
+
   return Response.json({ error: "unauthorized" }, { status: 401 });
 }
 
+// Extract user + network + token-binding identity from request token.
+function resolveRequestAuth(req: Request): { userId: string; networkId: string | null; username: string; tokenName: string | null } | null {
+  const header = req.headers.get("Authorization")?.replace("Bearer ", "");
+  const url = new URL(req.url);
+  const token = header || url.searchParams.get("token") || "";
+  if (!token) return null;
+  const resolved = resolveToken(token);
+  if (!resolved) return null;
+  return { userId: resolved.user.user_id, networkId: resolved.networkId, username: resolved.user.username, tokenName: resolved.tokenName };
+}
+
+type RestNetworkScope = {
+  networkId: string | null;
+  networkIds: string[] | null;
+  denied?: string;
+};
+
+function getUserNetworkIds(userId: string): string[] {
+  return db.all<{ network_id: string }>(
+    "SELECT network_id FROM network_members WHERE user_id = ?1",
+    userId
+  ).map((row) => row.network_id);
+}
+
+function resolveRestNetworkScope(url: URL, authCtx: { userId: string; networkId: string | null } | null, isAdmin: boolean): RestNetworkScope {
+  const requested = url.searchParams.get("network_id");
+
+  // Legacy global token or open dev mode keeps the old global behavior.
+  if (!authCtx) return { networkId: requested || null, networkIds: null };
+
+  // Network tokens are forcibly scoped to their bound network.
+  if (authCtx.networkId) return { networkId: authCtx.networkId, networkIds: null };
+
+  // System admins may intentionally inspect all networks.
+  if (isAdmin) return { networkId: requested || null, networkIds: null };
+
+  if (requested) {
+    const role = getUserNetworkRole(authCtx.userId, requested);
+    if (!role) return { networkId: null, networkIds: [], denied: "access denied to requested network" };
+    return { networkId: requested, networkIds: null };
+  }
+
+  return { networkId: null, networkIds: getUserNetworkIds(authCtx.userId) };
+}
+
+function addNetworkScope(sql: string, params: any[], scope: RestNetworkScope, column = "network_id"): string {
+  if (scope.networkId) {
+    sql += ` AND ${column} = ?${params.length + 1}`;
+    params.push(scope.networkId);
+  } else if (scope.networkIds) {
+    if (scope.networkIds.length === 0) {
+      sql += " AND 1=0";
+    } else {
+      const placeholders = scope.networkIds.map((_, i) => `?${params.length + i + 1}`).join(", ");
+      sql += ` AND ${column} IN (${placeholders})`;
+      params.push(...scope.networkIds);
+    }
+  }
+  return sql;
+}
+
+function singleNetworkId(scope: RestNetworkScope): string | null {
+  if (scope.networkId) return scope.networkId;
+  if (scope.networkIds?.length === 1) return scope.networkIds[0];
+  return null;
+}
+
+function canRestWriteNetwork(authCtx: { userId: string; networkId: string | null } | null, networkId: string | null, isAdmin: boolean): boolean {
+  if (!authCtx) return true; // legacy global token or open dev mode
+  if (isAdmin) return true;
+  if (!networkId) return false;
+  const role = getUserNetworkRole(authCtx.userId, networkId);
+  return !!role && role !== "viewer";
+}
+
 // ── REST input schema ───────────────────────────────
 const TaskSchema = z.object({
   alias: z.string().min(1).max(200),
   task: z.string().min(1).max(10000),
   priority: z.enum(["high", "normal", "low"]).default("normal"),
   from: z.string().max(200).optional(),
+  network_id: z.string().max(200).optional(),
 });
 
 const BroadcastSchema = z.object({
@@ -85,9 +202,8 @@ setInterval(() => {
     if (result.changes > 0) {
       console.log(`[patrol] expired ${result.changes} stale task(s)`);
       // Log events for expired tasks
-      const expired = db.query<{ task_id: string }, []>(
-        "SELECT task_id FROM tasks WHERE status = 'expired' AND completed_at >= datetime('now', '-1 minute')"
-      ).all();
+      const expired = db.all<{ task_id: string }>(
+        "SELECT task_id FROM tasks WHERE status = 'expired' AND completed_at >= datetime('now', '-1 minute')");
       for (const t of expired) logTaskEvent(t.task_id, null, "expired", "patrol");
     }
   } catch {}
@@ -95,6 +211,7 @@ setInterval(() => {
 
 Bun.serve({
   port: PORT,
+  hostname: HOST,
   idleTimeout: 255, // max value: keep SSE connections alive (seconds)
 
   async fetch(req, server) {
@@ -119,10 +236,21 @@ Bun.serve({
       if (authErr) return withCors(req, authErr);
       const fwd = req.headers.get("x-forwarded-for");
       const clientIP = fwd ? fwd.split(",")[0].trim() : (req.headers.get("x-real-ip") ?? "unknown");
+      // V3: resolve token → enforce network_id in all MCP tools.
+      // utok_ (user token, not network-bound) is allowed — the tool layer
+      // scopes to the user's accessible networks. Without this Dashboard
+      // (which logs in as a user) cannot call send_task.
+      const authCtx = resolveRequestAuth(req);
+      const enforceNetId = authCtx?.networkId || null;
+      // Derive the calling alias from the token name (e.g., 'node:视频审查')
+      // so peer agents see the real sender instead of 'hub' on send_task.
+      const callerAlias = authCtx?.tokenName?.startsWith("node:")
+        ? authCtx.tokenName.slice("node:".length)
+        : (authCtx?.username || null);
       const transport = new WebStandardStreamableHTTPServerTransport({
         sessionIdGenerator: undefined,
       });
-      const server = createServer(clientIP);
+      const server = createServer(clientIP, enforceNetId, authCtx?.userId || null, callerAlias);
       await server.connect(transport);
       const response = await transport.handleRequest(req);
       // Disconnect after response to prevent McpServer leak
@@ -140,19 +268,356 @@ Bun.serve({
       return createSSEStream(sessionName);
     }
 
+    // ── V3: License endpoints ──
+    if (url.pathname === "/api/license" && req.method === "GET") {
+      const license = db.get<any>("SELECT * FROM licenses ORDER BY created_at LIMIT 1");
+      if (!license) return withCors(req, Response.json({ ok: true, status: "no_license" }));
+      const now = new Date().toISOString().replace("T", " ").slice(0, 19);
+      const expired = license.expires_at && license.expires_at < now;
+      const daysLeft = license.expires_at
+        ? Math.max(0, Math.ceil((new Date(license.expires_at).getTime() - Date.now()) / 86400000))
+        : null;
+      return withCors(req, Response.json({
+        ok: true,
+        license: { type: license.type, expires_at: license.expires_at, days_left: daysLeft, expired },
+        limits: { max_agents: license.max_agents, max_networks: license.max_networks, max_tasks_day: license.max_tasks_day },
+      }));
+    }
+
+    if (url.pathname === "/api/license/activate" && req.method === "POST") {
+      try {
+        const body = await req.json() as any;
+        const key = body.key;
+        if (!key) return withCors(req, Response.json({ ok: false, error: "key required" }, { status: 400 }));
+        // For now: accept any key starting with "anet-" as valid pro license
+        if (!key.startsWith("anet-") || key.length < 16) {
+          return withCors(req, Response.json({ ok: false, error: "invalid license key" }, { status: 400 }));
+        }
+        // Upgrade existing license or create new
+        db.run("DELETE FROM licenses");
+        const licId = `lic_${crypto.randomUUID().replace(/-/g, "").slice(0, 12)}`;
+        db.run(
+          "INSERT INTO licenses (id, license_key, type, max_agents, max_networks, max_tasks_day, activated_at, expires_at) VALUES (?1, ?2, 'pro', 50, 10, 10000, datetime('now'), datetime('now', '+365 days'))",
+          [licId, key]
+        );
+        return withCors(req, Response.json({ ok: true, type: "pro", expires_in_days: 365 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    // ── V3: Auth endpoints (public) ──
+    if (url.pathname === "/api/auth/register" && req.method === "POST") {
+      const clientIP = req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || "unknown";
+      if (!checkRateLimit(clientIP, 30)) {
+        return withCors(req, Response.json({ ok: false, error: "too many requests, try again later" }, { status: 429 }));
+      }
+      try {
+        const body = await req.json() as any;
+        const result = register(body.username, body.password, body.email, body.display_name);
+        if (result.ok) logAudit(result.user!.user_id, body.username, "register", "user", result.user!.user_id);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    if (url.pathname === "/api/auth/login" && req.method === "POST") {
+      const clientIP = req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || "unknown";
+      if (!checkRateLimit(clientIP, 10)) {
+        logAudit(null, null, "login_rate_limited", "auth", null, clientIP);
+        return withCors(req, Response.json({ ok: false, error: "too many attempts, try again later" }, { status: 429 }));
+      }
+      try {
+        const body = await req.json() as any;
+        const result = login(body.username, body.password);
+        if (result.ok) logAudit(result.user!.user_id, body.username, "login", "user", result.user!.user_id);
+        else logAudit(null, body.username, "login_failed", "user", null, "invalid credentials");
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 401 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    if (url.pathname === "/api/auth/me" && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const networks = getUserAllNetworks(resolved.user.user_id);
+      return withCors(req, Response.json({ ok: true, user: resolved.user, networks, current_network: resolved.networkId }));
+    }
+
+    if (url.pathname === "/api/auth/me" && req.method === "PUT") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const updates: string[] = [];
+        const params: any[] = [];
+        if (body.display_name) { updates.push(`display_name = ?${params.length + 1}`); params.push(body.display_name); }
+        if (body.email) { updates.push(`email = ?${params.length + 1}`); params.push(body.email); }
+        if (updates.length > 0) {
+          updates.push(`updated_at = datetime('now')`);
+          params.push(resolved.user.user_id);
+          db.run(`UPDATE users SET ${updates.join(", ")} WHERE user_id = ?${params.length}`, params);
+        }
+        // Re-fetch
+        const user = db.get<any>("SELECT user_id, username, display_name, email, role FROM users WHERE user_id = ?1", resolved.user.user_id);
+        return withCors(req, Response.json({ ok: true, user }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    if (url.pathname === "/api/auth/password" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const result = changePassword(resolved.user.user_id, body.old_password, body.new_password);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "password_changed", "user", resolved.user.user_id);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    // ── V3.13: Create network token for a node ──
+    if (url.pathname === "/api/auth/node-token" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        if (!body.network_id || !body.node_name) return withCors(req, Response.json({ ok: false, error: "network_id and node_name required" }, { status: 400 }));
+        const result = createNetworkTokenForNode(resolved.user.user_id, body.network_id, body.node_name);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "node_token_created", "network", body.network_id, body.node_name);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    // ── V3: Token management ──
+    if (url.pathname === "/api/auth/tokens" && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const tokens = listTokens(resolved.user.user_id);
+      return withCors(req, Response.json({ ok: true, tokens }));
+    }
+
+    if (url.pathname === "/api/auth/tokens" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const result = createToken(resolved.user.user_id, body.name || "api-token", body.network_id);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "token_created", "token", result.token_id);
+        return withCors(req, Response.json(result));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    const tokenDeleteMatch = url.pathname.match(/^\/api\/auth\/tokens\/([^/]+)$/);
+    if (tokenDeleteMatch && req.method === "DELETE") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const result = revokeToken(resolved.user.user_id, tokenDeleteMatch[1]);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "token_revoked", "token", tokenDeleteMatch[1]);
+      return withCors(req, Response.json(result, { status: result.ok ? 200 : 404 }));
+    }
+
+    // ── V3: Network management ──
+    if (url.pathname === "/api/networks" && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      // V3.13: ntok_ can only see its bound network; utok_ sees all member networks
+      if (resolved.networkId) {
+        // ntok_ — only return the bound network
+        const net = db.get<any>("SELECT * FROM networks WHERE network_id = ?1", resolved.networkId);
+        return withCors(req, Response.json({ ok: true, networks: net ? [net] : [] }));
+      }
+      const networks = getUserAllNetworks(resolved.user.user_id);
+      return withCors(req, Response.json({ ok: true, networks }));
+    }
+
+    if (url.pathname === "/api/networks" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const result = createNetwork(resolved.user.user_id, body.name, body.description);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
+    // ── V3.13: Network members + invites ──
+    const membersMatch = url.pathname.match(/^\/api\/networks\/([^/]+)\/members(?:\/([^/]+))?$/);
+    if (membersMatch) {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const netId = membersMatch[1];
+      const targetUid = membersMatch[2];
+      const callerRole = getUserNetworkRole(resolved.user.user_id, netId);
+      if (!callerRole) return withCors(req, Response.json({ ok: false, error: "not a member of this network" }, { status: 403 }));
+
+      if (req.method === "GET") {
+        if (!["owner", "admin"].includes(callerRole)) return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+        const members = getNetworkMembers(netId);
+        return withCors(req, Response.json({ ok: true, members }));
+      }
+      if (req.method === "POST") {
+        if (!["owner", "admin"].includes(callerRole)) return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+        const body = await req.json() as any;
+        const result = addNetworkMember(netId, body.user_id, body.role || "member", resolved.user.user_id);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "member_added", "network", netId, `${body.user_id} as ${body.role || "member"}`);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      }
+      if (req.method === "PUT" && targetUid) {
+        if (callerRole !== "owner") return withCors(req, Response.json({ ok: false, error: "owner required" }, { status: 403 }));
+        const body = await req.json() as any;
+        const result = updateMemberRole(netId, targetUid, body.role);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "member_role_changed", "network", netId, `${targetUid} → ${body.role}`);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      }
+      if (req.method === "DELETE" && targetUid) {
+        if (!["owner", "admin"].includes(callerRole)) return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+        const result = removeNetworkMember(netId, targetUid);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "member_removed", "network", netId, targetUid);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      }
+    }
+
+    if (url.pathname.match(/^\/api\/networks\/([^/]+)\/invite$/) && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const netId = url.pathname.split("/")[3];
+      const callerRole = getUserNetworkRole(resolved.user.user_id, netId);
+      if (!callerRole || !["owner", "admin"].includes(callerRole)) {
+        return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+      }
+      const body = await req.json() as any;
+      const result = createInvite(netId, resolved.user.user_id, body.role || "member", body.max_uses || 1, body.expires_days);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "invite_created", "network", netId, result.invite_code);
+      return withCors(req, Response.json(result));
+    }
+
+    if (url.pathname === "/api/networks/join" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const body = await req.json() as any;
+      const result = joinByInvite(body.invite_code, resolved.user.user_id);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "network_joined", "network", result.network_id, `via invite, role=${result.role}`);
+      return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+    }
+
+    // ── V3: Admin APIs (require auth) ──
+    if (url.pathname === "/api/users" && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved || resolved.user.role !== "admin") {
+        return withCors(req, Response.json({ ok: false, error: "admin required" }, { status: 403 }));
+      }
+      const users = db.all("SELECT user_id, username, display_name, email, role, created_at FROM users ORDER BY created_at");
+      return withCors(req, Response.json({ ok: true, users }));
+    }
+
+    const netDetailMatch = url.pathname.match(/^\/api\/networks\/([^/]+)$/);
+    if (netDetailMatch && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const networkId = netDetailMatch[1];
+      const network = db.get<any>("SELECT * FROM networks WHERE network_id = ?1", networkId);
+      if (!network) return withCors(req, Response.json({ ok: false, error: "network not found" }, { status: 404 }));
+      // Membership check: must be a member or system admin
+      const viewerRole = getUserNetworkRole(resolved.user.user_id, networkId);
+      if (!viewerRole && resolved.user.role !== "admin") {
+        return withCors(req, Response.json({ ok: false, error: "access denied" }, { status: 403 }));
+      }
+      // Get network stats
+      const nodeCount = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM nodes WHERE network_id = ?1", networkId);
+      const sessionCount = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM sessions WHERE network_id = ?1", networkId);
+      const taskStats = db.all<any>("SELECT status, COUNT(*) as count FROM tasks WHERE network_id = ?1 GROUP BY status", networkId);
+      return withCors(req, Response.json({
+        ok: true, network,
+        stats: { nodes: nodeCount?.cnt || 0, sessions: sessionCount?.cnt || 0, tasks: taskStats },
+      }));
+    }
+
+    if (netDetailMatch && req.method === "DELETE") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const result = deleteNetwork(resolved.user.user_id, netDetailMatch[1]);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "network_deleted", "network", netDetailMatch[1]);
+      return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+    }
+
+    if (netDetailMatch && req.method === "PUT") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        if (body.name) {
+          const result = renameNetwork(resolved.user.user_id, netDetailMatch[1], body.name);
+          if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "network_renamed", "network", netDetailMatch[1], body.name);
+          return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+        }
+        return withCors(req, Response.json({ ok: false, error: "name required" }, { status: 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+
     // ── REST: health (public, no auth) ──
     if (url.pathname === "/health") {
-      const count = db.query<{ cnt: number }, []>("SELECT COUNT(*) as cnt FROM sessions").get();
+      const count = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM sessions");
       const sse = getSSEStats();
+      const license = db.get<any>("SELECT type, expires_at FROM licenses LIMIT 1");
       return withCors(req, Response.json({
         ok: true,
-        version: "0.4.1",
+        version: SERVER_VERSION,
+        api_version: "v3",
         transport: "streamable-http",
-        sessions: count?.cnt ?? 0,
+        sessions_count: count?.cnt ?? 0,
         sse_connections: sse.total,
         sse_sessions: sse.sessions,
         auth: AUTH_TOKEN ? "enabled" : "disabled",
-        uptime: process.uptime(),
+        v3_auth: true,
+        multi_network: true,
+        license: license?.type || "none",
+        uptime: Math.floor(process.uptime()),
       }));
     }
 
@@ -160,11 +625,27 @@ Bun.serve({
     const authErr = requireAuth(req);
     if (authErr) return withCors(req, authErr);
 
+    // Resolve network scope for REST queries — enforce isolation
+    // Token-bound networkId takes precedence (ntok_ → forced), then query param
+    const restAuth = resolveRequestAuth(req);
+    const isAdmin = !!(restAuth?.username && db.get<any>("SELECT role FROM users WHERE username = ?1", restAuth.username)?.role === "admin");
+    const restScope = resolveRestNetworkScope(url, restAuth, isAdmin);
+    if (restScope.denied) {
+      return withCors(req, Response.json({ ok: false, error: restScope.denied }, { status: 403 }));
+    }
+
     // ── REST: all sessions status ──
     if (url.pathname === "/api/status") {
       const cutoff = new Date(Date.now() - 10 * 60 * 1000).toISOString().replace("T", " ").slice(0, 19);
-      db.run("UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'", [cutoff]);
-      const sessions = db.query("SELECT * FROM sessions ORDER BY updated_at DESC").all();
+      const staleParams: any[] = [cutoff];
+      let staleSql = "UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'";
+      staleSql = addNetworkScope(staleSql, staleParams, restScope);
+      db.run(staleSql, staleParams);
+      const params: any[] = [];
+      let sql = "SELECT * FROM sessions WHERE 1=1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += " ORDER BY updated_at DESC";
+      const sessions = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, sessions }));
     }
 
@@ -181,18 +662,40 @@ Bun.serve({
         return withCors(req, Response.json({ error: "invalid input", details: parsed.error.format() }, { status: 400 }));
       }
       const body = parsed.data;
+      let taskNetId: string | null = null;
+      if (restAuth?.networkId) {
+        taskNetId = restAuth.networkId;
+      } else if (body.network_id) {
+        if (restAuth && !isAdmin && !getUserNetworkRole(restAuth.userId, body.network_id)) {
+          return withCors(req, Response.json({ ok: false, error: "access denied to requested network" }, { status: 403 }));
+        }
+        taskNetId = body.network_id;
+      } else {
+        taskNetId = restAuth ? singleNetworkId(restScope) : null;
+      }
+      if (restAuth && !taskNetId) {
+        return withCors(req, Response.json({ ok: false, error: "network_id required for user token when multiple networks are available" }, { status: 400 }));
+      }
+      if (!canRestWriteNetwork(restAuth, taskNetId, isAdmin)) {
+        return withCors(req, Response.json({ ok: false, error: "permission_denied" }, { status: 403 }));
+      }
       const id = crypto.randomUUID();
       const fromSession = body.from || "api";
       db.run(
-        `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-         VALUES (?1, ?2, 'task', ?3, ?4, ?5)`,
-        [id, body.alias, body.priority, body.task, fromSession]
+        `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+         VALUES (?1, ?2, 'task', ?3, ?4, ?5, ?6)`,
+        [id, body.alias, body.priority, body.task, fromSession, taskNetId]
       );
       // SSE push: 秒达
-      const pending = db.query<{ cnt: number }, [string]>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0"
-      ).get(body.alias);
-      pushEvent(body.alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority: body.priority, from: fromSession });
+      const pendingParams: any[] = [body.alias];
+      let pendingSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      if (taskNetId) { pendingSql += " AND network_id = ?2"; pendingParams.push(taskNetId); }
+      const pending = db.get<{ cnt: number }>(pendingSql, ...pendingParams);
+      const sessionParams: any[] = [body.alias];
+      let sessionSql = "SELECT 1 FROM sessions WHERE alias = ?1";
+      if (taskNetId) { sessionSql += " AND network_id = ?2"; sessionParams.push(taskNetId); }
+      const targetSession = db.get<any>(sessionSql, ...sessionParams);
+      if (targetSession) pushEvent(body.alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority: body.priority, from: fromSession });
       return withCors(req, Response.json({ ok: true, message_id: id }));
     }
 
@@ -209,18 +712,25 @@ Bun.serve({
         return withCors(req, Response.json({ error: "invalid input", details: parsed.error.format() }, { status: 400 }));
       }
       const body = parsed.data;
-      let sql = "SELECT alias FROM sessions WHERE alias IS NOT NULL";
+      if (restAuth && !restScope.networkId && !isAdmin) {
+        return withCors(req, Response.json({ ok: false, error: "network_id required for user token when broadcasting" }, { status: 400 }));
+      }
+      if (!canRestWriteNetwork(restAuth, restScope.networkId, isAdmin)) {
+        return withCors(req, Response.json({ ok: false, error: "permission_denied" }, { status: 403 }));
+      }
+      let sql = "SELECT alias, network_id FROM sessions WHERE alias IS NOT NULL";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (body.filter_server) { sql += " AND server = ?"; params.push(body.filter_server); }
       if (body.filter_status) { sql += " AND status = ?"; params.push(body.filter_status); }
-      const targets = db.query<{ alias: string }, any[]>(sql).all(...params);
+      const targets = db.all<{ alias: string; network_id: string | null }>(sql, ...params);
       const ids: string[] = [];
       for (const t of targets) {
         const id = crypto.randomUUID();
         db.run(
-          `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'api')`,
-          [id, t.alias, body.message]
+          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'api', ?4)`,
+          [id, t.alias, body.message, t.network_id]
         );
         ids.push(id);
       }
@@ -278,25 +788,49 @@ Bun.serve({
 
     // ── REST: recent messages (for Dashboard communication graph) ──
     if (url.pathname === "/api/messages") {
-      const limit = Number(url.searchParams.get("limit")) || 100;
+      const limit = Math.min(Number(url.searchParams.get("limit")) || 100, 500);
       const since = url.searchParams.get("since") ?? new Date(Date.now() - 3600000).toISOString().replace("T", " ").slice(0, 19);
-      const rows = db.query(
-        "SELECT id, session_name as to_alias, from_session as from_alias, type, priority, content, created_at FROM inbox WHERE created_at >= ?1 ORDER BY created_at DESC LIMIT ?2"
-      ).all(since, limit);
+      const params: any[] = [since];
+      let sql = "SELECT id, session_name as to_alias, from_session as from_alias, type, priority, content, created_at, network_id FROM inbox WHERE created_at >= ?1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
+      params.push(limit);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, messages: rows }));
     }
 
     // ── REST: stats summary ──
     if (url.pathname === "/api/stats") {
-      const taskStats = db.query<any, []>("SELECT status, COUNT(*) as count FROM tasks GROUP BY status").all();
-      const sessionStats = db.query<any, []>("SELECT status, COUNT(*) as count FROM sessions GROUP BY status").all();
-      const totalTasks = db.query<{ cnt: number }, []>("SELECT COUNT(*) as cnt FROM tasks").get();
-      const totalNodes = db.query<{ cnt: number }, []>("SELECT COUNT(*) as cnt FROM nodes").get();
-      const recentTasks = db.query<any, []>(
-        "SELECT task_id, from_name, to_name, status, created_at FROM tasks ORDER BY created_at DESC LIMIT 5"
-      ).all();
+      const taskStatsParams: any[] = [];
+      let taskStatsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      taskStatsSql = addNetworkScope(taskStatsSql, taskStatsParams, restScope);
+      taskStatsSql += " GROUP BY status";
+      const taskStats = db.all<any>(taskStatsSql, ...taskStatsParams);
+
+      const sessionStatsParams: any[] = [];
+      let sessionStatsSql = "SELECT status, COUNT(*) as count FROM sessions WHERE 1=1";
+      sessionStatsSql = addNetworkScope(sessionStatsSql, sessionStatsParams, restScope);
+      sessionStatsSql += " GROUP BY status";
+      const sessionStats = db.all<any>(sessionStatsSql, ...sessionStatsParams);
+
+      const totalTasksParams: any[] = [];
+      let totalTasksSql = "SELECT COUNT(*) as cnt FROM tasks WHERE 1=1";
+      totalTasksSql = addNetworkScope(totalTasksSql, totalTasksParams, restScope);
+      const totalTasks = db.get<{ cnt: number }>(totalTasksSql, ...totalTasksParams);
+
+      const totalNodesParams: any[] = [];
+      let totalNodesSql = "SELECT COUNT(*) as cnt FROM nodes WHERE 1=1";
+      totalNodesSql = addNetworkScope(totalNodesSql, totalNodesParams, restScope);
+      const totalNodes = db.get<{ cnt: number }>(totalNodesSql, ...totalNodesParams);
+
+      const recentTasksParams: any[] = [];
+      let recentTasksSql = "SELECT task_id, from_name, to_name, status, created_at FROM tasks WHERE 1=1";
+      recentTasksSql = addNetworkScope(recentTasksSql, recentTasksParams, restScope);
+      recentTasksSql += " ORDER BY created_at DESC LIMIT 5";
+      const recentTasks = db.all<any>(recentTasksSql, ...recentTasksParams);
       return withCors(req, Response.json({
         ok: true,
+        network_id: restScope.networkId || null,
         tasks: { total: totalTasks?.cnt || 0, by_status: taskStats },
         sessions: { by_status: sessionStats },
         nodes: { total: totalNodes?.cnt || 0 },
@@ -304,16 +838,38 @@ Bun.serve({
       }));
     }
 
+    // ── REST: audit log (V3) ──
+    if (url.pathname === "/api/audit-log") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const limit = Math.min(Number(url.searchParams.get("limit")) || 50, 200);
+      const action = url.searchParams.get("action");
+      const userId = url.searchParams.get("user_id");
+      let sql = "SELECT * FROM audit_log WHERE 1=1";
+      const params: any[] = [];
+      // Non-admin can only see own logs
+      if (resolved.user.role !== "admin") { sql += ` AND user_id = ?${params.length + 1}`; params.push(resolved.user.user_id); }
+      if (action) { sql += ` AND action = ?${params.length + 1}`; params.push(action); }
+      if (userId && resolved.user.role === "admin") { sql += ` AND user_id = ?${params.length + 1}`; params.push(userId); }
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
+      params.push(limit);
+      const logs = db.all(sql, ...params);
+      return withCors(req, Response.json({ ok: true, logs, count: logs.length }));
+    }
+
     // ── REST: task events (V2 Sprint 2) ──
     if (url.pathname === "/api/task_events") {
       const taskId = url.searchParams.get("task_id");
       const limit = Math.min(Number(url.searchParams.get("limit")) || 50, 500);
-      let sql = "SELECT * FROM task_events";
+      let sql = "SELECT * FROM task_events WHERE 1=1";
       const params: any[] = [];
-      if (taskId) { sql += " WHERE task_id = ?1"; params.push(taskId); }
-      sql += " ORDER BY created_at DESC LIMIT ?";
+      sql = addNetworkScope(sql, params, restScope);
+      if (taskId) { sql += ` AND task_id = ?${params.length + 1}`; params.push(taskId); }
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
       params.push(limit);
-      const rows = db.query(sql).all(...params);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, events: rows, count: rows.length }));
     }
 
@@ -323,10 +879,11 @@ Bun.serve({
       const alias = url.searchParams.get("alias");
       let sql = "SELECT * FROM nodes WHERE 1=1";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (nodeId) { sql += ` AND node_id = ?${params.length + 1}`; params.push(nodeId); }
       if (alias) { sql += ` AND alias = ?${params.length + 1}`; params.push(alias); }
       sql += " ORDER BY updated_at DESC";
-      const rows = db.query(sql).all(...params);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, nodes: rows, count: rows.length }));
     }
 
@@ -340,6 +897,7 @@ Bun.serve({
 
       let sql = "SELECT * FROM tasks WHERE 1=1";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (taskId) { sql += ` AND task_id = ?${params.length + 1}`; params.push(taskId); }
       if (status) { sql += ` AND status = ?${params.length + 1}`; params.push(status); }
       if (toName) { sql += ` AND to_name = ?${params.length + 1}`; params.push(toName); }
@@ -347,20 +905,28 @@ Bun.serve({
       sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
       params.push(limit);
 
-      const rows = db.query(sql).all(...params);
-      const stats = db.query<any, []>("SELECT status, COUNT(*) as count FROM tasks GROUP BY status").all();
+      const rows = db.all(sql, ...params);
+      const statsParams: any[] = [];
+      let statsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      statsSql = addNetworkScope(statsSql, statsParams, restScope);
+      statsSql += " GROUP BY status";
+      const stats = db.all<any>(statsSql, ...statsParams);
       return withCors(req, Response.json({ ok: true, tasks: rows, count: rows.length, stats }));
     }
 
     // ── REST: recent completions ──
     if (url.pathname === "/api/completions") {
       const since = url.searchParams.get("since") ?? new Date(Date.now() - 86400000).toISOString();
-      const rows = db.query("SELECT * FROM completions WHERE completed_at >= ?1 ORDER BY completed_at DESC LIMIT 100").all(since);
+      const params: any[] = [since];
+      let sql = "SELECT * FROM completions WHERE completed_at >= ?1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += " ORDER BY completed_at DESC LIMIT 100";
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, completions: rows }));
     }
 
     return withCors(req, new Response(
-      `CommHub MCP Server v0.4.1 (Streamable HTTP + SSE Push)
+      `CommHub MCP Server v${SERVER_VERSION} (Streamable HTTP + SSE Push)
 
 Endpoints:
   POST /mcp               - MCP Streamable HTTP (for Claude Code / Codex)
@@ -472,12 +1038,12 @@ process.on("SIGINT", shutdown);
 
 console.log(`
 ╔══════════════════════════════════════════════════╗
-║   CommHub MCP Server v0.4.1                     ║
+║   CommHub MCP Server v${SERVER_VERSION}                     ║
 ║   Transport: Streamable HTTP (Bun native)         ║
 ║   Auth: ${AUTH_TOKEN ? "ENABLED (Bearer token)" : "DISABLED (set COMMHUB_AUTH_TOKEN)"}${"".padEnd(AUTH_TOKEN ? 5 : 0)}║
 ║                                                   ║
-║   MCP:    http://0.0.0.0:${PORT}/mcp                 ║
-║   REST:   http://0.0.0.0:${PORT}/api                 ║
-║   Health: http://0.0.0.0:${PORT}/health               ║
+║   MCP:    http://${HOST}:${PORT}/mcp                 ║
+║   REST:   http://${HOST}:${PORT}/api                 ║
+║   Health: http://${HOST}:${PORT}/health               ║
 ╚══════════════════════════════════════════════════╝
 `);