npm - @sleep2agi/commhub-server - Versions diffs - 0.5.0-preview.9 → 0.5.1 - Mend

@sleep2agi/commhub-server 0.5.0-preview.9 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/src/index.ts CHANGED Viewed

@@ -2,40 +2,156 @@ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { WebStandardStreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/webStandardStreamableHttp.js";
 import { z } from "zod/v4";
 import { registerTools } from "./tools.js";
-import { db, logTaskEvent } from "./db.js";
+import { db, logTaskEvent, logAudit } from "./db.js";
 import { createSSEStream, pushEvent, pushBroadcast, getSSEStats } from "./push.js";
-import { register, login, resolveToken, getUserNetworks, createNetwork, type AuthUser } from "./auth.js";
+import { register, login, resolveToken, getUserNetworks, getUserAllNetworks, createNetwork, deleteNetwork, renameNetwork, changePassword, listTokens, createToken, revokeToken, getNetworkMembers, getUserNetworkRole, addNetworkMember, updateMemberRole, removeNetworkMember, createInvite, joinByInvite, createNetworkTokenForNode, type AuthUser } from "./auth.js";
 const PORT = Number(process.env.PORT) || 9200;
+const HOST = process.env.HOST || "0.0.0.0";
 const AUTH_TOKEN = process.env.COMMHUB_AUTH_TOKEN;
+// Read version from package.json so banners and /health stay in sync.
+const SERVER_VERSION = (() => {
+  try {
+    const url = new URL("../package.json", import.meta.url);
+    return JSON.parse(require("fs").readFileSync(url, "utf8")).version || "?";
+  } catch { return "?"; }
+})();
+// ── Rate limiter (in-memory, per IP) ──
+const rateLimits = new Map<string, { count: number; resetAt: number }>();
+function checkRateLimit(ip: string, maxPerMinute = 60): boolean {
+  // Skip rate limiting for localhost/internal/unknown (dev/test)
+  if (!ip || ip === "unknown" || ip === "127.0.0.1" || ip === "::1") return true;
+  const now = Date.now();
+  const entry = rateLimits.get(ip);
+  if (!entry || now > entry.resetAt) {
+    rateLimits.set(ip, { count: 1, resetAt: now + 60000 });
+    return true;
+  }
+  if (entry.count >= maxPerMinute) return false;
+  entry.count++;
+  return true;
+}
+// Cleanup stale entries every 5 minutes
+setInterval(() => {
+  const now = Date.now();
+  for (const [ip, entry] of rateLimits) {
+    if (now > entry.resetAt) rateLimits.delete(ip);
+  }
+}, 300000);
 // ── Factory: 每个请求创建新的 McpServer（stateless 模式）──
-function createServer(clientIP?: string): McpServer {
+function createServer(clientIP?: string, enforceNetworkId?: string | null, enforceUserId?: string | null, callerAlias?: string | null): McpServer {
   const server = new McpServer({
     name: "commhub",
-    version: "0.4.1",
+    version: "0.5.0",
   });
-  registerTools(server, clientIP);
+  registerTools(server, clientIP, enforceNetworkId, enforceUserId, callerAlias);
   return server;
 }
 // ── Auth helper ─────────────────────────────────────
 function requireAuth(req: Request): Response | null {
-  if (!AUTH_TOKEN) return null; // no token = open mode (dev)
-  const header = req.headers.get("Authorization");
-  if (header === `Bearer ${AUTH_TOKEN}`) return null;
-  // Also check query param for MCP clients that can't set headers
+  const header = req.headers.get("Authorization")?.replace("Bearer ", "");
   const url = new URL(req.url);
-  if (url.searchParams.get("token") === AUTH_TOKEN) return null;
+  const token = header || url.searchParams.get("token") || "";
+  // V3: check api_tokens first
+  if (token) {
+    const resolved = resolveToken(token);
+    if (resolved) return null; // valid user token
+  }
+  // Legacy: check global COMMHUB_AUTH_TOKEN
+  if (!AUTH_TOKEN) return null; // no token = open mode (dev)
+  if (token === AUTH_TOKEN) return null;
   return Response.json({ error: "unauthorized" }, { status: 401 });
 }
+// Extract user + network + token-binding identity from request token.
+function resolveRequestAuth(req: Request): { userId: string; networkId: string | null; username: string; tokenName: string | null } | null {
+  const header = req.headers.get("Authorization")?.replace("Bearer ", "");
+  const url = new URL(req.url);
+  const token = header || url.searchParams.get("token") || "";
+  if (!token) return null;
+  const resolved = resolveToken(token);
+  if (!resolved) return null;
+  return { userId: resolved.user.user_id, networkId: resolved.networkId, username: resolved.user.username, tokenName: resolved.tokenName };
+}
+type RestNetworkScope = {
+  networkId: string | null;
+  networkIds: string[] | null;
+  denied?: string;
+};
+function getUserNetworkIds(userId: string): string[] {
+  return db.all<{ network_id: string }>(
+    "SELECT network_id FROM network_members WHERE user_id = ?1",
+    userId
+  ).map((row) => row.network_id);
+}
+function resolveRestNetworkScope(url: URL, authCtx: { userId: string; networkId: string | null } | null, isAdmin: boolean): RestNetworkScope {
+  const requested = url.searchParams.get("network_id");
+  // Legacy global token or open dev mode keeps the old global behavior.
+  if (!authCtx) return { networkId: requested || null, networkIds: null };
+  // Network tokens are forcibly scoped to their bound network.
+  if (authCtx.networkId) return { networkId: authCtx.networkId, networkIds: null };
+  // System admins may intentionally inspect all networks.
+  if (isAdmin) return { networkId: requested || null, networkIds: null };
+  if (requested) {
+    const role = getUserNetworkRole(authCtx.userId, requested);
+    if (!role) return { networkId: null, networkIds: [], denied: "access denied to requested network" };
+    return { networkId: requested, networkIds: null };
+  }
+  return { networkId: null, networkIds: getUserNetworkIds(authCtx.userId) };
+}
+function addNetworkScope(sql: string, params: any[], scope: RestNetworkScope, column = "network_id"): string {
+  if (scope.networkId) {
+    sql += ` AND ${column} = ?${params.length + 1}`;
+    params.push(scope.networkId);
+  } else if (scope.networkIds) {
+    if (scope.networkIds.length === 0) {
+      sql += " AND 1=0";
+    } else {
+      const placeholders = scope.networkIds.map((_, i) => `?${params.length + i + 1}`).join(", ");
+      sql += ` AND ${column} IN (${placeholders})`;
+      params.push(...scope.networkIds);
+    }
+  }
+  return sql;
+}
+function singleNetworkId(scope: RestNetworkScope): string | null {
+  if (scope.networkId) return scope.networkId;
+  if (scope.networkIds?.length === 1) return scope.networkIds[0];
+  return null;
+}
+function canRestWriteNetwork(authCtx: { userId: string; networkId: string | null } | null, networkId: string | null, isAdmin: boolean): boolean {
+  if (!authCtx) return true; // legacy global token or open dev mode
+  if (isAdmin) return true;
+  if (!networkId) return false;
+  const role = getUserNetworkRole(authCtx.userId, networkId);
+  return !!role && role !== "viewer";
+}
 // ── REST input schema ───────────────────────────────
 const TaskSchema = z.object({
   alias: z.string().min(1).max(200),
   task: z.string().min(1).max(10000),
   priority: z.enum(["high", "normal", "low"]).default("normal"),
   from: z.string().max(200).optional(),
+  network_id: z.string().max(200).optional(),
 });
 const BroadcastSchema = z.object({
@@ -86,9 +202,8 @@ setInterval(() => {
     if (result.changes > 0) {
       console.log(`[patrol] expired ${result.changes} stale task(s)`);
       // Log events for expired tasks
-      const expired = db.query<{ task_id: string }, []>(
-        "SELECT task_id FROM tasks WHERE status = 'expired' AND completed_at >= datetime('now', '-1 minute')"
-      ).all();
+      const expired = db.all<{ task_id: string }>(
+        "SELECT task_id FROM tasks WHERE status = 'expired' AND completed_at >= datetime('now', '-1 minute')");
       for (const t of expired) logTaskEvent(t.task_id, null, "expired", "patrol");
     }
   } catch {}
@@ -96,6 +211,7 @@ setInterval(() => {
 Bun.serve({
   port: PORT,
+  hostname: HOST,
   idleTimeout: 255, // max value: keep SSE connections alive (seconds)
   async fetch(req, server) {
@@ -120,10 +236,21 @@ Bun.serve({
       if (authErr) return withCors(req, authErr);
       const fwd = req.headers.get("x-forwarded-for");
       const clientIP = fwd ? fwd.split(",")[0].trim() : (req.headers.get("x-real-ip") ?? "unknown");
+      // V3: resolve token → enforce network_id in all MCP tools.
+      // utok_ (user token, not network-bound) is allowed — the tool layer
+      // scopes to the user's accessible networks. Without this Dashboard
+      // (which logs in as a user) cannot call send_task.
+      const authCtx = resolveRequestAuth(req);
+      const enforceNetId = authCtx?.networkId || null;
+      // Derive the calling alias from the token name (e.g., 'node:视频审查')
+      // so peer agents see the real sender instead of 'hub' on send_task.
+      const callerAlias = authCtx?.tokenName?.startsWith("node:")
+        ? authCtx.tokenName.slice("node:".length)
+        : (authCtx?.username || null);
       const transport = new WebStandardStreamableHTTPServerTransport({
         sessionIdGenerator: undefined,
       });
-      const server = createServer(clientIP);
+      const server = createServer(clientIP, enforceNetId, authCtx?.userId || null, callerAlias);
       await server.connect(transport);
       const response = await transport.handleRequest(req);
       // Disconnect after response to prevent McpServer leak
@@ -141,11 +268,54 @@ Bun.serve({
       return createSSEStream(sessionName);
     }
+    // ── V3: License endpoints ──
+    if (url.pathname === "/api/license" && req.method === "GET") {
+      const license = db.get<any>("SELECT * FROM licenses ORDER BY created_at LIMIT 1");
+      if (!license) return withCors(req, Response.json({ ok: true, status: "no_license" }));
+      const now = new Date().toISOString().replace("T", " ").slice(0, 19);
+      const expired = license.expires_at && license.expires_at < now;
+      const daysLeft = license.expires_at
+        ? Math.max(0, Math.ceil((new Date(license.expires_at).getTime() - Date.now()) / 86400000))
+        : null;
+      return withCors(req, Response.json({
+        ok: true,
+        license: { type: license.type, expires_at: license.expires_at, days_left: daysLeft, expired },
+        limits: { max_agents: license.max_agents, max_networks: license.max_networks, max_tasks_day: license.max_tasks_day },
+      }));
+    }
+    if (url.pathname === "/api/license/activate" && req.method === "POST") {
+      try {
+        const body = await req.json() as any;
+        const key = body.key;
+        if (!key) return withCors(req, Response.json({ ok: false, error: "key required" }, { status: 400 }));
+        // For now: accept any key starting with "anet-" as valid pro license
+        if (!key.startsWith("anet-") || key.length < 16) {
+          return withCors(req, Response.json({ ok: false, error: "invalid license key" }, { status: 400 }));
+        }
+        // Upgrade existing license or create new
+        db.run("DELETE FROM licenses");
+        const licId = `lic_${crypto.randomUUID().replace(/-/g, "").slice(0, 12)}`;
+        db.run(
+          "INSERT INTO licenses (id, license_key, type, max_agents, max_networks, max_tasks_day, activated_at, expires_at) VALUES (?1, ?2, 'pro', 50, 10, 10000, datetime('now'), datetime('now', '+365 days'))",
+          [licId, key]
+        );
+        return withCors(req, Response.json({ ok: true, type: "pro", expires_in_days: 365 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
     // ── V3: Auth endpoints (public) ──
     if (url.pathname === "/api/auth/register" && req.method === "POST") {
+      const clientIP = req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || "unknown";
+      if (!checkRateLimit(clientIP, 30)) {
+        return withCors(req, Response.json({ ok: false, error: "too many requests, try again later" }, { status: 429 }));
+      }
       try {
         const body = await req.json() as any;
         const result = register(body.username, body.password, body.email, body.display_name);
+        if (result.ok) logAudit(result.user!.user_id, body.username, "register", "user", result.user!.user_id);
         return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
       } catch (e: any) {
         return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
@@ -153,9 +323,16 @@ Bun.serve({
     }
     if (url.pathname === "/api/auth/login" && req.method === "POST") {
+      const clientIP = req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || "unknown";
+      if (!checkRateLimit(clientIP, 10)) {
+        logAudit(null, null, "login_rate_limited", "auth", null, clientIP);
+        return withCors(req, Response.json({ ok: false, error: "too many attempts, try again later" }, { status: 429 }));
+      }
       try {
         const body = await req.json() as any;
         const result = login(body.username, body.password);
+        if (result.ok) logAudit(result.user!.user_id, body.username, "login", "user", result.user!.user_id);
+        else logAudit(null, body.username, "login_failed", "user", null, "invalid credentials");
         return withCors(req, Response.json(result, { status: result.ok ? 200 : 401 }));
       } catch (e: any) {
         return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
@@ -167,17 +344,115 @@ Bun.serve({
       if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
       const resolved = resolveToken(token);
       if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
-      const networks = getUserNetworks(resolved.user.user_id);
+      const networks = getUserAllNetworks(resolved.user.user_id);
       return withCors(req, Response.json({ ok: true, user: resolved.user, networks, current_network: resolved.networkId }));
     }
+    if (url.pathname === "/api/auth/me" && req.method === "PUT") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const updates: string[] = [];
+        const params: any[] = [];
+        if (body.display_name) { updates.push(`display_name = ?${params.length + 1}`); params.push(body.display_name); }
+        if (body.email) { updates.push(`email = ?${params.length + 1}`); params.push(body.email); }
+        if (updates.length > 0) {
+          updates.push(`updated_at = datetime('now')`);
+          params.push(resolved.user.user_id);
+          db.run(`UPDATE users SET ${updates.join(", ")} WHERE user_id = ?${params.length}`, params);
+        }
+        // Re-fetch
+        const user = db.get<any>("SELECT user_id, username, display_name, email, role FROM users WHERE user_id = ?1", resolved.user.user_id);
+        return withCors(req, Response.json({ ok: true, user }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+    if (url.pathname === "/api/auth/password" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const result = changePassword(resolved.user.user_id, body.old_password, body.new_password);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "password_changed", "user", resolved.user.user_id);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+    // ── V3.13: Create network token for a node ──
+    if (url.pathname === "/api/auth/node-token" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        if (!body.network_id || !body.node_name) return withCors(req, Response.json({ ok: false, error: "network_id and node_name required" }, { status: 400 }));
+        const result = createNetworkTokenForNode(resolved.user.user_id, body.network_id, body.node_name);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "node_token_created", "network", body.network_id, body.node_name);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+    // ── V3: Token management ──
+    if (url.pathname === "/api/auth/tokens" && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const tokens = listTokens(resolved.user.user_id);
+      return withCors(req, Response.json({ ok: true, tokens }));
+    }
+    if (url.pathname === "/api/auth/tokens" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        const result = createToken(resolved.user.user_id, body.name || "api-token", body.network_id);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "token_created", "token", result.token_id);
+        return withCors(req, Response.json(result));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
+    const tokenDeleteMatch = url.pathname.match(/^\/api\/auth\/tokens\/([^/]+)$/);
+    if (tokenDeleteMatch && req.method === "DELETE") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const result = revokeToken(resolved.user.user_id, tokenDeleteMatch[1]);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "token_revoked", "token", tokenDeleteMatch[1]);
+      return withCors(req, Response.json(result, { status: result.ok ? 200 : 404 }));
+    }
     // ── V3: Network management ──
     if (url.pathname === "/api/networks" && req.method === "GET") {
       const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
       if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
       const resolved = resolveToken(token);
       if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
-      const networks = getUserNetworks(resolved.user.user_id);
+      // V3.13: ntok_ can only see its bound network; utok_ sees all member networks
+      if (resolved.networkId) {
+        // ntok_ — only return the bound network
+        const net = db.get<any>("SELECT * FROM networks WHERE network_id = ?1", resolved.networkId);
+        return withCors(req, Response.json({ ok: true, networks: net ? [net] : [] }));
+      }
+      const networks = getUserAllNetworks(resolved.user.user_id);
       return withCors(req, Response.json({ ok: true, networks }));
     }
@@ -195,19 +470,154 @@ Bun.serve({
       }
     }
+    // ── V3.13: Network members + invites ──
+    const membersMatch = url.pathname.match(/^\/api\/networks\/([^/]+)\/members(?:\/([^/]+))?$/);
+    if (membersMatch) {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const netId = membersMatch[1];
+      const targetUid = membersMatch[2];
+      const callerRole = getUserNetworkRole(resolved.user.user_id, netId);
+      if (!callerRole) return withCors(req, Response.json({ ok: false, error: "not a member of this network" }, { status: 403 }));
+      if (req.method === "GET") {
+        if (!["owner", "admin"].includes(callerRole)) return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+        const members = getNetworkMembers(netId);
+        return withCors(req, Response.json({ ok: true, members }));
+      }
+      if (req.method === "POST") {
+        if (!["owner", "admin"].includes(callerRole)) return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+        const body = await req.json() as any;
+        const result = addNetworkMember(netId, body.user_id, body.role || "member", resolved.user.user_id);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "member_added", "network", netId, `${body.user_id} as ${body.role || "member"}`);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      }
+      if (req.method === "PUT" && targetUid) {
+        if (callerRole !== "owner") return withCors(req, Response.json({ ok: false, error: "owner required" }, { status: 403 }));
+        const body = await req.json() as any;
+        const result = updateMemberRole(netId, targetUid, body.role);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "member_role_changed", "network", netId, `${targetUid} → ${body.role}`);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      }
+      if (req.method === "DELETE" && targetUid) {
+        if (!["owner", "admin"].includes(callerRole)) return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+        const result = removeNetworkMember(netId, targetUid);
+        if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "member_removed", "network", netId, targetUid);
+        return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+      }
+    }
+    if (url.pathname.match(/^\/api\/networks\/([^/]+)\/invite$/) && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const netId = url.pathname.split("/")[3];
+      const callerRole = getUserNetworkRole(resolved.user.user_id, netId);
+      if (!callerRole || !["owner", "admin"].includes(callerRole)) {
+        return withCors(req, Response.json({ ok: false, error: "owner/admin required" }, { status: 403 }));
+      }
+      const body = await req.json() as any;
+      const result = createInvite(netId, resolved.user.user_id, body.role || "member", body.max_uses || 1, body.expires_days);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "invite_created", "network", netId, result.invite_code);
+      return withCors(req, Response.json(result));
+    }
+    if (url.pathname === "/api/networks/join" && req.method === "POST") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const body = await req.json() as any;
+      const result = joinByInvite(body.invite_code, resolved.user.user_id);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "network_joined", "network", result.network_id, `via invite, role=${result.role}`);
+      return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+    }
+    // ── V3: Admin APIs (require auth) ──
+    if (url.pathname === "/api/users" && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved || resolved.user.role !== "admin") {
+        return withCors(req, Response.json({ ok: false, error: "admin required" }, { status: 403 }));
+      }
+      const users = db.all("SELECT user_id, username, display_name, email, role, created_at FROM users ORDER BY created_at");
+      return withCors(req, Response.json({ ok: true, users }));
+    }
+    const netDetailMatch = url.pathname.match(/^\/api\/networks\/([^/]+)$/);
+    if (netDetailMatch && req.method === "GET") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const networkId = netDetailMatch[1];
+      const network = db.get<any>("SELECT * FROM networks WHERE network_id = ?1", networkId);
+      if (!network) return withCors(req, Response.json({ ok: false, error: "network not found" }, { status: 404 }));
+      // Membership check: must be a member or system admin
+      const viewerRole = getUserNetworkRole(resolved.user.user_id, networkId);
+      if (!viewerRole && resolved.user.role !== "admin") {
+        return withCors(req, Response.json({ ok: false, error: "access denied" }, { status: 403 }));
+      }
+      // Get network stats
+      const nodeCount = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM nodes WHERE network_id = ?1", networkId);
+      const sessionCount = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM sessions WHERE network_id = ?1", networkId);
+      const taskStats = db.all<any>("SELECT status, COUNT(*) as count FROM tasks WHERE network_id = ?1 GROUP BY status", networkId);
+      return withCors(req, Response.json({
+        ok: true, network,
+        stats: { nodes: nodeCount?.cnt || 0, sessions: sessionCount?.cnt || 0, tasks: taskStats },
+      }));
+    }
+    if (netDetailMatch && req.method === "DELETE") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const result = deleteNetwork(resolved.user.user_id, netDetailMatch[1]);
+      if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "network_deleted", "network", netDetailMatch[1]);
+      return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+    }
+    if (netDetailMatch && req.method === "PUT") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      try {
+        const body = await req.json() as any;
+        if (body.name) {
+          const result = renameNetwork(resolved.user.user_id, netDetailMatch[1], body.name);
+          if (result.ok) logAudit(resolved.user.user_id, resolved.user.username, "network_renamed", "network", netDetailMatch[1], body.name);
+          return withCors(req, Response.json(result, { status: result.ok ? 200 : 400 }));
+        }
+        return withCors(req, Response.json({ ok: false, error: "name required" }, { status: 400 }));
+      } catch (e: any) {
+        return withCors(req, Response.json({ ok: false, error: e.message }, { status: 400 }));
+      }
+    }
     // ── REST: health (public, no auth) ──
     if (url.pathname === "/health") {
-      const count = db.query<{ cnt: number }, []>("SELECT COUNT(*) as cnt FROM sessions").get();
+      const count = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM sessions");
       const sse = getSSEStats();
+      const license = db.get<any>("SELECT type, expires_at FROM licenses LIMIT 1");
       return withCors(req, Response.json({
         ok: true,
-        version: "0.4.1",
+        version: SERVER_VERSION,
+        api_version: "v3",
         transport: "streamable-http",
-        sessions: count?.cnt ?? 0,
+        sessions_count: count?.cnt ?? 0,
         sse_connections: sse.total,
         sse_sessions: sse.sessions,
         auth: AUTH_TOKEN ? "enabled" : "disabled",
-        uptime: process.uptime(),
+        v3_auth: true,
+        multi_network: true,
+        license: license?.type || "none",
+        uptime: Math.floor(process.uptime()),
       }));
     }
@@ -215,11 +625,27 @@ Bun.serve({
     const authErr = requireAuth(req);
     if (authErr) return withCors(req, authErr);
+    // Resolve network scope for REST queries — enforce isolation
+    // Token-bound networkId takes precedence (ntok_ → forced), then query param
+    const restAuth = resolveRequestAuth(req);
+    const isAdmin = !!(restAuth?.username && db.get<any>("SELECT role FROM users WHERE username = ?1", restAuth.username)?.role === "admin");
+    const restScope = resolveRestNetworkScope(url, restAuth, isAdmin);
+    if (restScope.denied) {
+      return withCors(req, Response.json({ ok: false, error: restScope.denied }, { status: 403 }));
+    }
     // ── REST: all sessions status ──
     if (url.pathname === "/api/status") {
       const cutoff = new Date(Date.now() - 10 * 60 * 1000).toISOString().replace("T", " ").slice(0, 19);
-      db.run("UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'", [cutoff]);
-      const sessions = db.query("SELECT * FROM sessions ORDER BY updated_at DESC").all();
+      const staleParams: any[] = [cutoff];
+      let staleSql = "UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'";
+      staleSql = addNetworkScope(staleSql, staleParams, restScope);
+      db.run(staleSql, staleParams);
+      const params: any[] = [];
+      let sql = "SELECT * FROM sessions WHERE 1=1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += " ORDER BY updated_at DESC";
+      const sessions = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, sessions }));
     }
@@ -236,18 +662,40 @@ Bun.serve({
         return withCors(req, Response.json({ error: "invalid input", details: parsed.error.format() }, { status: 400 }));
       }
       const body = parsed.data;
+      let taskNetId: string | null = null;
+      if (restAuth?.networkId) {
+        taskNetId = restAuth.networkId;
+      } else if (body.network_id) {
+        if (restAuth && !isAdmin && !getUserNetworkRole(restAuth.userId, body.network_id)) {
+          return withCors(req, Response.json({ ok: false, error: "access denied to requested network" }, { status: 403 }));
+        }
+        taskNetId = body.network_id;
+      } else {
+        taskNetId = restAuth ? singleNetworkId(restScope) : null;
+      }
+      if (restAuth && !taskNetId) {
+        return withCors(req, Response.json({ ok: false, error: "network_id required for user token when multiple networks are available" }, { status: 400 }));
+      }
+      if (!canRestWriteNetwork(restAuth, taskNetId, isAdmin)) {
+        return withCors(req, Response.json({ ok: false, error: "permission_denied" }, { status: 403 }));
+      }
       const id = crypto.randomUUID();
       const fromSession = body.from || "api";
       db.run(
-        `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-         VALUES (?1, ?2, 'task', ?3, ?4, ?5)`,
-        [id, body.alias, body.priority, body.task, fromSession]
+        `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+         VALUES (?1, ?2, 'task', ?3, ?4, ?5, ?6)`,
+        [id, body.alias, body.priority, body.task, fromSession, taskNetId]
       );
       // SSE push: 秒达
-      const pending = db.query<{ cnt: number }, [string]>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0"
-      ).get(body.alias);
-      pushEvent(body.alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority: body.priority, from: fromSession });
+      const pendingParams: any[] = [body.alias];
+      let pendingSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      if (taskNetId) { pendingSql += " AND network_id = ?2"; pendingParams.push(taskNetId); }
+      const pending = db.get<{ cnt: number }>(pendingSql, ...pendingParams);
+      const sessionParams: any[] = [body.alias];
+      let sessionSql = "SELECT 1 FROM sessions WHERE alias = ?1";
+      if (taskNetId) { sessionSql += " AND network_id = ?2"; sessionParams.push(taskNetId); }
+      const targetSession = db.get<any>(sessionSql, ...sessionParams);
+      if (targetSession) pushEvent(body.alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority: body.priority, from: fromSession });
       return withCors(req, Response.json({ ok: true, message_id: id }));
     }
@@ -264,18 +712,25 @@ Bun.serve({
         return withCors(req, Response.json({ error: "invalid input", details: parsed.error.format() }, { status: 400 }));
       }
       const body = parsed.data;
-      let sql = "SELECT alias FROM sessions WHERE alias IS NOT NULL";
+      if (restAuth && !restScope.networkId && !isAdmin) {
+        return withCors(req, Response.json({ ok: false, error: "network_id required for user token when broadcasting" }, { status: 400 }));
+      }
+      if (!canRestWriteNetwork(restAuth, restScope.networkId, isAdmin)) {
+        return withCors(req, Response.json({ ok: false, error: "permission_denied" }, { status: 403 }));
+      }
+      let sql = "SELECT alias, network_id FROM sessions WHERE alias IS NOT NULL";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (body.filter_server) { sql += " AND server = ?"; params.push(body.filter_server); }
       if (body.filter_status) { sql += " AND status = ?"; params.push(body.filter_status); }
-      const targets = db.query<{ alias: string }, any[]>(sql).all(...params);
+      const targets = db.all<{ alias: string; network_id: string | null }>(sql, ...params);
       const ids: string[] = [];
       for (const t of targets) {
         const id = crypto.randomUUID();
         db.run(
-          `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'api')`,
-          [id, t.alias, body.message]
+          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'api', ?4)`,
+          [id, t.alias, body.message, t.network_id]
         );
         ids.push(id);
       }
@@ -333,25 +788,49 @@ Bun.serve({
     // ── REST: recent messages (for Dashboard communication graph) ──
     if (url.pathname === "/api/messages") {
-      const limit = Number(url.searchParams.get("limit")) || 100;
+      const limit = Math.min(Number(url.searchParams.get("limit")) || 100, 500);
       const since = url.searchParams.get("since") ?? new Date(Date.now() - 3600000).toISOString().replace("T", " ").slice(0, 19);
-      const rows = db.query(
-        "SELECT id, session_name as to_alias, from_session as from_alias, type, priority, content, created_at FROM inbox WHERE created_at >= ?1 ORDER BY created_at DESC LIMIT ?2"
-      ).all(since, limit);
+      const params: any[] = [since];
+      let sql = "SELECT id, session_name as to_alias, from_session as from_alias, type, priority, content, created_at, network_id FROM inbox WHERE created_at >= ?1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
+      params.push(limit);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, messages: rows }));
     }
     // ── REST: stats summary ──
     if (url.pathname === "/api/stats") {
-      const taskStats = db.query<any, []>("SELECT status, COUNT(*) as count FROM tasks GROUP BY status").all();
-      const sessionStats = db.query<any, []>("SELECT status, COUNT(*) as count FROM sessions GROUP BY status").all();
-      const totalTasks = db.query<{ cnt: number }, []>("SELECT COUNT(*) as cnt FROM tasks").get();
-      const totalNodes = db.query<{ cnt: number }, []>("SELECT COUNT(*) as cnt FROM nodes").get();
-      const recentTasks = db.query<any, []>(
-        "SELECT task_id, from_name, to_name, status, created_at FROM tasks ORDER BY created_at DESC LIMIT 5"
-      ).all();
+      const taskStatsParams: any[] = [];
+      let taskStatsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      taskStatsSql = addNetworkScope(taskStatsSql, taskStatsParams, restScope);
+      taskStatsSql += " GROUP BY status";
+      const taskStats = db.all<any>(taskStatsSql, ...taskStatsParams);
+      const sessionStatsParams: any[] = [];
+      let sessionStatsSql = "SELECT status, COUNT(*) as count FROM sessions WHERE 1=1";
+      sessionStatsSql = addNetworkScope(sessionStatsSql, sessionStatsParams, restScope);
+      sessionStatsSql += " GROUP BY status";
+      const sessionStats = db.all<any>(sessionStatsSql, ...sessionStatsParams);
+      const totalTasksParams: any[] = [];
+      let totalTasksSql = "SELECT COUNT(*) as cnt FROM tasks WHERE 1=1";
+      totalTasksSql = addNetworkScope(totalTasksSql, totalTasksParams, restScope);
+      const totalTasks = db.get<{ cnt: number }>(totalTasksSql, ...totalTasksParams);
+      const totalNodesParams: any[] = [];
+      let totalNodesSql = "SELECT COUNT(*) as cnt FROM nodes WHERE 1=1";
+      totalNodesSql = addNetworkScope(totalNodesSql, totalNodesParams, restScope);
+      const totalNodes = db.get<{ cnt: number }>(totalNodesSql, ...totalNodesParams);
+      const recentTasksParams: any[] = [];
+      let recentTasksSql = "SELECT task_id, from_name, to_name, status, created_at FROM tasks WHERE 1=1";
+      recentTasksSql = addNetworkScope(recentTasksSql, recentTasksParams, restScope);
+      recentTasksSql += " ORDER BY created_at DESC LIMIT 5";
+      const recentTasks = db.all<any>(recentTasksSql, ...recentTasksParams);
       return withCors(req, Response.json({
         ok: true,
+        network_id: restScope.networkId || null,
         tasks: { total: totalTasks?.cnt || 0, by_status: taskStats },
         sessions: { by_status: sessionStats },
         nodes: { total: totalNodes?.cnt || 0 },
@@ -359,16 +838,38 @@ Bun.serve({
       }));
     }
+    // ── REST: audit log (V3) ──
+    if (url.pathname === "/api/audit-log") {
+      const token = req.headers.get("Authorization")?.replace("Bearer ", "") || url.searchParams.get("token");
+      if (!token) return withCors(req, Response.json({ ok: false, error: "auth required" }, { status: 401 }));
+      const resolved = resolveToken(token);
+      if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
+      const limit = Math.min(Number(url.searchParams.get("limit")) || 50, 200);
+      const action = url.searchParams.get("action");
+      const userId = url.searchParams.get("user_id");
+      let sql = "SELECT * FROM audit_log WHERE 1=1";
+      const params: any[] = [];
+      // Non-admin can only see own logs
+      if (resolved.user.role !== "admin") { sql += ` AND user_id = ?${params.length + 1}`; params.push(resolved.user.user_id); }
+      if (action) { sql += ` AND action = ?${params.length + 1}`; params.push(action); }
+      if (userId && resolved.user.role === "admin") { sql += ` AND user_id = ?${params.length + 1}`; params.push(userId); }
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
+      params.push(limit);
+      const logs = db.all(sql, ...params);
+      return withCors(req, Response.json({ ok: true, logs, count: logs.length }));
+    }
     // ── REST: task events (V2 Sprint 2) ──
     if (url.pathname === "/api/task_events") {
       const taskId = url.searchParams.get("task_id");
       const limit = Math.min(Number(url.searchParams.get("limit")) || 50, 500);
-      let sql = "SELECT * FROM task_events";
+      let sql = "SELECT * FROM task_events WHERE 1=1";
       const params: any[] = [];
-      if (taskId) { sql += " WHERE task_id = ?1"; params.push(taskId); }
-      sql += " ORDER BY created_at DESC LIMIT ?";
+      sql = addNetworkScope(sql, params, restScope);
+      if (taskId) { sql += ` AND task_id = ?${params.length + 1}`; params.push(taskId); }
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
       params.push(limit);
-      const rows = db.query(sql).all(...params);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, events: rows, count: rows.length }));
     }
@@ -378,10 +879,11 @@ Bun.serve({
       const alias = url.searchParams.get("alias");
       let sql = "SELECT * FROM nodes WHERE 1=1";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (nodeId) { sql += ` AND node_id = ?${params.length + 1}`; params.push(nodeId); }
       if (alias) { sql += ` AND alias = ?${params.length + 1}`; params.push(alias); }
       sql += " ORDER BY updated_at DESC";
-      const rows = db.query(sql).all(...params);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, nodes: rows, count: rows.length }));
     }
@@ -395,6 +897,7 @@ Bun.serve({
       let sql = "SELECT * FROM tasks WHERE 1=1";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (taskId) { sql += ` AND task_id = ?${params.length + 1}`; params.push(taskId); }
       if (status) { sql += ` AND status = ?${params.length + 1}`; params.push(status); }
       if (toName) { sql += ` AND to_name = ?${params.length + 1}`; params.push(toName); }
@@ -402,20 +905,28 @@ Bun.serve({
       sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
       params.push(limit);
-      const rows = db.query(sql).all(...params);
-      const stats = db.query<any, []>("SELECT status, COUNT(*) as count FROM tasks GROUP BY status").all();
+      const rows = db.all(sql, ...params);
+      const statsParams: any[] = [];
+      let statsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      statsSql = addNetworkScope(statsSql, statsParams, restScope);
+      statsSql += " GROUP BY status";
+      const stats = db.all<any>(statsSql, ...statsParams);
       return withCors(req, Response.json({ ok: true, tasks: rows, count: rows.length, stats }));
     }
     // ── REST: recent completions ──
     if (url.pathname === "/api/completions") {
       const since = url.searchParams.get("since") ?? new Date(Date.now() - 86400000).toISOString();
-      const rows = db.query("SELECT * FROM completions WHERE completed_at >= ?1 ORDER BY completed_at DESC LIMIT 100").all(since);
+      const params: any[] = [since];
+      let sql = "SELECT * FROM completions WHERE completed_at >= ?1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += " ORDER BY completed_at DESC LIMIT 100";
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, completions: rows }));
     }
     return withCors(req, new Response(
-      `CommHub MCP Server v0.4.1 (Streamable HTTP + SSE Push)
+      `CommHub MCP Server v${SERVER_VERSION} (Streamable HTTP + SSE Push)
 Endpoints:
   POST /mcp               - MCP Streamable HTTP (for Claude Code / Codex)
@@ -527,12 +1038,12 @@ process.on("SIGINT", shutdown);
 console.log(`
 ╔══════════════════════════════════════════════════╗
-║   CommHub MCP Server v0.4.1                     ║
+║   CommHub MCP Server v${SERVER_VERSION}                     ║
 ║   Transport: Streamable HTTP (Bun native)         ║
 ║   Auth: ${AUTH_TOKEN ? "ENABLED (Bearer token)" : "DISABLED (set COMMHUB_AUTH_TOKEN)"}${"".padEnd(AUTH_TOKEN ? 5 : 0)}║
 ║                                                   ║
-║   MCP:    http://0.0.0.0:${PORT}/mcp                 ║
-║   REST:   http://0.0.0.0:${PORT}/api                 ║
-║   Health: http://0.0.0.0:${PORT}/health               ║
+║   MCP:    http://${HOST}:${PORT}/mcp                 ║
+║   REST:   http://${HOST}:${PORT}/api                 ║
+║   Health: http://${HOST}:${PORT}/health               ║
 ╚══════════════════════════════════════════════════╝
 `);