@sleep2agi/commhub-server 0.6.0 → 0.8.0-preview.0

package/LICENSE

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -2,13 +2,13 @@
 
 CommHub: MCP Streamable HTTP + SSE push + REST API for an AI agent network. Single-process Bun server, SQLite-backed, zero config.
 
-**Current preview line.** The supported path is to install the `anet` CLI (`@sleep2agi/agent-network` 2.0.3-preview.4) and run `anet hub start`, which wires up port, the server token, the default account, and local config for you.
+The supported path is to install the `anet` CLI (`@sleep2agi/agent-network` 2.1.0) and run `anet hub start`, which wires up port, the server token, the default account, and local config for you.
 
 ## Quick start (verified)
 
 ```bash
 # Recommended — through the anet CLI
-npm install -g @sleep2agi/agent-network@preview
+npm install -g @sleep2agi/agent-network
 anet hub start
 #   • http://127.0.0.1:9200 by default
 #   • SQLite at ~/.commhub/commhub.db
@@ -35,9 +35,9 @@ Once running:
 
 | Package | Version |
 |---|---|
-| [`@sleep2agi/agent-network`](https://www.npmjs.com/package/@sleep2agi/agent-network) | 2.0.3-preview.4 |
-| [`@sleep2agi/agent-network-dashboard`](https://www.npmjs.com/package/@sleep2agi/agent-network-dashboard) | 0.2.1-preview.1 |
-| [`@sleep2agi/agent-node`](https://www.npmjs.com/package/@sleep2agi/agent-node) | 2.2.0-preview.1 |
+| [`@sleep2agi/agent-network`](https://www.npmjs.com/package/@sleep2agi/agent-network) | 2.1.0 |
+| [`@sleep2agi/agent-network-dashboard`](https://www.npmjs.com/package/@sleep2agi/agent-network-dashboard) | 0.3.0 |
+| [`@sleep2agi/agent-node`](https://www.npmjs.com/package/@sleep2agi/agent-node) | 2.3.0 |
 
 ## MCP tools (18)
 

package/bin/commhub.ts

@@ -6,6 +6,7 @@
  *   npx @sleep2agi/commhub-server
  *   npx @sleep2agi/commhub-server --port 9200
  *   npx @sleep2agi/commhub-server --port 9200 --token my-secret
+ *   npx @sleep2agi/commhub-server --dev-open
  *   npx @sleep2agi/commhub-server --db ~/.commhub/commhub.db
  */
 
@@ -13,9 +14,11 @@ const args = process.argv.slice(2);
 
 for (let i = 0; i < args.length; i++) {
   if (args[i] === "--port" || args[i] === "-p") process.env.PORT = args[++i];
+  if (args[i] === "--host") process.env.HOST = args[++i];
   if (args[i] === "--token" || args[i] === "-t") process.env.COMMHUB_AUTH_TOKEN = args[++i];
   if (args[i] === "--db") process.env.COMMHUB_DB = args[++i];
   if (args[i] === "--cors") process.env.COMMHUB_CORS_ORIGINS = args[++i];
+  if (args[i] === "--dev-open") process.env.COMMHUB_DEV_OPEN = "1";
   if (args[i] === "--help" || args[i] === "-h") {
     console.log(`
 CommHub MCP Server — AI Agent 通信中枢
@@ -25,20 +28,26 @@ Usage:
 
 Options:
   --port, -p <port>       Port to listen on (default: 9200, env: PORT)
+  --host <host>           Host to bind (default: 127.0.0.1, env: HOST)
   --token, -t <token>     Auth token (env: COMMHUB_AUTH_TOKEN)
   --db <path>             SQLite database path (default: ~/.commhub/commhub.db, env: COMMHUB_DB)
   --cors <origins>        CORS origins, comma-separated (env: COMMHUB_CORS_ORIGINS)
+  --dev-open              Explicit unauthenticated local development mode
   --help, -h              Show this help
 
 Environment Variables:
   PORT                    Server port (default: 9200)
-  COMMHUB_AUTH_TOKEN      Bearer token for authentication
+  HOST                    Bind address (default: 127.0.0.1)
+  COMMHUB_AUTH_TOKEN      Bearer token for authentication (required unless --dev-open)
+  COMMHUB_DEV_OPEN        Set to 1 to allow unauthenticated dev mode
   COMMHUB_DB              SQLite database file path
   COMMHUB_CORS_ORIGINS    Allowed CORS origins (comma-separated)
+  COMMHUB_ENABLE_TMUX     Set to 1 to enable tmux HTTP/WebSocket endpoints
+  COMMHUB_TMUX_ALLOWLIST  Additional comma-separated client IPs allowed for tmux
 
 Examples:
-  commhub-server --port 9200
   commhub-server --port 9200 --token my-secret-token
+  commhub-server --port 9200 --dev-open
   PORT=9200 COMMHUB_AUTH_TOKEN=secret commhub-server
 `);
     process.exit(0);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sleep2agi/commhub-server",
-  "version": "0.6.0",
+  "version": "0.8.0-preview.0",
   "description": "CommHub Server — AI Agent communication hub with MCP protocol, multi-network isolation, user auth, and 18 MCP tools.",
   "type": "module",
   "main": "src/index.ts",
@@ -28,13 +28,19 @@
     "license"
   ],
   "author": "sleep2agi",
-  "license": "MIT",
-  "homepage": "https://anet.vansin.me",
+  "license": "Apache-2.0",
+  "homepage": "https://anet.sh",
   "repository": {
     "type": "git",
     "url": "https://github.com/sleep2agi/agent-network",
     "directory": "server"
   },
+  "publishConfig": {
+    "access": "public"
+  },
+  "bugs": {
+    "url": "https://github.com/sleep2agi/agent-network/issues"
+  },
   "engines": {
     "bun": ">=1.2.0"
   },

package/src/auth.ts

@@ -2,6 +2,7 @@
  * V3 Auth module — user registration, login, token management
  */
 import { db, generateId, hashPassword, hashToken, generateToken, generateUserToken, generateNetworkToken, uuidv4 } from "./db.js";
+import { WEAK_PASSWORDS } from "./password-dict.js";
 
 export interface AuthUser {
   user_id: string;
@@ -20,10 +21,17 @@ export interface AuthResult {
   network_id?: string;
 }
 
+function validatePasswordStrength(password: string, label = "password"): string | null {
+  if (!password || password.length < 8) return `${label} must be at least 8 characters`;
+  if (WEAK_PASSWORDS.has(password.toLowerCase())) return `${label} is too common`;
+  return null;
+}
+
 export function register(username: string, password: string, email?: string, displayName?: string): AuthResult {
   if (!username || username.length < 2) return { ok: false, error: "username must be at least 2 characters" };
   if (username.length > 50) return { ok: false, error: "username too long (max 50)" };
-  if (!password || password.length < 6) return { ok: false, error: "password must be at least 6 characters" };
+  const passwordError = validatePasswordStrength(password);
+  if (passwordError) return { ok: false, error: passwordError };
   if (!/^[a-zA-Z0-9_\-\u4e00-\u9fff]+$/.test(username)) return { ok: false, error: "username contains invalid characters" };
 
   const existing = db.get<any>("SELECT user_id FROM users WHERE username = ?1", username);
@@ -126,10 +134,10 @@ export function createNetworkTokenForNode(userId: string, networkId: string, nod
   return { ok: true, token };
 }
 
-export function resolveToken(token: string): { user: AuthUser; networkId: string | null; tokenName: string | null } | null {
+export function resolveToken(token: string): { user: AuthUser; networkId: string | null; tokenName: string | null; tokenId: string | null } | null {
   const tHash = hashToken(token);
   const row = db.get<any>(
-    `SELECT t.user_id, t.network_id, t.scope, t.name AS token_name,
+    `SELECT t.token_id, t.user_id, t.network_id, t.scope, t.name AS token_name,
             u.username, u.display_name, u.email, u.role
      FROM api_tokens t JOIN users u ON t.user_id = u.user_id
      WHERE t.token_hash = ?1 AND (t.expires_at IS NULL OR t.expires_at > datetime('now'))`,
@@ -143,6 +151,7 @@ export function resolveToken(token: string): { user: AuthUser; networkId: string
   return {
     user: { user_id: row.user_id, username: row.username, display_name: row.display_name, email: row.email, role: row.role },
     networkId: row.network_id,
+    tokenId: row.token_id || null,
     // tokenName carries the binding identity. For node-scoped ntok_, it's
     // 'node:<alias>'; we strip the prefix and use it as the default
     // from_session for any MCP send_task / send_message / etc, so peer
@@ -239,13 +248,47 @@ export function revokeToken(userId: string, tokenId: string): { ok: boolean; err
   return result.changes > 0 ? { ok: true } : { ok: false, error: "token not found" };
 }
 
-export function changePassword(userId: string, oldPassword: string, newPassword: string): { ok: boolean; error?: string } {
-  if (!newPassword || newPassword.length < 6) return { ok: false, error: "new password must be at least 6 characters" };
+export function issueUserToken(userId: string, name = "user-login"): { token: string; token_id: string } {
+  const token = generateUserToken();
+  const tokenId = generateId("tok");
+  db.run(
+    "INSERT INTO api_tokens (token_id, token_hash, user_id, network_id, name, scope) VALUES (?1, ?2, ?3, NULL, ?4, 'user')",
+    [tokenId, hashToken(token), userId, name]
+  );
+  return { token, token_id: tokenId };
+}
+
+export function revokeOtherUserTokens(userId: string, exceptTokenId?: string | null): number {
+  const result = exceptTokenId
+    ? db.run("DELETE FROM api_tokens WHERE user_id = ?1 AND network_id IS NULL AND token_id != ?2", [userId, exceptTokenId])
+    : db.run("DELETE FROM api_tokens WHERE user_id = ?1 AND network_id IS NULL", [userId]);
+  return result.changes;
+}
+
+export function changePassword(userId: string, oldPassword: string, newPassword: string, currentTokenId?: string | null): { ok: boolean; error?: string; revoked?: number } {
+  const passwordError = validatePasswordStrength(newPassword, "new password");
+  if (passwordError) return { ok: false, error: passwordError };
   const user = db.get<any>("SELECT password_hash FROM users WHERE user_id = ?1", userId);
   if (!user) return { ok: false, error: "user not found" };
   if (user.password_hash !== hashPassword(oldPassword)) return { ok: false, error: "incorrect current password" };
   db.run("UPDATE users SET password_hash = ?1, updated_at = datetime('now') WHERE user_id = ?2", [hashPassword(newPassword), userId]);
-  return { ok: true };
+  const revoked = revokeOtherUserTokens(userId, currentTokenId);
+  return { ok: true, revoked };
+}
+
+export function resetUserPassword(targetUsername: string, callerIsHubAdmin: boolean): { ok: boolean; error?: string; username?: string; user_id?: string; password?: string; token?: string; token_id?: string; revoked?: number } {
+  if (!callerIsHubAdmin) return { ok: false, error: "hub admin required" };
+  const user = db.get<any>("SELECT user_id, username FROM users WHERE username = ?1", targetUsername);
+  if (!user) return { ok: false, error: "user not found" };
+  const password = `anet-${crypto.randomUUID().replace(/-/g, "").slice(0, 18)}`;
+  db.run("UPDATE users SET password_hash = ?1, updated_at = datetime('now') WHERE user_id = ?2", [hashPassword(password), user.user_id]);
+  const revoked = revokeOtherUserTokens(user.user_id, null);
+  const issued = issueUserToken(user.user_id, "admin-reset");
+  db.run(
+    "INSERT INTO audit_log (user_id, username, action, target_type, target_id, detail) VALUES (?1, ?2, 'password_reset_by_admin', 'user', ?3, ?4)",
+    [user.user_id, user.username, user.user_id, "local hub admin reset"]
+  );
+  return { ok: true, username: user.username, user_id: user.user_id, password, token: issued.token, token_id: issued.token_id, revoked };
 }
 
 // ══════════════════════════════════════

package/src/db-adapter.ts

@@ -110,16 +110,13 @@ export function sqliteToPostgres(sql: string): string {
 }
 
 /**
- * PostgreSQL adapter using a persistent worker subprocess.
+ * PostgreSQL adapter using a synchronous subprocess bridge.
  *
- * Architecture: a single node child process holds a pg.Pool connection.
- * Queries are sent via stdin (JSON line), responses read from stdout.
- * Bun.spawnSync is used per-query for sync blocking, but the PG
- * connection is persistent (no reconnect overhead per query).
- *
- * For full production use, the adapter interface should be async.
- * This sync bridge works because all MCP handlers are async —
- * the future migration is adding `await` before db calls.
+ * TODO(P0-4): this is not transaction-safe. querySync currently starts a
+ * fresh `node -e` process for every statement, so BEGIN/COMMIT/ROLLBACK do
+ * not share one backend connection. PostgreSQL support is demoted behind
+ * SQLite for now; before advertising it as production-ready, replace this
+ * bridge with a long-lived worker or make DbAdapter async and use pg directly.
  */
 export class PgAdapter implements DbAdapter {
   readonly dialect = "postgres" as const;
@@ -196,6 +193,7 @@ export class PgAdapter implements DbAdapter {
   }
 
   transaction<T>(fn: () => T): T {
+    // Not atomic for PostgreSQL until P0-4 is implemented; see class TODO.
     this.querySync("BEGIN");
     try {
       const result = fn();

package/src/db.ts

@@ -6,7 +6,7 @@ export const db: DbAdapter = createAdapter();
 db.exec(`
   CREATE TABLE IF NOT EXISTS sessions (
     resume_id     TEXT PRIMARY KEY,
-    alias         TEXT UNIQUE,
+    alias         TEXT,
     tmux_name     TEXT,
     server        TEXT DEFAULT 'unknown',
     ip            TEXT,
@@ -19,8 +19,10 @@ db.exec(`
     output        TEXT,
     progress      INTEGER DEFAULT 0,
     score         REAL,
+    network_id    TEXT NOT NULL DEFAULT 'default',
     registered_at TEXT NOT NULL DEFAULT (datetime('now')),
-    updated_at    TEXT NOT NULL DEFAULT (datetime('now'))
+    updated_at    TEXT NOT NULL DEFAULT (datetime('now')),
+    UNIQUE (network_id, alias)
   );
 
   CREATE TABLE IF NOT EXISTS inbox (
@@ -300,7 +302,82 @@ try {
 for (const table of ["sessions", "nodes", "tasks", "inbox", "task_events", "completions"]) {
   try { db.exec(`ALTER TABLE ${table} ADD COLUMN network_id TEXT`); } catch {}
 }
+
+// ── P0: sessions alias uniqueness is network-scoped.
+// Older SQLite databases created `alias TEXT UNIQUE`, which prevents the same
+// agent alias from existing in two networks. SQLite cannot drop a UNIQUE
+// constraint in place, so rebuild the table once with UNIQUE(network_id, alias).
+function migrateSessionsNetworkAliasUnique() {
+  try {
+    db.run("UPDATE sessions SET network_id = 'default' WHERE network_id IS NULL OR network_id = ''");
+  } catch {}
+
+  if (db.dialect === "postgres") {
+    try { db.exec("ALTER TABLE sessions ALTER COLUMN network_id SET DEFAULT 'default'"); } catch {}
+    try { db.exec("UPDATE sessions SET network_id = 'default' WHERE network_id IS NULL OR network_id = ''"); } catch {}
+    try { db.exec("ALTER TABLE sessions DROP CONSTRAINT IF EXISTS sessions_alias_key"); } catch {}
+    try { db.exec("CREATE UNIQUE INDEX IF NOT EXISTS idx_sessions_network_alias_unique ON sessions(network_id, alias)"); } catch {}
+    return;
+  }
+
+  let needsRebuild = true;
+  try {
+    const createSql = db.get<{ sql: string }>("SELECT sql FROM sqlite_master WHERE type = 'table' AND name = 'sessions'");
+    needsRebuild = !!createSql?.sql && !/UNIQUE\s*\(\s*network_id\s*,\s*alias\s*\)/i.test(createSql.sql);
+  } catch {}
+  if (!needsRebuild) return;
+
+  db.transaction(() => {
+    db.exec("DROP TABLE IF EXISTS sessions_migrated");
+    db.exec(`
+      CREATE TABLE sessions_migrated (
+        resume_id     TEXT PRIMARY KEY,
+        alias         TEXT,
+        tmux_name     TEXT,
+        server        TEXT DEFAULT 'unknown',
+        ip            TEXT,
+        hostname      TEXT,
+        agent         TEXT,
+        project_dir   TEXT,
+        version       TEXT,
+        status        TEXT DEFAULT 'offline',
+        task          TEXT,
+        output        TEXT,
+        progress      INTEGER DEFAULT 0,
+        score         REAL,
+        registered_at TEXT NOT NULL DEFAULT (datetime('now')),
+        updated_at    TEXT NOT NULL DEFAULT (datetime('now')),
+        node_id       TEXT,
+        session_id    TEXT,
+        config_path   TEXT,
+        channels      TEXT,
+        last_seen_at  TEXT,
+        network_id    TEXT NOT NULL DEFAULT 'default',
+        UNIQUE (network_id, alias)
+      )
+    `);
+    db.exec(`
+      INSERT OR REPLACE INTO sessions_migrated (
+        resume_id, alias, tmux_name, server, ip, hostname, agent, project_dir, version,
+        status, task, output, progress, score, registered_at, updated_at, node_id,
+        session_id, config_path, channels, last_seen_at, network_id
+      )
+      SELECT
+        resume_id, alias, tmux_name, server, ip, hostname, agent, project_dir, version,
+        status, task, output, progress, score, registered_at, updated_at, node_id,
+        session_id, config_path, channels, last_seen_at,
+        COALESCE(NULLIF(network_id, ''), 'default')
+      FROM sessions
+      ORDER BY updated_at
+    `);
+    db.exec("DROP TABLE sessions");
+    db.exec("ALTER TABLE sessions_migrated RENAME TO sessions");
+  });
+}
+migrateSessionsNetworkAliasUnique();
+
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_sessions_network ON sessions(network_id)"); } catch {}
+try { db.exec("CREATE UNIQUE INDEX IF NOT EXISTS idx_sessions_network_alias_unique ON sessions(network_id, alias)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_tasks_network ON tasks(network_id)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_nodes_network ON nodes(network_id)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_inbox_network ON inbox(network_id)"); } catch {}