npm - @standardagents/builder - Versions diffs - 0.18.3 → 0.19.0 - Mend

@standardagents/builder 0.18.3 → 0.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/built-in-routes.js +79 -19
package/dist/built-in-routes.js.map +1 -1
package/dist/client/CompositionView.js +1 -1
package/dist/client/ConfirmDialog.vue_vue_type_script_setup_true_lang.js +1 -1
package/dist/client/JsonViewer.js +1 -1
package/dist/client/LoginView.js +1 -1
package/dist/client/Modal.vue_vue_type_script_setup_true_lang.js +1 -1
package/dist/client/ModelModal.vue_vue_type_script_setup_true_lang.js +1 -1
package/dist/client/ModelsView.js +1 -1
package/dist/client/PromptsView.js +1 -1
package/dist/client/ProvidersView.js +1 -1
package/dist/client/ThreadInspectorPane.vue_vue_type_script_setup_true_lang.js +1 -1
package/dist/client/ToolsView.js +1 -1
package/dist/client/assets/index.css +1 -1
package/dist/client/index.js +2 -2
package/dist/index.js +7 -0
package/dist/index.js.map +1 -1
package/dist/runtime.d.ts +1 -0
package/dist/runtime.js +7 -0
package/dist/runtime.js.map +1 -1
package/package.json +4 -4

package/dist/built-in-routes.js CHANGED Viewed

@@ -63379,6 +63379,14 @@ function platformLoginUrl(req, env2, returnTo) {
   url.searchParams.set("return_to", next || "/");
   return url.toString();
 }
+function platformLogoutUrl(req, env2, returnTo) {
+  const url = new URL("/auth/logout", platformEndpoint(env2));
+  url.searchParams.set("redirect", hostedInstanceRedirectId(req, env2));
+  const reqUrl = new URL(req.url);
+  const next = returnTo && returnTo.startsWith("/") && !returnTo.startsWith("//") ? returnTo : `${reqUrl.pathname}${reqUrl.search}`;
+  url.searchParams.set("return_to", next || "/");
+  return url.toString();
+}
 function sanitizeUsername(input) {
   const normalized = input.trim().toLowerCase().replace(/[^a-z0-9_-]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 50);
   return normalized || "standard-agents";
@@ -63851,6 +63859,10 @@ var diagnostics_get_default = defineController2(async ({ tools, prompts, promptN
 // src/api/events.get.ts
 var events_get_default = defineController2(async ({ req, env: env2 }) => {
+  const authResult = await requireAuth(req, env2);
+  if (authResult instanceof Response) {
+    return authResult;
+  }
   if (req.headers.get("upgrade")?.toLowerCase() !== "websocket") {
     return Response.json(
       { error: "This endpoint requires a WebSocket connection" },
@@ -65785,7 +65797,7 @@ var config_get_default2 = defineController2(async ({ req, env: env2 }) => {
   const platformConnected = hasPlatformApiKey(env2) || !!findLocalBootstrapSession(void 0, env2);
   const localPassword = typeof env2.SUPER_ADMIN_PASSWORD === "string" && env2.SUPER_ADMIN_PASSWORD.length > 0;
   const hosted = isPlatformHosted(env2);
-  const standardAgentsLogin = hosted;
+  const standardAgentsLogin = false;
   return {
     github: githubConfigured,
     google: googleConfigured,
@@ -65885,26 +65897,57 @@ var login_post_default = defineController2(async ({ req, env: env2 }) => {
   }
 });
+// src/api/auth/_logout.ts
+async function deleteLocalSession(req, env2) {
+  const authHeader = req.headers.get("Authorization");
+  const token = authHeader && authHeader.startsWith("Bearer ") ? authHeader.substring(7) : readSessionCookie(req);
+  if (!token) {
+    return;
+  }
+  if (!token.includes(".") && isValidUserToken(token)) {
+    const tokenHash = await hashToken(token);
+    const agentBuilder = env2.AGENT_BUILDER.get(env2.AGENT_BUILDER.idFromName("singleton"));
+    await agentBuilder.deleteSession(tokenHash);
+  }
+}
+function clearedSessionCookie(req) {
+  return buildSessionCookie(req, "", 0);
+}
+// src/api/auth/logout.get.ts
+function safeReturnTo(value) {
+  if (!value || !value.startsWith("/") || value.startsWith("//")) return "/";
+  return value;
+}
+var logout_get_default = defineController2(async ({ req, env: env2 }) => {
+  try {
+    await deleteLocalSession(req, env2);
+  } catch (error) {
+    console.error("Logout error:", error);
+  }
+  const url = new URL(req.url);
+  const returnTo = safeReturnTo(url.searchParams.get("return_to"));
+  const location = isPlatformHosted(env2) ? platformLogoutUrl(req, env2, returnTo) : `${url.origin}/login`;
+  return new Response(null, {
+    status: 302,
+    headers: {
+      Location: location,
+      "Set-Cookie": clearedSessionCookie(req)
+    }
+  });
+});
 // src/api/auth/logout.post.ts
 var logout_post_default = defineController2(async ({ req, env: env2 }) => {
   const clearCookie = (body, status = 200) => new Response(JSON.stringify(body), {
     status,
     headers: {
       "Content-Type": "application/json",
-      "Set-Cookie": buildSessionCookie(req, "", 0)
+      "Set-Cookie": clearedSessionCookie(req)
     }
   });
   try {
-    const authHeader = req.headers.get("Authorization");
-    const token = authHeader && authHeader.startsWith("Bearer ") ? authHeader.substring(7) : readSessionCookie(req);
-    if (!token) {
-      return clearCookie({ success: true });
-    }
-    if (!token.includes(".") && isValidUserToken(token)) {
-      const tokenHash = await hashToken(token);
-      const agentBuilder = env2.AGENT_BUILDER.get(env2.AGENT_BUILDER.idFromName("singleton"));
-      await agentBuilder.deleteSession(tokenHash);
-    }
+    await deleteLocalSession(req, env2);
     return clearCookie({ success: true });
   } catch (error) {
     console.error("Logout error:", error);
@@ -68444,6 +68487,10 @@ var kv_default = defineController2(async ({ req, params, env: env2, url }) => {
 // src/api/threads/[id]/logs.get.ts
 var logs_get_default = defineController2(async ({ req, params, env: env2 }) => {
+  const authResult = await requireAuth(req, env2);
+  if (authResult instanceof Response) {
+    return authResult;
+  }
   const url = new URL(req.url);
   const threadId = params.id;
   if (!threadId) {
@@ -68708,6 +68755,10 @@ var stop_post_default = defineController2(async ({ params, env: env2 }) => {
 // src/api/threads/[id]/stream.ts
 var stream_default = defineController2(async ({ req, params, env: env2 }) => {
+  const authResult = await requireAuth(req, env2);
+  if (authResult instanceof Response) {
+    return authResult;
+  }
   const threadId = params.id;
   if (!threadId) {
     return Response.json({ error: "Thread ID required" }, { status: 400 });
@@ -68945,12 +68996,20 @@ var name_get_default7 = defineController2(async ({ params, url, prompts, agents,
 // src/api/auth/sa/callback.get.ts
 var SESSION_TTL_SECONDS2 = 30 * 24 * 60 * 60;
-function safeReturnTo(value) {
+function safeReturnTo2(value) {
   if (!value || !value.startsWith("/") || value.startsWith("//")) return "/";
   return value;
 }
-function failRedirect(req, reason) {
+function failRedirect(req, env2, reason) {
   const origin = new URL(req.url).origin;
+  if (isPlatformHosted(env2)) {
+    const target = new URL(platformLoginUrl(req, env2, "/"));
+    target.searchParams.set("error", reason === "forbidden" ? "no_instance_access" : "instance_login_failed");
+    return new Response(null, {
+      status: 302,
+      headers: { Location: target.toString() }
+    });
+  }
   return new Response(null, {
     status: 302,
     headers: { Location: `${origin}/login?sa_error=${encodeURIComponent(reason)}` }
@@ -68958,12 +69017,12 @@ function failRedirect(req, reason) {
 }
 var callback_get_default = defineController2(async ({ req, env: env2 }) => {
   if (!isPlatformHosted(env2)) {
-    return failRedirect(req, "not_hosted");
+    return failRedirect(req, env2, "not_hosted");
   }
   const url = new URL(req.url);
   const handoff = url.searchParams.get("handoff") || url.searchParams.get("token");
   if (!handoff) {
-    return failRedirect(req, "invalid_response");
+    return failRedirect(req, env2, "invalid_response");
   }
   const configuredProjectId = typeof env2.STANDARD_AGENTS_PROJECT_ID === "string" ? env2.STANDARD_AGENTS_PROJECT_ID : void 0;
   const payload = await verifyPlatformSignedPayload(
@@ -68975,10 +69034,10 @@ var callback_get_default = defineController2(async ({ req, env: env2 }) => {
     }
   );
   if (!payload || !payload.platform_user_id || !payload.role) {
-    return failRedirect(req, "forbidden");
+    return failRedirect(req, env2, "forbidden");
   }
   if (!configuredProjectId && payload.project_id !== hostedInstanceRedirectId(req, env2)) {
-    return failRedirect(req, "forbidden");
+    return failRedirect(req, env2, "forbidden");
   }
   const session = await mintLocalSessionForPlatformUser(env2, {
     platform_user_id: payload.platform_user_id,
@@ -68988,7 +69047,7 @@ var callback_get_default = defineController2(async ({ req, env: env2 }) => {
     avatar_url: payload.avatar_url ?? null,
     role: payload.role
   });
-  const returnTo = safeReturnTo(url.searchParams.get("return_to"));
+  const returnTo = safeReturnTo2(url.searchParams.get("return_to"));
   return new Response(null, {
     status: 302,
     headers: {
@@ -70108,6 +70167,7 @@ var routeHandlers = {
   "POST:/auth/bootstrap": bootstrap_post_default,
   "GET:/auth/config": config_get_default2,
   "POST:/auth/login": login_post_default,
+  "GET:/auth/logout": logout_get_default,
   "POST:/auth/logout": logout_post_default,
   "GET:/auth/me": me_get_default,
   "POST:/auth/platform-replica": platform_replica_post_default,