@tom2012/cc-web 2026.4.24-g → 2026.4.26-a
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/backend/dist/adapters/claude/scheduled.d.ts +12 -13
- package/backend/dist/adapters/claude/scheduled.d.ts.map +1 -1
- package/backend/dist/adapters/claude/scheduled.js +27 -82
- package/backend/dist/adapters/claude/scheduled.js.map +1 -1
- package/backend/dist/auth.d.ts.map +1 -1
- package/backend/dist/auth.js +7 -0
- package/backend/dist/auth.js.map +1 -1
- package/backend/dist/plugin-session.d.ts +12 -0
- package/backend/dist/plugin-session.d.ts.map +1 -0
- package/backend/dist/plugin-session.js +91 -0
- package/backend/dist/plugin-session.js.map +1 -0
- package/backend/dist/routes/plugin-bridge.d.ts.map +1 -1
- package/backend/dist/routes/plugin-bridge.js +38 -6
- package/backend/dist/routes/plugin-bridge.js.map +1 -1
- package/backend/dist/routes/plugins.d.ts.map +1 -1
- package/backend/dist/routes/plugins.js +16 -0
- package/backend/dist/routes/plugins.js.map +1 -1
- package/backend/dist/routes/projects.d.ts.map +1 -1
- package/backend/dist/routes/projects.js +60 -18
- package/backend/dist/routes/projects.js.map +1 -1
- package/backend/dist/session-manager.d.ts +2 -1
- package/backend/dist/session-manager.d.ts.map +1 -1
- package/backend/dist/session-manager.js +41 -10
- package/backend/dist/session-manager.js.map +1 -1
- package/frontend/dist/assets/{AssistantMessageContent-C1JWtdju.js → AssistantMessageContent-D4Wm1DYe.js} +1 -1
- package/frontend/dist/assets/{GraphPreview-C5HWgqW6.js → GraphPreview-BHFhL4fV.js} +1 -1
- package/frontend/dist/assets/{MobilePage-DiSWZfLS.js → MobilePage-BbMYb_fT.js} +3 -3
- package/frontend/dist/assets/{OfficePreview-DIQhJGFC.js → OfficePreview-Dah62nhN.js} +2 -2
- package/frontend/dist/assets/{ProjectPage-DFGI0Kme.js → ProjectPage-Bs5psd0R.js} +3 -3
- package/frontend/dist/assets/{SettingsPage-B2RLnuyT.js → SettingsPage-C6aUa7yV.js} +1 -1
- package/frontend/dist/assets/{SkillHubPage-DSyD1rSa.js → SkillHubPage-olcv0_pc.js} +1 -1
- package/frontend/dist/assets/{chevron-down-DC35BmL8.js → chevron-down-CD91RjkB.js} +1 -1
- package/frontend/dist/assets/{chevron-up-jSfnqTRe.js → chevron-up-Dm_1T3Ta.js} +1 -1
- package/frontend/dist/assets/{index-DItqRq_c.js → index-BAXK8jaU.js} +1 -1
- package/frontend/dist/assets/{index-CmMaN8Nd.js → index-BzIwL5mK.js} +1 -1
- package/frontend/dist/assets/{index-Dqee_pJW.js → index-CHdNhmuD.js} +2 -2
- package/frontend/dist/assets/{jszip.min-Dtb-M70U.js → jszip.min-COWU92WI.js} +1 -1
- package/frontend/dist/assets/{search-D_uW5RfP.js → search-BxWnQMGo.js} +1 -1
- package/frontend/dist/index.html +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
A self-hosted web application (distributed as npm package) that provides a browser-based interface for [Claude Code](https://docs.anthropic.com/en/docs/claude-code) CLI sessions. Create projects, each with a persistent terminal running Claude Code, and interact with them through a real-time terminal UI.
|
|
4
4
|
|
|
5
|
-
**Current version**: v2026.4.
|
|
5
|
+
**Current version**: v2026.4.26-a | [GitHub](https://github.com/zbc0315/cc-web) | MIT License
|
|
6
6
|
|
|
7
7
|
## Features
|
|
8
8
|
|
|
@@ -1,13 +1,18 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Claude Code CLI scheduled-tasks reader.
|
|
3
3
|
*
|
|
4
|
-
* Reads
|
|
5
|
-
* via CronCreate / ScheduleWakeup with `durable: true`)
|
|
6
|
-
* tasks whose originating session's cwd matches a given project folderPath.
|
|
4
|
+
* Reads `<projectFolderPath>/.claude/scheduled_tasks.json` (durable /loop
|
|
5
|
+
* tasks Claude wrote via CronCreate / ScheduleWakeup with `durable: true`).
|
|
7
6
|
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
7
|
+
* Path is per-project: Claude resolves `path.join(".claude",
|
|
8
|
+
* "scheduled_tasks.json")` relative to its working directory, so each
|
|
9
|
+
* project keeps its own file. Session-only tasks (default ScheduleWakeup
|
|
10
|
+
* and CronCreate without durable:true) live in CLI process memory and
|
|
11
|
+
* never hit disk — they are invisible to ccweb by design.
|
|
12
|
+
*
|
|
13
|
+
* Schema reverse-engineered from 2.1.119 Mach-O binary (BL1 constant,
|
|
14
|
+
* wQ_ creator function). Earlier versions of this file assumed a global
|
|
15
|
+
* `~/.claude/scheduled_tasks.json` — that was wrong.
|
|
11
16
|
*/
|
|
12
17
|
export interface RawScheduledTask {
|
|
13
18
|
id: string;
|
|
@@ -23,12 +28,6 @@ export interface RawScheduledTask {
|
|
|
23
28
|
export interface ScheduledTask extends RawScheduledTask {
|
|
24
29
|
nextFireAt: string | null;
|
|
25
30
|
}
|
|
26
|
-
export declare function loadScheduledTasks(): RawScheduledTask[];
|
|
27
|
-
/**
|
|
28
|
-
* Return scheduled tasks whose originating session's cwd === folderPath.
|
|
29
|
-
* Tasks without `createdBySessionId` (agent/headless-created, rare) are
|
|
30
|
-
* excluded — we can't attribute them. Tasks whose session has exited
|
|
31
|
-
* (stale sessions file cleanup) are also excluded, by design.
|
|
32
|
-
*/
|
|
31
|
+
export declare function loadScheduledTasks(folderPath: string): RawScheduledTask[];
|
|
33
32
|
export declare function tasksForProject(folderPath: string): ScheduledTask[];
|
|
34
33
|
//# sourceMappingURL=scheduled.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scheduled.d.ts","sourceRoot":"","sources":["../../../src/adapters/claude/scheduled.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"scheduled.d.ts","sourceRoot":"","sources":["../../../src/adapters/claude/scheduled.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AASH,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,aAAc,SAAQ,gBAAgB;IACrD,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAMD,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,gBAAgB,EAAE,CAqBzE;AAgBD,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,aAAa,EAAE,CAOnE"}
|
|
@@ -2,13 +2,18 @@
|
|
|
2
2
|
/**
|
|
3
3
|
* Claude Code CLI scheduled-tasks reader.
|
|
4
4
|
*
|
|
5
|
-
* Reads
|
|
6
|
-
* via CronCreate / ScheduleWakeup with `durable: true`)
|
|
7
|
-
* tasks whose originating session's cwd matches a given project folderPath.
|
|
5
|
+
* Reads `<projectFolderPath>/.claude/scheduled_tasks.json` (durable /loop
|
|
6
|
+
* tasks Claude wrote via CronCreate / ScheduleWakeup with `durable: true`).
|
|
8
7
|
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
8
|
+
* Path is per-project: Claude resolves `path.join(".claude",
|
|
9
|
+
* "scheduled_tasks.json")` relative to its working directory, so each
|
|
10
|
+
* project keeps its own file. Session-only tasks (default ScheduleWakeup
|
|
11
|
+
* and CronCreate without durable:true) live in CLI process memory and
|
|
12
|
+
* never hit disk — they are invisible to ccweb by design.
|
|
13
|
+
*
|
|
14
|
+
* Schema reverse-engineered from 2.1.119 Mach-O binary (BL1 constant,
|
|
15
|
+
* wQ_ creator function). Earlier versions of this file assumed a global
|
|
16
|
+
* `~/.claude/scheduled_tasks.json` — that was wrong.
|
|
12
17
|
*/
|
|
13
18
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
14
19
|
if (k2 === undefined) k2 = k;
|
|
@@ -48,76 +53,33 @@ exports.loadScheduledTasks = loadScheduledTasks;
|
|
|
48
53
|
exports.tasksForProject = tasksForProject;
|
|
49
54
|
const fs = __importStar(require("fs"));
|
|
50
55
|
const path = __importStar(require("path"));
|
|
51
|
-
const os = __importStar(require("os"));
|
|
52
56
|
const cron_parser_1 = require("cron-parser");
|
|
53
57
|
const logger_1 = require("../../logger");
|
|
54
58
|
const log = (0, logger_1.modLogger)('scheduled');
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
59
|
+
function scheduledFileFor(folderPath) {
|
|
60
|
+
return path.join(folderPath, '.claude', 'scheduled_tasks.json');
|
|
61
|
+
}
|
|
62
|
+
function loadScheduledTasks(folderPath) {
|
|
63
|
+
const file = scheduledFileFor(folderPath);
|
|
58
64
|
try {
|
|
59
|
-
if (!fs.existsSync(
|
|
65
|
+
if (!fs.existsSync(file))
|
|
60
66
|
return [];
|
|
61
|
-
const raw = fs.readFileSync(
|
|
67
|
+
const raw = fs.readFileSync(file, 'utf-8');
|
|
62
68
|
const parsed = JSON.parse(raw);
|
|
63
69
|
if (!Array.isArray(parsed)) {
|
|
64
|
-
log.warn({ file
|
|
70
|
+
log.warn({ file }, 'scheduled_tasks.json is not an array');
|
|
65
71
|
return [];
|
|
66
72
|
}
|
|
67
73
|
return parsed.filter((t) => !!t && typeof t === 'object' && typeof t.id === 'string' &&
|
|
68
74
|
typeof t.cron === 'string' &&
|
|
69
|
-
typeof t.prompt === 'string'
|
|
75
|
+
typeof t.prompt === 'string' &&
|
|
76
|
+
typeof t.createdAt === 'number');
|
|
70
77
|
}
|
|
71
78
|
catch (err) {
|
|
72
|
-
log.warn({ err, file
|
|
79
|
+
log.warn({ err, file }, 'failed to read scheduled_tasks.json');
|
|
73
80
|
return [];
|
|
74
81
|
}
|
|
75
82
|
}
|
|
76
|
-
/**
|
|
77
|
-
* Canonicalize an on-disk path for equality comparison: resolve symlinks +
|
|
78
|
-
* normalize. Falls back to `path.resolve` if realpath fails (e.g., the path
|
|
79
|
-
* no longer exists because the session's cwd was deleted). Without this
|
|
80
|
-
* `Project.folderPath` (stored raw at create-time) and the CLI's captured
|
|
81
|
-
* `cwd` can differ by trailing slash / symlink even when semantically equal.
|
|
82
|
-
*/
|
|
83
|
-
function canonicalizePath(p) {
|
|
84
|
-
try {
|
|
85
|
-
return fs.realpathSync(p);
|
|
86
|
-
}
|
|
87
|
-
catch {
|
|
88
|
-
return path.resolve(p);
|
|
89
|
-
}
|
|
90
|
-
}
|
|
91
|
-
/**
|
|
92
|
-
* Build a sessionId → canonical-cwd index by scanning `~/.claude/sessions/*.json`.
|
|
93
|
-
* Files are named by PID, so we have to open each one. Cheap in practice
|
|
94
|
-
* (O(few dozen), small JSON), and this is called at most once per request.
|
|
95
|
-
*/
|
|
96
|
-
function buildSessionCwdIndex() {
|
|
97
|
-
const index = new Map();
|
|
98
|
-
try {
|
|
99
|
-
if (!fs.existsSync(SESSIONS_DIR))
|
|
100
|
-
return index;
|
|
101
|
-
const files = fs.readdirSync(SESSIONS_DIR);
|
|
102
|
-
for (const f of files) {
|
|
103
|
-
if (!f.endsWith('.json'))
|
|
104
|
-
continue;
|
|
105
|
-
try {
|
|
106
|
-
const raw = fs.readFileSync(path.join(SESSIONS_DIR, f), 'utf-8');
|
|
107
|
-
const meta = JSON.parse(raw);
|
|
108
|
-
if (meta.sessionId && meta.cwd)
|
|
109
|
-
index.set(meta.sessionId, canonicalizePath(meta.cwd));
|
|
110
|
-
}
|
|
111
|
-
catch {
|
|
112
|
-
// per-file parse failure is non-fatal; skip
|
|
113
|
-
}
|
|
114
|
-
}
|
|
115
|
-
}
|
|
116
|
-
catch (err) {
|
|
117
|
-
log.warn({ err, dir: SESSIONS_DIR }, 'failed to scan sessions dir');
|
|
118
|
-
}
|
|
119
|
-
return index;
|
|
120
|
-
}
|
|
121
83
|
function computeNextFire(cron, fromHint) {
|
|
122
84
|
// We want the next FUTURE fire. If the hint (lastFiredAt or createdAt) is
|
|
123
85
|
// in the past (because the creator process died or the file is stale),
|
|
@@ -132,30 +94,13 @@ function computeNextFire(cron, fromHint) {
|
|
|
132
94
|
return null;
|
|
133
95
|
}
|
|
134
96
|
}
|
|
135
|
-
/**
|
|
136
|
-
* Return scheduled tasks whose originating session's cwd === folderPath.
|
|
137
|
-
* Tasks without `createdBySessionId` (agent/headless-created, rare) are
|
|
138
|
-
* excluded — we can't attribute them. Tasks whose session has exited
|
|
139
|
-
* (stale sessions file cleanup) are also excluded, by design.
|
|
140
|
-
*/
|
|
141
97
|
function tasksForProject(folderPath) {
|
|
142
|
-
const all = loadScheduledTasks();
|
|
98
|
+
const all = loadScheduledTasks(folderPath);
|
|
143
99
|
if (all.length === 0)
|
|
144
100
|
return [];
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
if (!t.createdBySessionId)
|
|
150
|
-
continue;
|
|
151
|
-
const cwd = idx.get(t.createdBySessionId);
|
|
152
|
-
if (cwd !== targetCwd)
|
|
153
|
-
continue;
|
|
154
|
-
out.push({
|
|
155
|
-
...t,
|
|
156
|
-
nextFireAt: computeNextFire(t.cron, t.lastFiredAt ?? t.createdAt),
|
|
157
|
-
});
|
|
158
|
-
}
|
|
159
|
-
return out;
|
|
101
|
+
return all.map((t) => ({
|
|
102
|
+
...t,
|
|
103
|
+
nextFireAt: computeNextFire(t.cron, t.lastFiredAt ?? t.createdAt),
|
|
104
|
+
}));
|
|
160
105
|
}
|
|
161
106
|
//# sourceMappingURL=scheduled.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scheduled.js","sourceRoot":"","sources":["../../../src/adapters/claude/scheduled.ts"],"names":[],"mappings":";AAAA
|
|
1
|
+
{"version":3,"file":"scheduled.js","sourceRoot":"","sources":["../../../src/adapters/claude/scheduled.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6BH,gDAqBC;AAgBD,0CAOC;AAvED,uCAAyB;AACzB,2CAA6B;AAC7B,6CAAmD;AACnD,yCAAyC;AAEzC,MAAM,GAAG,GAAG,IAAA,kBAAS,EAAC,WAAW,CAAC,CAAC;AAkBnC,SAAS,gBAAgB,CAAC,UAAkB;IAC1C,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,EAAE,sBAAsB,CAAC,CAAC;AAClE,CAAC;AAED,SAAgB,kBAAkB,CAAC,UAAkB;IACnD,MAAM,IAAI,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1C,IAAI,CAAC;QACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,sCAAsC,CAAC,CAAC;YAC3D,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,MAAM,CAAC,MAAM,CAClB,CAAC,CAAC,EAAyB,EAAE,CAC3B,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAQ,CAAsB,CAAC,EAAE,KAAK,QAAQ;YAC9E,OAAQ,CAAsB,CAAC,IAAI,KAAK,QAAQ;YAChD,OAAQ,CAAsB,CAAC,MAAM,KAAK,QAAQ;YAClD,OAAQ,CAAsB,CAAC,SAAS,KAAK,QAAQ,CACxD,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,qCAAqC,CAAC,CAAC;QAC/D,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,QAAgB;IACrD,0EAA0E;IAC1E,uEAAuE;IACvE,wEAAwE;IACxE,wDAAwD;IACxD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7C,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,kCAAoB,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC9E,OAAO,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAgB,eAAe,CAAC,UAAkB;IAChD,MAAM,GAAG,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;IAC3C,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAChC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrB,GAAG,CAAC;QACJ,UAAU,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,SAAS,CAAC;KAClE,CAAC,CAAC,CAAC;AACN,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAiB1D,MAAM,WAAW,WAAY,SAAQ,OAAO;IAC1C,IAAI,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAOpD;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAiB1D,MAAM,WAAW,WAAY,SAAQ,OAAO;IAC1C,IAAI,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAOpD;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAatE;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,MAAM,CAG3C;AAID,wBAAgB,cAAc,CAAC,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CA0CxF"}
|
package/backend/dist/auth.js
CHANGED
|
@@ -68,6 +68,13 @@ function verifyToken(token) {
|
|
|
68
68
|
try {
|
|
69
69
|
const config = (0, config_1.getConfig)();
|
|
70
70
|
const decoded = jwt.verify(token, config.jwtSecret);
|
|
71
|
+
// Reject non-user JWTs (e.g. plugin-session tokens) that happen to share
|
|
72
|
+
// the same signing secret — prevents type confusion between credential
|
|
73
|
+
// classes (codex review #2a).
|
|
74
|
+
if (decoded.typ && decoded.typ !== 'user')
|
|
75
|
+
return null;
|
|
76
|
+
if (typeof decoded.username !== 'string')
|
|
77
|
+
return null;
|
|
71
78
|
return { username: decoded.username };
|
|
72
79
|
}
|
|
73
80
|
catch {
|
package/backend/dist/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BA,wCAOC;AAED,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4BA,wCAOC;AAED,kCAaC;AAOD,gDAGC;AAID,wCA0CC;AAzGD,kDAAoC;AACpC,qCAAqC;AACrC,qCAA0C;AAE1C,MAAM,GAAG,GAAG,IAAA,kBAAS,EAAC,MAAM,CAAC,CAAC;AAE9B;;;;GAIG;AACH,SAAS,YAAY,CAAC,QAAgB;IACpC,MAAM,GAAG,GAAG,YAAG,CAAC,QAAQ,EAAmC,CAAC;IAC5D,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI;QAAE,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC;AAC5C,CAAC;AAMD;;;;;;GAMG;AACH,SAAgB,cAAc,CAAC,GAAY;IACzC,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC;IAC1C,OAAO,CACL,EAAE,KAAK,WAAW;QAClB,EAAE,KAAK,KAAK;QACZ,EAAE,KAAK,kBAAkB,CAC1B,CAAC;AACJ,CAAC;AAED,SAAgB,WAAW,CAAC,KAAa;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,kBAAS,GAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,SAAS,CAAmB,CAAC;QACtE,yEAAyE;QACzE,uEAAuE;QACvE,8BAA8B;QAC9B,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,KAAK,MAAM;YAAE,OAAO,IAAI,CAAC;QACvD,IAAI,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACtD,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB;IAChC,MAAM,MAAM,GAAG,IAAA,kBAAS,GAAE,CAAC;IAC3B,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,MAAM,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;AACzF,CAAC;AAED,IAAI,eAAe,GAAG,KAAK,CAAC;AAE5B,SAAgB,cAAc,CAAC,GAAgB,EAAE,GAAa,EAAE,IAAkB;IAChF,gDAAgD;IAChD,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAA,kBAAS,GAAE,CAAC;YAC3B,GAAG,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,oEAAoE;YACpE,sEAAsE;YACtE,uDAAuD;YACvD,2EAA2E;YAC3E,uEAAuE;YACvE,uEAAuE;YACvE,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,GAAG,CAAC,IAAI,CACN,sIAAsI,CACvI,CAAC;gBACF,eAAe,GAAG,IAAI,CAAC;YACzB,CAAC;YACD,GAAG,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,iBAAiB,EAAE,CAAC;QAC7C,CAAC;QACD,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChC,IAAI,EAAE,CAAC;QACP,OAAO;IACT,CAAC;IAED,qFAAqF;IACrF,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAuB,CAAC;IAC5D,MAAM,KAAK,GAAG,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;IACnF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;QAChD,OAAO;IACT,CAAC;IACD,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;QAC5D,OAAO;IACT,CAAC;IACD,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;IAChB,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC5B,IAAI,EAAE,CAAC;AACT,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
declare const TOKEN_TYP: "ccweb-plugin-session";
|
|
2
|
+
export interface PluginSessionPayload {
|
|
3
|
+
typ: typeof TOKEN_TYP;
|
|
4
|
+
pid: string;
|
|
5
|
+
usr: string;
|
|
6
|
+
scp: string[];
|
|
7
|
+
}
|
|
8
|
+
export declare function issuePluginSessionToken(pluginId: string, username: string): string;
|
|
9
|
+
export declare function verifyPluginSessionToken(token: string): PluginSessionPayload | null;
|
|
10
|
+
export declare const PLUGIN_SESSION_TTL_SECONDS: number;
|
|
11
|
+
export {};
|
|
12
|
+
//# sourceMappingURL=plugin-session.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"plugin-session.d.ts","sourceRoot":"","sources":["../src/plugin-session.ts"],"names":[],"mappings":"AAgBA,QAAA,MAAM,SAAS,EAAG,sBAA+B,CAAC;AAGlD,MAAM,WAAW,oBAAoB;IACnC,GAAG,EAAE,OAAO,SAAS,CAAC;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,EAAE,CAAC;CACf;AAED,wBAAgB,uBAAuB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAalF;AAED,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI,CAenF;AAED,eAAO,MAAM,0BAA0B,QAAoB,CAAC"}
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.PLUGIN_SESSION_TTL_SECONDS = void 0;
|
|
37
|
+
exports.issuePluginSessionToken = issuePluginSessionToken;
|
|
38
|
+
exports.verifyPluginSessionToken = verifyPluginSessionToken;
|
|
39
|
+
/**
|
|
40
|
+
* Plugin session tokens — HMAC-signed authorization for the /api/plugin-bridge surface.
|
|
41
|
+
*
|
|
42
|
+
* Why: the previous bridge identified the calling plugin by an `x-plugin-id` header,
|
|
43
|
+
* which any authenticated user could forge via curl to gain that plugin's manifest
|
|
44
|
+
* permissions (terminal:send, session:read, ...). This module replaces the header
|
|
45
|
+
* with a short-lived JWT signed by the server's jwtSecret, so the caller must have
|
|
46
|
+
* first obtained the token from `POST /api/plugins/:id/session` (which is gated on
|
|
47
|
+
* a valid user JWT + installed-and-enabled plugin).
|
|
48
|
+
*
|
|
49
|
+
* Token typ is namespaced to prevent cross-use with the main user-auth JWTs.
|
|
50
|
+
*/
|
|
51
|
+
const jwt = __importStar(require("jsonwebtoken"));
|
|
52
|
+
const config_1 = require("./config");
|
|
53
|
+
const plugin_manager_1 = require("./plugin-manager");
|
|
54
|
+
const TOKEN_TYP = 'ccweb-plugin-session';
|
|
55
|
+
const TOKEN_TTL_SECONDS = 2 * 60 * 60; // 2 hours
|
|
56
|
+
function issuePluginSessionToken(pluginId, username) {
|
|
57
|
+
const plugin = plugin_manager_1.pluginManager.get(pluginId);
|
|
58
|
+
if (!plugin)
|
|
59
|
+
throw new Error('Plugin not installed');
|
|
60
|
+
if (!plugin.registry.enabled)
|
|
61
|
+
throw new Error('Plugin disabled');
|
|
62
|
+
const secret = (0, config_1.getConfig)().jwtSecret;
|
|
63
|
+
const payload = {
|
|
64
|
+
typ: TOKEN_TYP,
|
|
65
|
+
pid: pluginId,
|
|
66
|
+
usr: username,
|
|
67
|
+
scp: plugin.manifest.permissions,
|
|
68
|
+
};
|
|
69
|
+
return jwt.sign(payload, secret, { expiresIn: TOKEN_TTL_SECONDS });
|
|
70
|
+
}
|
|
71
|
+
function verifyPluginSessionToken(token) {
|
|
72
|
+
try {
|
|
73
|
+
const secret = (0, config_1.getConfig)().jwtSecret;
|
|
74
|
+
const decoded = jwt.verify(token, secret);
|
|
75
|
+
if (decoded.typ !== TOKEN_TYP)
|
|
76
|
+
return null;
|
|
77
|
+
if (typeof decoded.pid !== 'string' || typeof decoded.usr !== 'string' || !Array.isArray(decoded.scp))
|
|
78
|
+
return null;
|
|
79
|
+
return {
|
|
80
|
+
typ: TOKEN_TYP,
|
|
81
|
+
pid: decoded.pid,
|
|
82
|
+
usr: decoded.usr,
|
|
83
|
+
scp: decoded.scp.filter((s) => typeof s === 'string'),
|
|
84
|
+
};
|
|
85
|
+
}
|
|
86
|
+
catch {
|
|
87
|
+
return null;
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
exports.PLUGIN_SESSION_TTL_SECONDS = TOKEN_TTL_SECONDS;
|
|
91
|
+
//# sourceMappingURL=plugin-session.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"plugin-session.js","sourceRoot":"","sources":["../src/plugin-session.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BA,0DAaC;AAED,4DAeC;AAxDD;;;;;;;;;;;GAWG;AACH,kDAAoC;AACpC,qCAAqC;AACrC,qDAAiD;AAEjD,MAAM,SAAS,GAAG,sBAA+B,CAAC;AAClD,MAAM,iBAAiB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU;AASjD,SAAgB,uBAAuB,CAAC,QAAgB,EAAE,QAAgB;IACxE,MAAM,MAAM,GAAG,8BAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACrD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAEjE,MAAM,MAAM,GAAG,IAAA,kBAAS,GAAE,CAAC,SAAS,CAAC;IACrC,MAAM,OAAO,GAAG;QACd,GAAG,EAAE,SAAS;QACd,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW;KACjC,CAAC;IACF,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,CAAC,CAAC;AACrE,CAAC;AAED,SAAgB,wBAAwB,CAAC,KAAa;IACpD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,kBAAS,GAAE,CAAC,SAAS,CAAC;QACrC,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAmB,CAAC;QAC5D,IAAI,OAAO,CAAC,GAAG,KAAK,SAAS;YAAE,OAAO,IAAI,CAAC;QAC3C,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACnH,OAAO;YACL,GAAG,EAAE,SAAS;YACd,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;SACnE,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAEY,QAAA,0BAA0B,GAAG,iBAAiB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin-bridge.d.ts","sourceRoot":"","sources":["../../src/routes/plugin-bridge.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"plugin-bridge.d.ts","sourceRoot":"","sources":["../../src/routes/plugin-bridge.ts"],"names":[],"mappings":"AAYA,QAAA,MAAM,MAAM,4CAAW,CAAC;AAmKxB,eAAe,MAAM,CAAC"}
|
|
@@ -40,19 +40,51 @@ const plugin_manager_1 = require("../plugin-manager");
|
|
|
40
40
|
const terminal_manager_1 = require("../terminal-manager");
|
|
41
41
|
const session_manager_1 = require("../session-manager");
|
|
42
42
|
const authz_1 = require("../middleware/authz");
|
|
43
|
+
const plugin_session_1 = require("../plugin-session");
|
|
44
|
+
const logger_1 = require("../logger");
|
|
45
|
+
const log = (0, logger_1.modLogger)('plugin-bridge');
|
|
43
46
|
const router = (0, express_1.Router)();
|
|
44
47
|
// ── Permission check middleware ──────────────────────────────────────────────
|
|
48
|
+
//
|
|
49
|
+
// Authorization source of truth: the `X-Plugin-Session` HMAC token issued by
|
|
50
|
+
// POST /api/plugins/:id/session. The old `x-plugin-id` header was caller-
|
|
51
|
+
// controlled and allowed any authenticated user to assume any plugin's
|
|
52
|
+
// permissions — see `plugin-session.ts` header for background.
|
|
45
53
|
function requirePermission(permission) {
|
|
46
54
|
return (req, res, next) => {
|
|
47
|
-
const
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
55
|
+
const sessionHeader = req.headers['x-plugin-session'];
|
|
56
|
+
const tokenRaw = Array.isArray(sessionHeader) ? sessionHeader[0] : sessionHeader;
|
|
57
|
+
if (!tokenRaw) {
|
|
58
|
+
if (req.headers['x-plugin-id']) {
|
|
59
|
+
log.warn({ path: req.path, pluginIdHeader: req.headers['x-plugin-id'] }, 'deprecated x-plugin-id header received without X-Plugin-Session — rejecting; refresh plugin iframe');
|
|
60
|
+
}
|
|
61
|
+
return res.status(401).json({ error: 'X-Plugin-Session token required (obtain via POST /api/plugins/:id/session)' });
|
|
62
|
+
}
|
|
63
|
+
const payload = (0, plugin_session_1.verifyPluginSessionToken)(tokenRaw);
|
|
64
|
+
if (!payload) {
|
|
65
|
+
return res.status(401).json({ error: 'Invalid or expired plugin session token' });
|
|
66
|
+
}
|
|
67
|
+
// Bind the token to the authenticated caller — a leaked token MUST NOT
|
|
68
|
+
// be replayable by a different user (codex review #11).
|
|
69
|
+
const authUser = req.user?.username;
|
|
70
|
+
if (!authUser || payload.usr !== authUser) {
|
|
71
|
+
return res.status(403).json({ error: 'Plugin session token issued for a different user' });
|
|
72
|
+
}
|
|
73
|
+
const plugin = plugin_manager_1.pluginManager.get(payload.pid);
|
|
51
74
|
if (!plugin)
|
|
52
75
|
return res.status(404).json({ error: 'Plugin not found' });
|
|
53
|
-
if (!plugin.
|
|
54
|
-
return res.status(403).json({ error:
|
|
76
|
+
if (!plugin.registry.enabled)
|
|
77
|
+
return res.status(403).json({ error: 'Plugin disabled' });
|
|
78
|
+
// Gate on both the token's issued scopes AND the current manifest — if the
|
|
79
|
+
// plugin was downgraded after issuance, the intersection is the safe floor.
|
|
80
|
+
if (!payload.scp.includes(permission) || !plugin.manifest.permissions.includes(permission)) {
|
|
81
|
+
return res.status(403).json({ error: `Plugin "${payload.pid}" lacks permission "${permission}"` });
|
|
55
82
|
}
|
|
83
|
+
// Expose the verified plugin identity to handlers (replaces untrusted header).
|
|
84
|
+
req.plugin = {
|
|
85
|
+
id: payload.pid,
|
|
86
|
+
user: payload.usr,
|
|
87
|
+
};
|
|
56
88
|
next();
|
|
57
89
|
};
|
|
58
90
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin-bridge.js","sourceRoot":"","sources":["../../src/routes/plugin-bridge.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAiC;AACjC,uCAAyB;AACzB,sCAAwC;AACxC,sDAAkD;AAClD,0DAAsD;AACtD,wDAAoD;AACpD,+CAAmD;
|
|
1
|
+
{"version":3,"file":"plugin-bridge.js","sourceRoot":"","sources":["../../src/routes/plugin-bridge.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAiC;AACjC,uCAAyB;AACzB,sCAAwC;AACxC,sDAAkD;AAClD,0DAAsD;AACtD,wDAAoD;AACpD,+CAAmD;AACnD,sDAA6D;AAC7D,sCAAsC;AAGtC,MAAM,GAAG,GAAG,IAAA,kBAAS,EAAC,eAAe,CAAC,CAAC;AACvC,MAAM,MAAM,GAAG,IAAA,gBAAM,GAAE,CAAC;AAExB,gFAAgF;AAChF,EAAE;AACF,6EAA6E;AAC7E,0EAA0E;AAC1E,uEAAuE;AACvE,+DAA+D;AAE/D,SAAS,iBAAiB,CAAC,UAAkB;IAC3C,OAAO,CAAC,GAA8B,EAAE,GAA+B,EAAE,IAAoC,EAAE,EAAE;QAC/G,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;QAEjF,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC/B,GAAG,CAAC,IAAI,CACN,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,cAAc,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,EAC9D,oGAAoG,CACrG,CAAC;YACJ,CAAC;YACD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,4EAA4E,EAAE,CAAC,CAAC;QACvH,CAAC;QAED,MAAM,OAAO,GAAG,IAAA,yCAAwB,EAAC,QAAQ,CAAC,CAAC;QACnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,CAAC,CAAC;QACpF,CAAC;QAED,uEAAuE;QACvE,wDAAwD;QACxD,MAAM,QAAQ,GAAI,GAAmB,CAAC,IAAI,EAAE,QAAQ,CAAC;QACrD,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kDAAkD,EAAE,CAAC,CAAC;QAC7F,CAAC;QAED,MAAM,MAAM,GAAG,8BAAa,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM;YAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACxE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO;YAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC,CAAC;QAExF,2EAA2E;QAC3E,4EAA4E;QAC5E,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3F,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,OAAO,CAAC,GAAG,uBAAuB,UAAU,GAAG,EAAE,CAAC,CAAC;QACrG,CAAC;QAED,+EAA+E;QAC9E,GAA6E,CAAC,MAAM,GAAG;YACtF,EAAE,EAAE,OAAO,CAAC,GAAG;YACf,IAAI,EAAE,OAAO,CAAC,GAAG;SAClB,CAAC;QACF,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,4BAA4B,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACzF,MAAM,QAAQ,GAAG,IAAA,oBAAW,GAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpE,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;IAE1E,MAAM,MAAM,GAAG,kCAAe,CAAC,gBAAgB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC5D,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;AAC3D,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,eAAe,EAAE,iBAAiB,CAAC,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IAC3E,MAAM,QAAQ,GAAG,IAAA,oBAAW,GAAE,CAAC;IAC/B,GAAG,CAAC,IAAI,CACN,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,MAAM,EAAE,kCAAe,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9C,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,IAAI,EAAE,CAAC,CAAC,IAAI;KACb,CAAC,CAAC,CACJ,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,eAAe,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC7E,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,IAA6C,CAAC;IAC9E,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,6BAA6B,EAAE,CAAC,CAAC;IAE/F,MAAM,MAAM,GAAG,kCAAe,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAC3D,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;IAEzF,kCAAe,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9B,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,qBAAqB,EAAE,iBAAiB,CAAC,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAChF,MAAM,OAAO,GAAG,gCAAc,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACpB,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,iBAAiB,CAAC,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IACzE,MAAM,IAAI,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC;IACvB,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;IAE7B,sCAAsC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAClE,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;QAC5B,OAAO,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC;IACxC,CAAC,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC;IAErE,GAAG,CAAC,IAAI,CAAC;QACP,GAAG,EAAE;YACH,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK;YACrB,KAAK,EAAE,IAAI,CAAC,MAAM;YAClB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,GAAG,EAAE;SACpC;QACD,MAAM,EAAE;YACN,KAAK,EAAE,QAAQ;YACf,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,QAAQ,GAAG,OAAO;YACxB,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,GAAG,OAAO,CAAC,GAAG,QAAQ,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE;SACxE;QACD,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE;QACnB,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE;QACvB,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE;QACvB,OAAO,EAAE,EAAE,CAAC,OAAO,EAAE;KACtB,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAChF,EAAE;AACF,6EAA6E;AAC7E,4EAA4E;AAC5E,qEAAqE;AACrE,0EAA0E;AAC1E,gEAAgE;AAChE,8DAA8D;AAC9D,0EAA0E;AAC1E,mFAAmF;AAEnF,MAAM,YAAY,GAAG,kBAAkB,CAAC;AAExC,MAAM,CAAC,GAAG,CAAC,oBAAoB,EAAE,oBAAY,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC1D,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC;IACrC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;IAC9F,IAAI,CAAC,8BAAa,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACjG,GAAG,CAAC,IAAI,CAAC,8BAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC7C,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,GAAG,CAAC,oBAAoB,EAAE,oBAAY,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC1D,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC;IACrC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;IAC9F,IAAI,CAAC,8BAAa,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACjG,8BAAa,CAAC,SAAS,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IAC5C,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9B,CAAC,CAAC,CAAC;AAEH,kBAAe,MAAM,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugins.d.ts","sourceRoot":"","sources":["../../src/routes/plugins.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"plugins.d.ts","sourceRoot":"","sources":["../../src/routes/plugins.ts"],"names":[],"mappings":"AAUA,QAAA,MAAM,MAAM,4CAAW,CAAC;AAiLxB,eAAe,MAAM,CAAC"}
|
|
@@ -43,6 +43,7 @@ const os = __importStar(require("os"));
|
|
|
43
43
|
const adm_zip_1 = __importDefault(require("adm-zip"));
|
|
44
44
|
const plugin_manager_1 = require("../plugin-manager");
|
|
45
45
|
const authz_1 = require("../middleware/authz");
|
|
46
|
+
const plugin_session_1 = require("../plugin-session");
|
|
46
47
|
const router = (0, express_1.Router)();
|
|
47
48
|
/** Block SSRF: only allow HTTPS downloads from trusted hosts. */
|
|
48
49
|
function isAllowedDownloadUrl(url) {
|
|
@@ -184,6 +185,21 @@ router.put('/:id/enabled', authz_1.requireAdmin, (req, res) => {
|
|
|
184
185
|
plugin_manager_1.pluginManager.setEnabled(id, enabled);
|
|
185
186
|
res.json({ success: true });
|
|
186
187
|
});
|
|
188
|
+
// ── Plugin session token (used by /api/plugin-bridge/* authorization) ───────
|
|
189
|
+
router.post('/:id/session', (req, res) => {
|
|
190
|
+
const authReq = req;
|
|
191
|
+
const username = authReq.user?.username;
|
|
192
|
+
if (!username)
|
|
193
|
+
return res.status(401).json({ error: 'Unauthorized' });
|
|
194
|
+
try {
|
|
195
|
+
const token = (0, plugin_session_1.issuePluginSessionToken)(req.params.id, username);
|
|
196
|
+
res.json({ token, expiresIn: plugin_session_1.PLUGIN_SESSION_TTL_SECONDS });
|
|
197
|
+
}
|
|
198
|
+
catch (err) {
|
|
199
|
+
const message = err instanceof Error ? err.message : 'Failed to issue token';
|
|
200
|
+
res.status(404).json({ error: message });
|
|
201
|
+
}
|
|
202
|
+
});
|
|
187
203
|
// Plugin private data is served by /api/plugin-bridge/storage/:pluginId —
|
|
188
204
|
// the duplicate routes that used to live here were redundant and unauthenticated.
|
|
189
205
|
// ── Helper ───────────────────────────────────────────────────────────────────
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugins.js","sourceRoot":"","sources":["../../src/routes/plugins.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAiC;AACjC,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,sDAA6B;AAC7B,sDAAkD;AAClD,+CAAmD;
|
|
1
|
+
{"version":3,"file":"plugins.js","sourceRoot":"","sources":["../../src/routes/plugins.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAiC;AACjC,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,sDAA6B;AAC7B,sDAAkD;AAClD,+CAAmD;AACnD,sDAAwF;AAGxF,MAAM,MAAM,GAAG,IAAA,gBAAM,GAAE,CAAC;AAExB,iEAAiE;AACjE,SAAS,oBAAoB,CAAC,GAAW;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC/C,MAAM,YAAY,GAAG,CAAC,2BAA2B,EAAE,YAAY,EAAE,+BAA+B,CAAC,CAAC;QAClG,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,KAAK,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;IAC5F,CAAC;IAAC,MAAM,CAAC;QAAC,OAAO,KAAK,CAAC;IAAC,CAAC;AAC3B,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;IAC5B,MAAM,OAAO,GAAG,8BAAa,CAAC,MAAM,EAAE,CAAC;IACvC,GAAG,CAAC,IAAI,CACN,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClB,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;QACjB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;QACrB,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO;QAC3B,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;QACzB,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW;QACnC,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;QACrB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;QACrB,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;QACvB,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW;QACnC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO;QAChC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO;QAC3B,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW;QACnC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU;KAClC,CAAC,CAAC,CACJ,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,oBAAY,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;IACvD,MAAM,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAgC,CAAC;IAC7D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,EAAE,CAAC;QACvC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,4CAA4C,EAAE,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAEpE,IAAI,CAAC;QACH,eAAe;QACf,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAEzD,8DAA8D;QAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAClD,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,iBAAM,CAAC,MAAM,CAAC,CAAC;QAC/B,GAAG,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAEnC,gDAAgD;QAChD,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;QAChD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC,CAAC;QAC9E,CAAC;QAED,MAAM,QAAQ,GAAG,8BAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACpD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAC3G,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC;QACtE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;YAAS,CAAC;QACT,cAAc;QACd,IAAI,CAAC;YAAC,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;IAC9E,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,oBAAY,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC/C,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,MAAM,MAAM,GAAG,8BAAa,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;IAExE,8BAAa,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9B,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,oBAAY,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;IAC1D,MAAM,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC,IAAgC,CAAC;IAC7D,IAAI,CAAC,WAAW;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACjF,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,EAAE,CAAC;QACvC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,4CAA4C,EAAE,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACpE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAEzD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAClD,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,iBAAM,CAAC,MAAM,CAAC,CAAC;QAC/B,GAAG,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAEnC,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;QAChD,IAAI,CAAC,WAAW;YAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC,CAAC;QAEnF,MAAM,QAAQ,GAAG,8BAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACpD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAC3G,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;QACrE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YAAC,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;IAC9E,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,oBAAY,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACnD,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,8BAAa,CAAC,gBAAgB,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK;YAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACvE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC;QACtE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,gFAAgF;AAEhF,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,oBAAY,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACpD,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;IAC1B,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAA6B,CAAC;IACtD,IAAI,OAAO,OAAO,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC,CAAC;IACvG,8BAAa,CAAC,UAAU,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IACtC,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;AAC9B,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAE/E,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACvC,MAAM,OAAO,GAAG,GAAkB,CAAC;IACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;IACxC,IAAI,CAAC,QAAQ;QAAE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;IACtE,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAA,wCAAuB,EAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC/D,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,2CAA0B,EAAE,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAC7E,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,0EAA0E;AAC1E,kFAAkF;AAElF,gFAAgF;AAEhF,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;QAAE,OAAO,GAAG,CAAC;IAC/D,4DAA4D;IAC5D,KAAK,MAAM,KAAK,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACjE,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;gBAAE,OAAO,GAAG,CAAC;QACjE,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,kBAAe,MAAM,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"projects.d.ts","sourceRoot":"","sources":["../../src/routes/projects.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"projects.d.ts","sourceRoot":"","sources":["../../src/routes/projects.ts"],"names":[],"mappings":"AAuCA,QAAA,MAAM,MAAM,4CAAW,CAAC;AAqhBxB,eAAe,MAAM,CAAC"}
|