npm - @wsh19991219/mcp-server - Versions diffs - 0.1.3 → 0.1.6 - Mend

@wsh19991219/mcp-server 0.1.3 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md CHANGED Viewed

@@ -4,7 +4,7 @@ Data Manager MCP Server — 通过 [MCP](https://modelcontextprotocol.io) 协议
 ## 功能
-- **鉴权管理**：浏览器一键登录，JWT 自动续期
+- **鉴权管理**：浏览器登录（页面填写 API 地址 + 账号密码），JWT 自动保存
 - **表结构探索**：模糊搜表、查看列定义
 - **数据查询**：预定义指标 + 自定义只读 SQL
 - **多库支持**：主库及多个区域数据库 group
@@ -13,7 +13,7 @@ Data Manager MCP Server — 通过 [MCP](https://modelcontextprotocol.io) 协议
 ## 安装
 ```bash
-npm install -g @data_mgr/mcp-server
+npm install -g @wang19991219/mcp-server
 ```
 需要 **Node.js 18+**。
@@ -53,29 +53,47 @@ npm install -g @data_mgr/mcp-server
 ## MCP 工具
-| 工具 | 功能 | 说明 |
-| --- | --- | --- |
-| `check_auth` | 检查登录状态 | 返回用户名、token 有效期 |
-| `login` | 浏览器登录 | 打开浏览器完成 OAuth 登录 |
-| `analytics_query` | 预定义指标查询 | 支持 metric、filters、limit 等参数 |
-| `api_request` | 通用 REST 请求 | GET/POST/PUT/DELETE，含自定义 SQL |
+| 工具                | 功能         | 说明                               |
+| ----------------- | ---------- | -------------------------------- |
+| `check_auth`      | 检查登录状态     | 返回用户名、token 有效期                  |
+| `login`           | 浏览器登录      | 在页面填写 **API 地址**、账号、密码（无硬编码默认地址） |
+| `analytics_query` | 预定义指标查询    | 支持 metric、filters、limit 等参数      |
+| `api_request`     | 通用 REST 请求 | GET/POST/PUT/DELETE，含自定义 SQL     |
 ### api_request 端点
-| 端点 | 方法 | 用途 |
-| --- | --- | --- |
-| `/health` | GET | 健康检查，返回可用数据库 group |
-| `/api/v1/analytics/catalog` | GET | 列出可用指标和数据库 group |
-| `/api/v1/analytics/schema?q=<关键词>` | GET | 模糊搜索表名 |
-| `/api/v1/analytics/schema?tables=<表名>` | GET | 查看表的列结构 |
-| `/api/v1/analytics/sql` | POST | 执行自定义只读 SQL |
+| 端点                                     | 方法   | 用途                 |
+| -------------------------------------- | ---- | ------------------ |
+| `/health`                              | GET  | 健康检查，返回可用数据库 group |
+| `/api/v1/analytics/catalog`            | GET  | 列出可用指标和数据库 group   |
+| `/api/v1/analytics/schema?q=<关键词>`     | GET  | 模糊搜索表名             |
+| `/api/v1/analytics/schema?tables=<表名>` | GET  | 查看表的列结构            |
+| `/api/v1/analytics/sql`                | POST | 执行自定义只读 SQL        |
 ## 环境变量
-| 变量 | 说明 | 默认值 |
-| --- | --- | --- |
-| `DATA_MGR_API_URL` | 后端 API 地址 | `http://42.194.226.85:8092` |
-| `DATA_MGR_CONFIG_DIR` | 配置文件目录 | `~/.data-mgr` |
+| 变量                    | 说明                       | 默认值           |
+| --------------------- | ------------------------ | ------------- |
+| `DATA_MGR_API_URL`    | 后端 API 地址（可选；未设置时在登录页填写） | —             |
+| `DATA_MGR_CONFIG_DIR` | 配置文件目录                   | `~/.data-mgr` |
+## 登录说明
+1. 调用 MCP 工具 `login`（或对话中说「登录 data-mgr」）
+2. 浏览器打开本地登录页，填写：
+  - **API 地址**：如 `http://your-host:8092`（8092 端口一般为 HTTP）
+  - **账号 / 密码**
+3. 成功后写入 `~/.data-mgr/config.json`（含 `apiUrl` 与 `token`）
+也可预先设置环境变量 `DATA_MGR_API_URL`，登录页会自动填充。
+**若登录页仍是旧版（无 API 地址框）**：在 Cursor 中 **Settings → MCP → 重启 data-mgr**，并 **Ctrl+F5** 刷新登录页；或执行 `npm install -g ./data-mgr-mcp-server` 更新全局包。
 ## 使用示例
@@ -88,11 +106,13 @@ npm install -g @data_mgr/mcp-server
 ## 相关包
-| 包名 | 用途 |
-| --- | --- |
-| [`@data_mgr/cli`](https://www.npmjs.com/package/@data_mgr/cli) | Data Manager CLI，适用于 Cursor Agent |
-| [`weather-query-cli`](https://www.npmjs.com/package/weather-query-cli) | 天气查询 CLI |
+| 包名                                                                     | 用途                                |
+| ---------------------------------------------------------------------- | --------------------------------- |
+| `[@data_mgr/cli](https://www.npmjs.com/package/@data_mgr/cli)`         | Data Manager CLI，适用于 Cursor Agent |
+| `[weather-query-cli](https://www.npmjs.com/package/weather-query-cli)` | 天气查询 CLI                          |
 ## License
-MIT
+MIT

package/SKILL.md CHANGED Viewed

@@ -15,14 +15,14 @@ description: >-
 1. 全局安装：`npm install -g @data_mgr/mcp-server`
 2. 注册 MCP 服务（见下方 [注册](#注册到-claude-code) 章节）
-3. 对话中触发登录：Agent 会自动调用 `login` 工具打开浏览器
+3. 对话中触发登录：Agent 调用 `login`，在浏览器页填写 **API 地址**、账号、密码（无内置默认地址）
 ## MCP 工具
 | 工具 | 功能 | 关键参数 |
 | --- | --- | --- |
 | `check_auth` | 检查登录状态，返回 username / token 有效期 | 无 |
-| `login` | 浏览器登录获取 JWT | `openBrowser`: bool（默认 true） |
+| `login` | 浏览器登录（填写 API 地址 + 账号密码） | `openBrowser`: bool（默认 true） |
 | `analytics_query` | 查询预定义指标 | `metric`(必填), `db`, `params`, `filters`, `limit` |
 | `api_request` | 通用 REST 请求（GET/POST/PUT/DELETE） | `method`(必填), `path`(必填), `body`, `query` |
@@ -135,7 +135,7 @@ npm install -g @data_mgr/mcp-server
 | 变量 | 说明 | 默认值 |
 | --- | --- | --- |
-| `DATA_MGR_API_URL` | 后端 API 地址 | `http://127.0.0.1:8092` |
+| `DATA_MGR_API_URL` | 后端 API 地址（可选；未设置时在登录页填写） | — |
 | `DATA_MGR_CONFIG_DIR` | 配置文件目录 | `~/.data-mgr` |
 ## 错误处理

package/bin/data-mgr-login.js ADDED Viewed

@@ -0,0 +1,21 @@
+#!/usr/bin/env node
+/**
+ * Standalone login subprocess — always loads latest login-server.js (avoids MCP ESM cache).
+ * Usage: node bin/data-mgr-login.js [--no-open]
+ * Prints one JSON line to stdout on success.
+ */
+import { runBrowserLogin } from "../lib/login-server.js";
+const noOpen = process.argv.includes("--no-open");
+try {
+  const result = await runBrowserLogin({
+    openBrowser: !noOpen,
+    timeoutMs: 5 * 60 * 1000,
+  });
+  process.stdout.write(`${JSON.stringify(result)}\n`);
+} catch (err) {
+  const message = err instanceof Error ? err.message : String(err);
+  process.stderr.write(`${message}\n`);
+  process.exit(1);
+}

package/bin/data-mgr-mcp.js CHANGED Viewed

@@ -6,7 +6,7 @@ import { registerTools } from "../lib/tools.js";
 const server = new McpServer({
   name: "data-mgr",
-  version: "0.1.0",
+  version: "0.1.6",
 });
 registerTools(server);

package/lib/config.js CHANGED Viewed

@@ -8,13 +8,46 @@ const CONFIG_FILE = path.join(CONFIG_DIR, "config.json");
 /** @typedef {{ apiUrl?: string, token?: string, username?: string, userId?: number, tenantId?: number, expiresIn?: string, expiresAt?: string, loggedInAt?: string }} DataMgrConfig */
-/** Production API (port 8092 serves plain HTTP; use HTTPS only via reverse proxy on 443). */
-export const DEFAULT_API_URL = "http://42.194.226.85:8092";
 export const LOGIN_PATH = "/api/v1/auth/login";
-/** @param {string} url */
+/** @param {string} [url] */
 export function normalizeApiUrl(url) {
-  return String(url).trim().replace(/\/$/, "");
+  return String(url ?? "").trim().replace(/\/$/, "");
+}
+/**
+ * Validate and normalize API base URL (adds http:// if scheme omitted).
+ * @param {string} url
+ * @returns {string}
+ */
+export function parseApiUrl(url) {
+  let trimmed = normalizeApiUrl(url);
+  if (!trimmed) {
+    throw new Error("API 地址不能为空");
+  }
+  if (!/^https?:\/\//i.test(trimmed)) {
+    trimmed = `http://${trimmed}`;
+  }
+  let u;
+  try {
+    u = new URL(trimmed);
+  } catch {
+    throw new Error(`无效的 API 地址: ${url}`);
+  }
+  if (u.protocol !== "http:" && u.protocol !== "https:") {
+    throw new Error("仅支持 http 或 https");
+  }
+  const pathSuffix = u.pathname === "/" ? "" : u.pathname.replace(/\/$/, "");
+  return u.origin + pathSuffix;
+}
+/** Saved API URL from env or config (no default). */
+export function getSavedApiUrl() {
+  const fromEnv = process.env.DATA_MGR_API_URL?.trim();
+  if (fromEnv) return normalizeApiUrl(fromEnv);
+  const cfg = loadConfig();
+  if (cfg.apiUrl) return normalizeApiUrl(cfg.apiUrl);
+  return undefined;
 }
 /** @param {string | number | undefined} expiresIn @param {Date} [from] */
@@ -73,11 +106,11 @@ export function getConfigPath() {
 /** @returns {string} */
 export function getApiUrl() {
-  const fromEnv = process.env.DATA_MGR_API_URL?.trim();
-  if (fromEnv) return normalizeApiUrl(fromEnv);
-  const cfg = loadConfig();
-  if (cfg.apiUrl) return normalizeApiUrl(cfg.apiUrl);
-  return DEFAULT_API_URL;
+  const url = getSavedApiUrl();
+  if (!url) {
+    throw new Error("未配置 API 地址。请运行 login 在登录页填写服务器地址，或设置 DATA_MGR_API_URL / config api-url。");
+  }
+  return url;
 }
 export function hasValidToken() {

package/lib/login-page.html ADDED Viewed

@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+  <meta charset="UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>Data Manager 登录</title>
+  <style>
+    * { box-sizing: border-box; }
+    body {
+      margin: 0; min-height: 100vh; display: grid; place-items: center;
+      font-family: system-ui, -apple-system, "Segoe UI", sans-serif;
+      background: linear-gradient(135deg, #0f172a, #1e3a5f);
+      color: #e2e8f0;
+    }
+    .card {
+      width: min(420px, 92vw); padding: 2rem; border-radius: 16px;
+      background: rgba(15, 23, 42, 0.9); border: 1px solid #334155;
+      box-shadow: 0 20px 50px rgba(0,0,0,.35);
+    }
+    h1 { margin: 0 0 .25rem; font-size: 1.35rem; }
+    p { margin: 0 0 1.5rem; color: #94a3b8; font-size: .9rem; }
+    label { display: block; margin-bottom: .35rem; font-size: .85rem; color: #cbd5e1; }
+    input {
+      width: 100%; padding: .65rem .75rem; margin-bottom: 1rem;
+      border: 1px solid #475569; border-radius: 8px; background: #0f172a; color: #f8fafc;
+      font-size: 1rem;
+    }
+    input:focus { outline: 2px solid #3b82f6; border-color: #3b82f6; }
+    button {
+      width: 100%; padding: .75rem; border: none; border-radius: 8px;
+      background: #2563eb; color: #fff; font-size: 1rem; font-weight: 600; cursor: pointer;
+    }
+    button:hover { background: #1d4ed8; }
+    button:disabled { opacity: .6; cursor: not-allowed; }
+    .msg { margin-top: 1rem; font-size: .9rem; min-height: 1.25rem; }
+    .err { color: #f87171; }
+    .ok { color: #4ade80; }
+  </style>
+</head>
+<body>
+  <div class="card">
+    <h1>Data Manager</h1>
+    <p>请输入 API 地址、账号和密码。登录成功后将保存服务器地址与 token。</p>
+    <form id="form">
+      <label for="apiUrl">API 地址</label>
+      <input id="apiUrl" name="apiUrl" type="text" inputmode="url" spellcheck="false"
+        placeholder="http://host:8092" required autofocus />
+      <label for="username">账号</label>
+      <input id="username" name="username" autocomplete="username" required />
+      <label for="password">密码</label>
+      <input id="password" name="password" type="password" autocomplete="current-password" required />
+      <button type="submit" id="btn">登录</button>
+    </form>
+    <div id="msg" class="msg"></div>
+  </div>
+  <script>
+    const form = document.getElementById('form');
+    const msg = document.getElementById('msg');
+    const btn = document.getElementById('btn');
+    const apiUrlInput = document.getElementById('apiUrl');
+    const defaultApiUrl = __DEFAULT_API_URL_JSON__;
+    if (defaultApiUrl) apiUrlInput.value = defaultApiUrl;
+    else {
+      try {
+        const last = localStorage.getItem('data-mgr-api-url');
+        if (last) apiUrlInput.value = last;
+      } catch (_) {}
+    }
+    form.addEventListener('submit', async (e) => {
+      e.preventDefault();
+      msg.textContent = '';
+      msg.className = 'msg';
+      btn.disabled = true;
+      btn.textContent = '登录中…';
+      const apiUrl = apiUrlInput.value.trim();
+      try {
+        const res = await fetch('/api/login', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            apiUrl,
+            username: document.getElementById('username').value,
+            password: document.getElementById('password').value,
+          }),
+        });
+        const data = await res.json().catch(() => ({}));
+        if (!res.ok) {
+          throw new Error(data.message || data.error || ('HTTP ' + res.status));
+        }
+        try { localStorage.setItem('data-mgr-api-url', apiUrl); } catch (_) {}
+        window.location.href = '/success';
+      } catch (err) {
+        msg.textContent = err.message || '登录失败';
+        msg.className = 'msg err';
+        btn.disabled = false;
+        btn.textContent = '登录';
+      }
+    });
+  </script>
+</body>
+</html>

package/lib/login-server.js CHANGED Viewed

@@ -1,7 +1,13 @@
 import http from "node:http";
+import fs from "node:fs";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
 import { randomBytes } from "node:crypto";
 import { spawn } from "node:child_process";
-import { getApiUrl, LOGIN_PATH } from "./config.js";
+import { getSavedApiUrl, parseApiUrl, LOGIN_PATH } from "./config.js";
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const LOGIN_PAGE_PATH = path.join(__dirname, "login-page.html");
 const CORS_HEADERS = {
   "Access-Control-Allow-Origin": "*",
@@ -9,6 +15,17 @@ const CORS_HEADERS = {
   "Access-Control-Allow-Headers": "Content-Type",
 };
+const NO_CACHE_HEADERS = {
+  "Cache-Control": "no-store, no-cache, must-revalidate",
+  Pragma: "no-cache",
+};
+/** @param {string} [defaultApiUrl] */
+function renderLoginPage(defaultApiUrl) {
+  const template = fs.readFileSync(LOGIN_PAGE_PATH, "utf8");
+  return template.replace("__DEFAULT_API_URL_JSON__", JSON.stringify(defaultApiUrl ?? ""));
+}
 /** @param {import('node:http').ServerResponse} res @param {number} status @param {Record<string, unknown>} body */
 function sendJson(res, status, body) {
   res.writeHead(status, { "Content-Type": "application/json; charset=utf-8", ...CORS_HEADERS });
@@ -37,95 +54,6 @@ function formatUpstreamError(err, apiUrl) {
   return msg || base.message;
 }
-const LOGIN_PAGE = String.raw`<!DOCTYPE html>
-<html lang="zh-CN">
-<head>
-  <meta charset="UTF-8" />
-  <meta name="viewport" content="width=device-width, initial-scale=1" />
-  <title>Data Manager 登录</title>
-  <style>
-    * { box-sizing: border-box; }
-    body {
-      margin: 0; min-height: 100vh; display: grid; place-items: center;
-      font-family: system-ui, -apple-system, "Segoe UI", sans-serif;
-      background: linear-gradient(135deg, #0f172a, #1e3a5f);
-      color: #e2e8f0;
-    }
-    .card {
-      width: min(400px, 92vw); padding: 2rem; border-radius: 16px;
-      background: rgba(15, 23, 42, 0.9); border: 1px solid #334155;
-      box-shadow: 0 20px 50px rgba(0,0,0,.35);
-    }
-    h1 { margin: 0 0 .25rem; font-size: 1.35rem; }
-    p { margin: 0 0 1.5rem; color: #94a3b8; font-size: .9rem; }
-    label { display: block; margin-bottom: .35rem; font-size: .85rem; color: #cbd5e1; }
-    input {
-      width: 100%; padding: .65rem .75rem; margin-bottom: 1rem;
-      border: 1px solid #475569; border-radius: 8px; background: #0f172a; color: #f8fafc;
-      font-size: 1rem;
-    }
-    input:focus { outline: 2px solid #3b82f6; border-color: #3b82f6; }
-    button {
-      width: 100%; padding: .75rem; border: none; border-radius: 8px;
-      background: #2563eb; color: #fff; font-size: 1rem; font-weight: 600; cursor: pointer;
-    }
-    button:hover { background: #1d4ed8; }
-    button:disabled { opacity: .6; cursor: not-allowed; }
-    .msg { margin-top: 1rem; font-size: .9rem; min-height: 1.25rem; }
-    .err { color: #f87171; }
-    .ok { color: #4ade80; }
-    .api { font-size: .75rem; color: #64748b; word-break: break-all; margin-top: 1rem; }
-  </style>
-</head>
-<body>
-  <div class="card">
-    <h1>Data Manager</h1>
-    <p>请输入账号和密码，登录成功后 CLI 将自动保存 token。</p>
-    <form id="form">
-      <label for="username">账号</label>
-      <input id="username" name="username" autocomplete="username" required />
-      <label for="password">密码</label>
-      <input id="password" name="password" type="password" autocomplete="current-password" required />
-      <button type="submit" id="btn">登录</button>
-    </form>
-    <div id="msg" class="msg"></div>
-    <div class="api">API: __API_URL__</div>
-  </div>
-  <script>
-    const form = document.getElementById('form');
-    const msg = document.getElementById('msg');
-    const btn = document.getElementById('btn');
-    form.addEventListener('submit', async (e) => {
-      e.preventDefault();
-      msg.textContent = '';
-      msg.className = 'msg';
-      btn.disabled = true;
-      btn.textContent = '登录中…';
-      try {
-        const res = await fetch('/api/login', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({
-            username: form.username.value,
-            password: form.password.value,
-          }),
-        });
-        const data = await res.json().catch(() => ({}));
-        if (!res.ok) {
-          throw new Error(data.message || data.error || ('HTTP ' + res.status));
-        }
-        window.location.href = '/success';
-      } catch (err) {
-        msg.textContent = err.message || '登录失败';
-        msg.className = 'msg err';
-        btn.disabled = false;
-        btn.textContent = '登录';
-      }
-    });
-  </script>
-</body>
-</html>`;
 const SUCCESS_PAGE = String.raw`<!DOCTYPE html>
 <html lang="zh-CN">
 <head>
@@ -152,18 +80,17 @@ const SUCCESS_PAGE = String.raw`<!DOCTYPE html>
 /**
  * @typedef {object} LoginResult
  * @property {string} token
+ * @property {string} apiUrl
  * @property {string} [username]
  * @property {number} [userId]
  * @property {number} [tenantId]
  * @property {string} [expiresIn]
  * @property {string} [expiresAt]
  * @property {string} loggedInAt
- * @property {string} loginUrl - The URL the user should visit to log in
+ * @property {string} loginUrl
  */
 /**
- * Start local login server, open browser, return token when login succeeds.
- * Modified for MCP: uses onLoginUrl callback instead of console.log.
  * @param {{ timeoutMs?: number, openBrowser?: boolean, apiUrl?: string, onLoginUrl?: (url: string) => void }} [options]
  * @returns {Promise<LoginResult>}
  */
@@ -171,7 +98,7 @@ export function runBrowserLogin(options = {}) {
   const timeoutMs = options.timeoutMs ?? 5 * 60 * 1000;
   const openBrowser = options.openBrowser !== false;
   const onLoginUrl = options.onLoginUrl ?? (() => {});
-  const apiUrl = options.apiUrl ?? getApiUrl();
+  const defaultApiUrl = options.apiUrl ?? getSavedApiUrl() ?? "";
   const state = randomBytes(16).toString("hex");
   return new Promise((resolve, reject) => {
@@ -195,8 +122,11 @@ export function runBrowserLogin(options = {}) {
       }
       if (req.method === "GET" && (url.pathname === "/" || url.pathname === "/login")) {
-        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
-        res.end(LOGIN_PAGE.replace("__API_URL__", apiUrl));
+        res.writeHead(200, {
+          "Content-Type": "text/html; charset=utf-8",
+          ...NO_CACHE_HEADERS,
+        });
+        res.end(renderLoginPage(defaultApiUrl));
         return;
       }
@@ -204,14 +134,22 @@ export function runBrowserLogin(options = {}) {
         let body = "";
         req.on("data", (chunk) => { body += chunk; });
         req.on("end", async () => {
+          let loginApiUrl = defaultApiUrl;
           try {
-            const { username, password } = JSON.parse(body || "{}");
+            const { username, password, apiUrl: rawApiUrl } = JSON.parse(body || "{}");
+            try {
+              loginApiUrl = parseApiUrl(rawApiUrl);
+            } catch (parseErr) {
+              const message = parseErr instanceof Error ? parseErr.message : String(parseErr);
+              sendJson(res, 400, { error: message, message });
+              return;
+            }
             if (!username || !password) {
               sendJson(res, 400, { error: "username and password required" });
               return;
             }
-            const loginEndpoint = `${apiUrl}${LOGIN_PATH}`;
+            const loginEndpoint = `${loginApiUrl}${LOGIN_PATH}`;
             let loginRes;
             try {
               loginRes = await fetch(loginEndpoint, {
@@ -221,22 +159,20 @@ export function runBrowserLogin(options = {}) {
               });
             } catch (fetchErr) {
               sendJson(res, 502, {
-                error: formatUpstreamError(fetchErr, apiUrl),
-                message: formatUpstreamError(fetchErr, apiUrl),
+                error: formatUpstreamError(fetchErr, loginApiUrl),
+                message: formatUpstreamError(fetchErr, loginApiUrl),
               });
               return;
             }
             const data = await loginRes.json().catch(() => ({}));
-            // API returns {code, message, data} — check code for errors
             if (!loginRes.ok || (data.code != null && data.code !== 0)) {
               const message = data.message ?? data.error ?? `Login failed (HTTP ${loginRes.status}, code ${data.code})`;
               sendJson(res, loginRes.ok ? 401 : loginRes.status, { error: message, message });
               return;
             }
-            // Token may be at data.token, data.data.token, or data.data.access_token
             const inner = data.data ?? {};
             const token = data.token ?? inner.token ?? inner.access_token;
             if (!token) {
@@ -257,6 +193,7 @@ export function runBrowserLogin(options = {}) {
             cleanup();
             resolve({
               token,
+              apiUrl: loginApiUrl,
               username: inner.username ?? data.username ?? username,
               userId: inner.user_id ?? data.user_id,
               tenantId: inner.tenant_id ?? data.tenant_id,
@@ -265,7 +202,7 @@ export function runBrowserLogin(options = {}) {
               loginUrl: `http://127.0.0.1:${server?.address()?.port ?? "?"}/login`,
             });
           } catch (err) {
-            const message = formatUpstreamError(err, apiUrl);
+            const message = formatUpstreamError(err, loginApiUrl);
             console.error("[data-mgr login]", message, err);
             sendJson(res, 500, { error: message, message });
           }
@@ -274,7 +211,7 @@ export function runBrowserLogin(options = {}) {
       }
       if (req.method === "GET" && url.pathname === "/success") {
-        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8", ...NO_CACHE_HEADERS });
         res.end(SUCCESS_PAGE);
         return;
       }
@@ -292,6 +229,7 @@ export function runBrowserLogin(options = {}) {
           cleanup();
           resolve({
             token,
+            apiUrl: defaultApiUrl,
             username: url.searchParams.get("username") ?? undefined,
             loggedInAt: new Date().toISOString(),
             loginUrl: `http://127.0.0.1:${server?.address()?.port ?? "?"}/login`,
@@ -313,8 +251,6 @@ export function runBrowserLogin(options = {}) {
       }
       const loginUrl = `http://127.0.0.1:${addr.port}/login`;
-      // Notify caller of the login URL (replaces console.log for MCP compatibility)
       onLoginUrl(loginUrl);
       if (openBrowser) {
@@ -358,9 +294,7 @@ function openUrl(url) {
         ["-NoProfile", "-Command", `Start-Process -FilePath '${url.replace(/'/g, "''")}'`],
         { detached: true, stdio: "ignore", windowsHide: true },
       ).unref();
-      return;
     }
-    // Browser open failed - caller already has the URL via onLoginUrl callback
   });
   child.unref();

package/lib/tools.js CHANGED Viewed

@@ -1,14 +1,52 @@
+import { spawn } from "node:child_process";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
 import { z } from "zod";
 import {
   loadConfig,
   saveConfig,
-  getApiUrl,
+  getSavedApiUrl,
   hasValidToken,
   computeExpiresAt,
   getConfigPath,
 } from "./config.js";
 import { apiRequest, buildQuery } from "./api.js";
+const LOGIN_SCRIPT = path.join(
+  path.dirname(fileURLToPath(import.meta.url)),
+  "..",
+  "bin",
+  "data-mgr-login.js",
+);
+/** @param {boolean} openBrowser */
+function runLoginSubprocess(openBrowser) {
+  return new Promise((resolve, reject) => {
+    const args = [LOGIN_SCRIPT];
+    if (!openBrowser) args.push("--no-open");
+    const child = spawn(process.execPath, args, {
+      stdio: ["ignore", "pipe", "pipe"],
+      windowsHide: true,
+    });
+    let stdout = "";
+    let stderr = "";
+    child.stdout.on("data", (chunk) => { stdout += chunk; });
+    child.stderr.on("data", (chunk) => { stderr += chunk; });
+    child.on("error", reject);
+    child.on("close", (code) => {
+      if (code !== 0) {
+        reject(new Error(stderr.trim() || `Login exited with code ${code}`));
+        return;
+      }
+      try {
+        resolve(JSON.parse(stdout.trim()));
+      } catch {
+        reject(new Error("Invalid login response from subprocess"));
+      }
+    });
+  });
+}
 /**
  * Register all data-mgr tools on the MCP server.
  * @param {import("@modelcontextprotocol/sdk/server/mcp.js").McpServer} server
@@ -125,7 +163,7 @@ export function registerTools(server) {
     {},
     async () => {
       const cfg = loadConfig();
-      const apiUrl = getApiUrl();
+      const apiUrl = getSavedApiUrl() ?? "(未配置，登录时填写)";
       const loggedIn = hasValidToken();
       const expiresAt =
@@ -165,26 +203,19 @@ export function registerTools(server) {
   // Tool 4: login — trigger browser login flow
   server.tool(
     "login",
-    "Trigger the data-mgr browser login flow. Opens a browser window for the user to enter credentials. Returns login result on success. If browser cannot be opened, returns the URL for manual visit.",
+    "Trigger browser login. User enters API base URL, username, and password on the local login page; apiUrl and token are saved to ~/.data-mgr/config.json. Returns login URL if the browser cannot open.",
     {
       openBrowser: z.boolean().optional().describe("Whether to open browser automatically (default true)"),
     },
     async ({ openBrowser }) => {
       try {
-        const { runBrowserLogin } = await import("./login-server.js");
-        // Collect login URL from the callback
-        let loginUrl = "";
-        const result = await runBrowserLogin({
-          openBrowser: openBrowser !== false,
-          timeoutMs: 5 * 60 * 1000,
-          onLoginUrl: (url) => { loginUrl = url; },
-        });
+        const result = await runLoginSubprocess(openBrowser !== false);
+        const loginUrl = result.loginUrl;
         const expiresAt = computeExpiresAt(result.expiresIn, new Date(result.loggedInAt));
         saveConfig({
-          apiUrl: getApiUrl(),
+          apiUrl: result.apiUrl,
           token: result.token,
           username: result.username,
           userId: result.userId,
@@ -195,6 +226,7 @@ export function registerTools(server) {
         });
         const lines = [
+          `API URL: ${result.apiUrl}`,
           `Logged in as: ${result.username ?? "(unknown)"}`,
           `User ID: ${result.userId}`,
           `Tenant ID: ${result.tenantId}`,

package/package.json CHANGED Viewed

@@ -1,11 +1,12 @@
 {
   "name": "@wsh19991219/mcp-server",
-  "version": "0.1.3",
+  "version": "0.1.6",
   "description": "MCP server for Data Manager API — stdio transport, JWT auth",
   "type": "module",
   "main": "lib/tools.js",
   "bin": {
-    "data-mgr-mcp": "bin/data-mgr-mcp.js"
+    "data-mgr-mcp": "bin/data-mgr-mcp.js",
+    "data-mgr-login": "bin/data-mgr-login.js"
   },
   "files": [
     "bin",