npm - @zhangferry-dev/tokendash - Versions diffs - 1.6.2 → 1.7.0 - Mend

@zhangferry-dev/tokendash 1.6.2 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/README.md +7 -6
package/dist/daemon.cjs +159 -54
package/dist/daemon.cjs.map +2 -2
package/dist/electron-server.cjs +159 -54
package/dist/electron-server.cjs.map +2 -2
package/dist/server/index.js +1 -0
package/dist/server/quota/adapter.d.ts +4 -2
package/dist/server/quota/adapters/claude.d.ts +2 -0
package/dist/server/quota/adapters/claude.js +49 -21
package/dist/server/quota/adapters/codex.d.ts +14 -0
package/dist/server/quota/adapters/codex.js +65 -27
package/dist/server/quota/adapters/glm.js +9 -3
package/dist/server/quota/adapters/kimi.js +4 -2
package/dist/server/quota/adapters/minimax.js +8 -3
package/dist/server/quota/index.d.ts +1 -1
package/dist/server/quota/quotaService.d.ts +7 -1
package/dist/server/quota/quotaService.js +32 -10
package/dist/server/quota/types.d.ts +11 -0
package/dist/server/routes/api.js +19 -0
package/package.json +4 -2

package/README.md CHANGED Viewed

@@ -1,6 +1,11 @@
 <div align="center">
-  # TokenDash
+<p align="center">
+  <img src="resources/icon.png" width="132" alt="TokenDash app icon">
+</p>
+# TokenDash
   **Your local command center for AI coding usage.**
   Track tokens, costs, models, projects, and coding-plan limits from the macOS menu bar, with a detailed local dashboard when you need to dig deeper.
@@ -13,10 +18,6 @@
   [Download for macOS](https://github.com/zhangferry/tokendash/releases/latest) · [Run with npx](#run-the-web-dashboard) · [Features](#what-you-get) · [Development](#development)
 </div>
-<p align="center">
-  <img src="resources/icon.png" width="132" alt="TokenDash app icon">
-</p>
 ![TokenDash menu bar app and web dashboard](resources/readme-hero.png)
 ## Why TokenDash?

package/dist/daemon.cjs CHANGED Viewed

@@ -2247,6 +2247,32 @@ var QuotaService = class {
     }
     return this.fetchAll();
   }
+  /**
+   * Validate a credential without caching it or writing it to disk. This keeps
+   * the settings form transactional: only credentials accepted upstream are
+   * persisted by the native app.
+   */
+  async validateCredential(provider, credential) {
+    const adapter = this.registry.get(provider);
+    if (!adapter) {
+      return {
+        provider,
+        valid: false,
+        status: { state: "not_configured", message: "Unsupported provider" }
+      };
+    }
+    try {
+      const snapshot = await withTimeout(
+        adapter.fetch({ credential }),
+        this.fetchTimeoutMs,
+        provider
+      );
+      const validated = validateQuotaSnapshot(snapshot);
+      return { provider, valid: validated.status.state === "ok", status: validated.status };
+    } catch (err) {
+      return { provider, valid: false, status: statusForError(err, this.fetchTimeoutMs) };
+    }
+  }
   async fetchWithTimeout(adapter) {
     try {
       const snapshot = await withTimeout(adapter.fetch(), this.fetchTimeoutMs, adapter.provider);
@@ -2258,14 +2284,7 @@ var QuotaService = class {
     }
   }
   handleFailure(adapter, err) {
-    let status;
-    if (err instanceof QuotaError) {
-      status = err.status;
-    } else if (err instanceof TimeoutError) {
-      status = { state: "timed_out", message: `upstream did not respond within ${this.fetchTimeoutMs}ms` };
-    } else {
-      status = { state: "error", message: redact(err), category: "unexpected" };
-    }
+    const status = statusForError(err, this.fetchTimeoutMs);
     const stale = this.cache.getStale(adapter.provider);
     if (stale) {
       return { ...stale, freshness: "stale", status };
@@ -2280,6 +2299,13 @@ var QuotaService = class {
     };
   }
 };
+function statusForError(err, timeoutMs) {
+  if (err instanceof QuotaError) return err.status;
+  if (err instanceof TimeoutError) {
+    return { state: "timed_out", message: `upstream did not respond within ${timeoutMs}ms` };
+  }
+  return { state: "error", message: redact(err), category: "unexpected" };
+}
 var TimeoutError = class extends Error {
   constructor(provider) {
     super(`quota fetch timed out: ${provider}`);
@@ -2404,8 +2430,7 @@ var codexAdapter = {
   provider: "codex",
   displayName: "OpenAI Codex",
   async isConfigured() {
-    if ((0, import_node_fs8.existsSync)((0, import_node_path8.join)(codexHome(), "auth.json"))) return true;
-    return await codexBinaryAvailable();
+    return (0, import_node_fs8.existsSync)((0, import_node_path8.join)(codexHome(), "auth.json")) && resolveCodexBinary() !== null;
   },
   async fetch() {
     const result = await queryRateLimits();
@@ -2448,10 +2473,16 @@ function capitalize(s) {
   return s.charAt(0).toUpperCase() + s.slice(1);
 }
 async function queryRateLimits() {
-  if (!await codexBinaryAvailable()) {
-    throw new QuotaError({ state: "not_configured", message: "codex CLI not found on PATH" });
-  }
-  const proc = (0, import_node_child_process2.spawn)("codex", ["app-server"], { stdio: ["pipe", "pipe", "pipe"] });
+  const codexBinary = resolveCodexBinary();
+  if (!codexBinary) {
+    throw new QuotaError({ state: "not_configured", message: "official Codex CLI not found" });
+  }
+  const binaryDir = (0, import_node_path8.dirname)(codexBinary);
+  const childPath = [binaryDir, process.env.PATH].filter(Boolean).join(":");
+  const proc = (0, import_node_child_process2.spawn)(codexBinary, ["app-server"], {
+    stdio: ["pipe", "pipe", "pipe"],
+    env: { ...process.env, PATH: childPath }
+  });
   const client = new JsonRpcClient(proc);
   try {
     await client.request("initialize", {
@@ -2540,24 +2571,44 @@ var JsonRpcClient = class {
     this.pending.clear();
   }
 };
-var cachedCodexPath;
-async function codexBinaryAvailable() {
-  if (cachedCodexPath !== void 0) return cachedCodexPath !== null;
-  return new Promise((resolve2) => {
-    const proc = (0, import_node_child_process2.spawn)("which", ["codex"], { stdio: ["ignore", "pipe", "ignore"] });
-    let out = "";
-    proc.stdout.on("data", (c) => {
-      out += c;
-    });
-    proc.on("close", () => {
-      cachedCodexPath = out.trim() || null;
-      resolve2(cachedCodexPath !== null);
-    });
-    proc.on("error", () => {
-      cachedCodexPath = null;
-      resolve2(false);
-    });
-  });
+function resolveCodexBinary(options = {}) {
+  const home = options.home ?? (0, import_node_os8.homedir)();
+  const path = options.path ?? process.env.PATH ?? "";
+  const explicitBinary = options.explicitBinary ?? process.env.CODEX_BIN;
+  const isExecutable = options.isExecutable ?? defaultIsExecutable;
+  const nvmRoot = (0, import_node_path8.join)(home, ".nvm", "versions", "node");
+  const nvmVersions = options.nvmVersions ?? readDirectoryNames(nvmRoot);
+  const candidates = [
+    explicitBinary,
+    "/Applications/Codex.app/Contents/Resources/codex",
+    (0, import_node_path8.join)(home, "Applications", "Codex.app", "Contents", "Resources", "codex"),
+    "/opt/homebrew/bin/codex",
+    "/usr/local/bin/codex",
+    (0, import_node_path8.join)(home, ".local", "bin", "codex"),
+    (0, import_node_path8.join)(home, ".volta", "bin", "codex"),
+    (0, import_node_path8.join)(home, ".bun", "bin", "codex"),
+    ...nvmVersions.sort((a, b) => b.localeCompare(a, void 0, { numeric: true })).map((version) => (0, import_node_path8.join)(nvmRoot, version, "bin", "codex")),
+    ...path.split(":").filter(Boolean).map((directory) => (0, import_node_path8.join)(directory, "codex"))
+  ];
+  for (const candidate of candidates) {
+    if (candidate && isExecutable(candidate)) return candidate;
+  }
+  return null;
+}
+function defaultIsExecutable(candidate) {
+  try {
+    (0, import_node_fs8.accessSync)(candidate, import_node_fs8.constants.X_OK);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function readDirectoryNames(directory) {
+  try {
+    return (0, import_node_fs8.readdirSync)(directory, { withFileTypes: true }).filter((entry) => entry.isDirectory()).map((entry) => entry.name);
+  } catch {
+    return [];
+  }
 }
 // src/server/quota/adapters/claude.ts
@@ -2565,6 +2616,7 @@ var import_node_fs9 = require("node:fs");
 var import_node_path9 = require("node:path");
 var import_node_os9 = require("node:os");
 var import_node_child_process3 = require("node:child_process");
+var import_node_crypto = require("node:crypto");
 var claudeAdapter = {
   provider: "claude",
   displayName: "Claude Code",
@@ -2633,7 +2685,7 @@ function readClaudeToken() {
   if ((0, import_node_fs9.existsSync)(credPath)) {
     try {
       const parsed = JSON.parse((0, import_node_fs9.readFileSync)(credPath, "utf8"));
-      return parsed?.claudeAiOauth?.accessToken ?? null;
+      return extractClaudeAccessToken(parsed);
     } catch {
       return null;
     }
@@ -2641,33 +2693,55 @@ function readClaudeToken() {
   return null;
 }
 function readFromKeychain() {
-  const candidates = ["Claude Code-credentials"];
+  const candidates = claudeKeychainServiceNames(process.env.CLAUDE_CONFIG_DIR);
   try {
     const list = (0, import_node_child_process3.execFileSync)("security", ["dump-keychain"], { stdio: ["ignore", "pipe", "ignore"], encoding: "utf8" });
-    for (const m of list.matchAll(/"srvname"<blob>="([^"]*Claude Code-credentials[^"]*)"/g)) {
+    for (const m of list.matchAll(/"svce"<blob>="([^"]*Claude Code-credentials[^"]*)"/g)) {
       if (m[1] && !candidates.includes(m[1])) candidates.push(m[1]);
     }
   } catch {
   }
+  const accounts = [safeUsername(), void 0];
   for (const name of candidates) {
-    try {
-      const raw = (0, import_node_child_process3.execFileSync)("security", ["find-generic-password", "-s", name, "-w"], {
-        stdio: ["ignore", "pipe", "ignore"],
-        encoding: "utf8"
-      }).trim();
-      if (!raw) continue;
+    for (const account of accounts) {
       try {
-        const parsed = JSON.parse(raw);
-        return parsed?.claudeAiOauth?.accessToken ?? null;
+        const args = ["find-generic-password", "-s", name];
+        if (account) args.push("-a", account);
+        args.push("-w");
+        const raw = (0, import_node_child_process3.execFileSync)("/usr/bin/security", args, {
+          stdio: ["ignore", "pipe", "ignore"],
+          encoding: "utf8",
+          timeout: 2e3
+        }).trim();
+        if (!raw) continue;
+        const token = extractClaudeAccessToken(JSON.parse(raw));
+        if (token) return token;
       } catch {
-        return raw;
+        continue;
       }
-    } catch {
-      continue;
     }
   }
   return null;
 }
+function claudeKeychainServiceNames(configDir) {
+  if (!configDir) return ["Claude Code-credentials"];
+  const hash = (0, import_node_crypto.createHash)("sha256").update(configDir).digest("hex").slice(0, 8);
+  return [`Claude Code-credentials-${hash}`, "Claude Code-credentials"];
+}
+function extractClaudeAccessToken(value) {
+  if (!value || typeof value !== "object") return null;
+  const root = value;
+  const nested = root.claudeAiOauth;
+  const credentials = nested && typeof nested === "object" ? nested : root;
+  return typeof credentials.accessToken === "string" && credentials.accessToken ? credentials.accessToken : null;
+}
+function safeUsername() {
+  try {
+    return (0, import_node_os9.userInfo)().username?.trim() || void 0;
+  } catch {
+    return void 0;
+  }
+}
 // src/server/quota/adapters/glm.ts
 var import_node_fs11 = require("node:fs");
@@ -2703,8 +2777,8 @@ var glmAdapter = {
   async isConfigured() {
     return !!resolveCredential();
   },
-  async fetch() {
-    const cred = resolveCredential();
+  async fetch(options) {
+    const cred = resolveCredential(options?.credential);
     if (!cred) {
       throw new QuotaError({ state: "not_configured", message: "set ZAI_API_KEY or ZHIPU_API_KEY" });
     }
@@ -2760,7 +2834,13 @@ function classifyFetchError2(err) {
   const msg = err instanceof Error ? err.message : String(err);
   return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
 }
-function resolveCredential() {
+function resolveCredential(proposed) {
+  if (proposed?.apiKey) {
+    return {
+      key: proposed.apiKey,
+      base: proposed.baseUrl || "https://open.bigmodel.cn"
+    };
+  }
   const stored = readStoredCredential("glm");
   if (stored) return { key: stored.apiKey, base: stored.baseUrl || "https://open.bigmodel.cn" };
   const zai = envOrConfig("ZAI_API_KEY");
@@ -2815,8 +2895,8 @@ var minimaxAdapter = {
   async isConfigured() {
     return !!resolveCredential2();
   },
-  async fetch() {
-    const cred = resolveCredential2();
+  async fetch(options) {
+    const cred = resolveCredential2(options?.credential);
     if (!cred) {
       throw new QuotaError({ state: "not_configured", message: "set MINIMAX_API_KEY (Subscription Key)" });
     }
@@ -2875,7 +2955,12 @@ function classifyFetchError3(err) {
   const msg = err instanceof Error ? err.message : String(err);
   return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
 }
-function resolveCredential2() {
+function resolveCredential2(proposed) {
+  if (proposed?.apiKey) {
+    const region2 = (process.env.MINIMAX_REGION || "").toLowerCase();
+    const base2 = proposed.baseUrl || (region2 === "cn" ? "https://www.minimaxi.com" : "https://www.minimax.io");
+    return { key: proposed.apiKey, base: base2 };
+  }
   const stored = readStoredCredential("minimax");
   if (stored) {
     const region2 = (process.env.MINIMAX_REGION || "").toLowerCase();
@@ -2903,9 +2988,9 @@ var kimiAdapter = {
     const cred = readCredentials();
     return !!cred && !!cred.access_token;
   },
-  async fetch() {
+  async fetch(options) {
     const credPath = credentialsPath();
-    let cred = readCredentials();
+    let cred = options?.credential?.apiKey ? { access_token: options.credential.apiKey, token_type: "Bearer" } : readCredentials();
     if (!cred || !cred.access_token) {
       throw new QuotaError({ state: "not_configured", message: "run `kimi` to log in first" });
     }
@@ -3057,6 +3142,24 @@ async function getQuota(_req, res) {
     res.status(500).json({ error: "Failed to fetch quota", hint: message });
   }
 }
+var editableQuotaProviders = /* @__PURE__ */ new Set(["glm", "kimi", "minimax"]);
+async function validateQuotaCredential(req, res) {
+  const provider = req.body?.provider;
+  const apiKey = typeof req.body?.apiKey === "string" ? req.body.apiKey.trim() : "";
+  const baseUrl = typeof req.body?.baseUrl === "string" ? req.body.baseUrl.trim() : void 0;
+  if (!editableQuotaProviders.has(provider) || !apiKey) {
+    res.status(400).json({
+      error: "Invalid credential request",
+      hint: "A supported provider and non-empty token are required."
+    });
+    return;
+  }
+  const result = await quotaService.validateCredential(provider, {
+    apiKey,
+    baseUrl: baseUrl || void 0
+  });
+  res.status(result.valid ? 200 : 422).json(result);
+}
 function getAgents(_req, res) {
   try {
     const agents = detectAvailableAgents();
@@ -3090,6 +3193,7 @@ function registerApiRoutes(router, appInfo) {
   router.get("/blocks", getBlocks);
   router.get("/analytics", getAnalytics);
   router.get("/quota", getQuota);
+  router.post("/quota/validate", validateQuotaCredential);
 }
 // src/server/index.ts
@@ -3133,6 +3237,7 @@ function resolveStaticAssetBaseDir(moduleUrl = __esbuild_import_meta_url, baseDi
 function createApp(_port, baseDir) {
   const app = (0, import_express.default)();
   const router = import_express.default.Router();
+  app.use(import_express.default.json({ limit: "16kb" }));
   registerApiRoutes(router, {
     packageName: PACKAGE_NAME,
     version: getPackageVersion(),