@zhangferry-dev/tokendash 1.6.2 → 1.7.0

package/dist/server/index.js

@@ -146,6 +146,7 @@ export function resolveStaticAssetBaseDir(moduleUrl = import.meta.url, baseDir)
 export function createApp(_port, baseDir) {
     const app = express();
     const router = express.Router();
+    app.use(express.json({ limit: '16kb' }));
     // Register API routes
     registerApiRoutes(router, {
         packageName: PACKAGE_NAME,

package/dist/server/quota/adapter.d.ts

@@ -1,4 +1,4 @@
-import type { QuotaProviderId, QuotaSnapshot, QuotaProviderStatus } from './types.js';
+import type { QuotaCredentialInput, QuotaProviderId, QuotaSnapshot, QuotaProviderStatus } from './types.js';
 /**
  * Structured quota error. Adapters throw this (not generic Error) so the
  * service can classify the status without inspecting message strings.
@@ -28,7 +28,9 @@ export interface QuotaAdapter {
      * Fetch a fresh normalized snapshot. Throws QuotaError on any failure.
      * Must NOT include secrets in any field of the returned snapshot.
      */
-    fetch(): Promise<QuotaSnapshot>;
+    fetch(options?: {
+        credential?: QuotaCredentialInput;
+    }): Promise<QuotaSnapshot>;
 }
 /**
  * Registry of all known adapters, keyed by provider id.

package/dist/server/quota/adapters/claude.d.ts

@@ -1,2 +1,4 @@
 import type { QuotaAdapter } from '../adapter.js';
 export declare const claudeAdapter: QuotaAdapter;
+export declare function claudeKeychainServiceNames(configDir?: string): string[];
+export declare function extractClaudeAccessToken(value: unknown): string | null;

package/dist/server/quota/adapters/claude.js

@@ -1,7 +1,8 @@
 import { existsSync, readFileSync } from 'node:fs';
 import { join } from 'node:path';
-import { homedir } from 'node:os';
+import { homedir, userInfo } from 'node:os';
 import { execFileSync } from 'node:child_process';
+import { createHash } from 'node:crypto';
 import { QuotaError, baseSnapshot } from '../adapter.js';
 import { fetchJsonWithTimeout, HttpError, classifyHttpError, windowFromPercent } from '../helpers.js';
 export const claudeAdapter = {
@@ -77,7 +78,7 @@ function readClaudeToken() {
     if (existsSync(credPath)) {
         try {
             const parsed = JSON.parse(readFileSync(credPath, 'utf8'));
-            return parsed?.claudeAiOauth?.accessToken ?? null;
+            return extractClaudeAccessToken(parsed);
         }
         catch {
             return null;
@@ -86,39 +87,66 @@ function readClaudeToken() {
     return null;
 }
 function readFromKeychain() {
-    // Keychain entries may carry a per-installation GUID suffix; try the base
-    // name first, then any matching suffix.
-    const candidates = ['Claude Code-credentials'];
+    const candidates = claudeKeychainServiceNames(process.env.CLAUDE_CONFIG_DIR);
     try {
         const list = execFileSync('security', ['dump-keychain'], { stdio: ['ignore', 'pipe', 'ignore'], encoding: 'utf8' });
-        for (const m of list.matchAll(/"srvname"<blob>="([^"]*Claude Code-credentials[^"]*)"/g)) {
+        for (const m of list.matchAll(/"svce"<blob>="([^"]*Claude Code-credentials[^"]*)"/g)) {
             if (m[1] && !candidates.includes(m[1]))
                 candidates.push(m[1]);
         }
     }
     catch {
-        // dump-keychain may prompt or fail; base name is the common case.
+        // dump-keychain may fail; deterministic service names are still tried.
     }
+    const accounts = [safeUsername(), undefined];
     for (const name of candidates) {
-        try {
-            const raw = execFileSync('security', ['find-generic-password', '-s', name, '-w'], {
-                stdio: ['ignore', 'pipe', 'ignore'],
-                encoding: 'utf8',
-            }).trim();
-            if (!raw)
-                continue;
-            // The stored value is itself a JSON blob holding the OAuth tokens.
+        for (const account of accounts) {
             try {
-                const parsed = JSON.parse(raw);
-                return parsed?.claudeAiOauth?.accessToken ?? null;
+                const args = ['find-generic-password', '-s', name];
+                if (account)
+                    args.push('-a', account);
+                args.push('-w');
+                const raw = execFileSync('/usr/bin/security', args, {
+                    stdio: ['ignore', 'pipe', 'ignore'],
+                    encoding: 'utf8',
+                    timeout: 2_000,
+                }).trim();
+                if (!raw)
+                    continue;
+                const token = extractClaudeAccessToken(JSON.parse(raw));
+                if (token)
+                    return token;
             }
             catch {
-                return raw; // already a bare token in some setups
+                continue;
             }
         }
-        catch {
-            continue;
-        }
     }
     return null;
 }
+export function claudeKeychainServiceNames(configDir) {
+    if (!configDir)
+        return ['Claude Code-credentials'];
+    const hash = createHash('sha256').update(configDir).digest('hex').slice(0, 8);
+    return [`Claude Code-credentials-${hash}`, 'Claude Code-credentials'];
+}
+export function extractClaudeAccessToken(value) {
+    if (!value || typeof value !== 'object')
+        return null;
+    const root = value;
+    const nested = root.claudeAiOauth;
+    const credentials = nested && typeof nested === 'object'
+        ? nested
+        : root;
+    return typeof credentials.accessToken === 'string' && credentials.accessToken
+        ? credentials.accessToken
+        : null;
+}
+function safeUsername() {
+    try {
+        return userInfo().username?.trim() || undefined;
+    }
+    catch {
+        return undefined;
+    }
+}

package/dist/server/quota/adapters/codex.d.ts

@@ -1,2 +1,16 @@
 import type { QuotaAdapter } from '../adapter.js';
 export declare const codexAdapter: QuotaAdapter;
+interface CodexBinaryResolutionOptions {
+    home?: string;
+    path?: string;
+    explicitBinary?: string;
+    isExecutable?: (candidate: string) => boolean;
+    nvmVersions?: string[];
+}
+/**
+ * Resolve Codex independently of the launch environment. Finder-launched apps
+ * normally receive only /usr/bin:/bin:/usr/sbin:/sbin, while Codex is commonly
+ * installed in Codex.app, Homebrew, Volta, or an NVM version directory.
+ */
+export declare function resolveCodexBinary(options?: CodexBinaryResolutionOptions): string | null;
+export {};

package/dist/server/quota/adapters/codex.js

@@ -1,5 +1,5 @@
-import { existsSync, readFileSync } from 'node:fs';
-import { join } from 'node:path';
+import { existsSync, readdirSync, accessSync, constants } from 'node:fs';
+import { dirname, join } from 'node:path';
 import { homedir } from 'node:os';
 import { spawn } from 'node:child_process';
 import { QuotaError, baseSnapshot } from '../adapter.js';
@@ -11,12 +11,10 @@ export const codexAdapter = {
     provider: 'codex',
     displayName: 'OpenAI Codex',
     async isConfigured() {
-        // auth.json present signals the user has logged in (file credential store).
-        // Keyring-stored creds won't show a file, but the app-server itself is the
-        // authority there — so also treat the codex binary being runnable as configured.
-        if (existsSync(join(codexHome(), 'auth.json')))
-            return true;
-        return await codexBinaryAvailable();
+        // Only surface Codex when the official login file and a runnable official
+        // CLI are both present. Finder-launched apps have a minimal PATH, so binary
+        // discovery must not rely on `which codex`.
+        return existsSync(join(codexHome(), 'auth.json')) && resolveCodexBinary() !== null;
     },
     async fetch() {
         const result = await queryRateLimits();
@@ -64,10 +62,16 @@ function capitalize(s) {
 }
 // --- JSON-RPC over the codex app-server ---
 async function queryRateLimits() {
-    if (!(await codexBinaryAvailable())) {
-        throw new QuotaError({ state: 'not_configured', message: 'codex CLI not found on PATH' });
+    const codexBinary = resolveCodexBinary();
+    if (!codexBinary) {
+        throw new QuotaError({ state: 'not_configured', message: 'official Codex CLI not found' });
     }
-    const proc = spawn('codex', ['app-server'], { stdio: ['pipe', 'pipe', 'pipe'] });
+    const binaryDir = dirname(codexBinary);
+    const childPath = [binaryDir, process.env.PATH].filter(Boolean).join(':');
+    const proc = spawn(codexBinary, ['app-server'], {
+        stdio: ['pipe', 'pipe', 'pipe'],
+        env: { ...process.env, PATH: childPath },
+    });
     const client = new JsonRpcClient(proc);
     try {
         await client.request('initialize', {
@@ -169,20 +173,54 @@ class JsonRpcClient {
         this.pending.clear();
     }
 }
-let cachedCodexPath;
-async function codexBinaryAvailable() {
-    if (cachedCodexPath !== undefined)
-        return cachedCodexPath !== null;
-    return new Promise((resolve) => {
-        const proc = spawn('which', ['codex'], { stdio: ['ignore', 'pipe', 'ignore'] });
-        let out = '';
-        proc.stdout.on('data', (c) => { out += c; });
-        proc.on('close', () => {
-            cachedCodexPath = out.trim() || null;
-            resolve(cachedCodexPath !== null);
-        });
-        proc.on('error', () => { cachedCodexPath = null; resolve(false); });
-    });
+/**
+ * Resolve Codex independently of the launch environment. Finder-launched apps
+ * normally receive only /usr/bin:/bin:/usr/sbin:/sbin, while Codex is commonly
+ * installed in Codex.app, Homebrew, Volta, or an NVM version directory.
+ */
+export function resolveCodexBinary(options = {}) {
+    const home = options.home ?? homedir();
+    const path = options.path ?? process.env.PATH ?? '';
+    const explicitBinary = options.explicitBinary ?? process.env.CODEX_BIN;
+    const isExecutable = options.isExecutable ?? defaultIsExecutable;
+    const nvmRoot = join(home, '.nvm', 'versions', 'node');
+    const nvmVersions = options.nvmVersions ?? readDirectoryNames(nvmRoot);
+    const candidates = [
+        explicitBinary,
+        '/Applications/Codex.app/Contents/Resources/codex',
+        join(home, 'Applications', 'Codex.app', 'Contents', 'Resources', 'codex'),
+        '/opt/homebrew/bin/codex',
+        '/usr/local/bin/codex',
+        join(home, '.local', 'bin', 'codex'),
+        join(home, '.volta', 'bin', 'codex'),
+        join(home, '.bun', 'bin', 'codex'),
+        ...nvmVersions
+            .sort((a, b) => b.localeCompare(a, undefined, { numeric: true }))
+            .map((version) => join(nvmRoot, version, 'bin', 'codex')),
+        ...path.split(':').filter(Boolean).map((directory) => join(directory, 'codex')),
+    ];
+    for (const candidate of candidates) {
+        if (candidate && isExecutable(candidate))
+            return candidate;
+    }
+    return null;
+}
+function defaultIsExecutable(candidate) {
+    try {
+        accessSync(candidate, constants.X_OK);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function readDirectoryNames(directory) {
+    try {
+        return readdirSync(directory, { withFileTypes: true })
+            .filter((entry) => entry.isDirectory())
+            .map((entry) => entry.name);
+    }
+    catch {
+        return [];
+    }
 }
-// Keep readFileSync referenced for potential future auth.json inspection without network.
-void readFileSync;

package/dist/server/quota/adapters/glm.js

@@ -10,8 +10,8 @@ export const glmAdapter = {
     async isConfigured() {
         return !!resolveCredential();
     },
-    async fetch() {
-        const cred = resolveCredential();
+    async fetch(options) {
+        const cred = resolveCredential(options?.credential);
         if (!cred) {
             throw new QuotaError({ state: 'not_configured', message: 'set ZAI_API_KEY or ZHIPU_API_KEY' });
         }
@@ -63,7 +63,13 @@ function classifyFetchError(err) {
     const msg = err instanceof Error ? err.message : String(err);
     return new QuotaError({ state: 'upstream_unavailable', message: msg.slice(0, 200) });
 }
-function resolveCredential() {
+function resolveCredential(proposed) {
+    if (proposed?.apiKey) {
+        return {
+            key: proposed.apiKey,
+            base: proposed.baseUrl || 'https://open.bigmodel.cn',
+        };
+    }
     // 0. Key entered in-app (via the credential sheet) — highest priority.
     const stored = readStoredCredential('glm');
     if (stored)

package/dist/server/quota/adapters/kimi.js

@@ -26,9 +26,11 @@ export const kimiAdapter = {
         const cred = readCredentials();
         return !!cred && !!cred.access_token;
     },
-    async fetch() {
+    async fetch(options) {
         const credPath = credentialsPath();
-        let cred = readCredentials();
+        let cred = options?.credential?.apiKey
+            ? { access_token: options.credential.apiKey, token_type: 'Bearer' }
+            : readCredentials();
         if (!cred || !cred.access_token) {
             throw new QuotaError({ state: 'not_configured', message: 'run `kimi` to log in first' });
         }

package/dist/server/quota/adapters/minimax.js

@@ -7,8 +7,8 @@ export const minimaxAdapter = {
     async isConfigured() {
         return !!resolveCredential();
     },
-    async fetch() {
-        const cred = resolveCredential();
+    async fetch(options) {
+        const cred = resolveCredential(options?.credential);
         if (!cred) {
             throw new QuotaError({ state: 'not_configured', message: 'set MINIMAX_API_KEY (Subscription Key)' });
         }
@@ -57,7 +57,12 @@ function classifyFetchError(err) {
     const msg = err instanceof Error ? err.message : String(err);
     return new QuotaError({ state: 'upstream_unavailable', message: msg.slice(0, 200) });
 }
-function resolveCredential() {
+function resolveCredential(proposed) {
+    if (proposed?.apiKey) {
+        const region = (process.env.MINIMAX_REGION || '').toLowerCase();
+        const base = proposed.baseUrl || (region === 'cn' ? 'https://www.minimaxi.com' : 'https://www.minimax.io');
+        return { key: proposed.apiKey, base };
+    }
     // 0. Key entered in-app (via the credential sheet) — highest priority.
     const stored = readStoredCredential('minimax');
     if (stored) {

package/dist/server/quota/index.d.ts

@@ -1,5 +1,5 @@
 import { QuotaCache } from './cache.js';
 import { QuotaService } from './quotaService.js';
-export type { QuotaSnapshot, QuotaWindow, QuotaProviderStatus, QuotaResponse, QuotaProviderId } from './types.js';
+export type { QuotaCredentialInput, QuotaCredentialValidation, QuotaSnapshot, QuotaWindow, QuotaProviderStatus, QuotaResponse, QuotaProviderId, } from './types.js';
 export declare const quotaCache: QuotaCache;
 export declare const quotaService: QuotaService;

package/dist/server/quota/quotaService.d.ts

@@ -1,4 +1,4 @@
-import type { QuotaSnapshot, QuotaProviderId, QuotaResponse } from './types.js';
+import type { QuotaCredentialInput, QuotaCredentialValidation, QuotaSnapshot, QuotaProviderId, QuotaResponse } from './types.js';
 import type { QuotaAdapterRegistry } from './adapter.js';
 import { QuotaCache } from './cache.js';
 /**
@@ -32,6 +32,12 @@ export declare class QuotaService {
     fetchAll(): Promise<QuotaResponse>;
     /** Force a refresh of all configured providers, bypassing the cache. */
     refreshAll(): Promise<QuotaResponse>;
+    /**
+     * Validate a credential without caching it or writing it to disk. This keeps
+     * the settings form transactional: only credentials accepted upstream are
+     * persisted by the native app.
+     */
+    validateCredential(provider: QuotaProviderId, credential: QuotaCredentialInput): Promise<QuotaCredentialValidation>;
     private fetchWithTimeout;
     private handleFailure;
 }

package/dist/server/quota/quotaService.js

@@ -74,6 +74,29 @@ export class QuotaService {
         }
         return this.fetchAll();
     }
+    /**
+     * Validate a credential without caching it or writing it to disk. This keeps
+     * the settings form transactional: only credentials accepted upstream are
+     * persisted by the native app.
+     */
+    async validateCredential(provider, credential) {
+        const adapter = this.registry.get(provider);
+        if (!adapter) {
+            return {
+                provider,
+                valid: false,
+                status: { state: 'not_configured', message: 'Unsupported provider' },
+            };
+        }
+        try {
+            const snapshot = await withTimeout(adapter.fetch({ credential }), this.fetchTimeoutMs, provider);
+            const validated = validateQuotaSnapshot(snapshot);
+            return { provider, valid: validated.status.state === 'ok', status: validated.status };
+        }
+        catch (err) {
+            return { provider, valid: false, status: statusForError(err, this.fetchTimeoutMs) };
+        }
+    }
     async fetchWithTimeout(adapter) {
         try {
             const snapshot = await withTimeout(adapter.fetch(), this.fetchTimeoutMs, adapter.provider);
@@ -86,16 +109,7 @@ export class QuotaService {
         }
     }
     handleFailure(adapter, err) {
-        let status;
-        if (err instanceof QuotaError) {
-            status = err.status;
-        }
-        else if (err instanceof TimeoutError) {
-            status = { state: 'timed_out', message: `upstream did not respond within ${this.fetchTimeoutMs}ms` };
-        }
-        else {
-            status = { state: 'error', message: redact(err), category: 'unexpected' };
-        }
+        const status = statusForError(err, this.fetchTimeoutMs);
         // Retain last good snapshot as stale.
         const stale = this.cache.getStale(adapter.provider);
         if (stale) {
@@ -112,6 +126,14 @@ export class QuotaService {
         };
     }
 }
+function statusForError(err, timeoutMs) {
+    if (err instanceof QuotaError)
+        return err.status;
+    if (err instanceof TimeoutError) {
+        return { state: 'timed_out', message: `upstream did not respond within ${timeoutMs}ms` };
+    }
+    return { state: 'error', message: redact(err), category: 'unexpected' };
+}
 class TimeoutError extends Error {
     constructor(provider) {
         super(`quota fetch timed out: ${provider}`);

package/dist/server/quota/types.d.ts

@@ -63,3 +63,14 @@ export interface QuotaProviderStatus {
 export interface QuotaResponse {
     providers: QuotaSnapshot[];
 }
+/** A credential proposed by the settings UI but not persisted yet. */
+export interface QuotaCredentialInput {
+    apiKey: string;
+    baseUrl?: string;
+}
+/** Result of checking a proposed credential against its upstream provider. */
+export interface QuotaCredentialValidation {
+    provider: QuotaProviderId;
+    valid: boolean;
+    status: QuotaProviderStatus;
+}

package/dist/server/routes/api.js

@@ -21,6 +21,24 @@ async function getQuota(_req, res) {
         res.status(500).json({ error: 'Failed to fetch quota', hint: message });
     }
 }
+const editableQuotaProviders = new Set(['glm', 'kimi', 'minimax']);
+async function validateQuotaCredential(req, res) {
+    const provider = req.body?.provider;
+    const apiKey = typeof req.body?.apiKey === 'string' ? req.body.apiKey.trim() : '';
+    const baseUrl = typeof req.body?.baseUrl === 'string' ? req.body.baseUrl.trim() : undefined;
+    if (!editableQuotaProviders.has(provider) || !apiKey) {
+        res.status(400).json({
+            error: 'Invalid credential request',
+            hint: 'A supported provider and non-empty token are required.',
+        });
+        return;
+    }
+    const result = await quotaService.validateCredential(provider, {
+        apiKey,
+        baseUrl: baseUrl || undefined,
+    });
+    res.status(result.valid ? 200 : 422).json(result);
+}
 function getAgents(_req, res) {
     try {
         const agents = detectAvailableAgents();
@@ -59,4 +77,5 @@ export function registerApiRoutes(router, appInfo) {
     router.get('/blocks', getBlocks);
     router.get('/analytics', getAnalytics);
     router.get('/quota', getQuota);
+    router.post('/quota/validate', validateQuotaCredential);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zhangferry-dev/tokendash",
-  "version": "1.6.2",
+  "version": "1.7.0",
   "type": "module",
   "description": "Token Usage Analytics Dashboard",
   "publishConfig": {
@@ -30,7 +30,9 @@
     "test:watch": "vitest",
     "test:e2e": "playwright test",
     "prepack": "npm run build",
-    "release": "npm publish --access public --registry https://registry.npmjs.org"
+    "release:npm": "npm publish --access public --registry https://registry.npmjs.org",
+    "deploy:check": "./scripts/deploy.sh --dry-run",
+    "deploy": "./scripts/deploy.sh"
   },
   "dependencies": {
     "express": "^5.1.0",