@zhihand/mcp 0.30.0 → 0.32.1

package/dist/core/registry.js

@@ -1,29 +1,44 @@
 /**
  * Device registry — the single source of truth for all paired devices,
- * their live state (profile, online flag, SSE connection), and multi-
- * device routing.
+ * their live state, and multi-user WebSocket streams.
  *
- * Holds a per-credential AbortController for SSE, a per-device heartbeat
- * timer, and a single debounced notifier for list_changed.
+ * Groups devices under users. Each user has one UserEventWebSocket.
+ * Online detection is server-authoritative (no local heartbeat polling).
+ * Config hot-reload via fs.watchFile.
  */
-import { loadConfig, addDevice as configAddDevice, removeDevice as configRemoveDevice, renameDevice as configRenameDevice, setDefaultDevice as configSetDefault, updateLastSeen as configUpdateLastSeen, recordToRuntimeConfig, } from "./config.js";
-import { extractStatic, computeCapabilities, fetchDeviceProfileOnce, normalizeProfilePayload, } from "./device.js";
-import { connectSSEForCredential, handleSSEEvent } from "./sse.js";
-import { dbg } from "../daemon/logger.js";
-const HEARTBEAT_INTERVAL_MS = 30_000;
-const ONLINE_PROFILE_TTL_MS = 60_000;
+import fs from "node:fs";
+import { loadConfig, getConfigPath, resolveDefaultEndpoint, addDeviceToUser as configAddDeviceToUser, updateDeviceLastSeen as configUpdateDeviceLastSeen, } from "./config.js";
+import { extractStatic, computeCapabilities, normalizeProfilePayload, } from "./device.js";
+import { UserEventWebSocket, fetchUserCredentials, } from "./ws.js";
+import { log } from "./logger.js";
 const LIST_CHANGED_DEBOUNCE_MS = 2500;
+const CONFIG_WATCH_INTERVAL_MS = 1000;
+const CONFIG_RECONCILE_DEBOUNCE_MS = 300;
 class Registry {
-    devices = new Map();
+    userStates = new Map();
     listChangedSubs = new Set();
     debounceTimer = null;
     lastOnlineSet = new Set();
     initialized = false;
+    configWatchActive = false;
+    reconcileTimer = null;
+    // ── Public API ──────────────────────────────────────────
     get(credentialId) {
-        return this.devices.get(credentialId) ?? null;
+        for (const us of this.userStates.values()) {
+            const d = us.devices.get(credentialId);
+            if (d)
+                return d;
+        }
+        return null;
     }
     list() {
-        return Array.from(this.devices.values());
+        const all = [];
+        for (const us of this.userStates.values()) {
+            for (const d of us.devices.values()) {
+                all.push(d);
+            }
+        }
+        return all;
     }
     listOnline() {
         return this.list()
@@ -31,38 +46,82 @@ class Registry {
             .sort((a, b) => b.lastSeenAtMs - a.lastSeenAtMs);
     }
     /**
-     * Priority:
-     *   1. If the user has explicitly set a default via `zhihand default <id>`
-     *      AND that device is online → return it. Honoring an explicit user
-     *      preference is the least-surprising UX.
-     *   2. Otherwise → most-recently-active online device (online[0] is sorted
-     *      desc by lastSeenAtMs).
-     *   3. No online devices → null.
+     * Most-recently-active online device across all users.
      */
     resolveDefault() {
         const online = this.listOnline();
-        if (online.length === 0)
-            return null;
-        const cfg = loadConfig();
-        if (cfg.default_credential_id) {
-            const d = this.devices.get(cfg.default_credential_id);
-            if (d && d.online)
-                return d;
-        }
-        return online[0];
+        return online.length > 0 ? online[0] : null;
+    }
+    isMultiUser() {
+        return this.userStates.size > 1;
     }
     toRuntimeConfig(state) {
-        return recordToRuntimeConfig(state.record);
+        const us = this.userStates.get(state.userId);
+        return {
+            controlPlaneEndpoint: us?.endpoint ?? resolveDefaultEndpoint(),
+            credentialId: state.credentialId,
+            controllerToken: us?.controllerToken ?? "",
+            timeoutMs: 10_000,
+        };
     }
     subscribe(cb) {
         this.listChangedSubs.add(cb);
         return () => this.listChangedSubs.delete(cb);
     }
+    // ── Init / Shutdown ────────────────────────────────────
+    async init() {
+        if (this.initialized)
+            return;
+        this.initialized = true;
+        const cfg = loadConfig();
+        const endpoint = resolveDefaultEndpoint();
+        const users = Object.values(cfg.users);
+        // Create user states and start WS streams
+        const fetchPromises = [];
+        for (const userRec of users) {
+            const us = this.createUserState(userRec, endpoint);
+            this.userStates.set(userRec.user_id, us);
+            this.startUserStream(us);
+            // Fetch initial credentials with online status
+            fetchPromises.push(this.fetchAndPopulateDevices(us, userRec).catch(() => {
+                // Non-fatal: populate from config alone
+                this.populateDevicesFromConfig(us, userRec);
+            }));
+        }
+        // Overall 5s cap on initial fetches
+        await Promise.race([
+            Promise.all(fetchPromises),
+            new Promise((r) => setTimeout(r, 5000)),
+        ]);
+        // Start config hot-reload watcher
+        this.startConfigWatch();
+    }
+    shutdown() {
+        for (const us of this.userStates.values()) {
+            us.stream?.stop();
+            us.stream = null;
+        }
+        this.userStates.clear();
+        if (this.debounceTimer) {
+            clearTimeout(this.debounceTimer);
+            this.debounceTimer = null;
+        }
+        if (this.reconcileTimer) {
+            clearTimeout(this.reconcileTimer);
+            this.reconcileTimer = null;
+        }
+        this.stopConfigWatch();
+        this.listChangedSubs.clear();
+        this.initialized = false;
+    }
+    // ── Online set change detection ─────────────────────────
     computeOnlineSet() {
         const out = new Set();
-        for (const d of this.devices.values()) {
-            if (d.online)
-                out.add(d.credentialId);
+        for (const us of this.userStates.values()) {
+            for (const d of us.devices.values()) {
+                if (d.online)
+                    out.add(d.credentialId);
+            }
         }
         return out;
     }
@@ -76,9 +135,8 @@ class Registry {
     }
     scheduleListChanged() {
         const now = this.computeOnlineSet();
-        if (this.setsEqual(now, this.lastOnlineSet)) {
+        if (this.setsEqual(now, this.lastOnlineSet))
             return;
-        }
         if (this.debounceTimer)
             return;
         this.debounceTimer = setTimeout(() => {
@@ -95,194 +153,263 @@ class Registry {
             }
         }, LIST_CHANGED_DEBOUNCE_MS);
     }
-    updateOnlineFlag(state) {
-        const profileFresh = state.profileReceivedAtMs > 0 &&
-            (Date.now() - state.profileReceivedAtMs) < ONLINE_PROFILE_TTL_MS;
-        const newOnline = state.sseConnected && profileFresh;
-        if (newOnline !== state.online) {
-            state.online = newOnline;
-            dbg(`[registry] ${state.credentialId} online=${newOnline}`);
-            this.scheduleListChanged();
-        }
+    // ── User/Device state management ───────────────────────
+    createUserState(userRec, endpoint) {
+        return {
+            userId: userRec.user_id,
+            controllerToken: userRec.controller_token,
+            label: userRec.label,
+            endpoint,
+            stream: null,
+            devices: new Map(),
+        };
     }
-    touchLastSeen(state) {
-        state.lastSeenAtMs = Date.now();
-        const iso = new Date(state.lastSeenAtMs).toISOString();
-        try {
-            configUpdateLastSeen(state.credentialId, iso);
-            state.record.last_seen_at = iso;
-        }
-        catch {
-            // non-fatal
-        }
+    makeDeviceState(record, userId, userLabel, online = false) {
+        return {
+            credentialId: record.credential_id,
+            userId,
+            userLabel,
+            label: record.label,
+            platform: record.platform,
+            online,
+            lastSeenAtMs: 0,
+            profile: null,
+            capabilities: null,
+            profileReceivedAtMs: 0,
+            rawAttributes: {},
+            record,
+        };
     }
-    async refreshProfile(state) {
-        const cfg = this.toRuntimeConfig(state);
-        const result = await fetchDeviceProfileOnce(cfg);
-        if (!result) {
-            state.online = false;
-            this.scheduleListChanged();
-            return false;
-        }
-        state.rawAttributes = result.rawAttrs;
-        state.profileReceivedAtMs = result.receivedAtMs;
-        state.profile = extractStatic(result.rawAttrs);
-        state.capabilities = computeCapabilities(result.rawAttrs, result.receivedAtMs);
-        // Infer platform from profile
-        const plat = state.profile.platform;
-        if (plat === "ios" || plat === "android") {
-            state.platform = plat;
-            state.record.platform = plat;
+    populateDevicesFromConfig(us, userRec) {
+        for (const dev of userRec.devices) {
+            if (!us.devices.has(dev.credential_id)) {
+                us.devices.set(dev.credential_id, this.makeDeviceState(dev, us.userId, us.label));
+            }
         }
-        this.touchLastSeen(state);
-        this.updateOnlineFlag(state);
-        return true;
-    }
-    startHeartbeat(state) {
-        if (state.heartbeatTimer)
-            return;
-        state.heartbeatTimer = setInterval(() => {
-            this.refreshProfile(state).catch(() => { });
-        }, HEARTBEAT_INTERVAL_MS);
     }
-    stopHeartbeat(state) {
-        if (state.heartbeatTimer) {
-            clearInterval(state.heartbeatTimer);
-            state.heartbeatTimer = null;
+    async fetchAndPopulateDevices(us, userRec) {
+        const creds = await fetchUserCredentials(us.endpoint, us.userId, us.controllerToken);
+        // Populate from server response (has online status)
+        for (const cred of creds) {
+            const existing = us.devices.get(cred.credential_id);
+            if (existing) {
+                existing.online = cred.online ?? false;
+                if (cred.online) {
+                    existing.lastSeenAtMs = Date.now();
+                }
+            }
+            else {
+                const record = {
+                    credential_id: cred.credential_id,
+                    label: cred.label ?? cred.credential_id,
+                    platform: cred.platform ?? "unknown",
+                    paired_at: cred.paired_at ?? new Date().toISOString(),
+                    last_seen_at: cred.last_seen_at ?? new Date().toISOString(),
+                };
+                const state = this.makeDeviceState(record, us.userId, us.label, cred.online ?? false);
+                if (cred.online)
+                    state.lastSeenAtMs = Date.now();
+                us.devices.set(cred.credential_id, state);
+            }
         }
+        // Also ensure all config devices are present
+        this.populateDevicesFromConfig(us, userRec);
     }
-    startSSE(state) {
-        if (state.sseController)
+    // ── WS stream management ──────────────────────────────
+    startUserStream(us) {
+        if (us.stream)
             return;
-        const cfg = this.toRuntimeConfig(state);
-        state.sseController = connectSSEForCredential(cfg, {
-            onEvent: (ev) => {
-                // Dispatch command ACKs globally
-                handleSSEEvent(ev);
-                if (ev.kind === "device_profile.updated" && ev.device_profile) {
-                    const attrs = normalizeProfilePayload(ev.device_profile);
-                    state.rawAttributes = attrs;
-                    state.profileReceivedAtMs = Date.now();
-                    state.profile = extractStatic(attrs);
-                    state.capabilities = computeCapabilities(attrs, state.profileReceivedAtMs);
-                    const plat = state.profile.platform;
+        us.stream = new UserEventWebSocket(us.userId, us.controllerToken, us.endpoint, {
+            onDeviceOnline: (credentialId) => {
+                const d = us.devices.get(credentialId);
+                if (d) {
+                    d.online = true;
+                    d.lastSeenAtMs = Date.now();
+                    this.touchLastSeen(d);
+                    log.debug(`[registry] ${credentialId} online`);
+                    this.scheduleListChanged();
+                }
+            },
+            onDeviceOffline: (credentialId) => {
+                const d = us.devices.get(credentialId);
+                if (d) {
+                    d.online = false;
+                    log.debug(`[registry] ${credentialId} offline`);
+                    this.scheduleListChanged();
+                }
+            },
+            onDeviceProfileUpdated: (credentialId, profile) => {
+                const d = us.devices.get(credentialId);
+                if (d) {
+                    const attrs = normalizeProfilePayload(profile);
+                    d.rawAttributes = attrs;
+                    d.profileReceivedAtMs = Date.now();
+                    d.profile = extractStatic(attrs);
+                    d.capabilities = computeCapabilities(attrs, d.profileReceivedAtMs);
+                    const plat = d.profile.platform;
                     if (plat === "ios" || plat === "android") {
-                        state.platform = plat;
-                        state.record.platform = plat;
+                        d.platform = plat;
+                        d.record.platform = plat;
                     }
-                    this.touchLastSeen(state);
-                    this.updateOnlineFlag(state);
+                    this.touchLastSeen(d);
                 }
-                else if (ev.kind === "credential.revoked") {
-                    dbg(`[registry] ${state.credentialId} credential.revoked`);
-                    state.online = false;
+            },
+            onCommandAcked: (event) => {
+                // Already handled by handleWSEvent in the stream dispatch
+            },
+            onCredentialAdded: (credential) => {
+                const credId = credential.credential_id;
+                if (credId && !us.devices.has(credId)) {
+                    const record = {
+                        credential_id: credId,
+                        label: credential.label ?? credId,
+                        platform: (credential.platform ?? "unknown"),
+                        paired_at: credential.paired_at ?? new Date().toISOString(),
+                        last_seen_at: new Date().toISOString(),
+                    };
+                    const state = this.makeDeviceState(record, us.userId, us.label, true);
+                    state.lastSeenAtMs = Date.now();
+                    us.devices.set(credId, state);
+                    // Persist to config immediately so fs.watchFile reconciliation
+                    // doesn't wipe this device before the pairing CLI writes it.
+                    try {
+                        configAddDeviceToUser(us.userId, record);
+                    }
+                    catch {
+                        // non-fatal — pairing CLI will persist shortly
+                    }
                     this.scheduleListChanged();
                 }
             },
+            onCredentialRemoved: (credentialId) => {
+                us.devices.delete(credentialId);
+                this.scheduleListChanged();
+            },
             onConnected: () => {
-                dbg(`[registry] SSE connected: ${state.credentialId}`);
-                state.sseConnected = true;
-                this.updateOnlineFlag(state);
+                log.debug(`[registry] WS connected for user ${us.userId}`);
+                // Re-fetch credentials to reconcile missed events
+                fetchUserCredentials(us.endpoint, us.userId, us.controllerToken)
+                    .then((creds) => {
+                    const onlineIds = new Set(creds.filter((c) => c.online).map((c) => c.credential_id));
+                    for (const d of us.devices.values()) {
+                        const wasOnline = d.online;
+                        d.online = onlineIds.has(d.credentialId);
+                        if (d.online)
+                            d.lastSeenAtMs = Date.now();
+                        if (wasOnline !== d.online) {
+                            this.scheduleListChanged();
+                        }
+                    }
+                })
+                    .catch(() => { });
             },
             onDisconnected: () => {
-                dbg(`[registry] SSE disconnected: ${state.credentialId}`);
-                state.sseConnected = false;
-                this.updateOnlineFlag(state);
+                log.debug(`[registry] WS disconnected for user ${us.userId}`);
             },
         });
+        us.stream.start();
     }
-    stopSSE(state) {
-        state.sseController?.abort();
-        state.sseController = null;
-        state.sseConnected = false;
-    }
-    makeState(record) {
-        return {
-            credentialId: record.credential_id,
-            label: record.label,
-            platform: record.platform,
-            online: false,
-            lastSeenAtMs: 0,
-            profile: null,
-            capabilities: null,
-            profileReceivedAtMs: 0,
-            rawAttributes: {},
-            sseController: null,
-            sseConnected: false,
-            heartbeatTimer: null,
-            record,
-        };
-    }
-    async init() {
-        if (this.initialized)
-            return;
-        this.initialized = true;
-        const cfg = loadConfig();
-        const records = Object.values(cfg.devices);
-        for (const r of records) {
-            const s = this.makeState(r);
-            this.devices.set(r.credential_id, s);
-            this.startSSE(s);
-            this.startHeartbeat(s);
+    touchLastSeen(state) {
+        state.lastSeenAtMs = Date.now();
+        const iso = new Date(state.lastSeenAtMs).toISOString();
+        try {
+            configUpdateDeviceLastSeen(state.userId, state.credentialId, iso);
+            state.record.last_seen_at = iso;
+        }
+        catch {
+            // non-fatal
         }
-        // Fire off initial profile fetches in parallel, with overall ~5s cap
-        const fetches = records.map((r) => {
-            const s = this.devices.get(r.credential_id);
-            return this.refreshProfile(s).catch(() => false);
-        });
-        await Promise.race([
-            Promise.all(fetches),
-            new Promise((r) => setTimeout(r, 5000)),
-        ]);
     }
-    async addDevice(record) {
-        configAddDevice(record);
-        let s = this.devices.get(record.credential_id);
-        if (!s) {
-            s = this.makeState(record);
-            this.devices.set(record.credential_id, s);
+    // ── Config hot-reload ─────────────────────────────────
+    startConfigWatch() {
+        if (this.configWatchActive)
+            return;
+        this.configWatchActive = true;
+        const configPath = getConfigPath();
+        try {
+            fs.watchFile(configPath, { interval: CONFIG_WATCH_INTERVAL_MS }, () => {
+                // Debounce reconciliation
+                if (this.reconcileTimer)
+                    clearTimeout(this.reconcileTimer);
+                this.reconcileTimer = setTimeout(() => {
+                    this.reconcileTimer = null;
+                    this.reconcileConfig();
+                }, CONFIG_RECONCILE_DEBOUNCE_MS);
+            });
         }
-        else {
-            s.record = record;
-            s.label = record.label;
+        catch {
+            // watchFile not available — skip hot-reload
         }
-        this.startSSE(s);
-        this.startHeartbeat(s);
-        await this.refreshProfile(s).catch(() => false);
     }
-    removeDevice(credentialId) {
-        const s = this.devices.get(credentialId);
-        if (s) {
-            this.stopSSE(s);
-            this.stopHeartbeat(s);
-            this.devices.delete(credentialId);
+    stopConfigWatch() {
+        if (!this.configWatchActive)
+            return;
+        this.configWatchActive = false;
+        try {
+            fs.unwatchFile(getConfigPath());
         }
-        configRemoveDevice(credentialId);
-        this.scheduleListChanged();
-    }
-    renameDevice(credentialId, label) {
-        configRenameDevice(credentialId, label);
-        const s = this.devices.get(credentialId);
-        if (s) {
-            s.label = label;
-            s.record.label = label;
+        catch {
+            // ignore
         }
     }
-    setDefault(credentialId) {
-        configSetDefault(credentialId);
-    }
-    shutdown() {
-        for (const s of this.devices.values()) {
-            this.stopSSE(s);
-            this.stopHeartbeat(s);
+    reconcileConfig() {
+        const cfg = loadConfig();
+        const endpoint = resolveDefaultEndpoint();
+        const configUserIds = new Set(Object.keys(cfg.users));
+        // Remove users no longer in config
+        for (const [userId, us] of this.userStates) {
+            if (!configUserIds.has(userId)) {
+                us.stream?.stop();
+                us.stream = null;
+                this.userStates.delete(userId);
+                log.debug(`[registry] Removed user ${userId} (config hot-reload)`);
+            }
         }
-        this.devices.clear();
-        if (this.debounceTimer) {
-            clearTimeout(this.debounceTimer);
-            this.debounceTimer = null;
+        // Add new users / reconcile devices
+        for (const userRec of Object.values(cfg.users)) {
+            let us = this.userStates.get(userRec.user_id);
+            if (!us) {
+                // New user
+                us = this.createUserState(userRec, endpoint);
+                this.userStates.set(userRec.user_id, us);
+                this.populateDevicesFromConfig(us, userRec);
+                this.startUserStream(us);
+                log.debug(`[registry] Added user ${userRec.user_id} (config hot-reload)`);
+            }
+            else {
+                // Update token/label if changed
+                us.controllerToken = userRec.controller_token;
+                us.label = userRec.label;
+                // Reconcile devices
+                const configDevIds = new Set(userRec.devices.map((d) => d.credential_id));
+                // Remove devices no longer in config — but keep online devices
+                // that were added via WS credential.added but not yet persisted
+                // by the pairing CLI (race window).
+                for (const credId of us.devices.keys()) {
+                    if (!configDevIds.has(credId)) {
+                        const d = us.devices.get(credId);
+                        if (d && d.online) {
+                            log.debug(`[registry] Keeping online device ${credId} despite missing from config`);
+                            continue;
+                        }
+                        us.devices.delete(credId);
+                    }
+                }
+                // Add new devices
+                for (const dev of userRec.devices) {
+                    if (!us.devices.has(dev.credential_id)) {
+                        us.devices.set(dev.credential_id, this.makeDeviceState(dev, us.userId, us.label));
+                    }
+                    else {
+                        // Update label/platform from config
+                        const d = us.devices.get(dev.credential_id);
+                        d.label = dev.label;
+                        d.userLabel = us.label;
+                    }
+                }
+            }
         }
-        this.listChangedSubs.clear();
-        this.initialized = false;
+        this.scheduleListChanged();
     }
 }
 export const registry = new Registry();

package/dist/core/screenshot.js

@@ -1,4 +1,5 @@
-import { dbg } from "../daemon/logger.js";
+import { log } from "./logger.js";
+const dbg = (msg) => log.debug(msg);
 // Snapshot is considered stale if the server-reported age exceeds this
 // threshold. Configurable via env ZHIHAND_SNAPSHOT_MAX_AGE_MS.
 // Default 5s: typical HID command + capture + upload is well under 2s;
@@ -29,7 +30,7 @@ export async function fetchScreenshot(config) {
         const response = await fetch(url, {
             method: "GET",
             headers: {
-                "x-zhihand-controller-token": config.controllerToken,
+                "Authorization": `Bearer ${config.controllerToken}`,
                 "Accept": "image/jpeg",
             },
             signal: controller.signal,

package/dist/core/sse.d.ts

@@ -7,20 +7,45 @@ export interface SSEEvent {
     credential_id: string;
     command?: QueuedCommandRecord;
     device_profile?: Record<string, unknown>;
+    credential?: Record<string, unknown>;
     sequence: number;
 }
 export declare function handleSSEEvent(event: SSEEvent): void;
 export declare function subscribeToCommandAck(commandId: string, callback: (cmd: QueuedCommandRecord) => void): () => void;
-export interface SSEHandlers {
-    onEvent: (e: SSEEvent) => void;
+export interface UserEventStreamHandlers {
+    onDeviceOnline: (credentialId: string) => void;
+    onDeviceOffline: (credentialId: string) => void;
+    onDeviceProfileUpdated: (credentialId: string, profile: Record<string, unknown>) => void;
+    onCommandAcked: (event: SSEEvent) => void;
+    onCredentialAdded: (credential: Record<string, unknown>) => void;
+    onCredentialRemoved: (credentialId: string) => void;
     onConnected: () => void;
     onDisconnected: () => void;
 }
-/**
- * Open a per-credential SSE connection. Caller owns the returned AbortController.
- * The loop auto-reconnects with exponential backoff until aborted.
- */
-export declare function connectSSEForCredential(config: ZhiHandRuntimeConfig, handlers: SSEHandlers): AbortController;
+export declare class UserEventStream {
+    private userId;
+    private controllerToken;
+    private endpoint;
+    private handlers;
+    private abortController;
+    private _connected;
+    constructor(userId: string, controllerToken: string, endpoint: string, handlers: UserEventStreamHandlers);
+    get connected(): boolean;
+    start(): void;
+    stop(): void;
+    private runLoop;
+    private dispatchEvent;
+}
+export interface CredentialResponse {
+    credential_id: string;
+    label?: string;
+    platform?: string;
+    online?: boolean;
+    paired_at?: string;
+    last_seen_at?: string;
+    device_profile?: Record<string, unknown>;
+}
+export declare function fetchUserCredentials(endpoint: string, userId: string, controllerToken: string, onlineFilter?: boolean): Promise<CredentialResponse[]>;
 /**
  * Wait for command ACK via SSE push (which should already be connected by the
  * registry). Falls back to polling.