agent-relay 1.3.0 → 1.3.2

package/dist/daemon/api.js

@@ -275,6 +275,22 @@ export class DaemonApi extends EventEmitter {
             }
             return { status: 200, body: { success: true } };
         });
+        // Interrupt agent by ID (send Ctrl+C to break out of stuck loops)
+        this.routes.set('POST /agents/:id/interrupt', async (req) => {
+            const interrupted = this.agentManager.interrupt(req.params.id);
+            if (!interrupted) {
+                return { status: 404, body: { error: 'Agent not found' } };
+            }
+            return { status: 200, body: { success: true } };
+        });
+        // Interrupt agent by name (for dashboard where only name is available)
+        this.routes.set('POST /agents/by-name/:name/interrupt', async (req) => {
+            const interrupted = this.agentManager.interruptByName(req.params.name);
+            if (!interrupted) {
+                return { status: 404, body: { error: 'Agent not found' } };
+            }
+            return { status: 200, body: { success: true } };
+        });
         // === All Agents ===
         // List all agents
         this.routes.set('GET /agents', async () => {
@@ -449,8 +465,9 @@ export class DaemonApi extends EventEmitter {
         // Check if provider is authenticated (credentials exist)
         this.routes.set('GET /auth/cli/:provider/check', async (req) => {
             const { provider } = req.params;
+            const userId = req.query.userId;
             const { checkProviderAuth } = await import('./cli-auth.js');
-            const authenticated = await checkProviderAuth(provider);
+            const authenticated = await checkProviderAuth(provider, userId);
             return { status: 200, body: { authenticated } };
         });
         // === Repository Management ===

package/dist/daemon/cli-auth.d.ts

@@ -14,6 +14,7 @@ export type { CLIAuthConfig, PromptHandler };
 interface AuthSession {
     id: string;
     provider: string;
+    userId?: string;
     status: 'starting' | 'waiting_auth' | 'success' | 'error';
     authUrl?: string;
     token?: string;
@@ -32,6 +33,8 @@ interface AuthSession {
 export interface StartCLIAuthOptions {
     /** Use device flow instead of standard OAuth (if provider supports it) */
     useDeviceFlow?: boolean;
+    /** User ID for per-user credential storage (multi-user workspaces) */
+    userId?: string;
 }
 /**
  * Start CLI auth flow
@@ -75,5 +78,5 @@ export declare function cancelAuthSession(sessionId: string): boolean;
  * Check if a provider is authenticated (credentials exist)
  * Used by the auth check endpoint for SSH tunnel flow
  */
-export declare function checkProviderAuth(provider: string): Promise<boolean>;
+export declare function checkProviderAuth(provider: string, userId?: string): Promise<boolean>;
 //# sourceMappingURL=cli-auth.d.ts.map

package/dist/daemon/cli-auth.js

@@ -10,6 +10,7 @@ import * as fs from 'fs/promises';
 import * as os from 'os';
 import { createLogger } from '../resiliency/logger.js';
 import { CLI_AUTH_CONFIG, stripAnsiCodes, matchesSuccessPattern, findMatchingPrompt, findMatchingError, getSupportedProviders, } from '../shared/cli-auth-config.js';
+import { getUserDirectoryService } from './user-directory.js';
 const logger = createLogger('cli-auth');
 // Re-export for consumers
 export { CLI_AUTH_CONFIG, getSupportedProviders };
@@ -47,6 +48,7 @@ export async function startCLIAuth(provider, options = {}) {
     const session = {
         id: sessionId,
         provider,
+        userId: options.userId,
         status: 'starting',
         output: '',
         promptsHandled: [],
@@ -61,7 +63,7 @@ export async function startCLIAuth(provider, options = {}) {
     });
     // Check if already authenticated (credentials exist)
     try {
-        const existingCreds = await extractCredentials(provider, config);
+        const existingCreds = await extractCredentials(provider, config, options.userId);
         if (existingCreds?.token) {
             logger.info('Already authenticated - existing credentials found', { provider, sessionId });
             session.status = 'success';
@@ -97,6 +99,27 @@ export async function startCLIAuth(provider, options = {}) {
         resolveAuthUrl();
     }, AUTH_URL_WAIT_TIMEOUT);
     try {
+        // Get per-user environment if userId provided (for multi-user workspaces)
+        // This sets HOME to /data/users/{userId} so CLI stores credentials per-user
+        let userEnv = {};
+        if (options.userId) {
+            try {
+                const userDirService = getUserDirectoryService();
+                userEnv = userDirService.getUserEnvironment(options.userId);
+                logger.info('Using per-user environment for CLI auth', {
+                    provider,
+                    userId: options.userId,
+                    home: userEnv.HOME,
+                });
+            }
+            catch (err) {
+                logger.warn('Failed to get user environment, using default', {
+                    provider,
+                    userId: options.userId,
+                    error: err instanceof Error ? err.message : String(err),
+                });
+            }
+        }
         const proc = pty.spawn(config.command, args, {
             name: 'xterm-256color',
             cols: 120,
@@ -104,6 +127,7 @@ export async function startCLIAuth(provider, options = {}) {
             cwd: process.cwd(),
             env: {
                 ...process.env,
+                ...userEnv, // Override HOME for per-user credential storage
                 NO_COLOR: '1',
                 TERM: 'xterm-256color',
                 // Don't set BROWSER - let CLI fail to open browser and fall back to manual paste mode
@@ -198,7 +222,7 @@ export async function startCLIAuth(provider, options = {}) {
                         return;
                     }
                     try {
-                        const creds = await extractCredentials(provider, config);
+                        const creds = await extractCredentials(provider, config, session.userId);
                         if (creds) {
                             session.token = creds.token;
                             session.refreshToken = creds.refreshToken;
@@ -233,7 +257,7 @@ export async function startCLIAuth(provider, options = {}) {
             // CLI might exit cleanly (code 0) even after an OAuth error
             if ((session.authUrl || exitCode === 0) && session.status !== 'error') {
                 try {
-                    const creds = await extractCredentials(provider, config);
+                    const creds = await extractCredentials(provider, config, session.userId);
                     if (creds) {
                         session.token = creds.token;
                         session.refreshToken = creds.refreshToken;
@@ -321,7 +345,7 @@ export async function submitAuthCode(sessionId, code, state) {
         const config = CLI_AUTH_CONFIG[session.provider];
         if (config && session.status !== 'error') {
             try {
-                const creds = await extractCredentials(session.provider, config);
+                const creds = await extractCredentials(session.provider, config, session.userId);
                 // Re-check status after async operation (race condition protection)
                 // Use type assertion because TypeScript narrowing doesn't account for async race conditions
                 if (creds && session.status !== 'error') {
@@ -465,7 +489,7 @@ async function pollForCredentials(session, config) {
             return;
         }
         try {
-            const creds = await extractCredentials(session.provider, config);
+            const creds = await extractCredentials(session.provider, config, session.userId);
             if (creds) {
                 // Double-check we're not in error state (race condition protection)
                 // Use type assertion because TypeScript narrowing doesn't account for async race conditions
@@ -522,7 +546,7 @@ export async function completeAuthSession(sessionId) {
             return { success: false, error: session.error || 'Authentication failed' };
         }
         try {
-            const creds = await extractCredentials(session.provider, config);
+            const creds = await extractCredentials(session.provider, config, session.userId);
             if (creds) {
                 // Double-check we're not in error state (race condition protection)
                 // Use type assertion because TypeScript narrowing doesn't account for async race conditions
@@ -568,14 +592,34 @@ export function cancelAuthSession(sessionId) {
     sessions.delete(sessionId);
     return true;
 }
+function resolveCredentialPath(provider, config, userId) {
+    if (!config.credentialPath)
+        return null;
+    if (!userId) {
+        return config.credentialPath.replace('~', os.homedir());
+    }
+    try {
+        const userDirService = getUserDirectoryService();
+        const userHome = userDirService.getUserHome(userId);
+        return config.credentialPath.replace('~', userHome);
+    }
+    catch (err) {
+        logger.warn('Failed to resolve per-user credential path, using default', {
+            provider,
+            userId,
+            error: err instanceof Error ? err.message : String(err),
+        });
+        return config.credentialPath.replace('~', os.homedir());
+    }
+}
 /**
  * Extract credentials from CLI credential file
  */
-async function extractCredentials(provider, config) {
-    if (!config.credentialPath)
+async function extractCredentials(provider, config, userId) {
+    const credPath = resolveCredentialPath(provider, config, userId);
+    if (!credPath)
         return null;
     try {
-        const credPath = config.credentialPath.replace('~', os.homedir());
         const content = await fs.readFile(credPath, 'utf8');
         const creds = JSON.parse(content);
         // Extract token based on provider
@@ -640,13 +684,13 @@ async function extractCredentials(provider, config) {
  * Check if a provider is authenticated (credentials exist)
  * Used by the auth check endpoint for SSH tunnel flow
  */
-export async function checkProviderAuth(provider) {
+export async function checkProviderAuth(provider, userId) {
     const config = CLI_AUTH_CONFIG[provider];
     if (!config) {
         return false;
     }
     try {
-        const creds = await extractCredentials(provider, config);
+        const creds = await extractCredentials(provider, config, userId);
         return !!creds?.token;
     }
     catch {

package/dist/daemon/cloud-sync.d.ts

@@ -8,11 +8,23 @@
  * - Credential sync from cloud
  */
 import { EventEmitter } from 'events';
+import type { StorageAdapter, StoredMessage } from '../storage/adapter.js';
+import { type SyncQueueConfig, type SyncQueueStats } from './sync-queue.js';
 export interface CloudSyncConfig {
     apiKey?: string;
     cloudUrl: string;
     heartbeatInterval: number;
     enabled: boolean;
+    /** Enable message sync to cloud (default: true if connected) */
+    messageSyncEnabled?: boolean;
+    /** Batch size for message sync (default: 100) */
+    messageSyncBatchSize?: number;
+    /** Use optimized sync queue with compression and spillover (default: true) */
+    useOptimizedSync?: boolean;
+    /** Sync queue configuration */
+    syncQueue?: Partial<SyncQueueConfig>;
+    /** Project directory for git remote detection (defaults to cwd) */
+    projectDirectory?: string;
 }
 export interface RemoteAgent {
     name: string;
@@ -39,6 +51,12 @@ export declare class CloudSyncService extends EventEmitter {
     private localAgents;
     private remoteAgents;
     private connected;
+    private storage;
+    private lastMessageSyncTs;
+    private messageSyncInProgress;
+    private projectDirectory;
+    private repoFullName;
+    private syncQueue;
     constructor(config?: Partial<CloudSyncConfig>);
     /**
      * Get or create a persistent machine ID
@@ -51,7 +69,7 @@ export declare class CloudSyncService extends EventEmitter {
     /**
      * Stop the cloud sync service
      */
-    stop(): void;
+    stop(): Promise<void>;
     /**
      * Update local agent list (called by daemon when agents change)
      */
@@ -96,6 +114,34 @@ export declare class CloudSyncService extends EventEmitter {
      * Get machine ID
      */
     getMachineIdentifier(): string;
+    /**
+     * Set the storage adapter for message sync
+     */
+    setStorage(storage: StorageAdapter): void;
+    /**
+     * Queue a single message for sync to cloud.
+     * Use this for real-time sync as messages are created.
+     * Falls back to batch sync if optimized queue is not enabled.
+     */
+    queueMessageForSync(message: StoredMessage): Promise<void>;
+    /**
+     * Get sync queue statistics (if optimized sync is enabled).
+     */
+    getSyncQueueStats(): SyncQueueStats | null;
+    /**
+     * Force flush the sync queue.
+     */
+    flushSyncQueue(): Promise<void>;
+    /**
+     * Sync local messages to cloud storage
+     *
+     * Reads messages from local SQLite since last sync and posts them
+     * to the cloud API for centralized storage and search.
+     */
+    syncMessagesToCloud(): Promise<{
+        synced: number;
+        duplicates: number;
+    }>;
 }
 export declare function getCloudSync(config?: Partial<CloudSyncConfig>): CloudSyncService;
 //# sourceMappingURL=cloud-sync.d.ts.map

package/dist/daemon/cloud-sync.js

@@ -13,6 +13,8 @@ import * as path from 'path';
 import * as os from 'os';
 import { randomBytes } from 'crypto';
 import { createLogger } from '../utils/logger.js';
+import { SyncQueue } from './sync-queue.js';
+import { getRepoFullNameFromPath } from '../utils/git-remote.js';
 const log = createLogger('cloud-sync');
 export class CloudSyncService extends EventEmitter {
     config;
@@ -21,16 +23,41 @@ export class CloudSyncService extends EventEmitter {
     localAgents = new Map();
     remoteAgents = [];
     connected = false;
+    storage = null;
+    lastMessageSyncTs = 0;
+    messageSyncInProgress = false;
+    // Project context for workspace resolution
+    projectDirectory;
+    repoFullName = null;
+    // Optimized sync queue
+    syncQueue = null;
     constructor(config = {}) {
         super();
         this.config = {
             apiKey: config.apiKey || process.env.AGENT_RELAY_API_KEY,
-            cloudUrl: config.cloudUrl || process.env.AGENT_RELAY_CLOUD_URL || 'https://api.agent-relay.com',
+            cloudUrl: config.cloudUrl || process.env.AGENT_RELAY_CLOUD_URL || 'https://agent-relay.com',
             heartbeatInterval: config.heartbeatInterval || 30000, // 30 seconds
             enabled: config.enabled ?? true,
+            useOptimizedSync: config.useOptimizedSync ?? true,
+            syncQueue: config.syncQueue,
+            projectDirectory: config.projectDirectory,
         };
         // Generate or load machine ID for consistent identification
         this.machineId = this.getMachineId();
+        // Initialize project context for workspace resolution
+        this.projectDirectory = this.config.projectDirectory || process.cwd();
+        this.repoFullName = getRepoFullNameFromPath(this.projectDirectory);
+        if (this.repoFullName) {
+            log.info('Detected git repository', { repoFullName: this.repoFullName });
+        }
+        // Initialize optimized sync queue if enabled and API key is available
+        if (this.config.useOptimizedSync && this.config.apiKey) {
+            this.syncQueue = new SyncQueue({
+                cloudUrl: this.config.cloudUrl,
+                apiKey: this.config.apiKey,
+                ...this.config.syncQueue,
+            });
+        }
     }
     /**
      * Get or create a persistent machine ID
@@ -64,6 +91,13 @@ export class CloudSyncService extends EventEmitter {
             return;
         }
         log.info('Starting cloud sync', { url: this.config.cloudUrl });
+        // Recover any spilled messages from previous runs
+        if (this.syncQueue) {
+            const { recovered, failed } = await this.syncQueue.recoverSpilledMessages();
+            if (recovered > 0 || failed > 0) {
+                log.info('Recovered spilled messages', { recovered, failed });
+            }
+        }
         // Initial heartbeat
         await this.sendHeartbeat();
         // Start periodic heartbeat
@@ -74,11 +108,15 @@ export class CloudSyncService extends EventEmitter {
     /**
      * Stop the cloud sync service
      */
-    stop() {
+    async stop() {
         if (this.heartbeatTimer) {
             clearInterval(this.heartbeatTimer);
             this.heartbeatTimer = undefined;
         }
+        // Gracefully close sync queue (flushes pending messages)
+        if (this.syncQueue) {
+            await this.syncQueue.close();
+        }
         this.connected = false;
         this.emit('disconnected');
     }
@@ -167,10 +205,11 @@ export class CloudSyncService extends EventEmitter {
                     this.emit('command', cmd);
                 }
             }
-            // Fetch messages and sync agents
+            // Fetch messages, sync agents, and sync local messages to cloud
             await Promise.all([
                 this.fetchMessages(),
                 this.syncAgents(),
+                this.syncMessagesToCloud(),
             ]);
         }
         catch (error) {
@@ -251,6 +290,116 @@ export class CloudSyncService extends EventEmitter {
     getMachineIdentifier() {
         return this.machineId;
     }
+    /**
+     * Set the storage adapter for message sync
+     */
+    setStorage(storage) {
+        this.storage = storage;
+        log.info('Storage adapter configured for message sync');
+    }
+    /**
+     * Queue a single message for sync to cloud.
+     * Use this for real-time sync as messages are created.
+     * Falls back to batch sync if optimized queue is not enabled.
+     */
+    async queueMessageForSync(message) {
+        if (!this.connected || this.config.messageSyncEnabled === false) {
+            return;
+        }
+        if (this.syncQueue) {
+            await this.syncQueue.enqueue(message);
+        }
+        // If no sync queue, messages will be synced on next heartbeat via syncMessagesToCloud
+    }
+    /**
+     * Get sync queue statistics (if optimized sync is enabled).
+     */
+    getSyncQueueStats() {
+        return this.syncQueue?.getStats() ?? null;
+    }
+    /**
+     * Force flush the sync queue.
+     */
+    async flushSyncQueue() {
+        if (this.syncQueue) {
+            await this.syncQueue.flush();
+        }
+    }
+    /**
+     * Sync local messages to cloud storage
+     *
+     * Reads messages from local SQLite since last sync and posts them
+     * to the cloud API for centralized storage and search.
+     */
+    async syncMessagesToCloud() {
+        // Skip if disabled, not connected, no storage, or sync in progress
+        if (!this.connected || !this.storage || this.messageSyncInProgress) {
+            return { synced: 0, duplicates: 0 };
+        }
+        if (this.config.messageSyncEnabled === false) {
+            return { synced: 0, duplicates: 0 };
+        }
+        this.messageSyncInProgress = true;
+        try {
+            const batchSize = this.config.messageSyncBatchSize || 100;
+            // Get messages since last sync
+            const messages = await this.storage.getMessages({
+                sinceTs: this.lastMessageSyncTs > 0 ? this.lastMessageSyncTs : undefined,
+                limit: batchSize,
+                order: 'asc',
+            });
+            if (messages.length === 0) {
+                return { synced: 0, duplicates: 0 };
+            }
+            // Transform to API format
+            const syncPayload = messages.map((msg) => ({
+                id: msg.id,
+                ts: msg.ts,
+                from: msg.from,
+                to: msg.to,
+                body: msg.body,
+                kind: msg.kind,
+                topic: msg.topic,
+                thread: msg.thread,
+                is_broadcast: msg.is_broadcast,
+                is_urgent: msg.is_urgent,
+                data: msg.data,
+                payload_meta: msg.payloadMeta,
+            }));
+            // Post to cloud with repo context for workspace resolution
+            const response = await fetch(`${this.config.cloudUrl}/api/daemons/messages/sync`, {
+                method: 'POST',
+                headers: {
+                    Authorization: `Bearer ${this.config.apiKey}`,
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                    messages: syncPayload,
+                    repoFullName: this.repoFullName,
+                }),
+            });
+            if (!response.ok) {
+                const errorText = await response.text();
+                throw new Error(`Message sync failed: ${response.status} - ${errorText}`);
+            }
+            const result = await response.json();
+            // Update last sync timestamp to the newest message we synced
+            if (messages.length > 0) {
+                this.lastMessageSyncTs = Math.max(...messages.map((m) => m.ts));
+            }
+            if (result.synced > 0) {
+                log.info(`Synced ${result.synced} messages to cloud`, { duplicates: result.duplicates });
+            }
+            return result;
+        }
+        catch (error) {
+            log.error('Message sync error', { error: String(error) });
+            return { synced: 0, duplicates: 0 };
+        }
+        finally {
+            this.messageSyncInProgress = false;
+        }
+    }
 }
 // Singleton instance
 let _cloudSync = null;

package/dist/daemon/connection.d.ts

@@ -30,6 +30,12 @@ export interface ConnectionConfig {
     } | null>;
     /** Optional callback to check if agent is currently processing (exempts from heartbeat timeout) */
     isProcessing?: (agentName: string) => boolean;
+    /** Maximum messages in write queue before dropping (default: 2000) */
+    maxWriteQueueSize?: number;
+    /** High water mark - emit backpressure signal when queue exceeds this (default: 1500) */
+    writeQueueHighWaterMark?: number;
+    /** Low water mark - release backpressure when queue drops below this (default: 500) */
+    writeQueueLowWaterMark?: number;
 }
 export declare const DEFAULT_CONFIG: ConnectionConfig;
 export declare class Connection {
@@ -53,12 +59,18 @@ export declare class Connection {
     private heartbeatTimer?;
     private lastPongReceived?;
     private sequences;
+    private writeQueue;
+    private draining;
+    private _backpressured;
+    private socketDrainHandler?;
     onMessage?: (envelope: Envelope) => void;
     onClose?: () => void;
     onError?: (error: Error) => void;
     onActive?: () => void;
     onAck?: (envelope: Envelope<AckPayload>) => void;
     onPong?: () => void;
+    /** Fires when write queue crosses high/low water marks */
+    onBackpressure?: (backpressured: boolean) => void;
     constructor(socket: net.Socket, config?: Partial<ConnectionConfig>);
     get state(): ConnectionState;
     get agentName(): string | undefined;
@@ -73,6 +85,10 @@ export declare class Connection {
     get sessionId(): string;
     get resumeToken(): string;
     get isResumed(): boolean;
+    /** Whether this connection is currently backpressured (write queue above high water mark) */
+    get backpressured(): boolean;
+    /** Current number of messages queued for writing */
+    get writeQueueLength(): number;
     private setupSocketHandlers;
     private handleData;
     private processFrame;
@@ -91,8 +107,20 @@ export declare class Connection {
     getNextSeq(topic: string, peer: string): number;
     /**
      * Send an envelope to this connection.
+     *
+     * Uses a write queue to prevent blocking on slow consumers.
+     * Returns false if the connection is closed or the queue is full.
      */
     send(envelope: Envelope): boolean;
+    /**
+     * Schedule the drain loop to run on next tick if not already running.
+     */
+    private scheduleDrain;
+    /**
+     * Drain the write queue to the socket.
+     * Respects socket backpressure by waiting for 'drain' events.
+     */
+    private drain;
     private sendError;
     private handleClose;
     private handleError;