agentdev-webui 1.0.0

package/lib/device-flow.js

@@ -0,0 +1,257 @@
+const crypto = require('crypto');
+const jwt = require('jsonwebtoken');
+const config = require('./config');
+const db = require('./database');
+const redisLogs = require('./redis-logs');
+
+/**
+ * Generate a random user code (e.g., "ABCD-EFGH")
+ */
+function generateUserCode() {
+  const chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789'; // Remove confusing chars
+  let code = '';
+  for (let i = 0; i < 8; i++) {
+    if (i === 4) code += '-';
+    code += chars[Math.floor(Math.random() * chars.length)];
+  }
+  return code;
+}
+
+/**
+ * Generate a device code (64 hex chars)
+ */
+function generateDeviceCode() {
+  return crypto.randomBytes(32).toString('hex');
+}
+
+/**
+ * Generate JWT token for agent
+ */
+function generateAgentToken(agentId, userId, projectId = null) {
+  const payload = { agent_id: agentId, user_id: userId, type: 'agent' };
+  if (projectId) payload.project_id = projectId;
+  return jwt.sign(payload, config.JWT_SECRET, { expiresIn: config.JWT_EXPIRES_IN });
+}
+
+/**
+ * Verify JWT token
+ */
+function verifyAgentToken(token) {
+  try {
+    const decoded = jwt.verify(token, config.JWT_SECRET);
+    if (decoded.type !== 'agent') {
+      throw new Error('Invalid token type');
+    }
+    return decoded;
+  } catch (error) {
+    return null;
+  }
+}
+
+/**
+ * Hash token for storage
+ */
+function hashToken(token) {
+  return crypto.createHash('sha256').update(token).digest('hex');
+}
+
+/**
+ * Request device code
+ * Step 1 of device flow
+ */
+async function requestDeviceCode(agentName, capabilities) {
+  const deviceCode = generateDeviceCode();
+  const userCode = generateUserCode();
+
+  // Store in database
+  await db.createDeviceCode(deviceCode, userCode, agentName, capabilities);
+
+  // Also store in Redis for quick lookup with TTL
+  await redisLogs.set(
+    `device:${deviceCode}`,
+    JSON.stringify({
+      user_code: userCode,
+      agent_name: agentName,
+      capabilities,
+      status: 'pending'
+    }),
+    config.DEVICE_CODE_TTL
+  );
+
+  await redisLogs.set(
+    `usercode:${userCode}`,
+    deviceCode,
+    config.DEVICE_CODE_TTL
+  );
+
+  return {
+    device_code: deviceCode,
+    user_code: userCode,
+    verification_uri: `${config.BASE_URL}/device`,
+    expires_in: config.DEVICE_CODE_TTL,
+    interval: config.DEVICE_CODE_POLL_INTERVAL
+  };
+}
+
+/**
+ * Get device code details by user code
+ */
+async function getDeviceCodeByUserCode(userCode) {
+  // Try Redis first (faster)
+  const deviceCode = await redisLogs.get(`usercode:${userCode}`);
+  if (deviceCode) {
+    const data = await redisLogs.get(`device:${deviceCode}`);
+    if (data) {
+      return { device_code: deviceCode, ...data };
+    }
+  }
+
+  // Fallback to database
+  const dbRecord = await db.getDeviceCodeByUserCode(userCode);
+  if (dbRecord) {
+    return {
+      device_code: dbRecord.device_code,
+      user_code: dbRecord.user_code,
+      agent_name: dbRecord.agent_name,
+      capabilities: dbRecord.agent_capabilities,
+      status: dbRecord.status,
+      user_id: dbRecord.user_id
+    };
+  }
+
+  return null;
+}
+
+/**
+ * Approve device code
+ * User approves agent registration in Web UI
+ */
+async function approveDeviceCode(userCode, userId, projectId = null) {
+  const deviceData = await getDeviceCodeByUserCode(userCode);
+  if (!deviceData) {
+    throw new Error('Device code not found or expired');
+  }
+
+  if (deviceData.status !== 'pending') {
+    throw new Error('Device code already processed');
+  }
+
+  // Update database
+  await db.approveDeviceCode(deviceData.device_code, userId);
+
+  // Update Redis (include project_id)
+  await redisLogs.set(
+    `device:${deviceData.device_code}`,
+    JSON.stringify({
+      ...deviceData,
+      status: 'approved',
+      user_id: userId,
+      project_id: projectId
+    }),
+    300 // Keep for 5 more minutes for polling
+  );
+
+  return true;
+}
+
+/**
+ * Deny device code
+ */
+async function denyDeviceCode(userCode) {
+  const deviceData = await getDeviceCodeByUserCode(userCode);
+  if (!deviceData) {
+    throw new Error('Device code not found or expired');
+  }
+
+  // Update database
+  await db.denyDeviceCode(deviceData.device_code);
+
+  // Update Redis
+  await redisLogs.set(
+    `device:${deviceData.device_code}`,
+    JSON.stringify({
+      ...deviceData,
+      status: 'denied'
+    }),
+    60 // Keep for 1 minute
+  );
+
+  return true;
+}
+
+/**
+ * Poll for device token
+ * Step 2 of device flow - agent polls this endpoint
+ */
+async function pollDeviceToken(deviceCode) {
+  // Check Redis first
+  let deviceData = await redisLogs.get(`device:${deviceCode}`);
+
+  // Fallback to database
+  if (!deviceData) {
+    const dbRecord = await db.getDeviceCode(deviceCode);
+    if (!dbRecord) {
+      return { error: 'invalid_grant', error_description: 'Device code not found or expired' };
+    }
+    deviceData = {
+      status: dbRecord.status,
+      user_id: dbRecord.user_id,
+      agent_name: dbRecord.agent_name,
+      capabilities: dbRecord.agent_capabilities
+    };
+  }
+
+  if (deviceData.status === 'pending') {
+    return { error: 'authorization_pending', error_description: 'User has not approved yet' };
+  }
+
+  if (deviceData.status === 'denied') {
+    return { error: 'access_denied', error_description: 'User denied the request' };
+  }
+
+  if (deviceData.status === 'approved') {
+    // Generate agent ID and token
+    const agentId = `agent-${Date.now()}-${crypto.randomBytes(4).toString('hex')}`;
+    const projectId = deviceData.project_id || null;
+    const accessToken = generateAgentToken(agentId, deviceData.user_id, projectId);
+    const tokenHash = hashToken(accessToken);
+
+    // Create agent in database
+    await db.createAgent({
+      id: agentId,
+      userId: deviceData.user_id,
+      name: deviceData.agent_name,
+      hostname: null,
+      capabilities: deviceData.capabilities,
+      accessTokenHash: tokenHash,
+      projectId: projectId
+    });
+
+    // Clean up device code
+    await redisLogs.del(`device:${deviceCode}`);
+    await redisLogs.del(`usercode:${deviceData.user_code}`);
+
+    return {
+      access_token: accessToken,
+      token_type: 'Bearer',
+      expires_in: 90 * 24 * 60 * 60, // 90 days in seconds
+      agent_id: agentId,
+      project_id: projectId
+    };
+  }
+
+  return { error: 'invalid_grant', error_description: 'Invalid device code state' };
+}
+
+module.exports = {
+  generateUserCode,
+  generateDeviceCode,
+  generateAgentToken,
+  verifyAgentToken,
+  hashToken,
+  requestDeviceCode,
+  getDeviceCodeByUserCode,
+  approveDeviceCode,
+  denyDeviceCode,
+  pollDeviceToken
+};

package/lib/email.js

@@ -0,0 +1,420 @@
+const nodemailer = require('nodemailer');
+
+// SMTP configuration from environment or config
+const SMTP_CONFIG = {
+  host: process.env.SMTP_HOST || 'smtp.gmail.com',
+  port: parseInt(process.env.SMTP_PORT || '587'),
+  secure: process.env.SMTP_SECURE === 'true', // use TLS for port 587
+  auth: {
+    user: process.env.SMTP_USER || 'riccardo.ravaro@datatamer.ai',
+    pass: process.env.SMTP_PASSWORD || ''
+  }
+};
+
+// Create reusable transporter
+let transporter = null;
+
+function getTransporter() {
+  if (!transporter) {
+    transporter = nodemailer.createTransport(SMTP_CONFIG);
+  }
+  return transporter;
+}
+
+async function sendEmail(to, subject, html) {
+  try {
+    const transport = getTransporter();
+
+    const info = await transport.sendMail({
+      from: `"AgentDev" <${SMTP_CONFIG.auth.user}>`,
+      to,
+      subject,
+      html
+    });
+
+    console.log('Email sent:', info.messageId);
+    return { success: true, messageId: info.messageId };
+  } catch (error) {
+    console.error('Error sending email:', error);
+    return { success: false, error: error.message };
+  }
+}
+
+async function sendPasswordResetEmail(email, resetToken, baseUrl) {
+  const resetLink = `${baseUrl}/reset-password?token=${resetToken}`;
+
+  const html = `
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;
+      line-height: 1.6;
+      color: #333;
+      margin: 0;
+      padding: 0;
+      background-color: #f5f5f5;
+    }
+    .container {
+      max-width: 600px;
+      margin: 40px auto;
+      background: white;
+      border-radius: 8px;
+      overflow: hidden;
+      box-shadow: 0 2px 8px rgba(0,0,0,0.1);
+    }
+    .header {
+      background: linear-gradient(135deg, #ff6b6b 0%, #ee5a6f 100%);
+      padding: 40px 30px;
+      text-align: center;
+    }
+    .header h1 {
+      margin: 0;
+      color: white;
+      font-size: 28px;
+      font-weight: 600;
+    }
+    .content {
+      padding: 40px 30px;
+    }
+    .content p {
+      margin: 0 0 20px;
+      font-size: 16px;
+    }
+    .button {
+      display: inline-block;
+      padding: 14px 32px;
+      background: linear-gradient(135deg, #ff6b6b 0%, #ee5a6f 100%);
+      color: white !important;
+      text-decoration: none;
+      border-radius: 6px;
+      font-weight: 600;
+      font-size: 16px;
+      margin: 20px 0;
+    }
+    .button:hover {
+      background: linear-gradient(135deg, #ee5a6f 0%, #ff6b6b 100%);
+    }
+    .code-box {
+      background: #f8f9fa;
+      border: 1px solid #e9ecef;
+      border-radius: 6px;
+      padding: 16px;
+      margin: 20px 0;
+      text-align: center;
+    }
+    .code {
+      font-family: 'Courier New', monospace;
+      font-size: 18px;
+      font-weight: bold;
+      color: #333;
+      letter-spacing: 2px;
+    }
+    .footer {
+      background: #f8f9fa;
+      padding: 30px;
+      text-align: center;
+      font-size: 14px;
+      color: #6c757d;
+    }
+    .warning {
+      background: #fff3cd;
+      border: 1px solid #ffeeba;
+      border-radius: 6px;
+      padding: 16px;
+      margin: 20px 0;
+      font-size: 14px;
+      color: #856404;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div class="header">
+      <h1>🔒 Password Reset</h1>
+    </div>
+
+    <div class="content">
+      <p>Hello,</p>
+
+      <p>We received a request to reset your password for your AgentDev account. Click the button below to create a new password:</p>
+
+      <div style="text-align: center;">
+        <a href="${resetLink}" class="button">Reset Password</a>
+      </div>
+
+      <p style="font-size: 14px; color: #6c757d;">Or copy and paste this link into your browser:</p>
+      <div class="code-box">
+        <div class="code">${resetLink}</div>
+      </div>
+
+      <div class="warning">
+        <strong>⚠️ Security Notice:</strong>
+        <ul style="margin: 8px 0; padding-left: 20px;">
+          <li>This link expires in 1 hour</li>
+          <li>If you didn't request this, you can safely ignore this email</li>
+          <li>Your password won't change until you click the link and create a new one</li>
+        </ul>
+      </div>
+
+      <p>If you have any questions or concerns, please contact support.</p>
+
+      <p>Best regards,<br>
+      <strong>The AgentDev Team</strong></p>
+    </div>
+
+    <div class="footer">
+      <p>This is an automated email from AgentDev. Please do not reply to this email.</p>
+      <p style="margin-top: 8px;">© ${new Date().getFullYear()} AgentDev. All rights reserved.</p>
+    </div>
+  </div>
+</body>
+</html>
+  `;
+
+  return await sendEmail(
+    email,
+    '🔒 Reset your AgentDev password',
+    html
+  );
+}
+
+async function sendWelcomeEmail(email, baseUrl) {
+  const html = `
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;
+      line-height: 1.6;
+      color: #333;
+      margin: 0;
+      padding: 0;
+      background-color: #f5f5f5;
+    }
+    .container {
+      max-width: 600px;
+      margin: 40px auto;
+      background: white;
+      border-radius: 8px;
+      overflow: hidden;
+      box-shadow: 0 2px 8px rgba(0,0,0,0.1);
+    }
+    .header {
+      background: linear-gradient(135deg, #ff6b6b 0%, #ee5a6f 100%);
+      padding: 40px 30px;
+      text-align: center;
+    }
+    .header h1 {
+      margin: 0;
+      color: white;
+      font-size: 28px;
+      font-weight: 600;
+    }
+    .content {
+      padding: 40px 30px;
+    }
+    .button {
+      display: inline-block;
+      padding: 14px 32px;
+      background: linear-gradient(135deg, #ff6b6b 0%, #ee5a6f 100%);
+      color: white !important;
+      text-decoration: none;
+      border-radius: 6px;
+      font-weight: 600;
+      font-size: 16px;
+      margin: 20px 0;
+    }
+    .footer {
+      background: #f8f9fa;
+      padding: 30px;
+      text-align: center;
+      font-size: 14px;
+      color: #6c757d;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div class="header">
+      <h1>🎉 Welcome to AgentDev!</h1>
+    </div>
+
+    <div class="content">
+      <p>Hello,</p>
+
+      <p>Your AgentDev account has been created successfully! You can now start managing distributed agents and automating your workflows.</p>
+
+      <div style="text-align: center;">
+        <a href="${baseUrl}/login" class="button">Go to Dashboard</a>
+      </div>
+
+      <p><strong>Getting Started:</strong></p>
+      <ol>
+        <li>Configure your GitHub OAuth App in the Profile settings</li>
+        <li>Install the agent client on your machines</li>
+        <li>Register agents using the device flow</li>
+        <li>Start automating your GitHub tickets!</li>
+      </ol>
+
+      <p>If you have any questions, feel free to reach out to our support team.</p>
+
+      <p>Happy automating!<br>
+      <strong>The AgentDev Team</strong></p>
+    </div>
+
+    <div class="footer">
+      <p>© ${new Date().getFullYear()} AgentDev. All rights reserved.</p>
+    </div>
+  </div>
+</body>
+</html>
+  `;
+
+  return await sendEmail(
+    email,
+    '🎉 Welcome to AgentDev!',
+    html
+  );
+}
+
+async function sendVerificationEmail(email, verificationToken, baseUrl) {
+  const verifyLink = `${baseUrl}/verify-email?token=${verificationToken}`;
+
+  const html = `
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;
+      line-height: 1.6;
+      color: #333;
+      margin: 0;
+      padding: 0;
+      background-color: #f5f5f5;
+    }
+    .container {
+      max-width: 600px;
+      margin: 40px auto;
+      background: white;
+      border-radius: 8px;
+      overflow: hidden;
+      box-shadow: 0 2px 8px rgba(0,0,0,0.1);
+    }
+    .header {
+      background: linear-gradient(135deg, #ff6b6b 0%, #ee5a6f 100%);
+      padding: 40px 30px;
+      text-align: center;
+    }
+    .header h1 {
+      margin: 0;
+      color: white;
+      font-size: 28px;
+      font-weight: 600;
+    }
+    .content {
+      padding: 40px 30px;
+    }
+    .button {
+      display: inline-block;
+      padding: 14px 32px;
+      background: linear-gradient(135deg, #ff6b6b 0%, #ee5a6f 100%);
+      color: white !important;
+      text-decoration: none;
+      border-radius: 6px;
+      font-weight: 600;
+      font-size: 16px;
+      margin: 20px 0;
+    }
+    .code-box {
+      background: #f8f9fa;
+      border: 1px solid #e9ecef;
+      border-radius: 6px;
+      padding: 16px;
+      margin: 20px 0;
+      text-align: center;
+    }
+    .footer {
+      background: #f8f9fa;
+      padding: 30px;
+      text-align: center;
+      font-size: 14px;
+      color: #6c757d;
+    }
+    .warning {
+      background: #fff3cd;
+      border: 1px solid #ffeeba;
+      border-radius: 6px;
+      padding: 16px;
+      margin: 20px 0;
+      font-size: 14px;
+      color: #856404;
+    }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <div class="header">
+      <h1>📧 Verify Your Email</h1>
+    </div>
+
+    <div class="content">
+      <p>Hello,</p>
+
+      <p>Thank you for registering with AgentDev! Please verify your email address to activate your account.</p>
+
+      <div style="text-align: center;">
+        <a href="${verifyLink}" class="button">Verify Email Address</a>
+      </div>
+
+      <p style="font-size: 14px; color: #6c757d;">Or copy and paste this link into your browser:</p>
+      <div class="code-box">
+        <div style="font-family: 'Courier New', monospace; font-size: 12px; word-break: break-all;">${verifyLink}</div>
+      </div>
+
+      <div class="warning">
+        <strong>⏰ Important:</strong>
+        <ul style="margin: 8px 0; padding-left: 20px;">
+          <li>This link expires in 24 hours</li>
+          <li>You must verify your email before you can log in</li>
+          <li>If you didn't create this account, you can safely ignore this email</li>
+        </ul>
+      </div>
+
+      <p>Once verified, you'll be able to sign in and start managing your distributed agents!</p>
+
+      <p>Best regards,<br>
+      <strong>The AgentDev Team</strong></p>
+    </div>
+
+    <div class="footer">
+      <p>This is an automated email from AgentDev. Please do not reply to this email.</p>
+      <p style="margin-top: 8px;">© ${new Date().getFullYear()} AgentDev. All rights reserved.</p>
+    </div>
+  </div>
+</body>
+</html>
+  `;
+
+  return await sendEmail(
+    email,
+    '📧 Verify your AgentDev email address',
+    html
+  );
+}
+
+module.exports = {
+  sendEmail,
+  sendPasswordResetEmail,
+  sendWelcomeEmail,
+  sendVerificationEmail
+};