agentstudio 0.1.0 → 0.1.2

package/src/bin/agentstudio.ts

@@ -1,8 +1,6 @@
 #!/usr/bin/env node
-
 import { program } from 'commander';
 import { startServer } from '../index.js';
-import { spawn } from 'child_process';
 import path from 'path';
 import { fileURLToPath } from 'url';
 
@@ -10,127 +8,98 @@ const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
 program
-  .name('agentstudio')
-  .description('AgentStudio - AI-powered presentation editor with Claude integration')
-  .version('0.1.0');
+    .name('agentstudio')
+    .description('AgentStudio - AI-powered presentation editor with Claude integration')
+    .version('0.1.0');
 
 // Start both frontend and backend
 program
-  .command('start')
-  .description('Start both frontend and backend servers')
-  .option('-p, --port <port>', 'backend server port', '4936')
-  .option('-f, --frontend-port <port>', 'frontend server port', '3000')
-  .option('-h, --host <host>', 'server host', 'localhost')
-  .option('-c, --config <path>', 'path to config file')
-  .option('--env <path>', 'path to .env file')
-  .option('--no-auth', 'disable authentication (development only)')
-  .action(async (options) => {
-    console.log('🚀 Starting AgentStudio...');
-
-    // Start backend
-    process.env.PORT = options.port;
-    process.env.HOST = options.host;
-
-    if (options.env) {
-      process.env.ENV_PATH = options.env;
-    }
-
-    if (options.config) {
-      process.env.CONFIG_PATH = options.config;
-    }
-
-    if (options.noAuth) {
-      process.env.NO_AUTH = 'true';
-    }
-
-    try {
-      await startServer();
-      console.log(`✅ Backend running on http://${options.host}:${options.port}`);
-      console.log(`✅ Frontend running on http://${options.host}:${options.frontendPort}`);
-      console.log('📖 Open your browser to http://localhost:3000 to start using AgentStudio');
-    } catch (error) {
-      console.error('❌ Failed to start AgentStudio:', error);
-      process.exit(1);
-    }
-  });
+    .command('start')
+    .description('Start both frontend and backend servers')
+    .option('-p, --port <port>', 'backend server port', '4936')
+    .option('-f, --frontend-port <port>', 'frontend server port', '3000')
+    .option('-h, --host <host>', 'server host', 'localhost')
+    .option('-c, --config <path>', 'path to config file')
+    .option('--env <path>', 'path to .env file')
+    .option('--no-auth', 'disable authentication (development only)')
+    .action(async (options: any) => {
+        console.log('🚀 Starting AgentStudio...');
+
+        // Start backend
+        process.env.PORT = options.port;
+        process.env.HOST = options.host;
+
+        if (options.env) {
+            process.env.ENV_PATH = options.env;
+        }
+        if (options.config) {
+            process.env.CONFIG_PATH = options.config;
+        }
+        if (options.noAuth) {
+            process.env.NO_AUTH = 'true';
+        }
+
+        try {
+            // Start backend server
+            await startServer();
+            console.log(`✅ Backend running on http://${options.host}:${options.port}`);
+
+            // Serve frontend static files
+            console.log(`✅ Frontend available at http://${options.host}:${options.port}`);
+            console.log('📖 Open your browser to start using AgentStudio');
+        } catch (error) {
+            console.error('❌ Failed to start AgentStudio:', error);
+            process.exit(1);
+        }
+    });
 
 // Start backend only
 program
-  .command('backend')
-  .description('Start backend server only')
-  .option('-p, --port <port>', 'server port', '4936')
-  .option('-h, --host <host>', 'server host', 'localhost')
-  .option('-c, --config <path>', 'path to config file')
-  .option('--env <path>', 'path to .env file')
-  .option('--no-auth', 'disable authentication (development only)')
-  .action(async (options) => {
-    console.log('🚀 Starting AgentStudio Backend...');
-
-    process.env.PORT = options.port;
-    process.env.HOST = options.host;
-
-    if (options.env) {
-      process.env.ENV_PATH = options.env;
-    }
-
-    if (options.config) {
-      process.env.CONFIG_PATH = options.config;
-    }
-
-    if (options.noAuth) {
-      process.env.NO_AUTH = 'true';
-    }
-
-    try {
-      await startServer();
-      console.log(`✅ Backend running on http://${options.host}:${options.port}`);
-    } catch (error) {
-      console.error('❌ Failed to start backend:', error);
-      process.exit(1);
-    }
-  });
-
-// Start frontend only (development mode)
-program
-  .command('frontend')
-  .description('Start frontend development server only')
-  .option('-p, --port <port>', 'frontend server port', '3000')
-  .option('-h, --host <host>', 'server host', 'localhost')
-  .action((options) => {
-    console.log('🚀 Starting AgentStudio Frontend...');
-
-    const frontendDir = path.join(__dirname, '../../frontend');
-
-    const frontendProcess = spawn('npm', ['run', 'dev'], {
-      cwd: frontendDir,
-      stdio: 'inherit',
-      shell: true,
-      env: {
-        ...process.env,
-        PORT: options.port,
-        HOST: options.host
-      }
+    .command('backend')
+    .description('Start backend server only')
+    .option('-p, --port <port>', 'server port', '4936')
+    .option('-h, --host <host>', 'server host', 'localhost')
+    .option('-c, --config <path>', 'path to config file')
+    .option('--env <path>', 'path to .env file')
+    .option('--no-auth', 'disable authentication (development only)')
+    .action(async (options: any) => {
+        console.log('🚀 Starting AgentStudio Backend...');
+
+        process.env.PORT = options.port;
+        process.env.HOST = options.host;
+
+        if (options.env) {
+            process.env.ENV_PATH = options.env;
+        }
+        if (options.config) {
+            process.env.CONFIG_PATH = options.config;
+        }
+        if (options.noAuth) {
+            process.env.NO_AUTH = 'true';
+        }
+
+        try {
+            await startServer();
+            console.log(`✅ Backend running on http://${options.host}:${options.port}`);
+        } catch (error) {
+            console.error('❌ Failed to start backend:', error);
+            process.exit(1);
+        }
     });
 
-    frontendProcess.on('error', (error) => {
-      console.error('❌ Failed to start frontend:', error);
-      process.exit(1);
-    });
-  });
-
 // Initialize configuration
 program
-  .command('init')
-  .description('Initialize AgentStudio configuration')
-  .option('--env <path>', 'path to create .env file', '.env')
-  .action(async (options) => {
-    console.log('🔧 Initializing AgentStudio configuration...');
+    .command('init')
+    .description('Initialize AgentStudio configuration')
+    .option('--env <path>', 'path to create .env file', '.env')
+    .action(async (options: any) => {
+        console.log('🔧 Initializing AgentStudio configuration...');
 
-    const fs = await import('fs-extra');
-    const path = await import('path');
+        const fs = await import('fs-extra');
+        const path = await import('path');
 
-    const envPath = path.default.resolve(options.env);
-    const envContent = `# AgentStudio Configuration
+        const envPath = path.default.resolve(options.env);
+        const envContent = `# AgentStudio Configuration
 # AI Provider (choose one)
 OPENAI_API_KEY=your_openai_api_key_here
 ANTHROPIC_API_KEY=your_anthropic_api_key_here
@@ -147,15 +116,15 @@ SLIDES_DIR=./slides
 CORS_ORIGINS=https://your-frontend.vercel.app,https://custom-domain.com
 `;
 
-    try {
-      await fs.default.ensureFile(envPath);
-      await fs.default.writeFile(envPath, envContent);
-      console.log(`✅ Configuration file created: ${envPath}`);
-      console.log('📝 Please edit the .env file with your API keys and settings');
-    } catch (error) {
-      console.error('❌ Failed to create configuration file:', error);
-      process.exit(1);
-    }
-  });
+        try {
+            await fs.default.ensureFile(envPath);
+            await fs.default.writeFile(envPath, envContent);
+            console.log(`✅ Configuration file created: ${envPath}`);
+            console.log('📝 Please edit the .env file with your API keys and settings');
+        } catch (error) {
+            console.error('❌ Failed to create configuration file:', error);
+            process.exit(1);
+        }
+    });
 
 program.parse();

package/src/index.ts

@@ -2,99 +2,181 @@ import express from 'express';
 import cors from 'cors';
 import helmet from 'helmet';
 import dotenv from 'dotenv';
-import path from 'path';
 import { fileURLToPath } from 'url';
+import { dirname, join } from 'path';
 
-// Import routes
-import agentsRouter from './routes/agents.js';
-import authRouter from './routes/auth.js';
 import filesRouter from './routes/files.js';
+import agentsRouter from './routes/agents.js';
 import mcpRouter from './routes/mcp.js';
+import sessionsRouter from './routes/sessions.js';
 import mediaRouter from './routes/media.js';
-import slidesRouter from './routes/slides.js';
+import settingsRouter from './routes/settings.js';
+import commandsRouter from './routes/commands.js';
+import subagentsRouter from './routes/subagents.js';
+import projectsRouter from './routes/projects.js';
+import authRouter from './routes/auth.js';
+import { authMiddleware } from './middleware/auth.js';
 
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
+dotenv.config();
 
-// Load environment variables
-const envPath = process.env.ENV_PATH || '.env';
-dotenv.config({ path: envPath });
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
 
 const app = express();
 const PORT = process.env.PORT || 4936;
-const HOST = process.env.HOST || 'localhost';
 
-// Security middleware
+// Middleware
 app.use(helmet({
-  crossOriginEmbedderPolicy: false,
   contentSecurityPolicy: {
     directives: {
       defaultSrc: ["'self'"],
       scriptSrc: ["'self'", "'unsafe-inline'"],
-      styleSrc: ["'self'", "'unsafe-inline'"],
-      imgSrc: ["'self'", "data:", "blob:"],
+      styleSrc: ["'self'", "'unsafe-inline'", "https://fonts.googleapis.com", "https://cdn.jsdelivr.net"],
+      fontSrc: ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net"],
+      imgSrc: ["'self'", "data:", "https:"],
       connectSrc: ["'self'", "ws:", "wss:"],
-    },
-  },
+      frameAncestors: ["'self'", "http://localhost:3000", "https://localhost:3000", "http://localhost:3001"] // Allow iframe embedding
+    }
+  }
 }));
-
-// CORS configuration
-const corsOrigins = process.env.CORS_ORIGINS ?
-  process.env.CORS_ORIGINS.split(',').map(origin => origin.trim()) :
-  [
-    'http://localhost:3000',
-    'http://127.0.0.1:3000',
-    'https://*.vercel.app'
+// Configure CORS origins
+const getAllowedOrigins = () => {
+  const defaultOrigins = [
+    'http://localhost:3000', 
+    'http://127.0.0.1:3000', 
+    'http://localhost:3001',
+    'https://localhost:3000',
+    'https://localhost:3001'
   ];
+  
+  // Add custom origins from environment variable
+  const customOrigins = process.env.CORS_ORIGINS ? 
+    process.env.CORS_ORIGINS.split(',').map(origin => origin.trim()) : [];
+  
+  return [...defaultOrigins, ...customOrigins];
+};
 
 app.use(cors({
-  origin: corsOrigins,
-  credentials: true
+  origin: (origin, callback) => {
+    const allowedOrigins = getAllowedOrigins();
+
+    // Allow requests with no origin (like mobile apps or curl requests)
+    if (!origin) return callback(null, true);
+
+    // Check if the origin is allowed
+    if (allowedOrigins.includes(origin)) {
+      return callback(null, true);
+    }
+
+    // Allow Vercel preview URLs (*.vercel.app)
+    if (origin.endsWith('.vercel.app')) {
+      return callback(null, true);
+    }
+
+    // Allow agentstudio.cc and its subdomains (*.agentstudio.cc) - hardcoded
+    if (origin === 'https://agentstudio.cc' || origin.endsWith('.agentstudio.cc')) {
+      return callback(null, true);
+    }
+
+    // Allow custom domains from environment variable (CORS_ALLOWED_DOMAINS)
+    const customDomains = process.env.CORS_ALLOWED_DOMAINS ?
+      process.env.CORS_ALLOWED_DOMAINS.split(',').map(domain => domain.trim()) : [];
+
+    for (const domain of customDomains) {
+      // Match exact domain (https://example.com)
+      if (origin === `https://${domain}` || origin === `http://${domain}`) {
+        return callback(null, true);
+      }
+      // Match subdomains (https://*.example.com)
+      if (origin.endsWith(`.${domain}`)) {
+        return callback(null, true);
+      }
+    }
+
+    // Allow any localhost with any port for development
+    if (origin.match(/^https?:\/\/localhost(:\d+)?$/)) {
+      return callback(null, true);
+    }
+
+    // Allow 127.0.0.1 with any port for development
+    if (origin.match(/^https?:\/\/127\.0\.0\.1(:\d+)?$/)) {
+      return callback(null, true);
+    }
+
+    const msg = `The CORS policy for this site does not allow access from the specified Origin: ${origin}`;
+    return callback(new Error(msg), false);
+  },
+  credentials: true,
+  methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', 'PATCH'],
+  allowedHeaders: ['Content-Type', 'Authorization', 'Cache-Control', 'X-Requested-With'],
+  exposedHeaders: ['Content-Range', 'X-Content-Range']
 }));
+app.use(express.json({ limit: '10mb' }));
+app.use(express.urlencoded({ extended: true, limit: '10mb' }));
 
-// Body parsing middleware
-app.use(express.json({ limit: '50mb' }));
-app.use(express.urlencoded({ extended: true, limit: '50mb' }));
+// Static files - serve slides directory
+const slidesDir = join(__dirname, '../..', process.env.SLIDES_DIR || 'slides');
+app.use('/slides', express.static(slidesDir));
 
-// Serve static files
-const frontendDistPath = path.join(__dirname, '../frontend/dist');
-app.use(express.static(frontendDistPath));
+// Serve frontend static files in production
+const frontendDir = join(__dirname, '../frontend/dist');
+if (process.env.NODE_ENV === 'production') {
+  app.use(express.static(frontendDir));
+
+  // Handle SPA routing - serve index.html for all other routes
+  app.get('*', (req, res) => {
+    res.sendFile(join(frontendDir, 'index.html'));
+  });
+}
 
-// API routes
-app.use('/api/agents', agentsRouter);
+// Routes - Public routes
 app.use('/api/auth', authRouter);
-app.use('/api/files', filesRouter);
-app.use('/api/mcp', mcpRouter);
-app.use('/api/media', mediaRouter);
-app.use('/api/slides', slidesRouter);
 
-// Health check endpoint
+// Protected routes - Require authentication
+app.use('/api/files', authMiddleware, filesRouter);
+app.use('/api/agents', authMiddleware, agentsRouter);
+app.use('/api/mcp', authMiddleware, mcpRouter);
+app.use('/api/sessions', authMiddleware, sessionsRouter);
+app.use('/api/settings', authMiddleware, settingsRouter);
+app.use('/api/commands', authMiddleware, commandsRouter);
+app.use('/api/subagents', authMiddleware, subagentsRouter);
+app.use('/api/projects', authMiddleware, projectsRouter);
+app.use('/media', authMiddleware, mediaRouter);
+
+// Health check
 app.get('/api/health', (req, res) => {
-  res.json({
-    status: 'ok',
-    timestamp: new Date().toISOString(),
-    version: '0.1.0'
-  });
+  res.json({ status: 'ok', timestamp: new Date().toISOString() });
 });
 
-// Serve frontend for all other routes (SPA routing)
-app.get('*', (req, res) => {
-  res.sendFile(path.join(frontendDistPath, 'index.html'));
+// Error handling
+app.use((err: any, req: express.Request, res: express.Response, next: express.NextFunction) => {
+  console.error('Error:', err);
+  res.status(500).json({
+    error: 'Internal server error',
+    message: process.env.NODE_ENV === 'development' ? err.message : 'Something went wrong'
+  });
 });
 
-export function startServer(): Promise<void> {
-  return new Promise((resolve) => {
-    const port = parseInt(process.env.PORT || PORT.toString());
-    const host = process.env.HOST || HOST;
-    const server = app.listen(port, host, () => {
-      console.log(`🚀 AgentStudio running on http://${host}:${port}`);
-      console.log('📖 Open your browser to start using AgentStudio');
-      resolve();
+// 404 handler - only for API routes in production
+if (process.env.NODE_ENV !== 'production') {
+  app.use('*', (req, res) => {
+    res.status(404).json({ error: 'Route not found' });
+  });
+}
+
+export function startServer() {
+  return new Promise((resolve, reject) => {
+    const server = app.listen(PORT, () => {
+      console.log(`AI PPT Editor backend running on http://localhost:${PORT}`);
+      console.log(`Serving slides from: ${slidesDir}`);
+      resolve(server);
     });
+
+    server.on('error', reject);
   });
 }
 
-// Only start server if this file is run directly
+// Start server if this file is run directly
 if (import.meta.url === `file://${process.argv[1]}`) {
   startServer().catch(console.error);
 }

package/src/routes/agents.ts

@@ -7,11 +7,11 @@ import { spawn } from 'child_process';
 import { exec } from 'child_process';
 import { promisify } from 'util';
 import { query, Options } from '@anthropic-ai/claude-code';
-import { AgentStorage } from '../utils/agentStorage.js';
-import { AgentConfig, BUILTIN_AGENTS } from '../types/index.js';
-import { ProjectMetadataStorage } from '../utils/projectMetadataStorage.js';
+import { AgentStorage } from '@agentstudio/shared/utils/agentStorage';
+import { AgentConfig } from '@agentstudio/shared/types/agents';
+import { ProjectMetadataStorage } from '@agentstudio/shared/utils/projectMetadataStorage';
 import { sessionManager } from '../services/sessionManager.js';
-import { getAllVersions, getDefaultVersionId } from '../utils/claudeVersionStorage.js';
+import { getAllVersions, getDefaultVersionId } from '@agentstudio/shared/utils/claudeVersionStorage';
 
 const router: express.Router = express.Router();
 const execAsync = promisify(exec);
@@ -31,6 +31,7 @@ const CreateAgentSchema = z.object({
   systemPrompt: z.string().min(1),
   maxTurns: z.number().min(1).max(100).optional().default(25),
   permissionMode: z.enum(['default', 'acceptEdits', 'bypassPermissions', 'plan']).optional().default('acceptEdits'),
+  model: z.string().min(1).optional().default('claude-3-5-sonnet-20241022'),
   allowedTools: z.array(z.object({
     name: z.string(),
     enabled: z.boolean(),
@@ -126,22 +127,22 @@ router.post('/sessions/:sessionId/interrupt', async (req, res) => {
 });
 
 // Get all agents
-router.get('/', async (req, res) => {
+router.get('/', (req, res) => {
   try {
     const { enabled, type } = req.query;
-    let agents = await globalAgentStorage.getAllAgents();
-
+    let agents = globalAgentStorage.getAllAgents();
+    
     // Filter by enabled status
     if (enabled !== undefined) {
       const isEnabled = enabled === 'true';
       agents = agents.filter(agent => agent.enabled === isEnabled);
     }
-
+    
     // Filter by component type
     if (type && typeof type === 'string') {
       agents = agents.filter(agent => agent.ui.componentType === type);
     }
-
+    
     res.json({ agents });
   } catch (error) {
     console.error('Failed to get agents:', error);
@@ -153,15 +154,15 @@ router.get('/', async (req, res) => {
 
 
 // Get specific agent
-router.get('/:agentId', async (req, res) => {
+router.get('/:agentId', (req, res) => {
   try {
     const { agentId } = req.params;
-    const agent = await globalAgentStorage.getAgent(agentId);
-
+    const agent = globalAgentStorage.getAgent(agentId);
+    
     if (!agent) {
       return res.status(404).json({ error: 'Agent not found' });
     }
-
+    
     res.json({ agent });
   } catch (error) {
     console.error('Failed to get agent:', error);
@@ -170,7 +171,7 @@ router.get('/:agentId', async (req, res) => {
 });
 
 // Create new agent
-router.post('/', async (req, res) => {
+router.post('/', (req, res) => {
   try {
     const validation = CreateAgentSchema.safeParse(req.body);
     if (!validation.success) {
@@ -178,16 +179,15 @@ router.post('/', async (req, res) => {
     }
 
     const agentData = validation.data;
-
+    
     // Check if agent ID already exists
-    const existingAgent = await globalAgentStorage.getAgent(agentData.id);
+    const existingAgent = globalAgentStorage.getAgent(agentData.id);
     if (existingAgent) {
       return res.status(409).json({ error: 'Agent with this ID already exists' });
     }
 
-    const agent = await globalAgentStorage.createAgent({
+    const agent = globalAgentStorage.createAgent({
       version: '1.0.0',
-      model: 'claude-3-5-sonnet-20241022',
       ...agentData
     } as Omit<AgentConfig, 'createdAt' | 'updatedAt'>);
 
@@ -199,16 +199,16 @@ router.post('/', async (req, res) => {
 });
 
 // Update agent
-router.put('/:agentId', async (req, res) => {
+router.put('/:agentId', (req, res) => {
   try {
     const { agentId } = req.params;
     const validation = UpdateAgentSchema.safeParse(req.body);
-
+    
     if (!validation.success) {
       return res.status(400).json({ error: 'Invalid agent data', details: validation.error });
     }
 
-    const existingAgent = await globalAgentStorage.getAgent(agentId);
+    const existingAgent = globalAgentStorage.getAgent(agentId);
     if (!existingAgent) {
       return res.status(404).json({ error: 'Agent not found' });
     }
@@ -220,7 +220,7 @@ router.put('/:agentId', async (req, res) => {
       updatedAt: new Date().toISOString()
     };
 
-    await globalAgentStorage.saveAgent(updatedAgent);
+    globalAgentStorage.saveAgent(updatedAgent);
     res.json({ agent: updatedAgent, message: 'Agent updated successfully' });
   } catch (error) {
     console.error('Failed to update agent:', error);
@@ -229,16 +229,15 @@ router.put('/:agentId', async (req, res) => {
 });
 
 // Delete agent
-router.delete('/:agentId', async (req, res) => {
+router.delete('/:agentId', (req, res) => {
   try {
     const { agentId } = req.params;
-
-    const existingAgent = await globalAgentStorage.getAgent(agentId);
-    if (!existingAgent) {
+    const deleted = globalAgentStorage.deleteAgent(agentId);
+    
+    if (!deleted) {
       return res.status(404).json({ error: 'Agent not found' });
     }
-
-    await globalAgentStorage.deleteAgent(agentId);
+    
     res.json({ success: true, message: 'Agent deleted successfully' });
   } catch (error) {
     console.error('Failed to delete agent:', error);
@@ -681,7 +680,7 @@ router.post('/chat', async (req, res) => {
     const { message, images, agentId, sessionId, projectPath, mcpTools, permissionMode, model, claudeVersion } = validation.data;
 
     // 获取 agent 配置
-    const agent = await globalAgentStorage.getAgent(agentId);
+    const agent = globalAgentStorage.getAgent(agentId);
     if (!agent) {
       return res.status(404).json({ error: 'Agent not found' });
     }

package/src/routes/{commands.ts.bak → commands.ts}

@@ -3,7 +3,7 @@ import fs from 'fs';
 import path from 'path';
 import { promisify } from 'util';
 import matter from 'gray-matter';
-import { SlashCommand, SlashCommandCreate, SlashCommandUpdate, SlashCommandFilter } from '../types/commands.js';
+import { SlashCommand, SlashCommandCreate, SlashCommandUpdate, SlashCommandFilter } from '@agentstudio/shared/types/commands';
 
 const router: Router = express.Router();
 const readdir = promisify(fs.readdir);