ai-agent-session-center 2.0.2 → 2.0.3

package/server/hookStats.ts

@@ -0,0 +1,116 @@
+// hookStats.ts — In-memory hook performance statistics
+// Tracks delivery latency, server processing time, and throughput per event type.
+// Stats are broadcast to the dashboard via WebSocket.
+
+import type { HookStats, HookTimingStats, HookEventStats } from '../src/types/websocket.js';
+
+const ROLLING_WINDOW = 200; // keep last N samples per event type
+const RATE_WINDOW_MS = 60_000; // 1 minute for hooks/min calculation
+
+interface EventBucket {
+  count: number;
+  latencies: number[];       // delivery latency (hook_sent_at -> server received), ms
+  processingTimes: number[];  // server handleEvent() duration, ms
+  timestamps: number[];       // for per-event rate
+}
+
+// Per event type
+const byEvent: Record<string, EventBucket> = {};
+// Global totals
+let totalHooks = 0;
+const globalTimestamps: number[] = []; // for hooks/min rate
+
+function ensureEvent(eventType: string): EventBucket {
+  if (!byEvent[eventType]) {
+    byEvent[eventType] = {
+      count: 0,
+      latencies: [],
+      processingTimes: [],
+      timestamps: [],
+    };
+  }
+  return byEvent[eventType];
+}
+
+/**
+ * Record a hook event's timing.
+ * @param eventType - e.g. 'PreToolUse', 'Stop'
+ * @param deliveryLatencyMs - hook_sent_at -> server received (null if no timestamp)
+ * @param processingTimeMs - server handleEvent() duration
+ */
+export function recordHook(eventType: string, deliveryLatencyMs: number | null, processingTimeMs: number): void {
+  const now = Date.now();
+  totalHooks++;
+
+  // Global rate tracking
+  globalTimestamps.push(now);
+  while (globalTimestamps.length > 0 && now - globalTimestamps[0] > RATE_WINDOW_MS) {
+    globalTimestamps.shift();
+  }
+
+  const ev = ensureEvent(eventType);
+  ev.count++;
+  ev.timestamps.push(now);
+
+  if (deliveryLatencyMs !== null && deliveryLatencyMs >= 0) {
+    ev.latencies.push(deliveryLatencyMs);
+    if (ev.latencies.length > ROLLING_WINDOW) ev.latencies.shift();
+  }
+
+  ev.processingTimes.push(processingTimeMs);
+  if (ev.processingTimes.length > ROLLING_WINDOW) ev.processingTimes.shift();
+
+  // Trim timestamps
+  while (ev.timestamps.length > 0 && now - ev.timestamps[0] > RATE_WINDOW_MS) {
+    ev.timestamps.shift();
+  }
+}
+
+function calcStats(arr: number[]): HookTimingStats {
+  if (arr.length === 0) return { avg: 0, min: 0, max: 0, p95: 0 };
+  const sorted = [...arr].sort((a, b) => a - b);
+  const sum = sorted.reduce((a, b) => a + b, 0);
+  return {
+    avg: Math.round(sum / sorted.length),
+    min: sorted[0],
+    max: sorted[sorted.length - 1],
+    p95: sorted[Math.floor(sorted.length * 0.95)],
+  };
+}
+
+/**
+ * Get current hook stats snapshot for API/WebSocket.
+ */
+export function getStats(): HookStats {
+  const now = Date.now();
+  const events: Record<string, HookEventStats> = {};
+
+  for (const [eventType, ev] of Object.entries(byEvent)) {
+    // Count hooks in last minute for per-event rate
+    const recentCount = ev.timestamps.filter(t => now - t < RATE_WINDOW_MS).length;
+    events[eventType] = {
+      count: ev.count,
+      rate: recentCount, // hooks in last minute
+      latency: calcStats(ev.latencies),
+      processing: calcStats(ev.processingTimes),
+    };
+  }
+
+  return {
+    totalHooks,
+    hooksPerMin: globalTimestamps.filter(t => now - t < RATE_WINDOW_MS).length,
+    events,
+    sampledAt: now,
+  };
+}
+
+/**
+ * Reset all stats (for testing or manual reset).
+ */
+export function resetStats(): void {
+  totalHooks = 0;
+  globalTimestamps.length = 0;
+  for (const key of Object.keys(byEvent)) {
+    delete byEvent[key];
+  }
+}

package/server/index.js

@@ -65,7 +65,14 @@ app.post('/api/auth/logout', (req, res) => {
 });
 
 // ── Static files (always served — login page is part of SPA) ──
-app.use(express.static(join(__dirname, '..', 'public')));
+// Serve built React app from dist/client (after vite build), fallback to public/
+import { existsSync } from 'fs';
+const distDir = join(__dirname, '..', 'dist', 'client');
+if (existsSync(distDir)) {
+  app.use(express.static(distDir));
+} else {
+  app.use(express.static(join(__dirname, '..', 'public')));
+}
 
 // ── Hook endpoints (no auth — CLI hooks must work without login) ──
 app.use('/api/hooks', hookRateLimitMiddleware, hookRouter);
@@ -88,6 +95,13 @@ if (log.isDebug) {
   });
 }
 
+// ── SPA fallback for React Router (dist/client only) ──
+if (existsSync(distDir)) {
+  app.get('/{*path}', (req, res) => {
+    res.sendFile(join(distDir, 'index.html'));
+  });
+}
+
 // ── WebSocket with auth validation ──
 wss.on('connection', (ws, req) => {
   if (isPasswordEnabled()) {

package/server/index.ts

@@ -0,0 +1,230 @@
+// index.ts — Express + WS server entry point (thin orchestrator)
+// Quick start: npm start -> auto-installs hooks, starts server, opens browser
+import express from 'express';
+import { createServer } from 'http';
+import { WebSocketServer } from 'ws';
+import { fileURLToPath } from 'url';
+import { dirname, join } from 'path';
+import { execSync } from 'child_process';
+import hookRouter from './hookRouter.js';
+import { handleConnection, stopHeartbeat } from './wsManager.js';
+import { getAllSessions, loadSnapshot, saveSnapshot, startPeriodicSave, stopPeriodicSave } from './sessionStore.js';
+import { closeDb } from './db.js';
+import apiRouter, { hookRateLimitMiddleware } from './apiRouter.js';
+import { startMqReader, stopMqReader, getMqOffset } from './mqReader.js';
+import log from './logger.js';
+import { config } from './serverConfig.js';
+import { ensureHooksInstalled } from './hookInstaller.js';
+import { resolvePort, killPortProcess } from './portManager.js';
+import { networkInterfaces } from 'os';
+import {
+  isPasswordEnabled, verifyPassword, createToken, validateToken,
+  removeToken, parseCookieToken, extractToken, authMiddleware,
+  startTokenCleanup, stopTokenCleanup,
+} from './authManager.js';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const args = process.argv.slice(2);
+const noOpen = args.includes('--no-open');
+
+const app = express();
+const server = createServer(app);
+const wss = new WebSocketServer({ server });
+
+app.use(express.json({ limit: '10mb' }));
+
+// -- Auth endpoints (no auth required) --
+app.get('/api/auth/status', (req, res) => {
+  const passwordRequired = isPasswordEnabled();
+  const token = parseCookieToken(req.headers.cookie);
+  const authenticated = passwordRequired ? validateToken(token) : true;
+  res.json({ passwordRequired, authenticated });
+});
+
+app.post('/api/auth/login', (req, res) => {
+  if (!isPasswordEnabled()) {
+    res.json({ success: true });
+    return;
+  }
+  const { password } = req.body || {};
+  if (!password || typeof password !== 'string') {
+    res.status(400).json({ error: 'Password is required' });
+    return;
+  }
+  if (!verifyPassword(password, config.passwordHash ?? '')) {
+    res.status(401).json({ error: 'Wrong password' });
+    return;
+  }
+  const token = createToken();
+  res.setHeader('Set-Cookie', `auth_token=${token}; HttpOnly; SameSite=Strict; Path=/; Max-Age=${24 * 60 * 60}`);
+  res.json({ success: true, token });
+});
+
+app.post('/api/auth/logout', (req, res) => {
+  const token = parseCookieToken(req.headers.cookie);
+  removeToken(token ?? '');
+  res.setHeader('Set-Cookie', 'auth_token=; HttpOnly; SameSite=Strict; Path=/; Max-Age=0');
+  res.json({ success: true });
+});
+
+// -- Static files (always served -- login page is part of SPA) --
+app.use(express.static(join(__dirname, '..', 'public')));
+
+// -- Hook endpoints (no auth -- CLI hooks must work without login) --
+app.use('/api/hooks', hookRateLimitMiddleware, hookRouter);
+
+// -- Protected API routes --
+app.use('/api', authMiddleware, apiRouter);
+app.get('/api/sessions', authMiddleware, (_req, res) => {
+  log.debug('api', 'GET /api/sessions');
+  res.json(getAllSessions());
+});
+
+// Request logging middleware (debug mode only)
+if (log.isDebug) {
+  app.use((req, res, next) => {
+    const start = Date.now();
+    res.on('finish', () => {
+      log.debug('http', `${req.method} ${req.originalUrl} ${res.statusCode} ${Date.now() - start}ms`);
+    });
+    next();
+  });
+}
+
+// -- WebSocket with auth validation --
+wss.on('connection', (ws, req) => {
+  if (isPasswordEnabled()) {
+    const token = extractToken(req);
+    if (!validateToken(token)) {
+      log.debug('auth', 'Rejected unauthorized WebSocket connection');
+      ws.close(4001, 'Unauthorized');
+      return;
+    }
+  }
+  handleConnection(ws);
+});
+
+wss.on('error', (err) => {
+  log.warn('ws', `WebSocket server error: ${err.message}`);
+});
+
+const PORT = resolvePort(args, config);
+
+// Auto-open browser
+function openBrowser(url: string): void {
+  if (noOpen) return;
+  try {
+    const cmd = process.platform === 'darwin' ? 'open'
+      : process.platform === 'win32' ? 'start'
+      : 'xdg-open';
+    execSync(`${cmd} "${url}"`, { stdio: 'ignore', timeout: 5000 });
+  } catch {
+    // Browser open failed -- not critical
+  }
+}
+
+function getLocalIP(): string | null {
+  const nets = networkInterfaces();
+  // Prefer en0 (Wi-Fi on macOS) for the most useful LAN address
+  const preferred = ['en0', 'en1', 'eth0', 'wlan0'];
+  for (const name of preferred) {
+    if (nets[name]) {
+      for (const cfg of nets[name]!) {
+        if (cfg.family === 'IPv4' && !cfg.internal) return cfg.address;
+      }
+    }
+  }
+  // Fallback to first non-internal IPv4
+  for (const iface of Object.values(nets)) {
+    if (!iface) continue;
+    for (const cfg of iface) {
+      if (cfg.family === 'IPv4' && !cfg.internal) return cfg.address;
+    }
+  }
+  return null;
+}
+
+function onReady(): void {
+  const localIP = getLocalIP();
+  log.info('server', 'AI Agent Session Center');
+  log.info('server', `Local:   http://localhost:${PORT}`);
+  if (localIP) {
+    log.info('server', `Network: http://${localIP}:${PORT}`);
+  }
+  if (isPasswordEnabled()) {
+    log.info('server', 'Password protection ENABLED -- login required');
+  }
+  if (log.isDebug) {
+    log.info('server', 'Debug mode ENABLED -- verbose logging active');
+  }
+
+  // Auto-install hooks (copy script + register in settings.json)
+  ensureHooksInstalled(config);
+
+  // Restore sessions from snapshot (before starting MQ reader)
+  const snapshotResult = loadSnapshot();
+
+  // Start file-based message queue reader (resume from snapshot offset if available)
+  startMqReader(snapshotResult ? { resumeOffset: snapshotResult.mqOffset } : undefined);
+
+  // Start periodic snapshot saving (every 10s)
+  startPeriodicSave(getMqOffset);
+
+  // Start auth token cleanup (every hour)
+  startTokenCleanup();
+
+  // Open browser after a brief delay (let server fully initialize)
+  setTimeout(() => openBrowser(`http://localhost:${PORT}`), 300);
+}
+
+let retried = false;
+server.on('error', (err: NodeJS.ErrnoException) => {
+  if (err.code === 'EADDRINUSE' && !retried) {
+    retried = true;
+    log.info('server', `Port ${PORT} in use -- killing existing process...`);
+    killPortProcess(PORT);
+    setTimeout(() => server.listen(PORT, onReady), 1000);
+  } else {
+    throw err;
+  }
+});
+
+server.listen(PORT, onReady);
+
+// Graceful shutdown
+function gracefulShutdown(signal: string): void {
+  log.info('server', `Received ${signal}, shutting down...`);
+  stopPeriodicSave();
+  stopHeartbeat();
+  stopMqReader();
+  stopTokenCleanup();
+  // Save final snapshot before exiting
+  saveSnapshot(getMqOffset());
+  closeDb();
+  server.close(() => {
+    log.info('server', 'Server closed');
+    process.exit(0);
+  });
+  setTimeout(() => process.exit(1), 5000);
+}
+
+process.on('SIGTERM', () => gracefulShutdown('SIGTERM'));
+process.on('SIGINT', () => gracefulShutdown('SIGINT'));
+
+// Global error handlers -- log and continue (don't crash on transient errors)
+process.on('uncaughtException', (err: Error) => {
+  log.error('server', `Uncaught exception: ${err.message}`);
+  log.error('server', err.stack || '');
+  // Exit on truly fatal errors (e.g., out of memory)
+  if (err.message?.includes('out of memory') || err.message?.includes('ENOMEM')) {
+    process.exit(1);
+  }
+});
+
+process.on('unhandledRejection', (reason: unknown) => {
+  const msg = reason instanceof Error ? reason.message : String(reason);
+  log.error('server', `Unhandled rejection: ${msg}`);
+  if (reason instanceof Error && reason.stack) {
+    log.error('server', reason.stack);
+  }
+});

package/server/logger.ts

@@ -0,0 +1,75 @@
+// logger.ts — Debug-aware logging utility
+// Usage: node server/index.js --debug   OR   npm start -- --debug
+
+import { readFileSync } from 'fs';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
+
+// Check CLI flag first, then fall back to config file
+let isDebug = process.argv.includes('--debug') || process.argv.includes('-debug');
+if (!isDebug) {
+  try {
+    const __dir = dirname(fileURLToPath(import.meta.url));
+    const cfg = JSON.parse(readFileSync(join(__dir, '..', 'data', 'server-config.json'), 'utf8'));
+    if (cfg.debug) isDebug = true;
+  } catch { /* no config file yet */ }
+}
+
+const RESET = '\x1b[0m';
+const DIM   = '\x1b[2m';
+const CYAN  = '\x1b[36m';
+const YELLOW = '\x1b[33m';
+const RED   = '\x1b[31m';
+const MAGENTA = '\x1b[35m';
+
+function timestamp(): string {
+  return new Date().toISOString().replace('T', ' ').replace('Z', '');
+}
+
+function formatTag(tag: string): string {
+  return `${DIM}[${timestamp()}]${RESET} ${CYAN}[${tag}]${RESET}`;
+}
+
+interface Logger {
+  info(tag: string, ...args: unknown[]): void;
+  warn(tag: string, ...args: unknown[]): void;
+  error(tag: string, ...args: unknown[]): void;
+  debug(tag: string, ...args: unknown[]): void;
+  debugJson(tag: string, label: string, obj: unknown): void;
+  readonly isDebug: boolean;
+}
+
+const logger: Logger = {
+  /** Always shown */
+  info(tag: string, ...args: unknown[]) {
+    console.log(formatTag(tag), ...args);
+  },
+
+  /** Always shown */
+  warn(tag: string, ...args: unknown[]) {
+    console.warn(`${formatTag(tag)} ${YELLOW}WARN${RESET}`, ...args);
+  },
+
+  /** Always shown */
+  error(tag: string, ...args: unknown[]) {
+    console.error(`${formatTag(tag)} ${RED}ERROR${RESET}`, ...args);
+  },
+
+  /** Only shown in debug mode */
+  debug(tag: string, ...args: unknown[]) {
+    if (!isDebug) return;
+    console.log(`${formatTag(tag)} ${MAGENTA}DEBUG${RESET}`, ...args);
+  },
+
+  /** Only shown in debug mode — logs object as JSON */
+  debugJson(tag: string, label: string, obj: unknown) {
+    if (!isDebug) return;
+    console.log(`${formatTag(tag)} ${MAGENTA}DEBUG${RESET} ${label}:`, JSON.stringify(obj, null, 2));
+  },
+
+  get isDebug() {
+    return isDebug;
+  },
+};
+
+export default logger;