npm - airloom - Versions diffs - 0.1.27 → 0.1.29 - Mend

airloom 0.1.27 → 0.1.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js CHANGED Viewed

@@ -38,6 +38,7 @@ function decodeChannelMessage(data) {
 function encodePairingData(data) {
   return JSON.stringify(data);
 }
+var utf8Decoder = new TextDecoder("utf-8", { fatal: true });
 function randomCode(length) {
   const chars = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
   const limit = 256 - 256 % chars.length;
@@ -553,9 +554,15 @@ var AblyAdapter = class {
       }
     });
     this.channel.presence.subscribe("leave", (member) => {
-      if (member.clientId !== this.clientId) {
+      if (member.clientId === this.clientId) return;
+      this.channel.presence.get().then((members2) => {
+        const hasPeer2 = members2.some((m) => m.clientId !== this.clientId);
+        if (!hasPeer2) {
+          this.peerLeftHandlers.forEach((h) => h());
+        }
+      }).catch(() => {
         this.peerLeftHandlers.forEach((h) => h());
-      }
+      });
     });
     await this.channel.presence.enter({ role });
     const members = await this.channel.presence.get();
@@ -566,7 +573,10 @@ var AblyAdapter = class {
   }
   send(payload) {
     if (!this.channel || !this._connected) return;
-    this.channel.publish("forward", payload);
+    this.channel.publish("forward", payload).catch((err) => {
+      console.error("[ably] publish error:", err.message);
+      this.errorHandlers.forEach((h) => h(err));
+    });
   }
   onMessage(handler) {
     this.messageHandlers.push(handler);
@@ -744,6 +754,24 @@ var OpenAIAdapter = class {
 import { spawn } from "node:child_process";
 import { existsSync } from "node:fs";
 import { delimiter, isAbsolute, join, resolve } from "node:path";
+// src/log.ts
+function ts() {
+  const d = /* @__PURE__ */ new Date();
+  const hh = String(d.getHours()).padStart(2, "0");
+  const mm = String(d.getMinutes()).padStart(2, "0");
+  const ss = String(d.getSeconds()).padStart(2, "0");
+  const ms = String(d.getMilliseconds()).padStart(3, "0");
+  return `${hh}:${mm}:${ss}.${ms}`;
+}
+function log(...args) {
+  console.log(ts(), ...args);
+}
+function logError(...args) {
+  console.error(ts(), ...args);
+}
+// src/adapters/cli.ts
 var CLI_PRESETS = [
   {
     id: "devin",
@@ -884,7 +912,7 @@ var CLIAdapter = class {
     if (this.pty) return this.pty;
     const nodePty = await import("node-pty");
     const executable = resolveExecutable(this.command) ?? this.command;
-    console.log(`[cli-repl] Spawning PTY: ${executable} ${this.args.join(" ")}`);
+    log(`[cli-repl] Spawning PTY: ${executable} ${this.args.join(" ")}`);
     const pty = nodePty.spawn(executable, this.args, {
       name: "xterm-256color",
       cols: 120,
@@ -894,7 +922,7 @@ var CLIAdapter = class {
     });
     pty.onData((data) => this.onData(data));
     pty.onExit(({ exitCode }) => {
-      console.log(`[cli-repl] PTY exited (code ${exitCode})`);
+      log(`[cli-repl] PTY exited (code ${exitCode})`);
       this.pty = null;
       this.ptyState = "idle";
       this.finishResponse();
@@ -1017,7 +1045,7 @@ function saveConfig(config) {
     mkdirSync(CONFIG_DIR, { recursive: true });
     writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2) + "\n", "utf-8");
   } catch (err) {
-    console.error("[config] Failed to save:", err.message);
+    logError("[config] Failed to save:", err.message);
   }
 }
 function getConfigPath() {
@@ -1038,7 +1066,7 @@ function fixSpawnHelperPermissions() {
     const mode = statSync(helperPath).mode;
     if (!(mode & 73)) {
       chmodSync(helperPath, mode | 493);
-      console.log(`[host] Fixed spawn-helper permissions: ${helperPath}`);
+      log(`[host] Fixed spawn-helper permissions: ${helperPath}`);
     }
   } catch {
   }
@@ -1169,25 +1197,29 @@ var TerminalSession = class {
   cols = 120;
   rows = 36;
   outputBuffer = "";
+  /** True after the first viewer has ever attached.  The pre-viewer output
+   *  buffer contains PTY startup junk (zsh PROMPT_SP "%", resize-triggered
+   *  prompt redraws) that shouldn't be replayed. */
+  hasHadViewer = false;
   start() {
     const command = getDefaultTerminalCommand(this.getLaunchCommand?.());
     const file = resolveExecutable2(command.file) ?? command.file;
     const cwd = process.cwd();
-    console.log(`[host] PTY spawn: ${file} ${command.args.join(" ")} (${this.cols}x${this.rows}) node=${process.version}`);
-    const env = { ...process.env, TERM: "xterm-256color" };
-    const spawnOpts = { name: "xterm-256color", cols: this.cols, rows: this.rows, cwd, env };
+    log(`[host] PTY spawn: ${file} ${command.args.join(" ")} (${this.cols}x${this.rows}) node=${process.version}`);
+    const env2 = { ...process.env, TERM: "xterm-256color" };
+    const spawnOpts = { name: "xterm-256color", cols: this.cols, rows: this.rows, cwd, env: env2 };
     try {
       this.pty = spawn2(file, command.args, spawnOpts);
     } catch (err) {
       const e = err;
-      console.error(`[host] PTY spawn failed: ${e.message} (code=${e.code ?? "none"}) file=${file} cwd=${cwd}`);
+      logError(`[host] PTY spawn failed: ${e.message} (code=${e.code ?? "none"}) file=${file} cwd=${cwd}`);
       if (file !== "/bin/sh") {
-        console.error("[host] Retrying with /bin/sh...");
+        logError("[host] Retrying with /bin/sh...");
         try {
           this.pty = spawn2("/bin/sh", [], spawnOpts);
-          console.log("[host] PTY fallback to /bin/sh succeeded");
+          log("[host] PTY fallback to /bin/sh succeeded");
         } catch (err2) {
-          console.error("[host] PTY fallback also failed:", err2.message);
+          logError("[host] PTY fallback also failed:", err2.message);
           return;
         }
       } else {
@@ -1195,7 +1227,6 @@ var TerminalSession = class {
       }
     }
     this.pty.onData((data) => {
-      process.stdout.write(data);
       this.outputBuffer += data;
       if (this.outputBuffer.length > MAX_BUFFER_BYTES) {
         this.outputBuffer = this.outputBuffer.slice(this.outputBuffer.length - MAX_BUFFER_BYTES);
@@ -1231,19 +1262,33 @@ var TerminalSession = class {
   attach(message) {
     this.cols = Math.max(20, Math.floor(message.cols || this.cols));
     this.rows = Math.max(5, Math.floor(message.rows || this.rows));
-    this.pty?.resize(this.cols, this.rows);
     this.detachStream();
     const meta = { kind: "terminal", cols: this.cols, rows: this.rows };
     this.stream = this.channel.createStream(meta);
     this.batcher = new AdaptiveOutputBatcher((data) => {
       this.stream?.write(data);
     });
-    if (this.outputBuffer) {
-      this.stream.write(this.outputBuffer);
-    }
     if (!this.pty) {
       this.start();
     }
+    const isFirstViewer = !this.hasHadViewer;
+    if (!isFirstViewer && this.outputBuffer) {
+      const REPLAY_CAP = 60 * 1024;
+      const replay = this.outputBuffer.length <= REPLAY_CAP ? this.outputBuffer : this.outputBuffer.slice(this.outputBuffer.length - REPLAY_CAP);
+      this.stream.write(replay);
+    }
+    this.outputBuffer = "";
+    this.hasHadViewer = true;
+    if (this.pty) {
+      this.pty.resize(this.cols, this.rows);
+    }
+    if (isFirstViewer) {
+      setTimeout(() => {
+        if (this.pty && this.batcher) {
+          this.pty.write("\f");
+        }
+      }, 250);
+    }
   }
   /** End the current stream without killing the PTY (called on peer disconnect). */
   detachStream() {
@@ -1288,6 +1333,73 @@ function isTerminalMessage(data) {
   return type === "terminal_open" || type === "terminal_input" || type === "terminal_resize" || type === "terminal_close" || type === "terminal_exit";
 }
+// src/security.ts
+import { randomBytes, timingSafeEqual } from "node:crypto";
+var CONTROL_COOKIE_NAME = "airloom_control";
+var FixedWindowRateLimiter = class {
+  entries = /* @__PURE__ */ new Map();
+  allow(key, max, windowMs) {
+    const now = Date.now();
+    const entry = this.entries.get(key);
+    if (!entry || entry.resetAt <= now) {
+      this.entries.set(key, { count: 1, resetAt: now + windowMs });
+      return true;
+    }
+    if (entry.count >= max) return false;
+    entry.count += 1;
+    return true;
+  }
+};
+function createControlToken() {
+  return randomBytes(24).toString("base64url");
+}
+function encodeControlUrl(baseUrl, token) {
+  const url = new URL(baseUrl);
+  url.searchParams.set("t", token);
+  return url.toString();
+}
+function parseCookies(header) {
+  const result = {};
+  if (!header) return result;
+  for (const part of header.split(";")) {
+    const [rawKey, ...rawValue] = part.trim().split("=");
+    if (!rawKey) continue;
+    result[rawKey] = decodeURIComponent(rawValue.join("="));
+  }
+  return result;
+}
+function safeEqual(candidate, expected) {
+  const left = Buffer.from(candidate);
+  const right = Buffer.from(expected);
+  if (left.length !== right.length) return false;
+  return timingSafeEqual(left, right);
+}
+function readQueryToken(req) {
+  if (req.query && typeof req.query.t === "string") return req.query.t;
+  if (!req.url || !req.headers.host) return null;
+  try {
+    return new URL(req.url, `http://${req.headers.host}`).searchParams.get("t");
+  } catch {
+    return null;
+  }
+}
+function readControlToken(req) {
+  const headerToken = req.headers["x-airloom-control"];
+  if (typeof headerToken === "string") return headerToken;
+  const queryToken = readQueryToken(req);
+  if (queryToken) return queryToken;
+  return parseCookies(req.headers.cookie)[CONTROL_COOKIE_NAME] ?? null;
+}
+function hasValidControlToken(req, expected) {
+  const token = readControlToken(req);
+  return typeof token === "string" && safeEqual(token, expected);
+}
+function hasAllowedOrigin(headers, host) {
+  const origin = headers.origin;
+  if (!origin) return true;
+  return origin === `http://${host}` || origin === `https://${host}`;
+}
 // src/server.ts
 var MAX_MESSAGES = 200;
 function trimMessages(messages) {
@@ -1295,21 +1407,95 @@ function trimMessages(messages) {
 }
 var aiLock = Promise.resolve();
 function enqueueAIResponse(channel, adapter, state, broadcast) {
-  aiLock = aiLock.then(() => handleAIResponse(channel, adapter, state, broadcast)).catch((err) => console.error("[host] AI response error:", err));
+  aiLock = aiLock.then(() => handleAIResponse(channel, adapter, state, broadcast)).catch((err) => logError("[host] AI response error:", err));
 }
 function createHostServer(opts) {
   const app = express();
   const server = createServer(app);
-  const wss = new WebSocketServer({ server, path: "/ws" });
+  const wss = new WebSocketServer({ noServer: true });
   const uiClients = /* @__PURE__ */ new Set();
-  app.use(express.json());
-  app.get("/", (_req, res) => {
-    res.type("html").send(HOST_HTML);
+  const rateLimiter = new FixedWindowRateLimiter();
+  function requestKey(req) {
+    return req.ip || req.socket.remoteAddress || "unknown";
+  }
+  function setControlCookie(req, res) {
+    const parts = [
+      `${CONTROL_COOKIE_NAME}=${encodeURIComponent(opts.controlToken)}`,
+      "HttpOnly",
+      "SameSite=Strict",
+      "Path=/"
+    ];
+    if (req.secure) parts.push("Secure");
+    res.setHeader("Set-Cookie", parts.join("; "));
+  }
+  function requireSameOrigin(req, res) {
+    const host = req.get("host");
+    if (!host || !hasAllowedOrigin(req.headers, host)) {
+      res.status(403).json({ error: "Forbidden" });
+      return false;
+    }
+    return true;
+  }
+  function requireControlAuth(req, res) {
+    if (!requireSameOrigin(req, res)) return false;
+    if (!hasValidControlToken(req, opts.controlToken)) {
+      res.status(401).json({ error: "Unauthorized" });
+      return false;
+    }
+    if (readControlToken(req) === opts.controlToken) setControlCookie(req, res);
+    return true;
+  }
+  function requireRateLimit(req, res, bucket, max, windowMs) {
+    if (rateLimiter.allow(`${bucket}:${requestKey(req)}`, max, windowMs)) return true;
+    res.status(429).json({ error: "Rate limited" });
+    return false;
+  }
+  function rejectUpgrade(socket, statusCode, message) {
+    socket.write(`HTTP/1.1 ${statusCode} ${message}\r
+Connection: close\r
+Content-Type: text/plain; charset=utf-8\r
+Content-Length: ${Buffer.byteLength(message)}\r
+\r
+${message}`);
+    socket.destroy();
+  }
+  app.disable("x-powered-by");
+  app.use(express.json({ limit: "16kb" }));
+  app.use((_req, res, next) => {
+    res.setHeader("Referrer-Policy", "no-referrer");
+    res.setHeader("X-Content-Type-Options", "nosniff");
+    res.setHeader("X-Frame-Options", "DENY");
+    next();
+  });
+  app.get("/healthz", (_req, res) => {
+    res.setHeader("Cache-Control", "no-store");
+    res.json({ ok: true, connected: opts.state.connected, transport: opts.state.transport ?? "ws" });
   });
   if (opts.viewerDir && existsSync3(opts.viewerDir)) {
     app.use("/viewer", express.static(opts.viewerDir));
   }
-  app.get("/api/status", (_req, res) => {
+  app.get("/", (req, res) => {
+    if (!requireRateLimit(req, res, "root", 20, 6e4)) return;
+    const host = req.get("host");
+    if (!host || !hasAllowedOrigin(req.headers, host)) {
+      res.status(403).type("text/plain").send("Forbidden");
+      return;
+    }
+    if (!hasValidControlToken(req, opts.controlToken)) {
+      res.status(401).type("text/plain").send("Unauthorized. Open the tokenized Airloom URL printed by the host process.");
+      return;
+    }
+    setControlCookie(req, res);
+    if (typeof req.query.t === "string") {
+      res.redirect("/");
+      return;
+    }
+    res.setHeader("Cache-Control", "no-store");
+    res.type("html").send(HOST_HTML);
+  });
+  app.get("/api/status", (req, res) => {
+    if (!requireRateLimit(req, res, "status", 60, 6e4) || !requireControlAuth(req, res)) return;
+    res.setHeader("Cache-Control", "no-store");
     res.json({
       connected: opts.state.connected,
       pairingCode: opts.state.pairingCode,
@@ -1320,11 +1506,15 @@ function createHostServer(opts) {
       messages: opts.state.messages
     });
   });
-  app.get("/api/cli-presets", (_req, res) => {
+  app.get("/api/cli-presets", (req, res) => {
+    if (!requireRateLimit(req, res, "cli-presets", 60, 6e4) || !requireControlAuth(req, res)) return;
+    res.setHeader("Cache-Control", "no-store");
     res.json(CLI_PRESETS);
   });
-  app.get("/api/config", (_req, res) => {
+  app.get("/api/config", (req, res) => {
+    if (!requireRateLimit(req, res, "config-get", 60, 6e4) || !requireControlAuth(req, res)) return;
     const saved = loadConfig();
+    res.setHeader("Cache-Control", "no-store");
     res.json({
       saved,
       envKeys: {
@@ -1333,32 +1523,52 @@ function createHostServer(opts) {
       }
     });
   });
+  const allowedPresetIds = /* @__PURE__ */ new Set(["shell", ...CLI_PRESETS.map((preset) => preset.id)]);
+  function readString(value, maxLength) {
+    if (typeof value !== "string") return void 0;
+    const trimmed = value.trim();
+    if (!trimmed) return void 0;
+    return trimmed.length <= maxLength ? trimmed : void 0;
+  }
   app.post("/api/configure", (req, res) => {
+    if (!requireRateLimit(req, res, "configure", 10, 6e4) || !requireControlAuth(req, res)) return;
+    res.setHeader("Cache-Control", "no-store");
     const { type, apiKey, model, command, preset } = req.body;
+    if (type !== "anthropic" && type !== "openai" && type !== "cli") {
+      res.status(400).json({ error: "Unknown adapter type" });
+      return;
+    }
+    const normalizedApiKey = readString(apiKey, 512);
+    const normalizedModel = readString(model, 200);
+    const normalizedCommand = readString(command, 512);
+    const selectedPreset = typeof preset === "string" ? preset : "shell";
+    if (!allowedPresetIds.has(selectedPreset)) {
+      res.status(400).json({ error: "Unknown preset" });
+      return;
+    }
     try {
       switch (type) {
         case "anthropic": {
-          const key = apiKey || process.env.ANTHROPIC_API_KEY;
+          const key = normalizedApiKey || process.env.ANTHROPIC_API_KEY;
           if (!key) {
             res.status(400).json({ error: "API key required (or set ANTHROPIC_API_KEY env var)" });
             return;
           }
-          opts.state.adapter = new AnthropicAdapter({ apiKey: key, model });
+          opts.state.adapter = new AnthropicAdapter({ apiKey: key, model: normalizedModel });
           break;
         }
         case "openai": {
-          const key = apiKey || process.env.OPENAI_API_KEY;
+          const key = normalizedApiKey || process.env.OPENAI_API_KEY;
           if (!key) {
             res.status(400).json({ error: "API key required (or set OPENAI_API_KEY env var)" });
             return;
           }
-          opts.state.adapter = new OpenAIAdapter({ apiKey: key, model });
+          opts.state.adapter = new OpenAIAdapter({ apiKey: key, model: normalizedModel });
           break;
         }
         case "cli": {
-          const selectedPreset = typeof preset === "string" ? preset : "shell";
           const presetInfo = CLI_PRESETS.find((p) => p.id === selectedPreset);
-          const cmd = selectedPreset === "shell" ? void 0 : typeof command === "string" && command.trim() ? command.trim() : presetInfo?.command;
+          const cmd = selectedPreset === "shell" ? void 0 : normalizedCommand ?? presetInfo?.command;
           opts.state.terminalLaunchCommand = cmd;
           opts.state.terminalLaunch = getTerminalLaunchDisplay(cmd);
           opts.state.adapter = null;
@@ -1368,15 +1578,12 @@ function createHostServer(opts) {
           res.json({ ok: true, terminalLaunch: opts.state.terminalLaunch });
           return;
         }
-        default:
-          res.status(400).json({ error: "Unknown adapter type" });
-          return;
       }
       const cfg = { type };
-      if (model) cfg.model = model;
+      if (normalizedModel) cfg.model = normalizedModel;
       if (type === "cli") {
-        cfg.command = command;
-        cfg.preset = preset;
+        cfg.command = normalizedCommand;
+        cfg.preset = selectedPreset;
       }
       saveConfig(cfg);
       broadcast({ type: "configured", adapter: { name: opts.state.adapter?.name ?? "none", model: opts.state.adapter?.model ?? "" } });
@@ -1387,7 +1594,9 @@ function createHostServer(opts) {
     }
   });
   app.post("/api/send", async (req, res) => {
-    const { content } = req.body;
+    if (!requireRateLimit(req, res, "send", 30, 6e4) || !requireControlAuth(req, res)) return;
+    res.setHeader("Cache-Control", "no-store");
+    const content = readString(req.body?.content, 4e3);
     if (!content) {
       res.status(400).json({ error: "No content" });
       return;
@@ -1401,30 +1610,73 @@ function createHostServer(opts) {
     res.json({ ok: true });
   });
   app.get("/api/pair", (req, res) => {
+    if (!requireRateLimit(req, res, "pair", 12, 6e4)) return;
+    const host = req.get("host");
+    if (!host || !hasAllowedOrigin(req.headers, host)) {
+      res.status(403).json({ error: "Forbidden" });
+      return;
+    }
     const { session } = req.query;
-    if (!session || session !== opts.state.sessionToken) {
+    if (!session || !/^[0-9a-f]{32}$/i.test(session) || session !== opts.state.pairingSessionToken) {
       res.status(401).json({ error: "Invalid session" });
       return;
     }
+    if (!opts.state.relaySessionToken) {
+      res.status(503).json({ error: "Pairing unavailable" });
+      return;
+    }
+    res.setHeader("Cache-Control", "no-store");
     res.json({
+      session: opts.state.relaySessionToken,
       token: opts.state.ablyToken,
+      tokenExpiresAt: opts.state.ablyTokenExpiresAt,
       transport: opts.state.transport ?? "ws",
       relay: opts.state.relayUrl
     });
   });
+  server.on("upgrade", (req, socket, head) => {
+    const host = req.headers.host;
+    if (!host) {
+      rejectUpgrade(socket, 400, "Bad Request");
+      return;
+    }
+    let url;
+    try {
+      url = new URL(req.url ?? "/", `http://${host}`);
+    } catch {
+      rejectUpgrade(socket, 400, "Bad Request");
+      return;
+    }
+    if (url.pathname !== "/ws") {
+      socket.destroy();
+      return;
+    }
+    if (!hasAllowedOrigin(req.headers, host)) {
+      rejectUpgrade(socket, 403, "Forbidden");
+      return;
+    }
+    if (!hasValidControlToken(req, opts.controlToken)) {
+      rejectUpgrade(socket, 401, "Unauthorized");
+      return;
+    }
+    wss.handleUpgrade(req, socket, head, (ws) => {
+      wss.emit("connection", ws, req);
+    });
+  });
   wss.on("connection", (ws) => {
     uiClients.add(ws);
     ws.on("close", () => uiClients.delete(ws));
     ws.on("message", (data) => {
       try {
+        if (data.toString().length > 16384) return;
         const message = JSON.parse(data.toString());
-        if (message.type === "terminal_input" && typeof message.data === "string") {
+        if (message.type === "terminal_input" && typeof message.data === "string" && message.data.length <= 8192) {
           opts.state.terminal?.writeRawInput(message.data);
-        } else if (message.type === "terminal_resize") {
+        } else if (message.type === "terminal_resize" && Number.isInteger(message.cols) && Number.isInteger(message.rows) && message.cols > 0 && message.rows > 0) {
           opts.state.terminal?.handleMessage(message);
         }
       } catch (err) {
-        console.error("[host] Invalid WebSocket message:", err);
+        logError("[host] Invalid WebSocket message:", err);
       }
     });
   });
@@ -1434,16 +1686,35 @@ function createHostServer(opts) {
       if (ws.readyState === WebSocket.OPEN) ws.send(msg);
     }
   }
-  return new Promise((resolve4) => {
-    server.listen(opts.port, "0.0.0.0", () => {
-      const addr = server.address();
-      const actualPort = typeof addr === "object" && addr ? addr.port : opts.port;
-      resolve4({ server, broadcast, port: actualPort });
-    });
-    server.on("error", (err) => {
-      console.error(`[host] Server error: ${err.message}`);
-      process.exit(1);
-    });
+  return new Promise((resolve4, reject) => {
+    const MAX_PORT_ATTEMPTS = 20;
+    let attempt = 0;
+    let port = opts.port;
+    function tryListen() {
+      server.once("error", onError);
+      server.listen(port, opts.bind, () => {
+        server.removeListener("error", onError);
+        const addr = server.address();
+        const actualPort = typeof addr === "object" && addr ? addr.port : port;
+        resolve4({ server, broadcast, port: actualPort });
+      });
+    }
+    function onError(err) {
+      server.removeListener("error", onError);
+      if (err.code === "EADDRINUSE" && attempt < MAX_PORT_ATTEMPTS) {
+        attempt++;
+        port++;
+        if (port > 65535) {
+          reject(err);
+          return;
+        }
+        log(`[host] Port ${port - 1} in use, trying ${port}...`);
+        tryListen();
+      } else {
+        reject(err);
+      }
+    }
+    tryListen();
   });
 }
 async function handleAIResponse(channel, adapter, state, broadcast) {
@@ -1494,7 +1765,7 @@ var HOST_HTML = `<!DOCTYPE html>
 <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@xterm/xterm@6.0.0/css/xterm.css">
 <style>
   :root{color-scheme:light dark;--bg:#0a0a0a;--surface:#1a1a1a;--border:#2a2a2a;--text:#e0e0e0;--text-muted:#888;--accent:#7c8aff;--accent-hover:#6b79ee;--input-bg:#111;--input-border:#333;--term-bg:#05070c;--tool-bg:#333;--tool-hover:#444;--msg-user:#2a3a6a;--msg-asst:#1e1e1e}
-  @media(prefers-color-scheme:light){:root{--bg:#f5f5f7;--surface:#fff;--border:#d1d1d6;--text:#1c1c1e;--text-muted:#6e6e73;--accent:#5856d6;--accent-hover:#4a48c4;--input-bg:#fff;--input-border:#d1d1d6;--term-bg:#1c1c1e;--tool-bg:#e5e5ea;--tool-hover:#d1d1d6;--msg-user:#d6d5f7;--msg-asst:#f2f2f7}}
+  @media(prefers-color-scheme:light){:root{--bg:#f5f5f7;--surface:#fff;--border:#d1d1d6;--text:#1c1c1e;--text-muted:#6e6e73;--accent:#5856d6;--accent-hover:#4a48c4;--input-bg:#fff;--input-border:#d1d1d6;--term-bg:#fff;--tool-bg:#e5e5ea;--tool-hover:#d1d1d6;--msg-user:#d6d5f7;--msg-asst:#f2f2f7}}
   *{margin:0;padding:0;box-sizing:border-box}
   body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;background:var(--bg);color:var(--text);min-height:100vh}
   .container{max-width:800px;margin:0 auto;padding:20px}
@@ -1603,12 +1874,12 @@ const darkTheme = {
   brightBlue: '#a5b4ff', brightMagenta: '#d2a8ff', brightCyan: '#56d4dd', brightWhite: '#f0f6fc',
 };
 const lightTheme = {
-  background: '#1c1c1e', foreground: '#e6edf3', cursor: '#5856d6', cursorAccent: '#1c1c1e',
-  selectionBackground: 'rgba(88,86,214,0.30)',
-  black: '#1c1c1e', red: '#ff3b30', green: '#34c759', yellow: '#ff9f0a',
-  blue: '#5856d6', magenta: '#bf5af2', cyan: '#32d5d5', white: '#d1d1d6',
-  brightBlack: '#6e6e73', brightRed: '#ff6961', brightGreen: '#4cd964', brightYellow: '#ffd60a',
-  brightBlue: '#7c7aff', brightMagenta: '#da8aff', brightCyan: '#5ac8fa', brightWhite: '#f2f2f7',
+  background: '#ffffff', foreground: '#1c1c1e', cursor: '#5856d6', cursorAccent: '#ffffff',
+  selectionBackground: 'rgba(88,86,214,0.20)',
+  black: '#1c1c1e', red: '#c41a16', green: '#007400', yellow: '#826b28',
+  blue: '#0000ff', magenta: '#a90d91', cyan: '#3e8a8a', white: '#e5e5ea',
+  brightBlack: '#6e6e73', brightRed: '#eb4d3d', brightGreen: '#36b738', brightYellow: '#b79a14',
+  brightBlue: '#0451a5', brightMagenta: '#c42275', brightCyan: '#318495', brightWhite: '#f2f2f7',
 };
 function getTheme() { return matchMedia('(prefers-color-scheme:light)').matches ? lightTheme : darkTheme; }
 matchMedia('(prefers-color-scheme:light)').addEventListener('change', () => {
@@ -1642,6 +1913,10 @@ function initTerminal() {
       ws.send(JSON.stringify({ type: 'terminal_resize', cols: term.cols, rows: term.rows }));
     }
   }).observe(document.getElementById('terminalContainer'));
+  // Prevent wheel events from leaking to the page when the terminal is at its
+  // scroll bounds. xterm.js v6 uses a SmoothScrollableElement that doesn't
+  // always consume wheel events at the extents.
+  document.getElementById('terminalContainer').addEventListener('wheel', (e) => { e.preventDefault(); }, { passive: false });
   if (ws.readyState === WebSocket.OPEN) sendTerminalOpen();
 }
@@ -1794,13 +2069,114 @@ function sendMessage() {
 </body>
 </html>`;
+// src/env.ts
+import { isIP } from "node:net";
+var DEFAULT_ABLY_KEY = "SfHSAQ.IRTOQQ:FBbi9a7ZV6jIu0Gdo_UeYhIN4rzpMrud5-LldURNh9s";
+var DEFAULT_VIEWER_URL = "https://bobstrogg.github.io/Airloom/";
+var DEFAULT_ABLY_TOKEN_TTL_MS = 24 * 60 * 60 * 1e3;
+var DEFAULT_HOST_BIND = "127.0.0.1";
+var DEFAULT_HOST_PORT = 4e3;
+function parseInteger(name, value, fallback, min, max) {
+  if (value === void 0 || value === "") return fallback;
+  const parsed = Number.parseInt(value, 10);
+  if (!Number.isFinite(parsed) || parsed < min || parsed > max) {
+    throw new Error(`${name} must be an integer between ${min} and ${max}`);
+  }
+  return parsed;
+}
+function parseViewerUrl(value) {
+  const candidate = value?.trim() || DEFAULT_VIEWER_URL;
+  let parsed;
+  try {
+    parsed = new URL(candidate);
+  } catch {
+    throw new Error("VIEWER_URL must be a valid http:// or https:// URL");
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    throw new Error("VIEWER_URL must use http:// or https://");
+  }
+  return parsed.toString();
+}
+function parseRelayUrl(value) {
+  if (!value?.trim()) return void 0;
+  let parsed;
+  try {
+    parsed = new URL(value.trim());
+  } catch {
+    throw new Error("RELAY_URL must be a valid ws:// or wss:// URL");
+  }
+  if (parsed.protocol !== "ws:" && parsed.protocol !== "wss:") {
+    throw new Error("RELAY_URL must use ws:// or wss://");
+  }
+  return parsed.toString();
+}
+function parseHostBind(value, isDev) {
+  const bind = value?.trim() || (isDev ? "0.0.0.0" : DEFAULT_HOST_BIND);
+  if (bind === "localhost" || isIP(bind) !== 0) return bind;
+  if (/^[A-Za-z0-9.-]+$/.test(bind)) return bind;
+  throw new Error("HOST_BIND must be localhost, an IP address, or a hostname");
+}
+function isLoopbackBind(bind) {
+  return bind === "127.0.0.1" || bind === "::1" || bind === "localhost";
+}
+function parseHostEnv(cliPort, isDev = false) {
+  const relayUrl = parseRelayUrl(process.env.RELAY_URL);
+  const ablyApiKey = process.env.ABLY_API_KEY ?? (relayUrl ? void 0 : DEFAULT_ABLY_KEY);
+  const ablyTokenTtlMs = parseInteger("ABLY_TOKEN_TTL", process.env.ABLY_TOKEN_TTL, DEFAULT_ABLY_TOKEN_TTL_MS, 6e4, 31 * 24 * 60 * 60 * 1e3);
+  const hostPort = cliPort ?? parseInteger("HOST_PORT", process.env.HOST_PORT, DEFAULT_HOST_PORT, 0, 65535);
+  const hostBind = parseHostBind(process.env.HOST_BIND, isDev);
+  const viewerUrl = parseViewerUrl(process.env.VIEWER_URL);
+  return {
+    viewerUrl,
+    relayUrl,
+    ablyApiKey,
+    ablyTokenTtlMs,
+    hostPort,
+    hostBind,
+    useAbly: !!ablyApiKey,
+    isDefaultAblyKey: !!ablyApiKey && ablyApiKey === DEFAULT_ABLY_KEY
+  };
+}
+// src/state.ts
+import { mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync2 } from "node:fs";
+import { randomBytes as randomBytes2 } from "node:crypto";
+import { homedir as homedir2 } from "node:os";
+import { join as join4 } from "node:path";
+var STATE_DIR = join4(homedir2(), ".config", "airloom");
+var STATE_PATH = join4(STATE_DIR, "state.json");
+function readState() {
+  try {
+    const raw = readFileSync2(STATE_PATH, "utf-8");
+    const data = JSON.parse(raw);
+    return data && typeof data === "object" ? data : {};
+  } catch {
+    return {};
+  }
+}
+function writeState(state) {
+  mkdirSync2(STATE_DIR, { recursive: true });
+  writeFileSync2(STATE_PATH, JSON.stringify(state, null, 2) + "\n", "utf-8");
+}
+function isSessionToken(value) {
+  return typeof value === "string" && /^[0-9a-f]{32}$/i.test(value);
+}
+function loadOrCreateAblySessionToken() {
+  const state = readState();
+  if (isSessionToken(state.ablySessionToken)) return state.ablySessionToken;
+  const ablySessionToken = randomBytes2(16).toString("hex");
+  state.ablySessionToken = ablySessionToken;
+  writeState(state);
+  return ablySessionToken;
+}
 // src/index.ts
 var QRCode = null;
 async function getQRCode() {
   if (!QRCode) QRCode = await import("qrcode");
   return QRCode;
 }
-console.log("[host] Module loaded");
+log("[host] Module loaded");
 function parseArgs(argv) {
   const args = {};
   const rest = argv.slice(2);
@@ -1851,7 +2227,8 @@ Environment variables:
   ABLY_API_KEY        Your own Ably key (overrides default community relay).
   RELAY_URL           Self-hosted WebSocket relay URL (disables Ably).
   VIEWER_URL          Public viewer URL (default: GitHub Pages).
-  HOST_PORT           Same as --port (CLI flag takes precedence).
+  HOST_PORT           Same as --port (default: 4000, auto-increments if in use).
+  HOST_BIND           Host bind address (default: 127.0.0.1).
 `.trimStart());
 }
 var cliArgs = parseArgs(process.argv);
@@ -1859,16 +2236,16 @@ if (cliArgs.help) {
   printHelp();
   process.exit(0);
 }
-var DEFAULT_ABLY_KEY = "SfHSAQ.IRTOQQ:FBbi9a7ZV6jIu0Gdo_UeYhIN4rzpMrud5-LldURNh9s";
-var DEFAULT_VIEWER_URL = "https://bobstrogg.github.io/Airloom/";
-var VIEWER_URL = process.env.VIEWER_URL ?? DEFAULT_VIEWER_URL;
 var IS_DEV = !process.env.VIEWER_URL && !new URL(import.meta.url).pathname.includes("node_modules");
-var RELAY_URL = process.env.RELAY_URL;
-var ABLY_API_KEY = process.env.ABLY_API_KEY ?? (RELAY_URL ? void 0 : DEFAULT_ABLY_KEY);
-var ABLY_TOKEN_TTL = parseInt(process.env.ABLY_TOKEN_TTL ?? String(24 * 60 * 60 * 1e3), 10);
-var HOST_PORT = cliArgs.port ?? parseInt(process.env.HOST_PORT ?? "0", 10);
-var useAbly = !!ABLY_API_KEY;
-var isDefaultKey = useAbly && ABLY_API_KEY === DEFAULT_ABLY_KEY;
+var env = parseHostEnv(cliArgs.port, IS_DEV);
+var VIEWER_URL = env.viewerUrl;
+var RELAY_URL = env.relayUrl;
+var ABLY_API_KEY = env.ablyApiKey;
+var ABLY_TOKEN_TTL = env.ablyTokenTtlMs;
+var HOST_PORT = env.hostPort;
+var HOST_BIND = env.hostBind;
+var useAbly = env.useAbly;
+var isDefaultKey = env.isDefaultAblyKey;
 var __dirname = dirname2(fileURLToPath(import.meta.url));
 function getLanIP() {
   for (const ifaces of Object.values(networkInterfaces())) {
@@ -1890,41 +2267,58 @@ async function main() {
   console.log("==============\n");
   if (useAbly) {
     if (isDefaultKey) {
-      console.log("Transport: Ably (community relay \u2014 shared quota)");
-      console.log("  Set ABLY_API_KEY for your own quota, or RELAY_URL for self-hosted.\n");
+      log("Transport: Ably (community relay \u2014 shared quota)");
+      log("  Set ABLY_API_KEY for your own quota, or RELAY_URL for self-hosted.\n");
     } else {
-      console.log("Transport: Ably (your key)");
+      log("Transport: Ably (your key)");
     }
   } else {
-    console.log(`Transport: WebSocket (self-hosted relay at ${RELAY_URL})`);
+    log(`Transport: WebSocket (self-hosted relay at ${RELAY_URL})`);
   }
-  const session = createSession(useAbly ? "ably" : RELAY_URL);
-  const displayCode = formatPairingCode(session.pairingCode);
+  let pairingCode;
+  let pairingSessionToken;
+  let relaySessionToken;
   let pairingData;
+  let ablyToken;
+  let ablyTokenExpiresAt;
   if (useAbly) {
+    pairingCode = randomCode(8);
+    pairingSessionToken = deriveSessionToken(pairingCode);
+    relaySessionToken = loadOrCreateAblySessionToken();
+    const keyPair = generateKeyPair();
     const { Rest } = await import("ably");
     const rest = new Rest({
       key: ABLY_API_KEY,
       queryTime: true
     });
-    const channelName = `airloom:${session.sessionToken}`;
+    const channelName = `airloom:${relaySessionToken}`;
     const tokenDetails = await rest.auth.requestToken({
       clientId: "*",
-      // viewer picks its own clientId
       capability: { [channelName]: ["publish", "subscribe", "presence"] },
       ttl: ABLY_TOKEN_TTL
     });
-    console.log(`[ably] Scoped token issued (TTL: ${Math.round(ABLY_TOKEN_TTL / 6e4)}min, channel: ${channelName})`);
+    log(`[ably] Scoped token issued (TTL: ${Math.round(ABLY_TOKEN_TTL / 6e4)}min, channel: ${channelName})`);
+    ablyToken = tokenDetails.token;
+    ablyTokenExpiresAt = tokenDetails.expires;
     pairingData = {
-      ...session.pairingData,
+      relay: "ably",
+      session: relaySessionToken,
+      pub: toBase64(keyPair.publicKey),
+      v: 1,
       transport: "ably",
-      token: tokenDetails.token
+      token: ablyToken,
+      tokenExpiresAt: ablyTokenExpiresAt
     };
   } else {
+    const session = createSession(RELAY_URL);
+    pairingCode = session.pairingCode;
+    pairingSessionToken = session.sessionToken;
+    relaySessionToken = session.sessionToken;
     pairingData = { ...session.pairingData };
   }
+  const displayCode = formatPairingCode(pairingCode);
   const pairingJSON = encodePairingData(pairingData);
-  const keyMaterial = sha2562(new TextEncoder().encode("airloom-key:" + session.sessionToken));
+  const keyMaterial = sha2562(new TextEncoder().encode("airloom-key:" + relaySessionToken));
   const encryptionKey = deriveEncryptionKey(keyMaterial);
   let adapter;
   if (useAbly) {
@@ -1937,12 +2331,12 @@ async function main() {
     role: "host",
     encryptionKey
   });
-  await channel.connect(session.sessionToken);
-  console.log("[host] Connected to relay, waiting for phone...");
+  await channel.connect(relaySessionToken);
+  log("[host] Connected to relay, waiting for phone...");
   const savedConfig = loadConfig();
   const launchPreset = cliArgs.preset ? CLI_PRESETS.find((p) => p.id === cliArgs.preset) : void 0;
   if (cliArgs.preset && !launchPreset) {
-    console.error(`[host] Unknown preset "${cliArgs.preset}". Available: ${CLI_PRESETS.map((p) => p.id).join(", ")}`);
+    logError(`[host] Unknown preset "${cliArgs.preset}". Available: ${CLI_PRESETS.map((p) => p.id).join(", ")}`);
     process.exit(1);
   }
   const savedTerminalCommand = !cliArgs.cli && !cliArgs.preset && savedConfig?.type === "terminal" ? savedConfig.command ?? (savedConfig.preset && savedConfig.preset !== "shell" ? CLI_PRESETS.find((p) => p.id === savedConfig.preset)?.command : void 0) : void 0;
@@ -1959,11 +2353,13 @@ async function main() {
     terminalLaunch,
     terminalLaunchCommand: launchCommand,
     messages: [],
-    sessionToken: session.sessionToken,
-    ablyToken: useAbly ? pairingData.token : void 0,
+    pairingSessionToken,
+    relaySessionToken,
+    ablyToken,
+    ablyTokenExpiresAt,
     transport: useAbly ? "ably" : "ws"
   };
-  console.log(`[host] Terminal launch: ${terminalLaunch}`);
+  log(`[host] Terminal launch: ${terminalLaunch}`);
   if (cliArgs.cli || cliArgs.preset) {
     let command = cliArgs.cli;
     const presetInfo = launchPreset;
@@ -1974,7 +2370,7 @@ async function main() {
         mode: presetInfo?.mode,
         silenceTimeout: presetInfo?.silenceTimeout
       });
-      console.log(`[host] CLI adapter: ${command} (${presetInfo?.mode ?? "oneshot"})`);
+      log(`[host] CLI adapter: ${command} (${presetInfo?.mode ?? "oneshot"})`);
     }
   } else {
     const saved = loadConfig();
@@ -2010,28 +2406,35 @@ async function main() {
           }
         }
         if (state.adapter) {
-          console.log(`[host] Auto-configured: ${state.adapter.name} (${state.adapter.model})`);
-          console.log(`  Loaded from ${getConfigPath()}`);
+          log(`[host] Auto-configured: ${state.adapter.name} (${state.adapter.model})`);
+          log(`  Loaded from ${getConfigPath()}`);
         }
       } catch (err) {
-        console.error("[host] Auto-configure failed:", err.message);
+        logError("[host] Auto-configure failed:", err.message);
       }
     }
   }
   const viewerDir = resolveViewerDir();
   if (viewerDir) {
-    console.log(`[host] Viewer files: ${viewerDir}`);
+    log(`[host] Viewer files: ${viewerDir}`);
   } else {
-    console.log("[host] Viewer dist not found \u2014 QR will open raw JSON fallback");
-  }
-  const { server, broadcast, port } = await createHostServer({ port: HOST_PORT, state, viewerDir });
+    log("[host] Viewer dist not found \u2014 QR will open raw JSON fallback");
+  }
+  const controlToken = createControlToken();
+  const { server, broadcast, port } = await createHostServer({
+    port: HOST_PORT,
+    bind: HOST_BIND,
+    controlToken,
+    state,
+    viewerDir
+  });
   const pairingBase64 = Buffer.from(pairingJSON).toString("base64url");
   const viewerBase = VIEWER_URL.replace(/\/+$/, "");
   const pagesUrl = `${viewerBase}/#${pairingBase64}`;
   const lanIP = getLanIP();
   const lanHost = lanIP ?? "localhost";
   const lanBaseUrl = `http://${lanHost}:${port}`;
-  const lanViewerUrl = viewerDir ? `${lanBaseUrl}/viewer/#${pairingBase64}` : null;
+  const lanViewerUrl = viewerDir && !isLoopbackBind(HOST_BIND) ? `${lanBaseUrl}/viewer/#${pairingBase64}` : null;
   const qrTarget = IS_DEV && lanViewerUrl ? lanViewerUrl : pagesUrl;
   const qrcode = await getQRCode();
   const qrDataUrl = await qrcode.toDataURL(qrTarget, { width: 300, margin: 2 });
@@ -2049,36 +2452,50 @@ async function main() {
   }
   if (!useAbly) console.log(`Relay: ${RELAY_URL}`);
   const localUrl = `http://localhost:${port}`;
-  console.log(`[host] Web UI at ${localUrl}
+  const controlUrl = encodeControlUrl(localUrl, controlToken);
+  log(`[host] Web UI at ${controlUrl}
 `);
   import("node:child_process").then(({ exec }) => {
     const cmd = process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
-    exec(`${cmd} ${localUrl}`);
+    exec(`${cmd} ${controlUrl}`);
   }).catch(() => {
   });
   const terminal = new TerminalSession(channel, () => state.terminalLaunchCommand, broadcast);
   state.terminal = terminal;
+  const pushViewerSession = () => {
+    if (!state.relaySessionToken || !state.transport) return;
+    const refresh = {
+      type: "session_refresh",
+      relay: state.relayUrl,
+      session: state.relaySessionToken,
+      transport: state.transport,
+      token: state.ablyToken,
+      tokenExpiresAt: state.ablyTokenExpiresAt
+    };
+    channel.send(refresh);
+  };
   channel.on("ready", () => {
-    console.log("[host] Phone connected! Channel ready.");
+    log("[host] Phone connected! Channel ready.");
     state.connected = true;
     broadcast({ type: "peer_connected" });
+    pushViewerSession();
   });
   channel.on("peer_left", () => {
-    console.log("[host] Phone disconnected.");
+    log("[host] Phone disconnected.");
     state.connected = false;
     terminal.detachStream();
     broadcast({ type: "peer_disconnected" });
   });
   channel.on("message", (data) => {
     if (isTerminalMessage(data)) {
-      console.log("[host] Terminal message from phone:", data.type);
+      log("[host] Terminal message from phone:", data.type);
       terminal.handleMessage(data);
       return;
     }
     if (typeof data === "object" && data !== null && "type" in data && "content" in data) {
       const msg = data;
       if (msg.type === "chat" && typeof msg.content === "string") {
-        console.log(`[phone] ${msg.content}`);
+        log(`[phone] ${msg.content}`);
         state.messages.push({ role: "user", content: msg.content, timestamp: Date.now() });
         broadcast({ type: "message", role: "user", content: msg.content });
         if (state.adapter) {
@@ -2087,12 +2504,12 @@ async function main() {
       }
     }
   });
-  channel.on("error", (err) => console.error("[host] Channel error:", err.message));
+  channel.on("error", (err) => logError("[host] Channel error:", err.message));
   let shuttingDown = false;
   const shutdown = () => {
     if (shuttingDown) return;
     shuttingDown = true;
-    console.log("\n[host] Shutting down...");
+    log("\n[host] Shutting down...");
     terminal.destroy();
     state.adapter?.destroy?.();
     try {
@@ -2106,6 +2523,6 @@ async function main() {
   process.on("SIGTERM", shutdown);
 }
 main().catch((err) => {
-  console.error("Fatal error:", err);
+  logError("Fatal error:", err);
   process.exit(1);
 });