archicore 0.1.0

package/dist/server/services/api-key-service.d.ts

@@ -0,0 +1,81 @@
+/**
+ * API Key Service for ArchiCore Developer API
+ *
+ * Управление API ключами для разработчиков
+ */
+import { ApiKey, ApiPermission, RateLimitConfig, ApiKeyCreateRequest, ApiKeyCreateResponse, ApiKeyListResponse } from '../../types/api.js';
+export declare class ApiKeyService {
+    private dataDir;
+    private keys;
+    private initialized;
+    constructor(dataDir?: string);
+    private ensureInitialized;
+    private saveKeys;
+    /**
+     * Генерация нового API ключа
+     * Формат: arc_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx (32 hex chars)
+     */
+    private generateApiKey;
+    /**
+     * Хэширование API ключа для хранения
+     */
+    private hashApiKey;
+    /**
+     * Получение префикса ключа для отображения
+     */
+    private getKeyPrefix;
+    /**
+     * Создание нового API ключа
+     */
+    createKey(userId: string, request: ApiKeyCreateRequest): Promise<ApiKeyCreateResponse>;
+    /**
+     * Валидация API ключа
+     */
+    validateKey(rawKey: string): Promise<ApiKey | null>;
+    /**
+     * Получение списка ключей пользователя
+     */
+    listKeys(userId: string): Promise<ApiKeyListResponse>;
+    /**
+     * Получение ключа по ID
+     */
+    getKey(keyId: string, userId: string): Promise<ApiKey | null>;
+    /**
+     * Деактивация API ключа
+     */
+    revokeKey(keyId: string, userId: string): Promise<boolean>;
+    /**
+     * Удаление API ключа
+     */
+    deleteKey(keyId: string, userId: string): Promise<boolean>;
+    /**
+     * Обновление permissions ключа
+     */
+    updatePermissions(keyId: string, userId: string, permissions: ApiPermission[]): Promise<boolean>;
+    /**
+     * Обновление rate limits ключа
+     */
+    updateRateLimits(keyId: string, userId: string, rateLimit: Partial<RateLimitConfig>): Promise<boolean>;
+    /**
+     * Переименование ключа
+     */
+    renameKey(keyId: string, userId: string, name: string): Promise<boolean>;
+    /**
+     * Проверка permission для ключа
+     */
+    hasPermission(apiKey: ApiKey, permission: ApiPermission): boolean;
+    /**
+     * Получение статистики использования ключей
+     */
+    getKeyStats(userId: string): Promise<{
+        totalKeys: number;
+        activeKeys: number;
+        expiredKeys: number;
+        revokedKeys: number;
+    }>;
+    /**
+     * Очистка истёкших ключей
+     */
+    cleanupExpiredKeys(): Promise<number>;
+}
+//# sourceMappingURL=api-key-service.d.ts.map

package/dist/server/services/api-key-service.js

@@ -0,0 +1,281 @@
+/**
+ * API Key Service for ArchiCore Developer API
+ *
+ * Управление API ключами для разработчиков
+ */
+import { randomBytes, createHash } from 'crypto';
+import { readFile, writeFile, mkdir } from 'fs/promises';
+import { join } from 'path';
+import { DEFAULT_RATE_LIMITS } from '../../types/api.js';
+import { Logger } from '../../utils/logger.js';
+const DATA_DIR = '.archicore';
+const API_KEYS_FILE = 'api-keys.json';
+export class ApiKeyService {
+    dataDir;
+    keys = [];
+    initialized = false;
+    constructor(dataDir = DATA_DIR) {
+        this.dataDir = dataDir;
+    }
+    async ensureInitialized() {
+        if (this.initialized)
+            return;
+        try {
+            await mkdir(this.dataDir, { recursive: true });
+        }
+        catch { }
+        try {
+            const keysPath = join(this.dataDir, API_KEYS_FILE);
+            const data = await readFile(keysPath, 'utf-8');
+            const parsed = JSON.parse(data);
+            this.keys = parsed.keys || [];
+        }
+        catch {
+            this.keys = [];
+        }
+        this.initialized = true;
+    }
+    async saveKeys() {
+        const keysPath = join(this.dataDir, API_KEYS_FILE);
+        await writeFile(keysPath, JSON.stringify({ keys: this.keys }, null, 2));
+    }
+    /**
+     * Генерация нового API ключа
+     * Формат: arc_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx (32 hex chars)
+     */
+    generateApiKey() {
+        const bytes = randomBytes(24);
+        return 'arc_' + bytes.toString('hex');
+    }
+    /**
+     * Хэширование API ключа для хранения
+     */
+    hashApiKey(key) {
+        return createHash('sha256').update(key).digest('hex');
+    }
+    /**
+     * Получение префикса ключа для отображения
+     */
+    getKeyPrefix(key) {
+        return key.substring(0, 12) + '...';
+    }
+    /**
+     * Создание нового API ключа
+     */
+    async createKey(userId, request) {
+        await this.ensureInitialized();
+        // Проверка лимита ключей (максимум 10 на пользователя)
+        const userKeys = this.keys.filter(k => k.userId === userId && k.isActive);
+        if (userKeys.length >= 10) {
+            return { success: false, error: 'Maximum API keys limit reached (10)' };
+        }
+        // Генерация ключа
+        const rawKey = this.generateApiKey();
+        const keyHash = this.hashApiKey(rawKey);
+        const keyPrefix = this.getKeyPrefix(rawKey);
+        // Дефолтные permissions если не указаны
+        const permissions = request.permissions || [
+            'read:projects',
+            'analyze:impact',
+            'search:semantic',
+            'ask:architect'
+        ];
+        // Rate limits по умолчанию (starter tier)
+        const rateLimit = {
+            ...DEFAULT_RATE_LIMITS.starter,
+            ...request.rateLimit
+        };
+        // Дата истечения
+        let expiresAt = null;
+        if (request.expiresIn) {
+            expiresAt = new Date(Date.now() + request.expiresIn * 24 * 60 * 60 * 1000);
+        }
+        const apiKey = {
+            id: 'key_' + randomBytes(12).toString('hex'),
+            userId,
+            name: request.name,
+            keyHash,
+            keyPrefix,
+            permissions,
+            rateLimit,
+            createdAt: new Date(),
+            lastUsedAt: null,
+            expiresAt,
+            isActive: true
+        };
+        this.keys.push(apiKey);
+        await this.saveKeys();
+        Logger.info(`API key created for user ${userId}: ${keyPrefix}`);
+        return {
+            success: true,
+            apiKey: {
+                id: apiKey.id,
+                name: apiKey.name,
+                key: rawKey, // Показываем полный ключ только при создании!
+                keyPrefix: apiKey.keyPrefix,
+                permissions: apiKey.permissions,
+                expiresAt: apiKey.expiresAt
+            }
+        };
+    }
+    /**
+     * Валидация API ключа
+     */
+    async validateKey(rawKey) {
+        await this.ensureInitialized();
+        if (!rawKey || !rawKey.startsWith('arc_')) {
+            return null;
+        }
+        const keyHash = this.hashApiKey(rawKey);
+        const apiKey = this.keys.find(k => k.keyHash === keyHash);
+        if (!apiKey) {
+            return null;
+        }
+        // Проверка активности
+        if (!apiKey.isActive) {
+            return null;
+        }
+        // Проверка срока действия
+        if (apiKey.expiresAt && new Date(apiKey.expiresAt) < new Date()) {
+            return null;
+        }
+        // Обновляем lastUsedAt
+        apiKey.lastUsedAt = new Date();
+        await this.saveKeys();
+        return apiKey;
+    }
+    /**
+     * Получение списка ключей пользователя
+     */
+    async listKeys(userId) {
+        await this.ensureInitialized();
+        const userKeys = this.keys
+            .filter(k => k.userId === userId)
+            .map(k => ({
+            id: k.id,
+            name: k.name,
+            keyPrefix: k.keyPrefix,
+            permissions: k.permissions,
+            createdAt: k.createdAt,
+            lastUsedAt: k.lastUsedAt,
+            expiresAt: k.expiresAt,
+            isActive: k.isActive
+        }));
+        return { success: true, keys: userKeys };
+    }
+    /**
+     * Получение ключа по ID
+     */
+    async getKey(keyId, userId) {
+        await this.ensureInitialized();
+        return this.keys.find(k => k.id === keyId && k.userId === userId) || null;
+    }
+    /**
+     * Деактивация API ключа
+     */
+    async revokeKey(keyId, userId) {
+        await this.ensureInitialized();
+        const key = this.keys.find(k => k.id === keyId && k.userId === userId);
+        if (!key) {
+            return false;
+        }
+        key.isActive = false;
+        await this.saveKeys();
+        Logger.info(`API key revoked: ${key.keyPrefix}`);
+        return true;
+    }
+    /**
+     * Удаление API ключа
+     */
+    async deleteKey(keyId, userId) {
+        await this.ensureInitialized();
+        const index = this.keys.findIndex(k => k.id === keyId && k.userId === userId);
+        if (index === -1) {
+            return false;
+        }
+        const key = this.keys[index];
+        this.keys.splice(index, 1);
+        await this.saveKeys();
+        Logger.info(`API key deleted: ${key.keyPrefix}`);
+        return true;
+    }
+    /**
+     * Обновление permissions ключа
+     */
+    async updatePermissions(keyId, userId, permissions) {
+        await this.ensureInitialized();
+        const key = this.keys.find(k => k.id === keyId && k.userId === userId);
+        if (!key) {
+            return false;
+        }
+        key.permissions = permissions;
+        await this.saveKeys();
+        return true;
+    }
+    /**
+     * Обновление rate limits ключа
+     */
+    async updateRateLimits(keyId, userId, rateLimit) {
+        await this.ensureInitialized();
+        const key = this.keys.find(k => k.id === keyId && k.userId === userId);
+        if (!key) {
+            return false;
+        }
+        key.rateLimit = { ...key.rateLimit, ...rateLimit };
+        await this.saveKeys();
+        return true;
+    }
+    /**
+     * Переименование ключа
+     */
+    async renameKey(keyId, userId, name) {
+        await this.ensureInitialized();
+        const key = this.keys.find(k => k.id === keyId && k.userId === userId);
+        if (!key) {
+            return false;
+        }
+        key.name = name;
+        await this.saveKeys();
+        return true;
+    }
+    /**
+     * Проверка permission для ключа
+     */
+    hasPermission(apiKey, permission) {
+        // Admin имеет все права
+        if (apiKey.permissions.includes('admin:all')) {
+            return true;
+        }
+        return apiKey.permissions.includes(permission);
+    }
+    /**
+     * Получение статистики использования ключей
+     */
+    async getKeyStats(userId) {
+        await this.ensureInitialized();
+        const userKeys = this.keys.filter(k => k.userId === userId);
+        const now = new Date();
+        return {
+            totalKeys: userKeys.length,
+            activeKeys: userKeys.filter(k => k.isActive && (!k.expiresAt || new Date(k.expiresAt) > now)).length,
+            expiredKeys: userKeys.filter(k => k.expiresAt && new Date(k.expiresAt) <= now).length,
+            revokedKeys: userKeys.filter(k => !k.isActive).length
+        };
+    }
+    /**
+     * Очистка истёкших ключей
+     */
+    async cleanupExpiredKeys() {
+        await this.ensureInitialized();
+        const now = new Date();
+        const initialLength = this.keys.length;
+        this.keys = this.keys.filter(k => !k.expiresAt || new Date(k.expiresAt) > now);
+        const removedCount = initialLength - this.keys.length;
+        if (removedCount > 0) {
+            await this.saveKeys();
+            Logger.info(`Cleaned up ${removedCount} expired API keys`);
+        }
+        return removedCount;
+    }
+}
+//# sourceMappingURL=api-key-service.js.map

package/dist/server/services/auth-service.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Authentication Service for ArchiCore
+ */
+import { User, SubscriptionTier, AuthResponse } from '../../types/user.js';
+export declare class AuthService {
+    private dataDir;
+    private users;
+    private sessions;
+    private initialized;
+    constructor(dataDir?: string);
+    private ensureInitialized;
+    private createDefaultAdmin;
+    private saveUsers;
+    private saveSessions;
+    private hashPassword;
+    private createEmptyUsage;
+    private generateToken;
+    private sanitizeUser;
+    register(email: string, username: string, password: string): Promise<AuthResponse>;
+    login(email: string, password: string): Promise<AuthResponse>;
+    oauthLogin(provider: 'github' | 'google', profile: {
+        id: string;
+        email: string;
+        name: string;
+        avatar?: string;
+    }): Promise<AuthResponse>;
+    validateToken(token: string): Promise<User | null>;
+    logout(token: string): Promise<void>;
+    getUser(userId: string): Promise<User | null>;
+    updateUserTier(userId: string, tier: SubscriptionTier): Promise<boolean>;
+    checkAndUpdateUsage(userId: string, type: 'request' | 'analysis' | 'project'): Promise<{
+        allowed: boolean;
+        remaining: number;
+        limit: number;
+    }>;
+    getAllUsers(): Promise<Omit<User, 'passwordHash'>[]>;
+    deleteUser(userId: string): Promise<boolean>;
+    updateUser(userId: string, updates: Partial<Pick<User, 'username' | 'email' | 'avatar'>>): Promise<boolean>;
+}
+//# sourceMappingURL=auth-service.d.ts.map