archicore 0.1.0

package/dist/server/services/token-service.js

@@ -0,0 +1,416 @@
+/**
+ * Token Service for ArchiCore Developer API
+ *
+ * Подсчёт токенов, биллинг и rate limiting
+ */
+import { randomBytes } from 'crypto';
+import { readFile, writeFile, mkdir } from 'fs/promises';
+import { join } from 'path';
+import { PRICING_TIERS, OPERATION_TOKEN_COSTS } from '../../types/api.js';
+import { Logger } from '../../utils/logger.js';
+const DATA_DIR = '.archicore';
+const USAGE_FILE = 'token-usage.json';
+const BILLING_FILE = 'billing.json';
+const RATE_LIMITS_FILE = 'rate-limits.json';
+export class TokenService {
+    dataDir;
+    usageRecords = [];
+    billingAccounts = [];
+    rateLimitStates = [];
+    initialized = false;
+    constructor(dataDir = DATA_DIR) {
+        this.dataDir = dataDir;
+    }
+    async ensureInitialized() {
+        if (this.initialized)
+            return;
+        try {
+            await mkdir(this.dataDir, { recursive: true });
+        }
+        catch { }
+        // Load usage records
+        try {
+            const path = join(this.dataDir, USAGE_FILE);
+            const data = await readFile(path, 'utf-8');
+            const parsed = JSON.parse(data);
+            this.usageRecords = parsed.records || [];
+        }
+        catch {
+            this.usageRecords = [];
+        }
+        // Load billing accounts
+        try {
+            const path = join(this.dataDir, BILLING_FILE);
+            const data = await readFile(path, 'utf-8');
+            const parsed = JSON.parse(data);
+            this.billingAccounts = parsed.accounts || [];
+        }
+        catch {
+            this.billingAccounts = [];
+        }
+        // Load rate limit states
+        try {
+            const path = join(this.dataDir, RATE_LIMITS_FILE);
+            const data = await readFile(path, 'utf-8');
+            const parsed = JSON.parse(data);
+            this.rateLimitStates = parsed.states || [];
+        }
+        catch {
+            this.rateLimitStates = [];
+        }
+        this.initialized = true;
+    }
+    async saveUsage() {
+        const path = join(this.dataDir, USAGE_FILE);
+        await writeFile(path, JSON.stringify({ records: this.usageRecords }, null, 2));
+    }
+    async saveBilling() {
+        const path = join(this.dataDir, BILLING_FILE);
+        await writeFile(path, JSON.stringify({ accounts: this.billingAccounts }, null, 2));
+    }
+    async saveRateLimits() {
+        const path = join(this.dataDir, RATE_LIMITS_FILE);
+        await writeFile(path, JSON.stringify({ states: this.rateLimitStates }, null, 2));
+    }
+    // ===== TOKEN CALCULATION =====
+    /**
+     * Подсчёт токенов для операции
+     */
+    calculateTokens(operation, params) {
+        const costs = OPERATION_TOKEN_COSTS[operation];
+        const fileCount = params.fileCount || 0;
+        const contentSizeKb = params.contentSizeKb || 0;
+        // Базовый расчёт токенов
+        let inputTokens = costs.base + (fileCount * costs.perFile) + (contentSizeKb * costs.perKb);
+        // Добавляем токены за текст (примерно 1 токен = 4 символа)
+        if (params.inputText) {
+            inputTokens += Math.ceil(params.inputText.length / 4);
+        }
+        let outputTokens = 0;
+        if (params.outputText) {
+            outputTokens = Math.ceil(params.outputText.length / 4);
+        }
+        return {
+            inputTokens,
+            outputTokens,
+            totalTokens: inputTokens + outputTokens
+        };
+    }
+    /**
+     * Расчёт стоимости в центах
+     */
+    calculateCost(totalTokens, pricingTier) {
+        const tier = PRICING_TIERS[pricingTier] || PRICING_TIERS.starter;
+        // Цена за 1M токенов → цена за токен → умножаем на количество
+        const pricePerToken = tier.pricePerMillionTokens / 1_000_000;
+        return Math.ceil(totalTokens * pricePerToken * 100); // в центах
+    }
+    // ===== USAGE TRACKING =====
+    /**
+     * Запись использования токенов
+     */
+    async recordUsage(apiKeyId, userId, operation, tokens, projectId, metadata) {
+        await this.ensureInitialized();
+        // Получаем billing account для расчёта стоимости
+        const billing = await this.getBillingAccount(userId);
+        const cost = this.calculateCost(tokens.totalTokens, billing.pricingTier);
+        const usage = {
+            id: 'usage_' + randomBytes(12).toString('hex'),
+            apiKeyId,
+            userId,
+            operation,
+            inputTokens: tokens.inputTokens,
+            outputTokens: tokens.outputTokens,
+            totalTokens: tokens.totalTokens,
+            cost,
+            timestamp: new Date(),
+            projectId,
+            metadata
+        };
+        this.usageRecords.push(usage);
+        await this.saveUsage();
+        // Обновляем billing account
+        await this.updateBillingUsage(userId, tokens.totalTokens, cost);
+        Logger.debug(`Token usage recorded: ${tokens.totalTokens} tokens, $${(cost / 100).toFixed(4)}`);
+        return usage;
+    }
+    /**
+     * Получение истории использования
+     */
+    async getUsageHistory(userId, options) {
+        await this.ensureInitialized();
+        let records = this.usageRecords.filter(r => r.userId === userId);
+        if (options.apiKeyId) {
+            records = records.filter(r => r.apiKeyId === options.apiKeyId);
+        }
+        if (options.operation) {
+            records = records.filter(r => r.operation === options.operation);
+        }
+        // Сортируем по дате (новые первые)
+        records.sort((a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime());
+        const offset = options.offset || 0;
+        const limit = options.limit || 100;
+        return records.slice(offset, offset + limit);
+    }
+    /**
+     * Получение статистики использования
+     */
+    async getUsageStats(userId, period) {
+        await this.ensureInitialized();
+        const now = new Date();
+        let startDate;
+        switch (period) {
+            case 'hour':
+                startDate = new Date(now.getTime() - 60 * 60 * 1000);
+                break;
+            case 'day':
+                startDate = new Date(now.getTime() - 24 * 60 * 60 * 1000);
+                break;
+            case 'week':
+                startDate = new Date(now.getTime() - 7 * 24 * 60 * 60 * 1000);
+                break;
+            case 'month':
+                startDate = new Date(now.getTime() - 30 * 24 * 60 * 60 * 1000);
+                break;
+        }
+        const records = this.usageRecords.filter(r => r.userId === userId && new Date(r.timestamp) >= startDate);
+        // Агрегация по операциям
+        const byOperation = {};
+        for (const op of Object.keys(OPERATION_TOKEN_COSTS)) {
+            const opRecords = records.filter(r => r.operation === op);
+            byOperation[op] = {
+                requests: opRecords.length,
+                tokens: opRecords.reduce((sum, r) => sum + r.totalTokens, 0),
+                cost: opRecords.reduce((sum, r) => sum + r.cost, 0)
+            };
+        }
+        // Агрегация по дням (для week и month)
+        let byDay;
+        if (period === 'week' || period === 'month') {
+            const dayMap = new Map();
+            for (const r of records) {
+                const date = new Date(r.timestamp).toISOString().split('T')[0];
+                const existing = dayMap.get(date) || { requests: 0, tokens: 0, cost: 0 };
+                existing.requests++;
+                existing.tokens += r.totalTokens;
+                existing.cost += r.cost;
+                dayMap.set(date, existing);
+            }
+            byDay = Array.from(dayMap.entries())
+                .map(([date, stats]) => ({ date, ...stats }))
+                .sort((a, b) => a.date.localeCompare(b.date));
+        }
+        return {
+            period,
+            startDate,
+            endDate: now,
+            totalRequests: records.length,
+            totalTokens: records.reduce((sum, r) => sum + r.totalTokens, 0),
+            totalCost: records.reduce((sum, r) => sum + r.cost, 0),
+            byOperation,
+            byDay
+        };
+    }
+    // ===== BILLING =====
+    /**
+     * Получение или создание billing account
+     */
+    async getBillingAccount(userId) {
+        await this.ensureInitialized();
+        let account = this.billingAccounts.find(a => a.userId === userId);
+        if (!account) {
+            // Создаём новый account
+            const now = new Date();
+            const endOfMonth = new Date(now.getFullYear(), now.getMonth() + 1, 0);
+            account = {
+                id: 'billing_' + randomBytes(12).toString('hex'),
+                userId,
+                pricingTier: 'free',
+                balance: 0,
+                tokensUsedThisMonth: 0,
+                tokensIncludedThisMonth: PRICING_TIERS.free.includedTokens,
+                billingCycleStart: now,
+                billingCycleEnd: endOfMonth,
+                autoRecharge: false,
+                autoRechargeThreshold: 500, // $5
+                autoRechargeAmount: 2000, // $20
+                paymentMethods: [],
+                invoices: []
+            };
+            this.billingAccounts.push(account);
+            await this.saveBilling();
+        }
+        return account;
+    }
+    /**
+     * Обновление использования в billing account
+     */
+    async updateBillingUsage(userId, tokens, cost) {
+        const account = await this.getBillingAccount(userId);
+        account.tokensUsedThisMonth += tokens;
+        // Списываем с баланса если превышены included tokens
+        const tier = PRICING_TIERS[account.pricingTier] || PRICING_TIERS.free;
+        if (account.tokensUsedThisMonth > tier.includedTokens) {
+            account.balance -= cost;
+        }
+        await this.saveBilling();
+    }
+    /**
+     * Пополнение баланса
+     */
+    async addCredits(userId, amount) {
+        await this.ensureInitialized();
+        const account = await this.getBillingAccount(userId);
+        account.balance += amount;
+        await this.saveBilling();
+        Logger.info(`Added ${amount} cents to user ${userId} balance`);
+        return account;
+    }
+    /**
+     * Изменение pricing tier
+     */
+    async updatePricingTier(userId, tier) {
+        await this.ensureInitialized();
+        const account = await this.getBillingAccount(userId);
+        const newTier = PRICING_TIERS[tier];
+        if (!newTier) {
+            throw new Error(`Invalid pricing tier: ${tier}`);
+        }
+        account.pricingTier = tier;
+        account.tokensIncludedThisMonth = newTier.includedTokens;
+        await this.saveBilling();
+        Logger.info(`Updated user ${userId} to tier ${tier}`);
+        return account;
+    }
+    /**
+     * Проверка достаточности баланса
+     */
+    async checkBalance(userId, estimatedTokens) {
+        const account = await this.getBillingAccount(userId);
+        const tier = PRICING_TIERS[account.pricingTier] || PRICING_TIERS.free;
+        const tokensRemaining = Math.max(0, tier.includedTokens - account.tokensUsedThisMonth);
+        const tokensToCharge = Math.max(0, estimatedTokens - tokensRemaining);
+        const estimatedCost = this.calculateCost(tokensToCharge, account.pricingTier);
+        const allowed = account.balance >= estimatedCost || tokensRemaining >= estimatedTokens;
+        return {
+            allowed,
+            balance: account.balance,
+            estimatedCost,
+            tokensRemaining
+        };
+    }
+    // ===== RATE LIMITING =====
+    /**
+     * Проверка rate limit
+     */
+    async checkRateLimit(apiKeyId, limits) {
+        await this.ensureInitialized();
+        const now = new Date();
+        let state = this.rateLimitStates.find(s => s.apiKeyId === apiKeyId);
+        if (!state) {
+            state = {
+                apiKeyId,
+                requestsThisMinute: 0,
+                requestsToday: 0,
+                tokensThisMinute: 0,
+                tokensToday: 0,
+                minuteResetAt: new Date(now.getTime() + 60 * 1000),
+                dayResetAt: new Date(now.getFullYear(), now.getMonth(), now.getDate() + 1)
+            };
+            this.rateLimitStates.push(state);
+        }
+        // Reset counters if needed
+        if (new Date(state.minuteResetAt) <= now) {
+            state.requestsThisMinute = 0;
+            state.tokensThisMinute = 0;
+            state.minuteResetAt = new Date(now.getTime() + 60 * 1000);
+        }
+        if (new Date(state.dayResetAt) <= now) {
+            state.requestsToday = 0;
+            state.tokensToday = 0;
+            state.dayResetAt = new Date(now.getFullYear(), now.getMonth(), now.getDate() + 1);
+        }
+        // Check limits
+        const allowed = state.requestsThisMinute < limits.requestsPerMinute &&
+            state.requestsToday < limits.requestsPerDay;
+        let retryAfter;
+        if (!allowed) {
+            if (state.requestsThisMinute >= limits.requestsPerMinute) {
+                retryAfter = Math.ceil((new Date(state.minuteResetAt).getTime() - now.getTime()) / 1000);
+            }
+            else {
+                retryAfter = Math.ceil((new Date(state.dayResetAt).getTime() - now.getTime()) / 1000);
+            }
+        }
+        return {
+            allowed,
+            remaining: {
+                requestsPerMinute: Math.max(0, limits.requestsPerMinute - state.requestsThisMinute),
+                requestsPerDay: Math.max(0, limits.requestsPerDay - state.requestsToday),
+                tokensPerMinute: Math.max(0, limits.tokensPerMinute - state.tokensThisMinute),
+                tokensPerDay: Math.max(0, limits.tokensPerDay - state.tokensToday)
+            },
+            resetAt: {
+                minute: new Date(state.minuteResetAt),
+                day: new Date(state.dayResetAt)
+            },
+            retryAfter
+        };
+    }
+    /**
+     * Инкремент rate limit счётчиков
+     */
+    async incrementRateLimit(apiKeyId, tokens) {
+        await this.ensureInitialized();
+        const state = this.rateLimitStates.find(s => s.apiKeyId === apiKeyId);
+        if (state) {
+            state.requestsThisMinute++;
+            state.requestsToday++;
+            state.tokensThisMinute += tokens;
+            state.tokensToday += tokens;
+            await this.saveRateLimits();
+        }
+    }
+    /**
+     * Получение текущего состояния rate limit
+     */
+    async getRateLimitState(apiKeyId) {
+        await this.ensureInitialized();
+        return this.rateLimitStates.find(s => s.apiKeyId === apiKeyId) || null;
+    }
+    // ===== CLEANUP =====
+    /**
+     * Очистка старых записей usage (старше 90 дней)
+     */
+    async cleanupOldUsageRecords() {
+        await this.ensureInitialized();
+        const cutoffDate = new Date(Date.now() - 90 * 24 * 60 * 60 * 1000);
+        const initialLength = this.usageRecords.length;
+        this.usageRecords = this.usageRecords.filter(r => new Date(r.timestamp) > cutoffDate);
+        const removedCount = initialLength - this.usageRecords.length;
+        if (removedCount > 0) {
+            await this.saveUsage();
+            Logger.info(`Cleaned up ${removedCount} old usage records`);
+        }
+        return removedCount;
+    }
+    /**
+     * Сброс месячных лимитов (вызывается в начале месяца)
+     */
+    async resetMonthlyLimits() {
+        await this.ensureInitialized();
+        const now = new Date();
+        for (const account of this.billingAccounts) {
+            if (new Date(account.billingCycleEnd) <= now) {
+                account.tokensUsedThisMonth = 0;
+                account.billingCycleStart = now;
+                account.billingCycleEnd = new Date(now.getFullYear(), now.getMonth() + 1, 0);
+                const tier = PRICING_TIERS[account.pricingTier] || PRICING_TIERS.free;
+                account.tokensIncludedThisMonth = tier.includedTokens;
+            }
+        }
+        await this.saveBilling();
+        Logger.info('Monthly limits reset completed');
+    }
+}
+//# sourceMappingURL=token-service.js.map

package/dist/server/services/upload-service.d.ts

@@ -0,0 +1,93 @@
+/**
+ * Upload Service
+ *
+ * Безопасная загрузка и распаковка ZIP/RAR архивов.
+ *
+ * Защита от:
+ * - ZIP-бомб (проверка соотношения сжатия)
+ * - Path traversal атак (../../../etc/passwd)
+ * - Опасных файлов (исполняемые, скрипты и т.д.)
+ * - Слишком больших файлов
+ */
+export interface UploadConfig {
+    maxFileSize: number;
+    maxExtractedSize: number;
+    maxCompressionRatio: number;
+    uploadsDir: string;
+    extractDir: string;
+}
+export interface UploadResult {
+    success: boolean;
+    uploadId: string;
+    projectPath: string;
+    error?: string;
+    warnings: string[];
+    stats: {
+        originalSize: number;
+        extractedSize: number;
+        fileCount: number;
+        skippedFiles: string[];
+    };
+}
+export interface SecurityScanResult {
+    safe: boolean;
+    threats: SecurityThreat[];
+    warnings: string[];
+}
+export interface SecurityThreat {
+    type: 'zip_bomb' | 'path_traversal' | 'dangerous_file' | 'symlink' | 'oversized';
+    description: string;
+    file?: string;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+}
+export declare class UploadService {
+    private config;
+    constructor(config?: Partial<UploadConfig>);
+    /**
+     * Проверка безопасности архива БЕЗ распаковки
+     */
+    scanArchive(filePath: string): Promise<SecurityScanResult>;
+    /**
+     * Безопасная распаковка архива
+     */
+    extractArchive(filePath: string, uploadId: string): Promise<UploadResult>;
+    /**
+     * Полный процесс загрузки: сохранение + сканирование + распаковка
+     */
+    processUpload(buffer: Buffer, originalName: string): Promise<UploadResult>;
+    /**
+     * Удаление проекта
+     */
+    deleteProject(uploadId: string): Promise<void>;
+    /**
+     * Проверка на path traversal
+     */
+    private isPathTraversal;
+    /**
+     * Очистка пути от опасных элементов
+     */
+    private sanitizePath;
+    /**
+     * Форматирование размера в читаемый вид
+     */
+    private formatBytes;
+    /**
+     * Получить информацию о загруженных проектах
+     */
+    listUploadedProjects(): Promise<Array<{
+        id: string;
+        path: string;
+        size: number;
+        files: number;
+        createdAt: Date;
+    }>>;
+    /**
+     * Подсчёт файлов в директории рекурсивно
+     */
+    private countFiles;
+    /**
+     * Размер директории рекурсивно
+     */
+    private getDirSize;
+}
+//# sourceMappingURL=upload-service.d.ts.map