clawmatrix 0.1.11 → 0.1.13

package/src/web.ts

@@ -0,0 +1,230 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { PeerManager } from "./peer-manager.ts";
+import type { ClawMatrixConfig } from "./config.ts";
+import { timingSafeEqual } from "./auth.ts";
+import { renderDashboard } from "./web-ui.ts";
+
+const COOKIE_NAME = "clawmatrix_token";
+const SESSION_MAX_AGE = 86400 * 7; // 7 days
+
+export class WebHandler {
+  private config: ClawMatrixConfig;
+  private peerManager: PeerManager;
+  private token: string;
+  private startTime = Date.now();
+
+  constructor(config: ClawMatrixConfig, peerManager: PeerManager) {
+    this.config = config;
+    this.peerManager = peerManager;
+    this.token = config.web!.token;
+  }
+
+  /** Handle an HTTP request. Returns true if handled, false to fall through. */
+  handle(req: IncomingMessage, res: ServerResponse): boolean {
+    const url = new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`);
+    const path = url.pathname;
+
+    // Public routes (no auth)
+    if (path === "/api/login" && req.method === "POST") {
+      this.handleLogin(req, res);
+      return true;
+    }
+
+    // Serve dashboard HTML (auth checked client-side via API)
+    if (path === "/" && req.method === "GET") {
+      res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+      res.end(renderDashboard(this.config.nodeId));
+      return true;
+    }
+
+    // All /api/* routes require auth
+    if (path.startsWith("/api/")) {
+      if (!this.checkAuth(req)) {
+        res.writeHead(401, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Unauthorized" }));
+        return true;
+      }
+
+      if (path === "/api/status" && req.method === "GET") {
+        this.handleStatus(res);
+        return true;
+      }
+
+      if (path === "/api/chat" && req.method === "POST") {
+        this.handleChat(req, res);
+        return true;
+      }
+
+      if (path === "/api/logout" && req.method === "POST") {
+        res.writeHead(200, {
+          "Content-Type": "application/json",
+          "Set-Cookie": `${COOKIE_NAME}=; Path=/; Max-Age=0; HttpOnly; SameSite=Strict`,
+
+        });
+        res.end(JSON.stringify({ ok: true }));
+        return true;
+      }
+
+      res.writeHead(404, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Not found" }));
+      return true;
+    }
+
+    return false;
+  }
+
+  private checkAuth(req: IncomingMessage): boolean {
+    // Check Authorization header
+    const authHeader = req.headers.authorization;
+    if (authHeader?.startsWith("Bearer ") && timingSafeEqual(authHeader.slice(7), this.token)) {
+      return true;
+    }
+
+    // Check cookie
+    const cookies = req.headers.cookie ?? "";
+    const match = cookies.split(";").find((c) => c.trim().startsWith(`${COOKIE_NAME}=`));
+    if (match) {
+      const value = match.trim().slice(COOKIE_NAME.length + 1);
+      return timingSafeEqual(value, this.token);
+    }
+
+    return false;
+  }
+
+  private async handleLogin(req: IncomingMessage, res: ServerResponse) {
+    try {
+      const body = await readBody(req);
+      const { token } = JSON.parse(body);
+
+      if (!token || !timingSafeEqual(String(token), this.token)) {
+        res.writeHead(403, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Invalid token" }));
+        return;
+      }
+
+      res.writeHead(200, {
+        "Content-Type": "application/json",
+        "Set-Cookie": `${COOKIE_NAME}=${token}; Path=/; Max-Age=${SESSION_MAX_AGE}; HttpOnly; SameSite=Strict`,
+      });
+      res.end(JSON.stringify({ ok: true }));
+    } catch {
+      res.writeHead(400, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Invalid request" }));
+    }
+  }
+
+  private handleStatus(res: ServerResponse) {
+    const peers = this.peerManager.router.getAllPeers();
+    const localNode = {
+      nodeId: this.config.nodeId,
+      agents: this.config.agents,
+      models: this.config.models.map((m) => ({ id: m.id, provider: m.provider, description: m.description })),
+      tags: this.config.tags,
+      connection: "self" as const,
+      online: true,
+    };
+
+    const peerNodes = peers.map((p) => ({
+      nodeId: p.nodeId,
+      agents: p.agents,
+      models: p.models,
+      tags: p.tags,
+      connection: p.connection ? ("direct" as const) : ("relay" as const),
+      reachableVia: p.reachableVia,
+      online: this.peerManager.canReach(p.nodeId),
+      lastSeen: p.lastSeen,
+      latencyMs: p.latencyMs,
+    }));
+
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({
+      nodeId: this.config.nodeId,
+      uptime: Math.floor((Date.now() - this.startTime) / 1000),
+      listen: this.config.listen ? this.config.listenPort : false,
+      proxyPort: this.config.proxyPort,
+      local: localNode,
+      peers: peerNodes,
+    }));
+  }
+
+  private async handleChat(req: IncomingMessage, res: ServerResponse) {
+    try {
+      const body = await readBody(req);
+      const { model, messages, nodeId } = JSON.parse(body);
+
+      if (!model || !messages) {
+        res.writeHead(400, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "model and messages required" }));
+        return;
+      }
+
+      // Proxy to local model proxy with streaming
+      const proxyUrl = `http://127.0.0.1:${this.config.proxyPort}/v1/chat/completions`;
+      const modelId = nodeId ? `${nodeId}/${model}` : model;
+
+      const upstream = await fetch(proxyUrl, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ model: modelId, messages, stream: true }),
+      });
+
+      if (!upstream.ok) {
+        const errText = await upstream.text();
+        res.writeHead(upstream.status, { "Content-Type": "application/json" });
+        res.end(errText);
+        return;
+      }
+
+      // Stream SSE back to browser
+      res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+      });
+
+      const reader = upstream.body?.getReader();
+      if (!reader) {
+        res.end();
+        return;
+      }
+
+      try {
+        while (true) {
+          const { done, value } = await reader.read();
+          if (done) break;
+          res.write(value);
+        }
+      } catch {
+        // Client disconnected or upstream error
+      } finally {
+        reader.releaseLock();
+        res.end();
+      }
+    } catch (err) {
+      if (!res.headersSent) {
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: err instanceof Error ? err.message : "Internal error" }));
+      }
+    }
+  }
+}
+
+const MAX_BODY_SIZE = 1024 * 1024; // 1 MB
+
+function readBody(req: IncomingMessage): Promise<string> {
+  return new Promise((resolve, reject) => {
+    const chunks: Buffer[] = [];
+    let size = 0;
+    req.on("data", (chunk: Buffer) => {
+      size += chunk.length;
+      if (size > MAX_BODY_SIZE) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => resolve(Buffer.concat(chunks).toString()));
+    req.on("error", reject);
+  });
+}