cli-claw-kit 0.0.1

package/dist/agent-output-parser.js

@@ -0,0 +1,459 @@
+/**
+ * Shared output parsing and process lifecycle logic for container-runner.
+ * Extracted from runContainerAgent() and runHostAgent() to eliminate duplication.
+ */
+import fs from 'fs';
+import path from 'path';
+import { getSystemSettings } from './runtime-config.js';
+import { logger } from './logger.js';
+// Sentinel markers for robust output parsing (must match agent-runner)
+export const OUTPUT_START_MARKER = '---CLI_CLAW_OUTPUT_START---';
+export const OUTPUT_END_MARKER = '---CLI_CLAW_OUTPUT_END---';
+export function createStdoutParserState() {
+    return {
+        stdout: '',
+        stdoutTruncated: false,
+        parseBuffer: '',
+        newSessionId: undefined,
+        outputChain: Promise.resolve(),
+        lastErrorOutput: null,
+        hasSuccessOutput: false,
+        hasClosedOutput: false,
+        hasInterruptedOutput: false,
+    };
+}
+export function attachStdoutHandler(stream, state, opts) {
+    stream.on('data', (data) => {
+        const chunk = data.toString();
+        // Always accumulate for logging
+        if (!state.stdoutTruncated) {
+            const remaining = getSystemSettings().containerMaxOutputSize - state.stdout.length;
+            if (chunk.length > remaining) {
+                state.stdout += chunk.slice(0, remaining);
+                state.stdoutTruncated = true;
+                logger.warn({ group: opts.groupName, size: state.stdout.length }, `${opts.label} stdout truncated due to size limit`);
+            }
+            else {
+                state.stdout += chunk;
+            }
+        }
+        // Stream-parse for output markers
+        if (opts.onOutput) {
+            state.parseBuffer += chunk;
+            const MAX_PARSE_BUFFER = 10 * 1024 * 1024; // 10MB
+            if (state.parseBuffer.length > MAX_PARSE_BUFFER) {
+                logger.warn({ group: opts.groupName }, 'Parse buffer overflow, truncating');
+                const lastMarkerIdx = state.parseBuffer.lastIndexOf(OUTPUT_START_MARKER);
+                state.parseBuffer =
+                    lastMarkerIdx >= 0
+                        ? state.parseBuffer.slice(lastMarkerIdx)
+                        : state.parseBuffer.slice(-512);
+            }
+            let startIdx;
+            while ((startIdx = state.parseBuffer.indexOf(OUTPUT_START_MARKER)) !== -1) {
+                const endIdx = state.parseBuffer.indexOf(OUTPUT_END_MARKER, startIdx);
+                if (endIdx === -1)
+                    break; // Incomplete pair, wait for more data
+                const jsonStr = state.parseBuffer
+                    .slice(startIdx + OUTPUT_START_MARKER.length, endIdx)
+                    .trim();
+                state.parseBuffer = state.parseBuffer.slice(endIdx + OUTPUT_END_MARKER.length);
+                try {
+                    const parsed = JSON.parse(jsonStr);
+                    if (parsed.newSessionId) {
+                        state.newSessionId = parsed.newSessionId;
+                    }
+                    if (parsed.status === 'success') {
+                        state.hasSuccessOutput = true;
+                    }
+                    if (parsed.status === 'error') {
+                        state.lastErrorOutput = parsed;
+                    }
+                    if (parsed.status === 'closed') {
+                        state.hasClosedOutput = true;
+                    }
+                    if (parsed.status === 'stream' &&
+                        parsed.streamEvent?.statusText === 'interrupted') {
+                        state.hasInterruptedOutput = true;
+                    }
+                    // Activity detected — reset the hard timeout
+                    opts.resetTimeout();
+                    // Call onOutput for all markers (including null results)
+                    // so idle timers start even for "silent" query completions.
+                    const onOutputFn = opts.onOutput;
+                    state.outputChain = state.outputChain
+                        .then(() => onOutputFn(parsed))
+                        .catch((err) => {
+                        logger.error({ group: opts.groupName, err }, 'onOutput callback error');
+                    });
+                }
+                catch (err) {
+                    logger.warn({ group: opts.groupName, error: err }, 'Failed to parse streamed output chunk');
+                }
+            }
+        }
+    });
+}
+export function createStderrState() {
+    return {
+        stderr: '',
+        stderrTruncated: false,
+    };
+}
+export function attachStderrHandler(stream, state, groupName, 
+/** Log context key: { container: folder } or { host: folder } */
+logContext) {
+    stream.on('data', (data) => {
+        const chunk = data.toString();
+        const lines = chunk.trim().split('\n');
+        for (const line of lines) {
+            if (line)
+                logger.debug(logContext, line);
+        }
+        // Don't reset timeout on stderr — SDK writes debug logs continuously.
+        // Timeout only resets on actual output (OUTPUT_MARKER in stdout).
+        if (state.stderrTruncated)
+            return;
+        const remaining = getSystemSettings().containerMaxOutputSize - state.stderr.length;
+        if (chunk.length > remaining) {
+            state.stderr += chunk.slice(0, remaining);
+            state.stderrTruncated = true;
+            logger.warn({ group: groupName, size: state.stderr.length }, `${Object.keys(logContext)[0] === 'container' ? 'Container' : 'Host agent'} stderr truncated due to size limit`);
+        }
+        else {
+            state.stderr += chunk;
+        }
+    });
+}
+/**
+ * Handle the 'close' event for timeout case.
+ * Returns true if this was a timeout (caller should return early).
+ */
+export function handleTimeoutClose(ctx, code, duration, timedOut) {
+    if (!timedOut)
+        return false;
+    const ts = new Date().toISOString().replace(/[:.]/g, '-');
+    fs.mkdirSync(ctx.logsDir, { recursive: true });
+    const timeoutLog = path.join(ctx.logsDir, `${ctx.filePrefix}-${ts}.log`);
+    fs.writeFileSync(timeoutLog, [
+        `=== ${ctx.label} Run Log (TIMEOUT) ===`,
+        `Timestamp: ${new Date().toISOString()}`,
+        `Group: ${ctx.groupName}`,
+        `${ctx.label === 'Container' ? 'Container' : 'Process ID'}: ${ctx.identifier}`,
+        `Duration: ${duration}ms`,
+        `Exit Code: ${code}`,
+    ].join('\n'));
+    logger.error({
+        group: ctx.groupName,
+        [ctx.filePrefix === 'container' ? 'containerName' : 'processId']: ctx.identifier,
+        duration,
+        code,
+    }, `${ctx.label} timed out`);
+    ctx.resolvePromise({
+        status: 'error',
+        result: null,
+        error: `${ctx.label} timed out after ${ctx.timeoutMs}ms`,
+    });
+    return true;
+}
+/**
+ * Write a run log file. Returns the log file path.
+ */
+export function writeRunLog(ctx, code, duration) {
+    const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+    fs.mkdirSync(ctx.logsDir, { recursive: true });
+    const logFile = path.join(ctx.logsDir, `${ctx.filePrefix}-${timestamp}.log`);
+    const isVerbose = process.env.LOG_LEVEL === 'debug' || process.env.LOG_LEVEL === 'trace';
+    const logLines = [
+        `=== ${ctx.label} Run Log ===`,
+        `Timestamp: ${new Date().toISOString()}`,
+        `Group: ${ctx.groupName}`,
+        `IsMain: ${ctx.input.isMain}`,
+        `Duration: ${duration}ms`,
+        `Exit Code: ${code}`,
+        `Stdout Truncated: ${ctx.stdoutState.stdoutTruncated}`,
+        `Stderr Truncated: ${ctx.stderrState.stderrTruncated}`,
+        ``,
+    ];
+    const isError = code !== 0;
+    const { stderr, stderrTruncated } = ctx.stderrState;
+    const { stdout, stdoutTruncated } = ctx.stdoutState;
+    const LOG_TAIL_LIMIT = 4000;
+    const stderrLog = !isVerbose && !isError && stderr.length > LOG_TAIL_LIMIT
+        ? `... (truncated ${stderr.length - LOG_TAIL_LIMIT} chars) ...\n` +
+            stderr.slice(-LOG_TAIL_LIMIT)
+        : stderr;
+    const stdoutLog = !isVerbose && !isError && stdout.length > LOG_TAIL_LIMIT
+        ? `... (truncated ${stdout.length - LOG_TAIL_LIMIT} chars) ...\n` +
+            stdout.slice(-LOG_TAIL_LIMIT)
+        : stdout;
+    logLines.push(`=== Input Summary ===`, `Prompt length: ${ctx.input.prompt.length} chars`, `Session ID: ${ctx.input.sessionId || 'new'}`);
+    if (ctx.agentIdentity?.chatJid) {
+        logLines.push(`Chat JID: ${ctx.agentIdentity.chatJid}`);
+    }
+    if (ctx.agentIdentity?.groupFolder) {
+        logLines.push(`Group Folder: ${ctx.agentIdentity.groupFolder}`);
+    }
+    if (ctx.agentIdentity?.agentType) {
+        logLines.push(`Agent Type: ${ctx.agentIdentity.agentType}`);
+    }
+    if (ctx.agentIdentity?.executionMode) {
+        logLines.push(`Execution Mode: ${ctx.agentIdentity.executionMode}`);
+    }
+    if (ctx.agentIdentity?.selectedRunner) {
+        logLines.push(`Selected Runner: ${ctx.agentIdentity.selectedRunner}`);
+    }
+    if (ctx.agentIdentity?.agentId) {
+        logLines.push(`Agent ID: ${ctx.agentIdentity.agentId}`);
+    }
+    if (ctx.runtimeBuildInfo) {
+        logLines.push(`Backend PID: ${ctx.runtimeBuildInfo.backendPid}`, `Backend Started At: ${ctx.runtimeBuildInfo.backendStartedAt}`, `Backend Build Loaded: ${ctx.runtimeBuildInfo.backendBuildLoaded}`, `Backend Build Current: ${ctx.runtimeBuildInfo.backendBuildCurrent}`, `Backend Build Stale: ${ctx.runtimeBuildInfo.backendBuildStale}`, `Agent Runner Build Loaded: ${ctx.runtimeBuildInfo.agentRunnerBuildLoaded}`, `Agent Runner Build Current: ${ctx.runtimeBuildInfo.agentRunnerBuildCurrent}`, `Agent Runner Build Stale: ${ctx.runtimeBuildInfo.agentRunnerBuildStale}`);
+    }
+    if (ctx.extraSummaryLines) {
+        logLines.push(...ctx.extraSummaryLines);
+    }
+    logLines.push(``, `=== Stderr${stderrTruncated ? ' (TRUNCATED)' : ''} ===`, stderrLog, ``, `=== Stdout${stdoutTruncated ? ' (TRUNCATED)' : ''} ===`, stdoutLog);
+    if (isVerbose || isError) {
+        logLines.push(``, `=== Input ===`, JSON.stringify(ctx.input, null, 2));
+        if (ctx.extraVerboseLines) {
+            logLines.push(``, ...ctx.extraVerboseLines);
+        }
+    }
+    fs.writeFileSync(logFile, logLines.join('\n'));
+    logger.debug({ logFile, verbose: isVerbose }, `${ctx.label} log written`);
+    return logFile;
+}
+const OUTPUT_CHAIN_TIMEOUT = 30_000;
+/**
+ * Wait for the output chain to settle with a safety timeout.
+ * Calls `then` callback on success, always ensures chain timer is cleaned up.
+ */
+function waitForOutputChain(outputChain, groupName, logLabel, then) {
+    let chainTimer = null;
+    const chainTimeout = new Promise((resolve) => {
+        chainTimer = setTimeout(() => {
+            logger.warn({ group: groupName, timeoutMs: OUTPUT_CHAIN_TIMEOUT }, `Output chain settle timeout on ${logLabel}`);
+            resolve();
+        }, OUTPUT_CHAIN_TIMEOUT);
+    });
+    Promise.race([outputChain, chainTimeout])
+        .then(() => {
+        if (chainTimer)
+            clearTimeout(chainTimer);
+        then();
+    })
+        .catch(() => {
+        if (chainTimer)
+            clearTimeout(chainTimer);
+        then();
+    });
+}
+/**
+ * Handle the non-zero exit code path (force-kill detection, error output chain, resolve).
+ * Returns true if handled (caller should return early).
+ */
+export function handleNonZeroExit(ctx, code, signal, duration, logFile) {
+    if (code === 0)
+        return false;
+    const exitLabel = code === null ? `signal ${signal || 'unknown'}` : `code ${code}`;
+    const { newSessionId, outputChain } = ctx.stdoutState;
+    // Graceful interrupt: agent emitted 'interrupted' status before exiting.
+    if (ctx.stdoutState.hasInterruptedOutput && ctx.onOutput) {
+        logger.info({ group: ctx.groupName, code, signal, duration, newSessionId }, `${ctx.label} exited after interrupt (treating as success)`);
+        waitForOutputChain(outputChain, ctx.groupName, `${ctx.filePrefix} interrupt path`, () => {
+            ctx.resolvePromise({ status: 'success', result: null, newSessionId });
+        });
+        return true;
+    }
+    // Graceful shutdown: agent was killed by SIGTERM/SIGKILL (e.g. user
+    // clicked stop, session reset, clear-history). Treat as normal
+    // completion instead of an error — BUT only if the agent had already
+    // produced some output. If killed before emitting ANY output markers
+    // (success/closed), it means the process died during initialization
+    // (e.g., race condition) and should be treated as an error so the UI
+    // waiting state gets cleared via sendSystemMessage('agent_error').
+    const isForceKilled = signal === 'SIGTERM' || signal === 'SIGKILL' || code === 137;
+    if (isForceKilled && ctx.onOutput) {
+        const hadOutput = ctx.stdoutState.hasSuccessOutput || ctx.stdoutState.hasClosedOutput;
+        if (hadOutput) {
+            logger.info({ group: ctx.groupName, signal, code, duration, newSessionId }, `${ctx.label} terminated by signal (user stop / graceful shutdown)`);
+            waitForOutputChain(outputChain, ctx.groupName, `${ctx.filePrefix} force-kill path`, () => {
+                ctx.resolvePromise({
+                    status: 'success',
+                    result: null,
+                    newSessionId,
+                });
+            });
+            return true;
+        }
+        // Agent was killed before producing any output — fall through to
+        // error path so the caller can broadcast an error and clear the UI.
+        logger.warn({ group: ctx.groupName, signal, code, duration }, `${ctx.label} killed before producing any output — treating as error`);
+    }
+    // Build error output
+    const { stderr } = ctx.stderrState;
+    const enriched = ctx.enrichError
+        ? ctx.enrichError(stderr, exitLabel)
+        : {
+            result: null,
+            error: `${ctx.label} exited with ${exitLabel}: ${stderr.slice(-200)}`,
+        };
+    logger.error({
+        group: ctx.groupName,
+        code,
+        signal,
+        duration,
+        stderr,
+        stdout: ctx.stdoutState.stdout,
+        logFile,
+    }, `${ctx.label} exited with error`);
+    const finalizeError = () => {
+        if (ctx.stdoutState.lastErrorOutput) {
+            const streamedError = ctx.stdoutState.lastErrorOutput;
+            ctx.resolvePromise({
+                ...streamedError,
+                result: streamedError.result ?? enriched.result,
+                error: streamedError.error || enriched.error,
+                finalizationReason: streamedError.finalizationReason || 'error',
+                alreadyStreamedError: true,
+            });
+            return;
+        }
+        ctx.resolvePromise({
+            status: 'error',
+            result: enriched.result,
+            error: enriched.error,
+        });
+    };
+    // Even on error exits, wait for pending output callbacks to settle.
+    if (ctx.onOutput) {
+        waitForOutputChain(outputChain, ctx.groupName, `${ctx.filePrefix} error path`, finalizeError);
+        return true;
+    }
+    finalizeError();
+    return true;
+}
+/**
+ * Handle the success (code === 0) path — streaming mode or legacy parsing.
+ */
+export function handleSuccessClose(ctx, duration) {
+    const { newSessionId, outputChain } = ctx.stdoutState;
+    // Streaming mode: wait for output chain to settle
+    if (ctx.onOutput) {
+        const { hasClosedOutput } = ctx.stdoutState;
+        waitForOutputChain(outputChain, ctx.groupName, `${ctx.filePrefix} success path`, () => {
+            // Propagate 'closed' status so the host can distinguish a _close-interrupted
+            // exit from a normal completion and avoid committing the message cursor.
+            const finalStatus = hasClosedOutput
+                ? 'closed'
+                : 'success';
+            logger.info({ group: ctx.groupName, duration, newSessionId, finalStatus }, `${ctx.label} completed (streaming mode)`);
+            ctx.resolvePromise({
+                status: finalStatus,
+                result: null,
+                newSessionId,
+            });
+        });
+        return;
+    }
+    // Legacy mode: parse the last output marker pair from accumulated stdout
+    parseLegacyOutput(ctx);
+}
+/**
+ * Parse legacy (non-streaming) output from accumulated stdout.
+ */
+function parseLegacyOutput(ctx) {
+    const { stdout } = ctx.stdoutState;
+    try {
+        const startIdx = stdout.indexOf(OUTPUT_START_MARKER);
+        const endIdx = stdout.indexOf(OUTPUT_END_MARKER);
+        let jsonLine;
+        if (startIdx !== -1 && endIdx !== -1 && endIdx > startIdx) {
+            jsonLine = stdout
+                .slice(startIdx + OUTPUT_START_MARKER.length, endIdx)
+                .trim();
+        }
+        else {
+            // Fallback: last non-empty line (backwards compatibility)
+            const lines = stdout.trim().split('\n');
+            jsonLine = lines[lines.length - 1];
+        }
+        const output = JSON.parse(jsonLine);
+        logger.info({
+            group: ctx.groupName,
+            duration: Date.now() - ctx.startTime,
+            status: output.status,
+            hasResult: !!output.result,
+        }, `${ctx.label} completed`);
+        ctx.resolvePromise(output);
+    }
+    catch (err) {
+        logger.error({
+            group: ctx.groupName,
+            stdout,
+            stderr: ctx.stderrState.stderr,
+            error: err,
+        }, `Failed to parse ${ctx.filePrefix} output`);
+        ctx.resolvePromise({
+            status: 'error',
+            result: null,
+            error: `Failed to parse ${ctx.filePrefix} output: ${err instanceof Error ? err.message : String(err)}`,
+        });
+    }
+}
+// ─── API Error Classification ────────────────────────────────────────
+function normalizeRuntimeErrorText(stderr) {
+    return stderr
+        .replace(/\x1B\[[0-?]*[ -/]*[@-~]/g, ' ')
+        .replace(/\s+/g, ' ')
+        .trim();
+}
+export function formatUserFacingRuntimeError(stderr) {
+    const normalized = normalizeRuntimeErrorText(stderr);
+    if (!normalized)
+        return null;
+    if (/Codex CLI 未登录/u.test(normalized) ||
+        /auth_required|login required|please login|not logged in/i.test(normalized)) {
+        return 'Codex CLI 未登录。请先在服务器上执行：codex login';
+    }
+    if (/UsageLimitExceeded/i.test(normalized) ||
+        /purchase more credits/i.test(normalized) ||
+        /https:\/\/chatgpt\.com\/codex\/settings\/usage/i.test(normalized)) {
+        const usageUrl = normalized.match(/https:\/\/chatgpt\.com\/codex\/settings\/usage/i)?.[0] || 'https://chatgpt.com/codex/settings/usage';
+        const retryAt = normalized.match(/try again at ([^.]+)\.?/i)?.[1]?.trim();
+        return retryAt
+            ? `Codex CLI 用量已用尽。请前往 ${usageUrl} 购买额度，或在 ${retryAt} 后重试。`
+            : `Codex CLI 用量已用尽。请前往 ${usageUrl} 购买额度，或稍后重试。`;
+    }
+    return null;
+}
+/** Patterns that indicate an API-level error (provider issue, not user code bug) */
+const API_ERROR_PATTERNS = [
+    /\bapi[_ ]?key\b.*\b(invalid|missing|expired|required)\b/i,
+    /\bauthentication\s+(failed|error|required)\b/i,
+    /\b(401|403)\b.*\bunauthorized\b/i,
+    /\brate[_ ]?limit(ed)?\b/i,
+    /\bquota\s+(exceeded|exhausted)\b/i,
+    /\boverloaded\b/i,
+    /\binternal\s+server\s+error\b/i,
+    /\b(502|503|504|529)\b/,
+    /ANTHROPIC_API_KEY/,
+    /ANTHROPIC_AUTH_TOKEN/,
+    /\binvalid[_ ]?api\b/i,
+    /\bbilling\s+(error|issue|limit)\b/i,
+    /\bcredit(s)?\s+(exhausted|insufficient)\b/i,
+    /connection\s*(refused|reset|timed?\s*out)/i,
+    /ECONNREFUSED|ECONNRESET|ETIMEDOUT/,
+];
+/**
+ * Classify whether stderr output indicates an API-level error
+ * (provider unreachable, auth failure, rate limit, etc.)
+ * vs a normal agent exit or user code issue.
+ *
+ * Used by container-runner to decide whether to report failure to ProviderPool.
+ */
+export function isApiError(stderr) {
+    if (!stderr)
+        return false;
+    return API_ERROR_PATTERNS.some((pattern) => pattern.test(stderr));
+}

package/dist/app-root.js

@@ -0,0 +1,52 @@
+import fs from 'node:fs';
+import { createRequire } from 'node:module';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+function toModuleDirectory(moduleLocation) {
+    const resolvedLocation = moduleLocation.startsWith('file:')
+        ? fileURLToPath(moduleLocation)
+        : path.resolve(moduleLocation);
+    try {
+        if (fs.statSync(resolvedLocation).isDirectory()) {
+            return resolvedLocation;
+        }
+    }
+    catch {
+        // Fall back to treating the input as a file path.
+    }
+    return path.dirname(resolvedLocation);
+}
+export function findPackageRoot(moduleLocation) {
+    let currentDir = toModuleDirectory(moduleLocation);
+    while (true) {
+        const packageJsonPath = path.join(currentDir, 'package.json');
+        if (fs.existsSync(packageJsonPath)) {
+            return currentDir;
+        }
+        const parentDir = path.dirname(currentDir);
+        if (parentDir === currentDir) {
+            throw new Error(`Unable to locate package.json from ${moduleLocation}`);
+        }
+        currentDir = parentDir;
+    }
+}
+export const PACKAGE_ROOT = findPackageRoot(import.meta.url);
+export const APP_ROOT = PACKAGE_ROOT;
+export const LAUNCH_CWD = (() => {
+    try {
+        return fs.realpathSync(process.cwd());
+    }
+    catch {
+        return path.resolve(process.cwd());
+    }
+})();
+export function resolveAppPath(...segments) {
+    return path.join(APP_ROOT, ...segments);
+}
+export function resolvePackagePath(...segments) {
+    return path.join(PACKAGE_ROOT, ...segments);
+}
+export function resolvePackageDependency(specifier) {
+    const packageRequire = createRequire(resolvePackagePath('package.json'));
+    return packageRequire.resolve(specifier);
+}

package/dist/assistant-meta-footer.js

@@ -0,0 +1 @@
+export { formatAssistantMetaFooter, formatCompactNumber, getAssistantMetaFooterParts, parseAssistantTokenUsage, } from '../shared/dist/assistant-meta-footer.js';

package/dist/auth.js

@@ -0,0 +1,91 @@
+import crypto from 'crypto';
+import bcrypt from 'bcryptjs';
+const BCRYPT_ROUNDS = 12;
+// --- Password hashing ---
+export async function hashPassword(password) {
+    return bcrypt.hash(password, BCRYPT_ROUNDS);
+}
+export async function verifyPassword(password, hash) {
+    return bcrypt.compare(password, hash);
+}
+// --- Session token generation ---
+export function generateSessionToken() {
+    return crypto.randomBytes(32).toString('hex');
+}
+export function generateUserId() {
+    return crypto.randomUUID();
+}
+export function generateInviteCode() {
+    return crypto.randomBytes(16).toString('hex');
+}
+// --- Input validation ---
+const USERNAME_RE = /^[a-zA-Z0-9_]{3,32}$/;
+const PASSWORD_MIN = 8;
+const PASSWORD_MAX = 128;
+export function validateUsername(username) {
+    if (!username || typeof username !== 'string')
+        return '用户名不能为空';
+    if (!USERNAME_RE.test(username))
+        return '用户名须为3-32位字母、数字或下划线';
+    return null;
+}
+export function validatePassword(password) {
+    if (!password || typeof password !== 'string')
+        return '密码不能为空';
+    if (password.length < PASSWORD_MIN)
+        return `密码长度不能少于${PASSWORD_MIN}位`;
+    if (password.length > PASSWORD_MAX)
+        return `密码长度不能超过${PASSWORD_MAX}位`;
+    return null;
+}
+const loginAttempts = new Map();
+// Sliding window: clean old entries every 10 minutes
+setInterval(() => {
+    const now = Date.now();
+    for (const [key, record] of loginAttempts) {
+        // Remove entries older than lockout period * 2
+        if (now - record.lastAttempt > 30 * 60 * 1000) {
+            loginAttempts.delete(key);
+        }
+    }
+}, 10 * 60 * 1000);
+export function checkLoginRateLimit(username, ip, maxAttempts, lockoutMinutes) {
+    const key = `${username}:${ip}`;
+    const now = Date.now();
+    const windowMs = lockoutMinutes * 60 * 1000;
+    const record = loginAttempts.get(key);
+    if (!record)
+        return { allowed: true };
+    // Reset if window has passed since first attempt
+    if (now - record.firstAttempt > windowMs) {
+        loginAttempts.delete(key);
+        return { allowed: true };
+    }
+    if (record.count >= maxAttempts) {
+        const retryAfter = Math.ceil((record.firstAttempt + windowMs - now) / 1000);
+        return { allowed: false, retryAfterSeconds: Math.max(1, retryAfter) };
+    }
+    return { allowed: true };
+}
+export function recordLoginAttempt(username, ip) {
+    const key = `${username}:${ip}`;
+    const now = Date.now();
+    const record = loginAttempts.get(key);
+    if (record) {
+        record.count += 1;
+        record.lastAttempt = now;
+    }
+    else {
+        loginAttempts.set(key, { count: 1, firstAttempt: now, lastAttempt: now });
+    }
+}
+export function clearLoginAttempts(username, ip) {
+    loginAttempts.delete(`${username}:${ip}`);
+}
+// --- Session expiry ---
+export function sessionExpiresAt() {
+    return new Date(Date.now() + 30 * 24 * 60 * 60 * 1000).toISOString();
+}
+export function isSessionExpired(expiresAt) {
+    return new Date(expiresAt).getTime() < Date.now();
+}