codexmate 0.0.40 → 0.0.42

package/README.md

@@ -87,6 +87,18 @@ npm install -g codexmate
 codexmate run
 ```
 
+If the default Web UI port `3737` is unavailable, Codex Mate automatically tries the next ports (`3738`, `3739`, ...). To force a fixed port, set `CODEXMATE_PORT`:
+
+```bash
+CODEXMATE_PORT=8080 codexmate run
+```
+
+Windows PowerShell:
+
+```powershell
+$env:CODEXMATE_PORT=8080; codexmate run
+```
+
 ### Install via curl (Standalone)
 
 ```bash

package/README.zh.md

@@ -87,6 +87,18 @@ npm install -g codexmate
 codexmate run
 ```
 
+如果默认 Web UI 端口 `3737` 不可用，Codex Mate 会自动尝试后续端口（`3738`、`3739` ...）。如需固定端口，可以指定 `CODEXMATE_PORT`：
+
+```bash
+CODEXMATE_PORT=8080 codexmate run
+```
+
+Windows PowerShell：
+
+```powershell
+$env:CODEXMATE_PORT=8080; codexmate run
+```
+
 ### 通过 curl 安装 (独立包)
 
 ```bash

package/cli.js

@@ -359,6 +359,91 @@ function resolveWebPort() {
     return parsed;
 }
 
+function isWebPortExplicit() {
+    return typeof process.env.CODEXMATE_PORT === 'string' && process.env.CODEXMATE_PORT.trim().length > 0;
+}
+
+async function resolveAvailableWebPort(port, host, options = {}) {
+    const explicitPort = !!options.explicitPort;
+    const maxAttemptsRaw = Number.isFinite(options.maxAttempts) ? options.maxAttempts : parseInt(options.maxAttempts, 10);
+    const maxAttempts = Number.isFinite(maxAttemptsRaw) && maxAttemptsRaw > 0 ? Math.floor(maxAttemptsRaw) : 20;
+    const netModule = options.net || net;
+    const requestedPort = parseInt(String(port), 10);
+    if (!Number.isFinite(requestedPort) || requestedPort <= 0 || explicitPort) {
+        return {
+            port,
+            requestedPort: port,
+            explicitPort,
+            changed: false,
+            attempts: []
+        };
+    }
+
+    const attempts = [];
+    const checkPort = (candidatePort) => new Promise((resolve) => {
+        const tester = netModule.createServer();
+        let settled = false;
+        const finish = (result) => {
+            if (settled) return;
+            settled = true;
+            resolve(result);
+        };
+        tester.once('error', (error) => {
+            finish({
+                available: false,
+                code: error && error.code ? String(error.code) : '',
+                message: error && error.message ? String(error.message) : ''
+            });
+        });
+        tester.once('listening', () => {
+            tester.close(() => finish({ available: true, code: '', message: '' }));
+        });
+        try {
+            tester.listen(candidatePort, host);
+        } catch (error) {
+            finish({
+                available: false,
+                code: error && error.code ? String(error.code) : '',
+                message: error && error.message ? String(error.message) : String(error)
+            });
+        }
+    });
+
+    const lastPort = Math.min(65535, requestedPort + maxAttempts - 1);
+    for (let candidatePort = requestedPort; candidatePort <= lastPort; candidatePort += 1) {
+        const result = await checkPort(candidatePort);
+        attempts.push({ port: candidatePort, available: !!result.available, code: result.code || '' });
+        if (result.available) {
+            return {
+                port: candidatePort,
+                requestedPort,
+                explicitPort: false,
+                changed: candidatePort !== requestedPort,
+                attempts
+            };
+        }
+        if (result.code !== 'EADDRINUSE' && result.code !== 'EACCES') {
+            return {
+                port: requestedPort,
+                requestedPort,
+                explicitPort: false,
+                changed: false,
+                attempts,
+                error: result.message || result.code || 'port probe failed'
+            };
+        }
+    }
+
+    return {
+        port: requestedPort,
+        requestedPort,
+        explicitPort: false,
+        changed: false,
+        attempts,
+        error: `no available port found from ${requestedPort} to ${lastPort}`
+    };
+}
+
 // #region releaseRunPortIfNeeded
 function releaseRunPortIfNeeded(port, host, deps = {}) {
     const numericPort = parseInt(String(port), 10);
@@ -10327,8 +10412,20 @@ function extractRequestToken(req) {
     const headers = req && req.headers && typeof req.headers === 'object' ? req.headers : {};
     const rawAuth = typeof headers.authorization === 'string' ? headers.authorization.trim() : '';
     if (rawAuth) {
-        const match = rawAuth.match(/^bearer\s+(.+)$/i);
-        if (match && match[1]) return match[1].trim();
+        const bearerMatch = rawAuth.match(/^bearer\s+(.+)$/i);
+        if (bearerMatch && bearerMatch[1]) return bearerMatch[1].trim();
+        const basicMatch = rawAuth.match(/^basic\s+(.+)$/i);
+        if (basicMatch && basicMatch[1]) {
+            try {
+                const decoded = Buffer.from(basicMatch[1].trim(), 'base64').toString('utf-8');
+                const separatorIndex = decoded.indexOf(':');
+                if (separatorIndex >= 0) {
+                    const password = decoded.slice(separatorIndex + 1).trim();
+                    if (password) return password;
+                }
+                if (decoded.trim()) return decoded.trim();
+            } catch (_) { }
+        }
         return rawAuth;
     }
     const raw = typeof headers['x-codexmate-token'] === 'string' ? headers['x-codexmate-token'].trim() : '';
@@ -10354,12 +10451,21 @@ function assertRequestAuthorized(req, res) {
     }
     const actual = extractRequestToken(req);
     if (!actual || !safeTimingEqual(actual, expected)) {
-        writeJsonResponse(res, 401, { error: 'Unauthorized' });
+        writeJsonResponse(res, 401, { error: 'Unauthorized' }, {
+            'WWW-Authenticate': 'Basic realm="codexmate"'
+        });
         return { ok: false, mode: 'unauthorized' };
     }
     return { ok: true, mode: 'token' };
 }
 
+function isProtectedWebSurfacePath(requestPath) {
+    return requestPath === '/'
+        || requestPath === '/web-ui/index.html'
+        || requestPath.startsWith('/web-ui/')
+        || requestPath.startsWith('/res/');
+}
+
 const g_webhookDeliveryCache = new Map();
 
 function pruneWebhookDeliveryCache() {
@@ -10857,6 +10963,21 @@ function createWebServer({ htmlPath, assetsDir, webDir, host, port, openBrowser
         if (typeof openaiBridgeHandler === 'function' && openaiBridgeHandler(req, res)) {
             return;
         }
+        if (isProtectedWebSurfacePath(requestPath)) {
+            const remoteAddr = req && req.socket ? req.socket.remoteAddress : '';
+            const isLoopback = !remoteAddr || isLoopbackRemoteAddress(remoteAddr);
+            if (!isLoopback) {
+                const rateLimitKey = (remoteAddr || 'unknown') + ':' + requestPath;
+                if (!checkRateLimit(rateLimitKey)) {
+                    writeJsonResponse(res, 429, { error: 'Rate limit exceeded' }, { 'Retry-After': '60' });
+                    return;
+                }
+                const auth = assertRequestAuthorized(req, res);
+                if (!auth.ok) {
+                    return;
+                }
+            }
+        }
         if (
             requestPath === '/api'
             || requestPath.startsWith('/api/import-')
@@ -11792,10 +11913,22 @@ function createWebServer({ htmlPath, assetsDir, webDir, host, port, openBrowser
         socket.on('close', () => connections.delete(socket));
     });
 
+    const printPortOverrideHint = () => {
+        const examplePort = port === 8080 ? 8081 : 8080;
+        console.error(`  临时换端口（macOS/Linux）: CODEXMATE_PORT=${examplePort} codexmate run`);
+        console.error(`  临时换端口（Windows PowerShell）: $env:CODEXMATE_PORT=${examplePort}; codexmate run`);
+        console.error(`  临时换端口（Windows CMD）: set CODEXMATE_PORT=${examplePort} && codexmate run`);
+    };
+
     server.once('error', (err) => {
         if (err && err.code === 'EADDRINUSE') {
             console.error(`! 启动失败: 端口 ${port} 已被占用，可能有残留的 codexmate run 实例。`);
             console.error('  请先停止旧实例或更换端口后重试。');
+            printPortOverrideHint();
+        } else if (err && err.code === 'EACCES') {
+            console.error(`! 启动失败: 没有权限监听 ${host}:${port}。`);
+            console.error('  请检查系统/安全软件限制，或更换端口后重试。');
+            printPortOverrideHint();
         } else {
             console.error('! 启动 Web UI 失败:', err && err.message ? err.message : err);
         }
@@ -11916,7 +12049,7 @@ async function restartWebUiServerAfterFrontendChange({
 // #endregion restartWebUiServerAfterFrontendChange
 
 // 打开 Web UI
-function cmdStart(options = {}) {
+async function cmdStart(options = {}) {
     const webDir = path.join(__dirname, 'web-ui');
     const newHtmlPath = path.join(webDir, 'index.html');
     const legacyHtmlPath = path.join(__dirname, 'web-ui.html');
@@ -11927,9 +12060,29 @@ function cmdStart(options = {}) {
         process.exit(1);
     }
 
-    const port = resolveWebPort();
+    let port = resolveWebPort();
+    const explicitPort = isWebPortExplicit();
     const host = resolveWebHost(options);
     releaseRunPortIfNeeded(port, host);
+    const selectedPort = await resolveAvailableWebPort(port, host, { explicitPort });
+    if (selectedPort.error) {
+        console.error(`! 启动失败: ${selectedPort.error}`);
+        console.error(`  已尝试端口: ${selectedPort.attempts.map((attempt) => attempt.port).join(', ')}`);
+        console.error('  请设置 CODEXMATE_PORT 指定可用端口后重试。');
+        process.exit(1);
+    }
+    if (selectedPort.changed) {
+        const failed = selectedPort.attempts
+            .filter((attempt) => !attempt.available)
+            .map((attempt) => `${attempt.port}${attempt.code ? `(${attempt.code})` : ''}`)
+            .join(', ');
+        console.warn(`! 默认端口 ${selectedPort.requestedPort} 不可用，已自动切换到 ${selectedPort.port}。`);
+        if (failed) {
+            console.warn(`  跳过端口: ${failed}`);
+        }
+        console.warn('  如需固定端口，请设置 CODEXMATE_PORT 后重新启动。');
+    }
+    port = selectedPort.port;
 
     const isDev = process.env.NODE_ENV === 'development'
         || process.env.CODEXMATE_DEV === '1'
@@ -16301,7 +16454,7 @@ async function main() {
         case 'workflow': await cmdWorkflow(args.slice(1)); break;
         case 'task': await cmdTask(args.slice(1)); break;
         case 'analytics': await cmdAnalytics(args.slice(1)); break;
-        case 'run': cmdStart(parseStartOptions(args.slice(1))); break;
+        case 'run': await cmdStart(parseStartOptions(args.slice(1))); break;
         case 'update': await cmdToolUpdate(args.slice(1)); break;
         case 'start':
             console.error('错误: 命令已更名为 "run"，请使用: codexmate run');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codexmate",
-  "version": "0.0.40",
+  "version": "0.0.42",
   "description": "Codex/Claude Code/OpenClaw 配置、会话与任务编排 CLI + Web 工具",
   "main": "cli.js",
   "bin": {

package/web-ui/modules/app.methods.session-actions.mjs

@@ -129,6 +129,32 @@ export function createSessionActionMethods(options = {}) {
             this.showMessage('复制失败', 'error');
         },
 
+        getSessionFilePath(session) {
+            const filePath = typeof session?.filePath === 'string' ? session.filePath.trim() : '';
+            return filePath;
+        },
+
+        async copySessionPath(session) {
+            const filePath = this.getSessionFilePath(session);
+            if (!filePath) {
+                this.showMessage('无本地文件路径', 'error');
+                return;
+            }
+            const ok = this.fallbackCopyText(filePath);
+            if (ok) {
+                this.showMessage('已复制路径', 'success');
+                return;
+            }
+            try {
+                if (navigator.clipboard && window.isSecureContext) {
+                    await navigator.clipboard.writeText(filePath);
+                    this.showMessage('已复制路径', 'success');
+                    return;
+                }
+            } catch (_) {}
+            this.showMessage('复制失败', 'error');
+        },
+
         getSessionExportKey(session) {
             return `${session.source || 'unknown'}:${session.sessionId || ''}:${session.filePath || ''}`;
         },

package/web-ui/modules/i18n/locales/en.mjs

@@ -566,6 +566,7 @@ const en = Object.freeze({
     'sessions.preview.importNative.failed': 'Import failed',
     'sessions.preview.importNative.failedWithReason': 'Import to native failed: {reason}',
     'sessions.preview.copyLink': 'Copy link',
+    'sessions.preview.copyPath': 'Copy path',
     'sessions.preview.loadingBody': 'Loading session content...',
     'sessions.preview.emptyMsgs': 'No messages to display',
     'sessions.preview.rendering': 'Rendering session content...',

package/web-ui/modules/i18n/locales/ja.mjs

@@ -554,6 +554,8 @@ const ja = Object.freeze({
     'sessions.preview.converting': '変換中...',
     'sessions.preview.convert.loadedOnly': '読み込み済みのみ変換',
     'sessions.preview.openStandalone': 'スタンドアロンで開く',
+    'sessions.preview.copyLink': 'リンクをコピー',
+    'sessions.preview.copyPath': 'パスをコピー',
     'sessions.preview.loadingBody': 'メッセージ読み込み中...',
     'sessions.preview.emptyMsgs': 'メッセージがありません',
     'sessions.preview.rendering': 'レンダリング中...',

package/web-ui/modules/i18n/locales/zh.mjs

@@ -565,6 +565,7 @@ const zh = Object.freeze({
     'sessions.preview.importNative.failed': '导入失败',
     'sessions.preview.importNative.failedWithReason': '导入原生目录失败：{reason}',
     'sessions.preview.copyLink': '复制链接',
+    'sessions.preview.copyPath': '复制路径',
     'sessions.preview.loadingBody': '正在加载会话内容...',
     'sessions.preview.emptyMsgs': '当前会话暂无可展示消息',
     'sessions.preview.rendering': '正在渲染会话内容...',

package/web-ui/partials/index/panel-sessions.html

@@ -241,6 +241,12 @@
                                             :disabled="!activeSession">
                                             {{ t('sessions.preview.copyLink') }}
                                         </button>
+                                        <button
+                                            class="btn-session-open"
+                                            @click="copySessionPath(activeSession)"
+                                            :disabled="!activeSession || !getSessionFilePath(activeSession)">
+                                            {{ t('sessions.preview.copyPath') }}
+                                        </button>
                                     </div>
                                 </div>
 

package/web-ui/res/web-ui-render.precompiled.js

@@ -2604,7 +2604,12 @@ return function render(_ctx, _cache) {
                                           class: "btn-session-open",
                                           onClick: $event => (_ctx.copySessionLink(_ctx.activeSession)),
                                           disabled: !_ctx.activeSession
-                                        }, _toDisplayString(_ctx.t('sessions.preview.copyLink')), 9 /* TEXT, PROPS */, ["onClick", "disabled"])
+                                        }, _toDisplayString(_ctx.t('sessions.preview.copyLink')), 9 /* TEXT, PROPS */, ["onClick", "disabled"]),
+                                        _createElementVNode("button", {
+                                          class: "btn-session-open",
+                                          onClick: $event => (_ctx.copySessionPath(_ctx.activeSession)),
+                                          disabled: !_ctx.activeSession || !_ctx.getSessionFilePath(_ctx.activeSession)
+                                        }, _toDisplayString(_ctx.t('sessions.preview.copyPath')), 9 /* TEXT, PROPS */, ["onClick", "disabled"])
                                       ])
                                     ], 512 /* NEED_PATCH */),
                                     (_ctx.sessionDetailLoading && !_ctx.sessionPreviewLoadingMore)