copyhub-cli 1.0.0 → 1.0.3

package/src/config.js

@@ -22,6 +22,26 @@ function parseRedirectPortFromEnv() {
   return n;
 }
 
+/**
+ * Port for the OAuth HTTP listener (env wins, then saved config, then default).
+ * Does not require Client ID / Secret (used before credential bootstrap).
+ */
+export function resolveOAuthListenPort() {
+  const envPort = parseRedirectPortFromEnv();
+  if (envPort != null) return envPort;
+  if (existsSync(CONFIG_PATH)) {
+    try {
+      const j = JSON.parse(readFileSync(CONFIG_PATH, 'utf8'));
+      if (typeof j.redirectPort === 'number' && Number.isFinite(j.redirectPort)) {
+        return j.redirectPort;
+      }
+    } catch {
+      /* ignore */
+    }
+  }
+  return DEFAULT_OAUTH_REDIRECT_PORT;
+}
+
 /** Both Client ID and Secret come from environment (or .env). */
 export function hasOAuthCredentialsInEnv() {
   const id = process.env[ENV_GOOGLE_CLIENT_ID]?.trim();

package/src/electron-launcher.js

@@ -18,30 +18,41 @@ export function resolveElectronBinary() {
   return abs;
 }
 
+function spawnOptsBase(stdio, cwd, env, detached) {
+  /** @type {import('node:child_process').SpawnOptions} */
+  const o = {
+    stdio,
+    cwd,
+    env,
+    detached,
+  };
+  if (process.platform === 'win32') {
+    o.windowsHide = true;
+  }
+  return o;
+}
+
 /**
  * Spawn the floating history overlay (Electron).
- * @param {{ stdio?: 'inherit' | 'ignore' | 'pipe', envExtra?: Record<string, string> }} [opts]
+ * @param {{
+ *   stdio?: 'inherit' | 'ignore' | 'pipe',
+ *   envExtra?: Record<string, string>,
+ *   detached?: boolean,
+ * }} [opts]
  */
 export function spawnCopyhubOverlay(opts = {}) {
   const stdio = opts.stdio ?? 'inherit';
+  const detached = opts.detached ?? false;
   const root = getProjectRoot();
   const uiMain = join(root, 'ui', 'main.mjs');
   const env = { ...process.env, ...opts.envExtra };
   const direct = resolveElectronBinary();
   if (direct) {
-    return spawn(direct, [uiMain], {
-      stdio,
-      cwd: root,
-      env,
-      detached: false,
-    });
+    return spawn(direct, [uiMain], spawnOptsBase(stdio, root, env, detached));
   }
   const npx = process.platform === 'win32' ? 'npx.cmd' : 'npx';
   return spawn(npx, ['--yes', 'electron', uiMain], {
-    stdio,
-    cwd: root,
+    ...spawnOptsBase(stdio, root, env, detached),
     shell: true,
-    env,
-    detached: false,
   });
 }

package/src/oauth.js

@@ -8,7 +8,9 @@ import {
   DEFAULT_OAUTH_REDIRECT_PORT,
   ENV_GOOGLE_CLIENT_ID,
   ENV_GOOGLE_CLIENT_SECRET,
+  ENV_OAUTH_REDIRECT_PORT,
   mergeConfigPartial,
+  resolveOAuthListenPort,
   loadSheetSyncTarget,
   loadOverlayAcceleratorFromConfigSync,
   loadOverlayPlatformFromConfigSync,
@@ -34,7 +36,7 @@ export async function getAuthorizedClient() {
   const cfg = await loadConfig();
   if (!cfg) {
     throw new Error(
-      `OAuth is not configured. Set ${ENV_GOOGLE_CLIENT_ID} and ${ENV_GOOGLE_CLIENT_SECRET} (.env or environment), or run: copyhub config --client-id ID --client-secret SECRET`,
+      `OAuth is not configured. Set ${ENV_GOOGLE_CLIENT_ID} and ${ENV_GOOGLE_CLIENT_SECRET} (.env or environment), run copyhub config, or copyhub login (browser wizard).`,
     );
   }
   const client = createOAuthClient(cfg);
@@ -75,6 +77,256 @@ function escapeHtml(s) {
     .replace(/'/g, ''');
 }
 
+/**
+ * @param {string} bootstrapToken
+ * @param {number} listenPort
+ */
+function credentialSetupPageHtml(bootstrapToken, listenPort) {
+  const tVal = escapeHtml(bootstrapToken);
+  const callbackUri = `http://127.0.0.1:${listenPort}/oauth2callback`;
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>CopyHub — Google OAuth credentials</title>
+  <style>
+    :root {
+      --text: #141824;
+      --muted: #5a6272;
+      --line: #e2e8f1;
+      --accent: #2563eb;
+      --accent-soft: #eff6ff;
+      --radius: 14px;
+      --shadow: 0 4px 24px rgba(20, 24, 36, 0.08), 0 1px 3px rgba(20, 24, 36, 0.04);
+    }
+    * { box-sizing: border-box; }
+    body {
+      margin: 0;
+      min-height: 100vh;
+      font-family: ui-sans-serif, system-ui, -apple-system, "Segoe UI", Roboto, sans-serif;
+      background: linear-gradient(160deg, #e8eef9 0%, #f5f7fb 45%, #eef2f8 100%);
+      color: var(--text);
+      padding: 32px 16px 48px;
+      line-height: 1.55;
+    }
+    .wrap { max-width: 520px; margin: 0 auto; }
+    .brand {
+      font-size: 13px;
+      font-weight: 600;
+      letter-spacing: 0.06em;
+      text-transform: uppercase;
+      color: var(--accent);
+      margin-bottom: 8px;
+    }
+    h1 { font-size: 1.55rem; font-weight: 700; margin: 0 0 8px; letter-spacing: -0.02em; }
+    .sub { color: var(--muted); font-size: 15px; margin-bottom: 24px; }
+    .card {
+      background: #fff;
+      border-radius: var(--radius);
+      box-shadow: var(--shadow);
+      border: 1px solid rgba(255,255,255,0.8);
+      padding: 26px 24px;
+      margin-bottom: 18px;
+    }
+    label.field-label { display: block; font-weight: 600; font-size: 14px; margin-bottom: 8px; }
+    input[type="password"], input[type="text"] {
+      width: 100%;
+      padding: 12px 14px;
+      font-size: 15px;
+      border: 1px solid var(--line);
+      border-radius: 10px;
+      background: #fafbfd;
+    }
+    input:focus {
+      outline: none;
+      border-color: var(--accent);
+      box-shadow: 0 0 0 3px rgba(37, 99, 235, 0.15);
+      background: #fff;
+    }
+    .hint { font-size: 13px; color: var(--muted); margin-top: 10px; line-height: 1.5; }
+    .hint code {
+      font-size: 12px;
+      background: var(--accent-soft);
+      color: #1d4ed8;
+      padding: 2px 7px;
+      border-radius: 6px;
+      font-weight: 500;
+    }
+    button.submit {
+      width: 100%;
+      margin-top: 20px;
+      padding: 14px 20px;
+      font-size: 16px;
+      font-weight: 600;
+      color: #fff;
+      background: linear-gradient(180deg, #3b82f6 0%, #2563eb 100%);
+      border: none;
+      border-radius: 12px;
+      cursor: pointer;
+      box-shadow: 0 2px 8px rgba(37, 99, 235, 0.35);
+    }
+    button.submit:hover { filter: brightness(1.05); }
+    .callback-box {
+      font-size: 13px;
+      padding: 12px 14px;
+      background: linear-gradient(135deg, #f8fafc 0%, #f1f5f9 100%);
+      border-radius: 10px;
+      border: 1px solid var(--line);
+      word-break: break-all;
+    }
+  </style>
+</head>
+<body>
+  <div class="wrap">
+    <div class="brand">CopyHub</div>
+    <h1>Google Cloud OAuth</h1>
+    <p class="sub">Paste your OAuth 2.0 Client ID and Client Secret (same as <code>${ENV_GOOGLE_CLIENT_ID}</code> / <code>${ENV_GOOGLE_CLIENT_SECRET}</code> in <code>.env</code>). Stored in <code>~/.copyhub/config.json</code>.</p>
+
+    <div class="card">
+      <p class="hint" style="margin-top:0;"><strong>Authorized redirect URI</strong> in Google Cloud Console must include:</p>
+      <div class="callback-box"><code>${escapeHtml(callbackUri)}</code></div>
+      <p class="hint">Port comes from <code>${ENV_OAUTH_REDIRECT_PORT}</code> (currently <strong>${listenPort}</strong>) or your saved config.</p>
+    </div>
+
+    <form method="POST" action="/credentials">
+      <input type="hidden" name="t" value="${tVal}" />
+      <div class="card">
+        <label class="field-label" for="cid">Client ID</label>
+        <input id="cid" type="text" name="clientId" autocomplete="off" spellcheck="false" required />
+        <label class="field-label" for="csec" style="margin-top:16px;">Client secret</label>
+        <input id="csec" type="password" name="clientSecret" autocomplete="new-password" spellcheck="false" required />
+      </div>
+      <button type="submit" class="submit">Save and continue to Google sign-in</button>
+    </form>
+  </div>
+</body>
+</html>`;
+}
+
+const credentialSavedHtml = `<!DOCTYPE html>
+<html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><title>CopyHub</title>
+<style>
+body{font-family:system-ui,sans-serif;min-height:100vh;margin:0;display:flex;align-items:center;justify-content:center;background:linear-gradient(160deg,#e8eef9,#f5f7fb);padding:24px;}
+.box{background:#fff;padding:32px 36px;border-radius:16px;box-shadow:0 8px 32px rgba(20,24,36,.1);max-width:420px;text-align:center;line-height:1.65;color:#141824;}
+.box h2{margin:0 0 12px;font-size:1.25rem;}
+.box p{margin:.6rem 0;color:#5a6272;font-size:15px;}
+.box code{background:#eff6ff;color:#1d4ed8;padding:2px 8px;border-radius:6px;font-size:13px;}
+</style></head>
+<body><div class="box"><h2>Credentials saved</h2>
+<p>The login flow will open Google next (this tab can stay open).</p></div></body></html>`;
+
+/**
+ * Localhost wizard when Client ID / Secret are missing from env and config file.
+ * @returns {Promise<void>}
+ */
+async function runCredentialBootstrap() {
+  const listenPort = resolveOAuthListenPort();
+  await new Promise((resolve, reject) => {
+    /** @type {string | null} */
+    let bootstrapToken = randomBytes(24).toString('hex');
+    let settled = false;
+
+    const finish = () => {
+      if (settled) return;
+      settled = true;
+      server.close(() => resolve(undefined));
+    };
+
+    const server = createServer(async (req, res) => {
+      try {
+        if (!req.url) {
+          res.writeHead(400);
+          res.end('Bad request');
+          return;
+        }
+        const u = new URL(req.url, `http://127.0.0.1:${listenPort}`);
+
+        if (u.pathname === '/credentials' && req.method === 'GET') {
+          const t = u.searchParams.get('t');
+          if (!bootstrapToken || t !== bootstrapToken) {
+            res.writeHead(403, { 'Content-Type': 'text/html; charset=utf-8' });
+            res.end('<p>Invalid session. Run <code>copyhub login</code> again.</p>');
+            return;
+          }
+          res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+          res.end(credentialSetupPageHtml(bootstrapToken, listenPort));
+          return;
+        }
+
+        if (u.pathname === '/credentials' && req.method === 'POST') {
+          let body = '';
+          try {
+            body = await readRequestBody(req);
+          } catch {
+            res.writeHead(413);
+            res.end('Payload too large');
+            return;
+          }
+          const params = new URLSearchParams(body);
+          const t = params.get('t');
+          if (!bootstrapToken || t !== bootstrapToken) {
+            res.writeHead(403);
+            res.end('Forbidden');
+            return;
+          }
+          const clientId = (params.get('clientId') || '').trim();
+          const clientSecret = (params.get('clientSecret') || '').trim();
+          if (!clientId || !clientSecret) {
+            res.writeHead(400, { 'Content-Type': 'text/html; charset=utf-8' });
+            res.end('<p>Client ID and Client secret are required.</p>');
+            return;
+          }
+          try {
+            await mergeConfigPartial({ clientId, clientSecret });
+          } catch {
+            res.writeHead(500, { 'Content-Type': 'text/html; charset=utf-8' });
+            res.end('<p>Could not write config. Check write permissions on ~/.copyhub/</p>');
+            return;
+          }
+          bootstrapToken = null;
+          res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
+          res.end(credentialSavedHtml);
+          setTimeout(finish, 400);
+          return;
+        }
+
+        res.writeHead(404);
+        res.end('Not found');
+      } catch (e) {
+        res.writeHead(500);
+        res.end('Server error');
+        server.close(() => reject(/** @type {Error} */ (e)));
+      }
+    });
+
+    const idleMs = 20 * 60 * 1000;
+    const idleTimer = setTimeout(() => {
+      if (!settled) {
+        console.warn('Credential setup idle timeout (20 minutes).');
+        finish();
+      }
+    }, idleMs);
+    server.on('close', () => clearTimeout(idleTimer));
+
+    server.on('error', (err) => {
+      if (!settled) reject(err);
+    });
+
+    server.listen(listenPort, '127.0.0.1', async () => {
+      const credUrl = `http://127.0.0.1:${listenPort}/credentials?t=${encodeURIComponent(bootstrapToken)}`;
+      console.log('Opening browser for Google OAuth credentials (localhost wizard)...');
+      console.log(`If it does not open: ${credUrl}`);
+      try {
+        await open(credUrl);
+      } catch {
+        console.log('Open this URL manually:');
+        console.log(credUrl);
+      }
+    });
+  });
+}
+
 /** Shortcut presets (Electron Accelerator) per platform — embedded as JSON in the setup page. */
 const PLATFORM_PRESETS = {
   win: [
@@ -423,10 +675,25 @@ body{font-family:system-ui,sans-serif;min-height:100vh;margin:0;display:flex;ali
  * @returns {Promise<void>}
  */
 export async function runLoginFlow() {
-  const cfg = await loadConfig();
+  let cfg = await loadConfig();
+  if (!cfg) {
+    const listenPort = resolveOAuthListenPort();
+    try {
+      await runCredentialBootstrap();
+    } catch (e) {
+      const code = /** @type {NodeJS.ErrnoException} */ (e)?.code;
+      if (code === 'EADDRINUSE') {
+        throw new Error(
+          `Port ${listenPort} is already in use. Stop the other process or set ${ENV_OAUTH_REDIRECT_PORT} to a free port.`,
+        );
+      }
+      throw /** @type {Error} */ (e);
+    }
+    cfg = await loadConfig();
+  }
   if (!cfg) {
     throw new Error(
-      `Not configured. Set ${ENV_GOOGLE_CLIENT_ID} and ${ENV_GOOGLE_CLIENT_SECRET} in .env, or run: copyhub config --client-id ... --client-secret ...`,
+      `OAuth is not configured. Set ${ENV_GOOGLE_CLIENT_ID} and ${ENV_GOOGLE_CLIENT_SECRET} in .env, run copyhub config, or complete the browser credential wizard.`,
     );
   }
   const port = cfg.redirectPort ?? DEFAULT_OAUTH_REDIRECT_PORT;

package/src/sheet-overlay-history.js

@@ -0,0 +1,79 @@
+import { google } from 'googleapis';
+import { getAuthorizedClient } from './oauth.js';
+import { loadSheetSyncTarget } from './config.js';
+import { formatGoogleSheetUserMessage } from './sheet-api-errors.js';
+
+/** @param {unknown} v */
+function cellToString(v) {
+  if (v == null) return '';
+  if (typeof v === 'string') return v;
+  if (typeof v === 'number' || typeof v === 'boolean') return String(v);
+  if (v instanceof Date) return v.toISOString();
+  return String(v);
+}
+
+/** @param {string} tabName */
+function escapeTabName(tabName) {
+  return /[^A-Za-z0-9_]/.test(tabName)
+    ? `'${tabName.replace(/'/g, "''")}'`
+    : tabName;
+}
+
+/** @param {number} daysAgo */
+function overlayDailyTabNameDaysAgo(daysAgo) {
+  const d = new Date();
+  d.setDate(d.getDate() - daysAgo);
+  const y = d.getFullYear();
+  const m = String(d.getMonth() + 1).padStart(2, '0');
+  const day = String(d.getDate()).padStart(2, '0');
+  return `COPYHUB-${y}-${m}-${day}`;
+}
+
+/**
+ * Clipboard rows from one COPYHUB-YYYY-MM-DD tab (newest timestamps first).
+ * Reads used cells in A:B from row 2 onward (append puts newer rows at the bottom).
+ * @param {number} daysAgo 0 = today
+ * @param {number} [maxRowsCap] Keep only this many newest rows (after sort).
+ */
+export async function fetchOverlayDailyTabRows(daysAgo, maxRowsCap = 500) {
+  const day = Math.min(Math.max(Number(daysAgo), 0), 90);
+  const cap = Math.min(Math.max(Number(maxRowsCap), 1), 2000);
+
+  const target = await loadSheetSyncTarget();
+  if (!target) return [];
+
+  const auth = await getAuthorizedClient();
+  if (!auth.credentials.refresh_token && !auth.credentials.access_token) {
+    return [];
+  }
+
+  const sheets = google.sheets({ version: 'v4', auth });
+  const tab = overlayDailyTabNameDaysAgo(day);
+  const range = `${escapeTabName(tab)}!A2:B`;
+
+  try {
+    const res = await sheets.spreadsheets.values.get({
+      spreadsheetId: target.spreadsheetId,
+      range,
+      valueRenderOption: 'FORMATTED_VALUE',
+    });
+
+    const values = res.data.values ?? [];
+
+    /** @type {Array<{ ts: string, text: string, synced: boolean }>} */
+    const items = [];
+    for (const row of values) {
+      if (!Array.isArray(row) || row.length < 2) continue;
+      const ts = cellToString(row[0]).trim();
+      const text = cellToString(row[1]).trim();
+      if (!text) continue;
+      if (/^(time|thời gian)$/i.test(ts)) continue;
+      items.push({ ts: ts || '', text, synced: true });
+    }
+
+    items.sort((a, b) => (Date.parse(b.ts) || 0) - (Date.parse(a.ts) || 0));
+    return items.slice(0, cap);
+  } catch (e) {
+    throw new Error(formatGoogleSheetUserMessage(e));
+  }
+}

package/src/sheets.js

@@ -7,7 +7,7 @@ import { formatGoogleSheetUserMessage } from './sheet-api-errors.js';
 /**
  * @param {string} tabName
  */
-function a1RangeForTab(tabName) {
+export function a1RangeForTab(tabName) {
   const escaped = /[^A-Za-z0-9_]/.test(tabName)
     ? `'${tabName.replace(/'/g, "''")}'`
     : tabName;

package/src/start-daemon-logic.js

@@ -1,4 +1,4 @@
-import { appendHistory } from './storage.js';
+import { appendHistory, isDuplicateOfLatestHistory } from './storage.js';
 import { startClipboardWatcher } from './clipboard-watcher.js';
 import { appendClipboardToSheet } from './sheets.js';
 import { loadTokens } from './tokens.js';
@@ -73,6 +73,9 @@ export async function runCopyhubDaemon(opts, io = console) {
   let lastSheetLogAt = 0;
 
   const watcher = startClipboardWatcher(async (text) => {
+    if (isDuplicateOfLatestHistory(text)) {
+      return;
+    }
     let synced = false;
     if (useSheet && sheetTarget && (tokens?.refresh_token || tokens?.access_token)) {
       try {

package/src/storage.js

@@ -57,3 +57,14 @@ export function readRecentHistorySync(maxLines = 200) {
   }
   return out.reverse();
 }
+
+/**
+ * True when `text` equals the latest saved history row (skip consecutive identical copies).
+ * @param {string} text
+ */
+export function isDuplicateOfLatestHistory(text) {
+  if (typeof text !== 'string' || text.length === 0) return false;
+  const recent = readRecentHistorySync(1);
+  const last = recent[0];
+  return typeof last?.text === 'string' && last.text === text;
+}

package/src/wipe-data.js

@@ -0,0 +1,10 @@
+import { rm } from 'node:fs/promises';
+import { existsSync } from 'node:fs';
+import { DIR } from './paths.js';
+
+/** Delete the entire ~/.copyhub directory (all local CopyHub data). */
+export async function wipeCopyhubDirectory() {
+  if (existsSync(DIR)) {
+    await rm(DIR, { recursive: true, force: true });
+  }
+}