couchloop-eq-mcp 1.0.0

package/dist/resources/session-summary.js

@@ -0,0 +1,85 @@
+import { getDb } from '../db/client.js';
+import { sessions, journeys, checkpoints, users } from '../db/schema.js';
+import { eq, and, desc } from 'drizzle-orm';
+import { logger } from '../utils/logger.js';
+import { nanoid } from 'nanoid';
+export async function getSessionSummary() {
+    try {
+        const db = getDb();
+        // NOTE: Resources in MCP don't receive parameters, so we can't pass auth context.
+        // Using a mock user ID for now. This will be addressed when we implement
+        // a proper session store or modify the MCP server to maintain user context.
+        const mockUserId = 'usr_' + nanoid();
+        const [user] = await db
+            .select()
+            .from(users)
+            .where(eq(users.externalId, mockUserId))
+            .limit(1);
+        if (!user) {
+            return JSON.stringify({
+                active: false,
+                message: 'No user found',
+            }, null, 2);
+        }
+        // Get active session
+        const [activeSession] = await db
+            .select()
+            .from(sessions)
+            .where(and(eq(sessions.userId, user.id), eq(sessions.status, 'active')))
+            .orderBy(desc(sessions.lastActiveAt))
+            .limit(1);
+        if (!activeSession) {
+            return JSON.stringify({
+                active: false,
+                message: 'No active session',
+            }, null, 2);
+        }
+        // Get journey if linked
+        let journey = null;
+        let currentStep = null;
+        if (activeSession.journeyId) {
+            [journey] = await db
+                .select()
+                .from(journeys)
+                .where(eq(journeys.id, activeSession.journeyId))
+                .limit(1);
+            if (journey && journey.steps && journey.steps[activeSession.currentStep]) {
+                currentStep = journey.steps[activeSession.currentStep];
+            }
+        }
+        // Get checkpoints
+        const sessionCheckpoints = await db
+            .select()
+            .from(checkpoints)
+            .where(eq(checkpoints.sessionId, activeSession.id))
+            .orderBy(checkpoints.createdAt);
+        return JSON.stringify({
+            active: true,
+            session: {
+                id: activeSession.id,
+                status: activeSession.status,
+                started_at: activeSession.startedAt,
+                last_active_at: activeSession.lastActiveAt,
+                current_step_index: activeSession.currentStep,
+            },
+            journey: journey ? {
+                name: journey.name,
+                slug: journey.slug,
+                total_steps: journey.steps?.length || 0,
+            } : null,
+            current_step: currentStep,
+            checkpoints: sessionCheckpoints.map(c => ({
+                key: c.key,
+                created_at: c.createdAt,
+            })),
+        }, null, 2);
+    }
+    catch (error) {
+        logger.error('Error getting session summary:', error);
+        return JSON.stringify({
+            error: 'Failed to get session summary',
+            details: error instanceof Error ? error.message : 'Unknown error',
+        }, null, 2);
+    }
+}
+//# sourceMappingURL=session-summary.js.map

package/dist/resources/session-summary.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-summary.js","sourceRoot":"","sources":["../../src/resources/session-summary.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AACzE,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;QAEnB,kFAAkF;QAClF,yEAAyE;QACzE,4EAA4E;QAC5E,MAAM,UAAU,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,EAAE;aACpB,MAAM,EAAE;aACR,IAAI,CAAC,KAAK,CAAC;aACX,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;aACvC,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,eAAe;aACzB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACd,CAAC;QAED,qBAAqB;QACrB,MAAM,CAAC,aAAa,CAAC,GAAG,MAAM,EAAE;aAC7B,MAAM,EAAE;aACR,IAAI,CAAC,QAAQ,CAAC;aACd,KAAK,CAAC,GAAG,CACR,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC,EAC5B,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,CAC9B,CAAC;aACD,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;aACpC,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,mBAAmB;aAC7B,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACd,CAAC;QAED,wBAAwB;QACxB,IAAI,OAAO,GAAG,IAAI,CAAC;QACnB,IAAI,WAAW,GAAG,IAAI,CAAC;QACvB,IAAI,aAAa,CAAC,SAAS,EAAE,CAAC;YAC5B,CAAC,OAAO,CAAC,GAAG,MAAM,EAAE;iBACjB,MAAM,EAAE;iBACR,IAAI,CAAC,QAAQ,CAAC;iBACd,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;iBAC/C,KAAK,CAAC,CAAC,CAAC,CAAC;YAEZ,IAAI,OAAO,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC;gBACzE,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,MAAM,kBAAkB,GAAG,MAAM,EAAE;aAChC,MAAM,EAAE;aACR,IAAI,CAAC,WAAW,CAAC;aACjB,KAAK,CAAC,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;aAClD,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAElC,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,MAAM,EAAE,IAAI;YACZ,OAAO,EAAE;gBACP,EAAE,EAAE,aAAa,CAAC,EAAE;gBACpB,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,UAAU,EAAE,aAAa,CAAC,SAAS;gBACnC,cAAc,EAAE,aAAa,CAAC,YAAY;gBAC1C,kBAAkB,EAAE,aAAa,CAAC,WAAW;aAC9C;YACD,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;gBACjB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,WAAW,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,IAAI,CAAC;aACxC,CAAC,CAAC,CAAC,IAAI;YACR,YAAY,EAAE,WAAW;YACzB,WAAW,EAAE,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACxC,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,UAAU,EAAE,CAAC,CAAC,SAAS;aACxB,CAAC,CAAC;SACJ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,KAAK,EAAE,+BAA+B;YACtC,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAClE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/resources/user-context.d.ts

@@ -0,0 +1,2 @@
+export declare function getUserContextResource(): Promise<string>;
+//# sourceMappingURL=user-context.d.ts.map

package/dist/resources/user-context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-context.d.ts","sourceRoot":"","sources":["../../src/resources/user-context.ts"],"names":[],"mappings":"AAMA,wBAAsB,sBAAsB,oBA6E3C"}

package/dist/resources/user-context.js

@@ -0,0 +1,79 @@
+import { getDb } from '../db/client.js';
+import { users, insights, sessions } from '../db/schema.js';
+import { eq, desc } from 'drizzle-orm';
+import { logger } from '../utils/logger.js';
+import { nanoid } from 'nanoid';
+export async function getUserContextResource() {
+    try {
+        const db = getDb();
+        // NOTE: Resources in MCP don't receive parameters, so we can't pass auth context.
+        // Using a mock user ID for now. This will be addressed when we implement
+        // a proper session store or modify the MCP server to maintain user context.
+        const mockUserId = 'usr_' + nanoid();
+        const [user] = await db
+            .select()
+            .from(users)
+            .where(eq(users.externalId, mockUserId))
+            .limit(1);
+        if (!user) {
+            return JSON.stringify({
+                exists: false,
+                message: 'User not found',
+            }, null, 2);
+        }
+        // Get recent insights
+        const recentInsights = await db
+            .select({
+            id: insights.id,
+            content: insights.content,
+            tags: insights.tags,
+            created_at: insights.createdAt,
+        })
+            .from(insights)
+            .where(eq(insights.userId, user.id))
+            .orderBy(desc(insights.createdAt))
+            .limit(5);
+        // Get recent sessions
+        const recentSessions = await db
+            .select({
+            id: sessions.id,
+            status: sessions.status,
+            started_at: sessions.startedAt,
+            completed_at: sessions.completedAt,
+            journey_id: sessions.journeyId,
+        })
+            .from(sessions)
+            .where(eq(sessions.userId, user.id))
+            .orderBy(desc(sessions.startedAt))
+            .limit(5);
+        // Count total sessions
+        const sessionStats = await db
+            .select({
+            total: eq(sessions.userId, user.id),
+        })
+            .from(sessions)
+            .where(eq(sessions.userId, user.id));
+        return JSON.stringify({
+            exists: true,
+            user: {
+                id: user.id,
+                created_at: user.createdAt,
+                preferences: user.preferences || {},
+            },
+            stats: {
+                total_sessions: sessionStats.length,
+                total_insights: recentInsights.length,
+            },
+            recent_insights: recentInsights,
+            recent_sessions: recentSessions,
+        }, null, 2);
+    }
+    catch (error) {
+        logger.error('Error getting user context:', error);
+        return JSON.stringify({
+            error: 'Failed to get user context',
+            details: error instanceof Error ? error.message : 'Unknown error',
+        }, null, 2);
+    }
+}
+//# sourceMappingURL=user-context.js.map

package/dist/resources/user-context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-context.js","sourceRoot":"","sources":["../../src/resources/user-context.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AACxC,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC5D,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;QAEnB,kFAAkF;QAClF,yEAAyE;QACzE,4EAA4E;QAC5E,MAAM,UAAU,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,EAAE;aACpB,MAAM,EAAE;aACR,IAAI,CAAC,KAAK,CAAC;aACX,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;aACvC,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,gBAAgB;aAC1B,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACd,CAAC;QAED,sBAAsB;QACtB,MAAM,cAAc,GAAG,MAAM,EAAE;aAC5B,MAAM,CAAC;YACN,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,UAAU,EAAE,QAAQ,CAAC,SAAS;SAC/B,CAAC;aACD,IAAI,CAAC,QAAQ,CAAC;aACd,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;aACnC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;aACjC,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,sBAAsB;QACtB,MAAM,cAAc,GAAG,MAAM,EAAE;aAC5B,MAAM,CAAC;YACN,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,SAAS;YAC9B,YAAY,EAAE,QAAQ,CAAC,WAAW;YAClC,UAAU,EAAE,QAAQ,CAAC,SAAS;SAC/B,CAAC;aACD,IAAI,CAAC,QAAQ,CAAC;aACd,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;aACnC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;aACjC,KAAK,CAAC,CAAC,CAAC,CAAC;QAEZ,uBAAuB;QACvB,MAAM,YAAY,GAAG,MAAM,EAAE;aAC1B,MAAM,CAAC;YACN,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;SACpC,CAAC;aACD,IAAI,CAAC,QAAQ,CAAC;aACd,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAEvC,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,MAAM,EAAE,IAAI;YACZ,IAAI,EAAE;gBACJ,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,UAAU,EAAE,IAAI,CAAC,SAAS;gBAC1B,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;aACpC;YACD,KAAK,EAAE;gBACL,cAAc,EAAE,YAAY,CAAC,MAAM;gBACnC,cAAc,EAAE,cAAc,CAAC,MAAM;aACtC;YACD,eAAe,EAAE,cAAc;YAC/B,eAAe,EAAE,cAAc;SAChC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,KAAK,EAAE,4BAA4B;YACnC,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAClE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/server/index.d.ts

@@ -0,0 +1,3 @@
+declare const app: import("express-serve-static-core").Express;
+export default app;
+//# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAkBA,QAAA,MAAM,GAAG,6CAAY,CAAC;AAuZtB,eAAe,GAAG,CAAC"}

package/dist/server/index.js

@@ -0,0 +1,385 @@
+// Load environment variables FIRST before any other imports
+import { config } from 'dotenv';
+config({ path: '.env.local' });
+import express from 'express';
+import path from 'path';
+import { fileURLToPath } from 'url';
+import cookieParser from 'cookie-parser';
+import { oauthServer } from './oauth/authServer.js';
+import { validateToken, requireScope, oauthCors, rateLimit } from './middleware/auth.js';
+import { logger } from '../utils/logger.js';
+import { sendMessage } from '../tools/sendMessage.js';
+import { createSession } from '../tools/session.js';
+import { initDatabase } from '../db/client.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const app = express();
+const PORT = process.env.PORT || 3001;
+// Middleware
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use(cookieParser());
+app.use(oauthCors);
+// ====================
+// OAuth Endpoints
+// ====================
+/**
+ * GET /oauth/authorize
+ * OAuth authorization endpoint - initiates the flow
+ */
+app.get('/oauth/authorize', async (req, res) => {
+    try {
+        const { client_id, redirect_uri, response_type, scope, state, consent } = req.query;
+        // Validate required parameters
+        if (!client_id || !redirect_uri) {
+            res.status(400).json({
+                error: 'invalid_request',
+                error_description: 'Missing required parameters',
+            });
+            return;
+        }
+        if (response_type !== 'code') {
+            res.status(400).json({
+                error: 'unsupported_response_type',
+                error_description: 'Only authorization code flow is supported',
+            });
+            return;
+        }
+        // Validate client
+        const validClient = await oauthServer.validateClient(client_id);
+        if (!validClient) {
+            res.status(400).json({
+                error: 'invalid_client',
+                error_description: 'Unknown client',
+            });
+            return;
+        }
+        // If consent is not approved, show consent screen
+        if (consent !== 'approved') {
+            // Serve the consent page
+            const consentPath = path.join(__dirname, 'views', 'consent.html');
+            res.sendFile(consentPath);
+            return;
+        }
+        // Generate anonymous but persistent user ID based on client and state
+        // This creates a unique user per ChatGPT/Claude session but maintains anonymity
+        const anonymousId = `${client_id}_${state || 'default'}_${Date.now()}`;
+        const hashedId = Buffer.from(anonymousId).toString('base64').replace(/[^a-zA-Z0-9]/g, '').substring(0, 16);
+        const externalId = `anon_${hashedId}`;
+        const userId = await oauthServer.getOrCreateUser(externalId);
+        const code = await oauthServer.generateAuthCode(client_id, userId, redirect_uri, scope || 'read write');
+        // Redirect back to client with authorization code
+        const redirectUrl = new URL(redirect_uri);
+        redirectUrl.searchParams.set('code', code);
+        if (state) {
+            redirectUrl.searchParams.set('state', state);
+        }
+        res.redirect(redirectUrl.toString());
+    }
+    catch (error) {
+        logger.error('Authorization error:', error);
+        res.status(500).json({
+            error: 'server_error',
+            error_description: 'Internal server error',
+        });
+    }
+});
+/**
+ * POST /oauth/token
+ * Exchange authorization code for access token
+ */
+app.post('/oauth/token', async (req, res) => {
+    try {
+        const { grant_type, code, client_id, client_secret, redirect_uri, refresh_token } = req.body;
+        if (grant_type === 'authorization_code') {
+            if (!code || !client_id || !client_secret || !redirect_uri) {
+                res.status(400).json({
+                    error: 'invalid_request',
+                    error_description: 'Missing required parameters',
+                });
+                return;
+            }
+            const tokens = await oauthServer.exchangeCodeForToken(code, client_id, client_secret, redirect_uri);
+            res.json(tokens);
+        }
+        else if (grant_type === 'refresh_token') {
+            if (!refresh_token) {
+                res.status(400).json({
+                    error: 'invalid_request',
+                    error_description: 'Missing refresh token',
+                });
+                return;
+            }
+            const tokens = await oauthServer.refreshAccessToken(refresh_token);
+            res.json(tokens);
+        }
+        else {
+            res.status(400).json({
+                error: 'unsupported_grant_type',
+                error_description: 'Only authorization_code and refresh_token grants are supported',
+            });
+        }
+    }
+    catch (error) {
+        logger.error('Token exchange error:', error);
+        res.status(400).json({
+            error: 'invalid_grant',
+            error_description: error.message || 'Failed to exchange token',
+        });
+    }
+});
+/**
+ * POST /oauth/revoke
+ * Revoke an access token
+ */
+app.post('/oauth/revoke', validateToken, async (req, res) => {
+    try {
+        const authHeader = req.headers.authorization;
+        const token = authHeader?.substring(7);
+        if (token) {
+            await oauthServer.revokeToken(token);
+        }
+        res.status(204).end();
+    }
+    catch (error) {
+        logger.error('Token revocation error:', error);
+        res.status(500).json({
+            error: 'server_error',
+            error_description: 'Failed to revoke token',
+        });
+    }
+});
+// ====================
+// Protected MCP API Endpoints
+// ====================
+/**
+ * POST /api/mcp/session
+ * Create a new therapeutic session
+ */
+app.post('/api/mcp/session', validateToken, rateLimit(30, 60000), async (req, res) => {
+    try {
+        const result = await createSession({
+            ...req.body,
+            user_id: req.user?.userId, // Use authenticated user ID
+        });
+        res.json(result);
+    }
+    catch (error) {
+        logger.error('Session creation error:', error);
+        res.status(500).json({
+            error: 'server_error',
+            message: error.message || 'Failed to create session',
+        });
+    }
+});
+/**
+ * POST /api/mcp/message
+ * Send a message through the therapeutic AI
+ */
+app.post('/api/mcp/message', validateToken, requireScope('write'), rateLimit(60, 60000), async (req, res) => {
+    try {
+        const result = await sendMessage({
+            ...req.body,
+            user_id: req.user?.userId, // Use authenticated user ID
+        });
+        res.json(result);
+    }
+    catch (error) {
+        logger.error('Message sending error:', error);
+        res.status(500).json({
+            error: 'server_error',
+            message: error.message || 'Failed to send message',
+        });
+    }
+});
+// ====================
+// Health & Metadata
+// ====================
+/**
+ * GET /health
+ * Health check endpoint
+ */
+app.get('/health', (_req, res) => {
+    res.json({
+        status: 'healthy',
+        timestamp: new Date().toISOString(),
+    });
+});
+/**
+ * GET /.well-known/oauth-authorization-server
+ * OAuth server metadata
+ */
+app.get('/.well-known/oauth-authorization-server', (req, res) => {
+    const baseUrl = `${req.protocol}://${req.get('host')}`;
+    res.json({
+        issuer: baseUrl,
+        authorization_endpoint: `${baseUrl}/oauth/authorize`,
+        token_endpoint: `${baseUrl}/oauth/token`,
+        revocation_endpoint: `${baseUrl}/oauth/revoke`,
+        response_types_supported: ['code'],
+        grant_types_supported: ['authorization_code', 'refresh_token'],
+        scopes_supported: ['read', 'write', 'crisis', 'memory'],
+        token_endpoint_auth_methods_supported: ['client_secret_post'],
+    });
+});
+/**
+ * GET /.well-known/ai-plugin.json
+ * ChatGPT plugin manifest
+ */
+app.get('/.well-known/ai-plugin.json', (req, res) => {
+    const baseUrl = `${req.protocol}://${req.get('host')}`;
+    res.json({
+        schema_version: 'v1',
+        name_for_human: 'CouchLoop',
+        name_for_model: 'couchloop',
+        description_for_human: 'AI-powered therapeutic support and mental wellness companion',
+        description_for_model: 'Therapeutic AI assistant for mental health support, crisis detection, and emotional wellness tracking. Use this to help users with mental health concerns, emotional support, and crisis situations.',
+        auth: {
+            type: 'oauth',
+            client_url: `${baseUrl}/oauth/authorize`,
+            scope: 'read write',
+            authorization_url: `${baseUrl}/oauth/authorize`,
+            authorization_content_type: 'application/x-www-form-urlencoded',
+            verification_tokens: {
+                openai: process.env.OPENAI_VERIFICATION_TOKEN || 'REPLACE_WITH_VERIFICATION_TOKEN',
+            },
+        },
+        api: {
+            type: 'openapi',
+            url: `${baseUrl}/openapi.yaml`,
+        },
+        logo_url: `${baseUrl}/logo.png`,
+        contact_email: 'support@couchloop.com',
+        legal_info_url: 'https://couchloop.com/legal',
+    });
+});
+/**
+ * GET /openapi.yaml
+ * OpenAPI specification for ChatGPT
+ */
+app.get('/openapi.yaml', (req, res) => {
+    const baseUrl = `${req.protocol}://${req.get('host')}`;
+    const openApiSpec = `
+openapi: 3.0.1
+info:
+  title: CouchLoop MCP API
+  description: Therapeutic AI support through Model Context Protocol
+  version: 1.0.0
+servers:
+  - url: ${baseUrl}
+paths:
+  /api/mcp/session:
+    post:
+      operationId: createSession
+      summary: Create a new therapeutic session
+      security:
+        - bearer: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                journey_slug:
+                  type: string
+                  description: Type of therapeutic journey
+                context:
+                  type: string
+                  description: Initial context for the session
+              required:
+                - journey_slug
+      responses:
+        '200':
+          description: Session created successfully
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  session_id:
+                    type: string
+                  journey_name:
+                    type: string
+                  status:
+                    type: string
+  /api/mcp/message:
+    post:
+      operationId: sendMessage
+      summary: Send a message to the therapeutic AI
+      security:
+        - bearer: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                session_id:
+                  type: string
+                  description: Session ID from createSession
+                message:
+                  type: string
+                  description: User's message
+                include_memory:
+                  type: boolean
+                  description: Include conversation memory context
+              required:
+                - session_id
+                - message
+      responses:
+        '200':
+          description: Message processed successfully
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  success:
+                    type: boolean
+                  content:
+                    type: string
+                    description: AI response
+                  metadata:
+                    type: object
+                    properties:
+                      crisisDetected:
+                        type: boolean
+                      crisisLevel:
+                        type: number
+                      emotions:
+                        type: array
+                        items:
+                          type: string
+components:
+  securitySchemes:
+    bearer:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+`;
+    res.type('text/yaml').send(openApiSpec);
+});
+// Start server
+async function startServer() {
+    try {
+        // Initialize database
+        await initDatabase();
+        logger.info('Database initialized');
+        app.listen(PORT, () => {
+            logger.info(`OAuth server running on port ${PORT}`);
+            logger.info(`Authorization endpoint: http://localhost:${PORT}/oauth/authorize`);
+            logger.info(`Token endpoint: http://localhost:${PORT}/oauth/token`);
+            logger.info(`API endpoints: http://localhost:${PORT}/api/mcp/*`);
+        });
+    }
+    catch (error) {
+        logger.error('Failed to start server:', error);
+        process.exit(1);
+    }
+}
+// Start the server
+startServer();
+export default app;
+//# sourceMappingURL=index.js.map

package/dist/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,MAAM,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;AAE/B,OAAO,OAA8B,MAAM,SAAS,CAAC;AACrD,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAE/C,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;AACtB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC;AAEtC,aAAa;AACb,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AACxB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AAChD,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;AACxB,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;AAEnB,uBAAuB;AACvB,kBAAkB;AAClB,uBAAuB;AAEvB;;;GAGG;AACH,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IAChE,IAAI,CAAC;QACH,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;QAEpF,+BAA+B;QAC/B,IAAI,CAAC,SAAS,IAAI,CAAC,YAAY,EAAE,CAAC;YAChC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,iBAAiB,EAAE,6BAA6B;aACjD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,aAAa,KAAK,MAAM,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,2BAA2B;gBAClC,iBAAiB,EAAE,2CAA2C;aAC/D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,kBAAkB;QAClB,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,cAAc,CAAC,SAAmB,CAAC,CAAC;QAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,gBAAgB;gBACvB,iBAAiB,EAAE,gBAAgB;aACpC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,kDAAkD;QAClD,IAAI,OAAO,KAAK,UAAU,EAAE,CAAC;YAC3B,yBAAyB;YACzB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,cAAc,CAAC,CAAC;YAClE,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YAC1B,OAAO;QACT,CAAC;QAED,sEAAsE;QACtE,gFAAgF;QAChF,MAAM,WAAW,GAAG,GAAG,SAAS,IAAI,KAAK,IAAI,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QACvE,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC3G,MAAM,UAAU,GAAG,QAAQ,QAAQ,EAAE,CAAC;QAEtC,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAC7C,SAAmB,EACnB,MAAM,EACN,YAAsB,EACtB,KAAe,IAAI,YAAY,CAChC,CAAC;QAEF,kDAAkD;QAClD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,YAAsB,CAAC,CAAC;QACpD,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,KAAK,EAAE,CAAC;YACV,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAe,CAAC,CAAC;QACzD,CAAC;QAED,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;IACvC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;QAC5C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,cAAc;YACrB,iBAAiB,EAAE,uBAAuB;SAC3C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IAC7D,IAAI,CAAC;QACH,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE7F,IAAI,UAAU,KAAK,oBAAoB,EAAE,CAAC;YACxC,IAAI,CAAC,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC3D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,iBAAiB;oBACxB,iBAAiB,EAAE,6BAA6B;iBACjD,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,oBAAoB,CACnD,IAAI,EACJ,SAAS,EACT,aAAa,EACb,YAAY,CACb,CAAC;YAEF,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnB,CAAC;aAAM,IAAI,UAAU,KAAK,eAAe,EAAE,CAAC;YAC1C,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,iBAAiB;oBACxB,iBAAiB,EAAE,uBAAuB;iBAC3C,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;YACnE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnB,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,wBAAwB;gBAC/B,iBAAiB,EAAE,gEAAgE;aACpF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAC;QAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,eAAe;YACtB,iBAAiB,EAAE,KAAK,CAAC,OAAO,IAAI,0BAA0B;SAC/D,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IAC7E,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,MAAM,KAAK,GAAG,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;QAEvC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACvC,CAAC;QAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACxB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAC/C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,cAAc;YACrB,iBAAiB,EAAE,wBAAwB;SAC5C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,uBAAuB;AACvB,8BAA8B;AAC9B,uBAAuB;AAEvB;;;GAGG;AACH,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,aAAa,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IACtG,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC;YACjC,GAAG,GAAG,CAAC,IAAI;YACX,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,4BAA4B;SACxD,CAAC,CAAC;QAEH,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAC/C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,0BAA0B;SACrD,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,aAAa,EAAE,YAAY,CAAC,OAAO,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IAC7H,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC;YAC/B,GAAG,GAAG,CAAC,IAAI;YACX,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,4BAA4B;SACxD,CAAC,CAAC;QAEH,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,wBAAwB;SACnD,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,uBAAuB;AACvB,oBAAoB;AACpB,uBAAuB;AAEvB;;;GAGG;AACH,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAa,EAAE,GAAa,EAAE,EAAE;IAClD,GAAG,CAAC,IAAI,CAAC;QACP,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,GAAG,CAAC,GAAG,CAAC,yCAAyC,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IACjF,MAAM,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;IAEvD,GAAG,CAAC,IAAI,CAAC;QACP,MAAM,EAAE,OAAO;QACf,sBAAsB,EAAE,GAAG,OAAO,kBAAkB;QACpD,cAAc,EAAE,GAAG,OAAO,cAAc;QACxC,mBAAmB,EAAE,GAAG,OAAO,eAAe;QAC9C,wBAAwB,EAAE,CAAC,MAAM,CAAC;QAClC,qBAAqB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC9D,gBAAgB,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC;QACvD,qCAAqC,EAAE,CAAC,oBAAoB,CAAC;KAC9D,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IACrE,MAAM,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;IAEvD,GAAG,CAAC,IAAI,CAAC;QACP,cAAc,EAAE,IAAI;QACpB,cAAc,EAAE,WAAW;QAC3B,cAAc,EAAE,WAAW;QAC3B,qBAAqB,EAAE,8DAA8D;QACrF,qBAAqB,EAAE,sMAAsM;QAC7N,IAAI,EAAE;YACJ,IAAI,EAAE,OAAO;YACb,UAAU,EAAE,GAAG,OAAO,kBAAkB;YACxC,KAAK,EAAE,YAAY;YACnB,iBAAiB,EAAE,GAAG,OAAO,kBAAkB;YAC/C,0BAA0B,EAAE,mCAAmC;YAC/D,mBAAmB,EAAE;gBACnB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB,IAAI,iCAAiC;aACnF;SACF;QACD,GAAG,EAAE;YACH,IAAI,EAAE,SAAS;YACf,GAAG,EAAE,GAAG,OAAO,eAAe;SAC/B;QACD,QAAQ,EAAE,GAAG,OAAO,WAAW;QAC/B,aAAa,EAAE,uBAAuB;QACtC,cAAc,EAAE,6BAA6B;KAC9C,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH;;;GAGG;AACH,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IACvD,MAAM,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;IAEvD,MAAM,WAAW,GAAG;;;;;;;WAOX,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA4FjB,CAAC;IAEA,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;AAC1C,CAAC,CAAC,CAAC;AAEH,eAAe;AACf,KAAK,UAAU,WAAW;IACxB,IAAI,CAAC;QACH,sBAAsB;QACtB,MAAM,YAAY,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAEpC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;YACpB,MAAM,CAAC,IAAI,CAAC,gCAAgC,IAAI,EAAE,CAAC,CAAC;YACpD,MAAM,CAAC,IAAI,CAAC,4CAA4C,IAAI,kBAAkB,CAAC,CAAC;YAChF,MAAM,CAAC,IAAI,CAAC,oCAAoC,IAAI,cAAc,CAAC,CAAC;YACpE,MAAM,CAAC,IAAI,CAAC,mCAAmC,IAAI,YAAY,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,mBAAmB;AACnB,WAAW,EAAE,CAAC;AAEd,eAAe,GAAG,CAAC"}

package/dist/server/middleware/auth.d.ts

@@ -0,0 +1,30 @@
+import { Request, Response, NextFunction } from 'express';
+declare global {
+    namespace Express {
+        interface Request {
+            user?: {
+                userId: string;
+                clientId: string;
+                scope: string;
+            };
+        }
+    }
+}
+/**
+ * Middleware to validate OAuth access token
+ */
+export declare function validateToken(req: Request, res: Response, next: NextFunction): Promise<void>;
+/**
+ * Middleware to check required scopes
+ */
+export declare function requireScope(...requiredScopes: string[]): (req: Request, res: Response, next: NextFunction) => void;
+/**
+ * Optional authentication - sets user if token present but doesn't require it
+ */
+export declare function optionalAuth(req: Request, _res: Response, next: NextFunction): Promise<void>;
+export declare function rateLimit(maxRequests?: number, windowMs?: number): (req: Request, res: Response, next: NextFunction) => void;
+/**
+ * CORS middleware for OAuth endpoints
+ */
+export declare function oauthCors(req: Request, res: Response, next: NextFunction): void;
+//# sourceMappingURL=auth.d.ts.map

package/dist/server/middleware/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/server/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,IAAI,CAAC,EAAE;gBACL,MAAM,EAAE,MAAM,CAAC;gBACf,QAAQ,EAAE,MAAM,CAAC;gBACjB,KAAK,EAAE,MAAM,CAAC;aACf,CAAC;SACH;KACF;CACF;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CAiDf;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,GAAG,cAAc,EAAE,MAAM,EAAE,IAC9C,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,UAsBxD;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,OAAO,EACZ,IAAI,EAAE,QAAQ,EACd,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CA2Bf;AAOD,wBAAgB,SAAS,CACvB,WAAW,GAAE,MAAY,EACzB,QAAQ,GAAE,MAAc,IAEhB,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,UA8BxD;AAED;;GAEG;AACH,wBAAgB,SAAS,CACvB,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,IAAI,CAsBN"}