ctb 1.0.0

package/src/handlers/text.ts

@@ -0,0 +1,128 @@
+/**
+ * Text message handler for Claude Telegram Bot.
+ */
+
+import type { Context } from "grammy";
+import { session } from "../session";
+import { ALLOWED_USERS } from "../config";
+import { isAuthorized, rateLimiter } from "../security";
+import {
+  auditLog,
+  auditLogRateLimit,
+  checkInterrupt,
+  startTypingIndicator,
+} from "../utils";
+import { StreamingState, createStatusCallback } from "./streaming";
+
+/**
+ * Handle incoming text messages.
+ */
+export async function handleText(ctx: Context): Promise<void> {
+  const userId = ctx.from?.id;
+  const username = ctx.from?.username || "unknown";
+  const chatId = ctx.chat?.id;
+  let message = ctx.message?.text;
+
+  if (!userId || !message || !chatId) {
+    return;
+  }
+
+  // 1. Authorization check
+  if (!isAuthorized(userId, ALLOWED_USERS)) {
+    await ctx.reply("Unauthorized. Contact the bot owner for access.");
+    return;
+  }
+
+  // 2. Check for interrupt prefix
+  message = await checkInterrupt(message);
+  if (!message.trim()) {
+    return;
+  }
+
+  // 3. Rate limit check
+  const [allowed, retryAfter] = rateLimiter.check(userId);
+  if (!allowed) {
+    await auditLogRateLimit(userId, username, retryAfter!);
+    await ctx.reply(
+      `⏳ Rate limited. Please wait ${retryAfter!.toFixed(1)} seconds.`
+    );
+    return;
+  }
+
+  // 4. Store message for retry
+  session.lastMessage = message;
+
+  // 5. Mark processing started
+  const stopProcessing = session.startProcessing();
+
+  // 6. Start typing indicator
+  const typing = startTypingIndicator(ctx);
+
+  // 7. Create streaming state and callback
+  let state = new StreamingState();
+  let statusCallback = createStatusCallback(ctx, state);
+
+  // 8. Send to Claude with retry logic for crashes
+  const MAX_RETRIES = 1;
+
+  for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+    try {
+      const response = await session.sendMessageStreaming(
+        message,
+        username,
+        userId,
+        statusCallback,
+        chatId,
+        ctx
+      );
+
+      // 9. Audit log
+      await auditLog(userId, username, "TEXT", message, response);
+      break; // Success - exit retry loop
+    } catch (error) {
+      const errorStr = String(error);
+      const isClaudeCodeCrash = errorStr.includes("exited with code");
+
+      // Clean up any partial messages from this attempt
+      for (const toolMsg of state.toolMessages) {
+        try {
+          await ctx.api.deleteMessage(toolMsg.chat.id, toolMsg.message_id);
+        } catch {
+          // Ignore cleanup errors
+        }
+      }
+
+      // Retry on Claude Code crash (not user cancellation)
+      if (isClaudeCodeCrash && attempt < MAX_RETRIES) {
+        console.log(
+          `Claude Code crashed, retrying (attempt ${attempt + 2}/${MAX_RETRIES + 1})...`
+        );
+        await session.kill(); // Clear corrupted session
+        await ctx.reply(`⚠️ Claude crashed, retrying...`);
+        // Reset state for retry
+        state = new StreamingState();
+        statusCallback = createStatusCallback(ctx, state);
+        continue;
+      }
+
+      // Final attempt failed or non-retryable error
+      console.error("Error processing message:", error);
+
+      // Check if it was a cancellation
+      if (errorStr.includes("abort") || errorStr.includes("cancel")) {
+        // Only show "Query stopped" if it was an explicit stop, not an interrupt from a new message
+        const wasInterrupt = session.consumeInterruptFlag();
+        if (!wasInterrupt) {
+          await ctx.reply("🛑 Query stopped.");
+        }
+      } else {
+        await ctx.reply(`❌ Error: ${errorStr.slice(0, 200)}`);
+      }
+      break; // Exit loop after handling error
+    }
+  }
+
+  // 10. Cleanup
+  stopProcessing();
+  typing.stop();
+}

package/src/handlers/voice.ts

@@ -0,0 +1,138 @@
+/**
+ * Voice message handler for Claude Telegram Bot.
+ */
+
+import { unlinkSync } from "node:fs";
+import type { Context } from "grammy";
+import { ALLOWED_USERS, TEMP_DIR, TRANSCRIPTION_AVAILABLE } from "../config";
+import { isAuthorized, rateLimiter } from "../security";
+import { session } from "../session";
+import {
+	auditLog,
+	auditLogRateLimit,
+	startTypingIndicator,
+	transcribeVoice,
+} from "../utils";
+import { createStatusCallback, StreamingState } from "./streaming";
+
+/**
+ * Handle incoming voice messages.
+ */
+export async function handleVoice(ctx: Context): Promise<void> {
+	const userId = ctx.from?.id;
+	const username = ctx.from?.username || "unknown";
+	const chatId = ctx.chat?.id;
+	const voice = ctx.message?.voice;
+
+	if (!userId || !voice || !chatId) {
+		return;
+	}
+
+	// 1. Authorization check
+	if (!isAuthorized(userId, ALLOWED_USERS)) {
+		await ctx.reply("Unauthorized. Contact the bot owner for access.");
+		return;
+	}
+
+	// 2. Check if transcription is available
+	if (!TRANSCRIPTION_AVAILABLE) {
+		await ctx.reply(
+			"Voice transcription is not configured. Set OPENAI_API_KEY in .env",
+		);
+		return;
+	}
+
+	// 3. Rate limit check
+	const [allowed, retryAfter] = rateLimiter.check(userId);
+	if (!allowed && retryAfter !== undefined) {
+		await auditLogRateLimit(userId, username, retryAfter);
+		await ctx.reply(
+			`⏳ Rate limited. Please wait ${retryAfter.toFixed(1)} seconds.`,
+		);
+		return;
+	}
+
+	// 4. Mark processing started (allows /stop to work during transcription/classification)
+	const stopProcessing = session.startProcessing();
+
+	// 5. Start typing indicator for transcription
+	const typing = startTypingIndicator(ctx);
+
+	let voicePath: string | null = null;
+
+	try {
+		// 6. Download voice file
+		const file = await ctx.getFile();
+		const timestamp = Date.now();
+		voicePath = `${TEMP_DIR}/voice_${timestamp}.ogg`;
+
+		// Download the file
+		const downloadRes = await fetch(
+			`https://api.telegram.org/file/bot${ctx.api.token}/${file.file_path}`,
+		);
+		const buffer = await downloadRes.arrayBuffer();
+		await Bun.write(voicePath, buffer);
+
+		// 7. Transcribe
+		const statusMsg = await ctx.reply("🎤 Transcribing...");
+
+		const transcript = await transcribeVoice(voicePath);
+		if (!transcript) {
+			await ctx.api.editMessageText(
+				chatId,
+				statusMsg.message_id,
+				"❌ Transcription failed.",
+			);
+			stopProcessing();
+			return;
+		}
+
+		// 8. Show transcript
+		await ctx.api.editMessageText(
+			chatId,
+			statusMsg.message_id,
+			`🎤 "${transcript}"`,
+		);
+
+		// 9. Create streaming state and callback
+		const state = new StreamingState();
+		const statusCallback = createStatusCallback(ctx, state);
+
+		// 10. Send to Claude
+		const claudeResponse = await session.sendMessageStreaming(
+			transcript,
+			username,
+			userId,
+			statusCallback,
+			chatId,
+			ctx,
+		);
+
+		// 11. Audit log
+		await auditLog(userId, username, "VOICE", transcript, claudeResponse);
+	} catch (error) {
+		console.error("Error processing voice:", error);
+
+		if (String(error).includes("abort") || String(error).includes("cancel")) {
+			// Only show "Query stopped" if it was an explicit stop, not an interrupt from a new message
+			const wasInterrupt = session.consumeInterruptFlag();
+			if (!wasInterrupt) {
+				await ctx.reply("🛑 Query stopped.");
+			}
+		} else {
+			await ctx.reply(`❌ Error: ${String(error).slice(0, 200)}`);
+		}
+	} finally {
+		stopProcessing();
+		typing.stop();
+
+		// Clean up voice file
+		if (voicePath) {
+			try {
+				unlinkSync(voicePath);
+			} catch (error) {
+				console.debug("Failed to delete voice file:", error);
+			}
+		}
+	}
+}

package/src/index.ts

@@ -0,0 +1,150 @@
+/**
+ * Claude Telegram Bot - TypeScript/Bun Edition
+ *
+ * Control Claude Code from your phone via Telegram.
+ */
+
+import { existsSync, readFileSync, unlinkSync } from "node:fs";
+import { run, sequentialize } from "@grammyjs/runner";
+import { Bot } from "grammy";
+import {
+	ALLOWED_USERS,
+	RESTART_FILE,
+	TELEGRAM_TOKEN,
+	WORKING_DIR,
+} from "./config";
+import {
+	handleBookmarks,
+	handleCallback,
+	handleCd,
+	handleDocument,
+	handleNew,
+	handlePhoto,
+	handleRestart,
+	handleResume,
+	handleRetry,
+	handleStart,
+	handleStatus,
+	handleStop,
+	handleText,
+	handleVoice,
+} from "./handlers";
+
+// Create bot instance
+const bot = new Bot(TELEGRAM_TOKEN);
+
+// Sequentialize non-command messages per user (prevents race conditions)
+// Commands bypass sequentialization so they work immediately
+bot.use(
+	sequentialize((ctx) => {
+		// Commands are not sequentialized - they work immediately
+		if (ctx.message?.text?.startsWith("/")) {
+			return undefined;
+		}
+		// Messages with ! prefix bypass queue (interrupt)
+		if (ctx.message?.text?.startsWith("!")) {
+			return undefined;
+		}
+		// Callback queries (button clicks) are not sequentialized
+		if (ctx.callbackQuery) {
+			return undefined;
+		}
+		// Other messages are sequentialized per chat
+		return ctx.chat?.id.toString();
+	}),
+);
+
+// ============== Command Handlers ==============
+
+bot.command("start", handleStart);
+bot.command("new", handleNew);
+bot.command("stop", handleStop);
+bot.command("status", handleStatus);
+bot.command("resume", handleResume);
+bot.command("restart", handleRestart);
+bot.command("retry", handleRetry);
+bot.command("cd", handleCd);
+bot.command("bookmarks", handleBookmarks);
+
+// ============== Message Handlers ==============
+
+// Text messages
+bot.on("message:text", handleText);
+
+// Voice messages
+bot.on("message:voice", handleVoice);
+
+// Photo messages
+bot.on("message:photo", handlePhoto);
+
+// Document messages
+bot.on("message:document", handleDocument);
+
+// ============== Callback Queries ==============
+
+bot.on("callback_query:data", handleCallback);
+
+// ============== Error Handler ==============
+
+bot.catch((err) => {
+	console.error("Bot error:", err);
+});
+
+// ============== Startup ==============
+
+console.log("=".repeat(50));
+console.log("Claude Telegram Bot - TypeScript Edition");
+console.log("=".repeat(50));
+console.log(`Working directory: ${WORKING_DIR}`);
+console.log(`Allowed users: ${ALLOWED_USERS.length}`);
+console.log("Starting bot...");
+
+// Get bot info first
+const botInfo = await bot.api.getMe();
+console.log(`Bot started: @${botInfo.username}`);
+
+// Check for pending restart message to update
+if (existsSync(RESTART_FILE)) {
+	try {
+		const data = JSON.parse(readFileSync(RESTART_FILE, "utf-8"));
+		const age = Date.now() - data.timestamp;
+
+		// Only update if restart was recent (within 30 seconds)
+		if (age < 30000 && data.chat_id && data.message_id) {
+			await bot.api.editMessageText(
+				data.chat_id,
+				data.message_id,
+				"✅ Bot restarted",
+			);
+		}
+		unlinkSync(RESTART_FILE);
+	} catch (e) {
+		console.warn("Failed to update restart message:", e);
+		try {
+			unlinkSync(RESTART_FILE);
+		} catch {}
+	}
+}
+
+// Start with concurrent runner (commands work immediately)
+const runner = run(bot);
+
+// Graceful shutdown
+const stopRunner = () => {
+	if (runner.isRunning()) {
+		console.log("Stopping bot...");
+		runner.stop();
+	}
+};
+
+process.on("SIGINT", () => {
+	console.log("Received SIGINT");
+	stopRunner();
+	process.exit(0);
+});
+
+process.on("SIGTERM", () => {
+	console.log("Received SIGTERM");
+	stopRunner();
+	process.exit(0);
+});

package/src/security.ts

@@ -0,0 +1,209 @@
+/**
+ * Security module for Claude Telegram Bot.
+ *
+ * Rate limiting, path validation, command safety.
+ */
+
+import { realpathSync } from "fs";
+import { normalize, resolve } from "path";
+import {
+	ALLOWED_PATHS,
+	BLOCKED_PATTERNS,
+	RATE_LIMIT_ENABLED,
+	RATE_LIMIT_REQUESTS,
+	RATE_LIMIT_WINDOW,
+	TEMP_PATHS,
+} from "./config";
+import type { RateLimitBucket } from "./types";
+
+// ============== Rate Limiter ==============
+
+// Bucket expiration time (1 hour) - prevents unbounded memory growth
+const BUCKET_EXPIRATION_MS = 60 * 60 * 1000;
+// Cleanup interval (10 minutes)
+const CLEANUP_INTERVAL_MS = 10 * 60 * 1000;
+
+class RateLimiter {
+	private buckets = new Map<number, RateLimitBucket>();
+	private maxTokens: number;
+	private refillRate: number; // tokens per second
+	private cleanupTimer: ReturnType<typeof setInterval> | null = null;
+
+	constructor() {
+		this.maxTokens = RATE_LIMIT_REQUESTS;
+		this.refillRate = RATE_LIMIT_REQUESTS / RATE_LIMIT_WINDOW;
+
+		// Start periodic cleanup
+		this.startCleanup();
+	}
+
+	/**
+	 * Start periodic cleanup of expired buckets.
+	 */
+	private startCleanup(): void {
+		this.cleanupTimer = setInterval(() => {
+			this.cleanupExpiredBuckets();
+		}, CLEANUP_INTERVAL_MS);
+
+		// Don't prevent process from exiting
+		if (this.cleanupTimer.unref) {
+			this.cleanupTimer.unref();
+		}
+	}
+
+	/**
+	 * Remove buckets that haven't been used recently.
+	 */
+	private cleanupExpiredBuckets(): void {
+		const now = Date.now();
+		let removed = 0;
+
+		for (const [userId, bucket] of this.buckets) {
+			if (now - bucket.lastUpdate > BUCKET_EXPIRATION_MS) {
+				this.buckets.delete(userId);
+				removed++;
+			}
+		}
+
+		if (removed > 0) {
+			console.debug(`Rate limiter cleanup: removed ${removed} expired buckets`);
+		}
+	}
+
+	check(userId: number): [allowed: boolean, retryAfter?: number] {
+		if (!RATE_LIMIT_ENABLED) {
+			return [true];
+		}
+
+		const now = Date.now();
+		let bucket = this.buckets.get(userId);
+
+		if (!bucket) {
+			bucket = { tokens: this.maxTokens, lastUpdate: now };
+			this.buckets.set(userId, bucket);
+		}
+
+		// Refill tokens based on time elapsed
+		const elapsed = (now - bucket.lastUpdate) / 1000;
+		bucket.tokens = Math.min(
+			this.maxTokens,
+			bucket.tokens + elapsed * this.refillRate,
+		);
+		bucket.lastUpdate = now;
+
+		if (bucket.tokens >= 1) {
+			bucket.tokens -= 1;
+			return [true];
+		}
+
+		// Calculate time until next token
+		const retryAfter = (1 - bucket.tokens) / this.refillRate;
+		return [false, retryAfter];
+	}
+
+	getStatus(userId: number): {
+		tokens: number;
+		max: number;
+		refillRate: number;
+	} {
+		const bucket = this.buckets.get(userId);
+		return {
+			tokens: bucket?.tokens ?? this.maxTokens,
+			max: this.maxTokens,
+			refillRate: this.refillRate,
+		};
+	}
+}
+
+export const rateLimiter = new RateLimiter();
+
+// ============== Path Validation ==============
+
+export function isPathAllowed(path: string): boolean {
+	try {
+		// Expand ~ and resolve to absolute path
+		const expanded = path.replace(/^~/, process.env.HOME || "");
+		const normalized = normalize(expanded);
+
+		// Try to resolve symlinks (may fail if path doesn't exist yet)
+		let resolved: string;
+		try {
+			resolved = realpathSync(normalized);
+		} catch {
+			resolved = resolve(normalized);
+		}
+
+		// Always allow temp paths (for bot's own files)
+		for (const tempPath of TEMP_PATHS) {
+			if (resolved.startsWith(tempPath)) {
+				return true;
+			}
+		}
+
+		// Check against allowed paths using proper containment
+		for (const allowed of ALLOWED_PATHS) {
+			const allowedResolved = resolve(allowed);
+			if (
+				resolved === allowedResolved ||
+				resolved.startsWith(allowedResolved + "/")
+			) {
+				return true;
+			}
+		}
+
+		return false;
+	} catch {
+		return false;
+	}
+}
+
+// ============== Command Safety ==============
+
+export function checkCommandSafety(
+	command: string,
+): [safe: boolean, reason: string] {
+	const lowerCommand = command.toLowerCase();
+
+	// Check blocked patterns
+	for (const pattern of BLOCKED_PATTERNS) {
+		if (lowerCommand.includes(pattern.toLowerCase())) {
+			return [false, `Blocked pattern: ${pattern}`];
+		}
+	}
+
+	// Special handling for rm commands - validate paths
+	if (lowerCommand.includes("rm ")) {
+		try {
+			// Simple parsing: extract arguments after rm
+			const rmMatch = command.match(/rm\s+(.+)/i);
+			if (rmMatch) {
+				const args = rmMatch[1]!.split(/\s+/);
+				for (const arg of args) {
+					// Skip flags
+					if (arg.startsWith("-") || arg.length <= 1) continue;
+
+					// Check if path is allowed
+					if (!isPathAllowed(arg)) {
+						return [false, `rm target outside allowed paths: ${arg}`];
+					}
+				}
+			}
+		} catch {
+			// If parsing fails, be cautious
+			return [false, "Could not parse rm command for safety check"];
+		}
+	}
+
+	return [true, ""];
+}
+
+// ============== Authorization ==============
+
+export function isAuthorized(
+	userId: number | undefined,
+	allowedUsers: number[],
+): boolean {
+	if (!userId) return false;
+	if (allowedUsers.length === 0) return false;
+	return allowedUsers.includes(userId);
+}