ctb 1.0.0

package/src/session.ts

@@ -0,0 +1,565 @@
+/**
+ * Session management for Claude Telegram Bot.
+ *
+ * ClaudeSession class manages Claude Code sessions using the Agent SDK V1.
+ * V1 supports full options (cwd, mcpServers, settingSources, etc.)
+ */
+
+import { readFileSync } from "node:fs";
+import {
+	type Options,
+	query,
+	type SDKMessage,
+} from "@anthropic-ai/claude-agent-sdk";
+import type { Context } from "grammy";
+import {
+	ALLOWED_PATHS,
+	MCP_SERVERS,
+	QUERY_TIMEOUT_MS,
+	SAFETY_PROMPT,
+	SESSION_FILE,
+	STREAMING_THROTTLE_MS,
+	TEMP_PATHS,
+	THINKING_DEEP_KEYWORDS,
+	THINKING_KEYWORDS,
+	WORKING_DIR,
+} from "./config";
+import { formatToolStatus } from "./formatting";
+import { checkPendingAskUserRequests } from "./handlers/streaming";
+import { checkCommandSafety, isPathAllowed } from "./security";
+import type { SessionData, StatusCallback, TokenUsage } from "./types";
+
+/**
+ * Determine thinking token budget based on message keywords.
+ */
+function getThinkingLevel(message: string): number {
+	const msgLower = message.toLowerCase();
+
+	// Check deep thinking triggers first (more specific)
+	if (THINKING_DEEP_KEYWORDS.some((k) => msgLower.includes(k))) {
+		return 50000;
+	}
+
+	// Check normal thinking triggers
+	if (THINKING_KEYWORDS.some((k) => msgLower.includes(k))) {
+		return 10000;
+	}
+
+	// Default: no thinking
+	return 0;
+}
+
+/**
+ * Extract text content from SDK message.
+ * Note: Currently unused but kept for potential future use.
+ */
+function _getTextFromMessage(msg: SDKMessage): string | null {
+	if (msg.type !== "assistant") return null;
+
+	const textParts: string[] = [];
+	for (const block of msg.message.content) {
+		if (block.type === "text") {
+			textParts.push(block.text);
+		}
+	}
+	return textParts.length > 0 ? textParts.join("") : null;
+}
+
+/**
+ * Manages Claude Code sessions using the Agent SDK V1.
+ */
+class ClaudeSession {
+	sessionId: string | null = null;
+	lastActivity: Date | null = null;
+	queryStarted: Date | null = null;
+	currentTool: string | null = null;
+	lastTool: string | null = null;
+	lastError: string | null = null;
+	lastErrorTime: Date | null = null;
+	lastUsage: TokenUsage | null = null;
+	lastMessage: string | null = null;
+
+	// Mutable working directory (can be changed with /cd)
+	private _workingDir: string = WORKING_DIR;
+
+	private abortController: AbortController | null = null;
+	private isQueryRunning = false;
+	private stopRequested = false;
+	private _isProcessing = false;
+	private _wasInterruptedByNewMessage = false;
+
+	get workingDir(): string {
+		return this._workingDir;
+	}
+
+	/**
+	 * Change the working directory for future sessions.
+	 * Clears the current session since directory changed.
+	 */
+	setWorkingDir(dir: string): void {
+		this._workingDir = dir;
+		// Clear session when changing directory
+		this.sessionId = null;
+		console.log(`Working directory changed to: ${dir}`);
+	}
+
+	get isActive(): boolean {
+		return this.sessionId !== null;
+	}
+
+	get isRunning(): boolean {
+		return this.isQueryRunning || this._isProcessing;
+	}
+
+	/**
+	 * Check if the last stop was triggered by a new message interrupt (! prefix).
+	 * Resets the flag when called. Also clears stopRequested so new messages can proceed.
+	 */
+	consumeInterruptFlag(): boolean {
+		const was = this._wasInterruptedByNewMessage;
+		this._wasInterruptedByNewMessage = false;
+		if (was) {
+			// Clear stopRequested so the new message can proceed
+			this.stopRequested = false;
+		}
+		return was;
+	}
+
+	/**
+	 * Mark that this stop is from a new message interrupt.
+	 */
+	markInterrupt(): void {
+		this._wasInterruptedByNewMessage = true;
+	}
+
+	/**
+	 * Clear the stopRequested flag (used after interrupt to allow new message to proceed).
+	 */
+	clearStopRequested(): void {
+		this.stopRequested = false;
+	}
+
+	/**
+	 * Mark processing as started.
+	 * Returns a cleanup function to call when done.
+	 */
+	startProcessing(): () => void {
+		this._isProcessing = true;
+		return () => {
+			this._isProcessing = false;
+		};
+	}
+
+	/**
+	 * Stop the currently running query or mark for cancellation.
+	 * Returns: "stopped" if query was aborted, "pending" if processing will be cancelled, false if nothing running
+	 */
+	async stop(): Promise<"stopped" | "pending" | false> {
+		// If a query is actively running, abort it
+		if (this.isQueryRunning && this.abortController) {
+			this.stopRequested = true;
+			this.abortController.abort();
+			console.log("Stop requested - aborting current query");
+			return "stopped";
+		}
+
+		// If processing but query not started yet
+		if (this._isProcessing) {
+			this.stopRequested = true;
+			console.log("Stop requested - will cancel before query starts");
+			return "pending";
+		}
+
+		return false;
+	}
+
+	/**
+	 * Send a message to Claude with streaming updates via callback.
+	 *
+	 * @param ctx - grammY context for ask_user button display
+	 */
+	async sendMessageStreaming(
+		message: string,
+		username: string,
+		userId: number,
+		statusCallback: StatusCallback,
+		chatId?: number,
+		ctx?: Context,
+	): Promise<string> {
+		// Set chat context for ask_user MCP tool
+		if (chatId) {
+			process.env.TELEGRAM_CHAT_ID = String(chatId);
+		}
+
+		const isNewSession = !this.isActive;
+		const thinkingTokens = getThinkingLevel(message);
+		const thinkingLabel =
+			{ 0: "off", 10000: "normal", 50000: "deep" }[thinkingTokens] ||
+			String(thinkingTokens);
+
+		// Inject current date/time at session start so Claude doesn't need to call a tool for it
+		let messageToSend = message;
+		if (isNewSession) {
+			const now = new Date();
+			const datePrefix = `[Current date/time: ${now.toLocaleDateString(
+				"en-US",
+				{
+					weekday: "long",
+					year: "numeric",
+					month: "long",
+					day: "numeric",
+					hour: "2-digit",
+					minute: "2-digit",
+					timeZoneName: "short",
+				},
+			)}]\n\n`;
+			messageToSend = datePrefix + message;
+		}
+
+		// Build SDK V1 options - supports all features
+		const options: Options = {
+			model: "claude-sonnet-4-5",
+			cwd: this._workingDir,
+			settingSources: ["user", "project"],
+			permissionMode: "bypassPermissions",
+			allowDangerouslySkipPermissions: true,
+			systemPrompt: SAFETY_PROMPT,
+			mcpServers: MCP_SERVERS,
+			maxThinkingTokens: thinkingTokens,
+			additionalDirectories: ALLOWED_PATHS,
+			resume: this.sessionId || undefined,
+		};
+
+		// Add Claude Code executable path if set (required for standalone builds)
+		if (process.env.CLAUDE_CODE_PATH) {
+			options.pathToClaudeCodeExecutable = process.env.CLAUDE_CODE_PATH;
+		}
+
+		if (this.sessionId && !isNewSession) {
+			console.log(
+				`RESUMING session ${this.sessionId.slice(
+					0,
+					8,
+				)}... (thinking=${thinkingLabel})`,
+			);
+		} else {
+			console.log(`STARTING new Claude session (thinking=${thinkingLabel})`);
+			this.sessionId = null;
+		}
+
+		// Check if stop was requested during processing phase
+		if (this.stopRequested) {
+			console.log(
+				"Query cancelled before starting (stop was requested during processing)",
+			);
+			this.stopRequested = false;
+			throw new Error("Query cancelled");
+		}
+
+		// Create abort controller for cancellation
+		this.abortController = new AbortController();
+		this.isQueryRunning = true;
+		this.stopRequested = false;
+		this.queryStarted = new Date();
+		this.currentTool = null;
+
+		// Response tracking
+		const responseParts: string[] = [];
+		let currentSegmentId = 0;
+		let currentSegmentText = "";
+		let lastTextUpdate = 0;
+		let queryCompleted = false;
+		let askUserTriggered = false;
+
+		try {
+			// Use V1 query() API - supports all options including cwd, mcpServers, etc.
+			const queryInstance = query({
+				prompt: messageToSend,
+				options: {
+					...options,
+					abortController: this.abortController,
+				},
+			});
+
+			// Process streaming response
+			for await (const event of queryInstance) {
+				// Check for abort
+				if (this.stopRequested) {
+					console.log("Query aborted by user");
+					break;
+				}
+
+				// Check for timeout
+				const elapsed = this.queryStarted
+					? Date.now() - this.queryStarted.getTime()
+					: 0;
+				if (elapsed > QUERY_TIMEOUT_MS) {
+					console.warn(`Query timeout after ${elapsed}ms`);
+					this.abortController?.abort();
+					throw new Error(
+						`Query timeout (${Math.round(elapsed / 1000)}s > ${Math.round(QUERY_TIMEOUT_MS / 1000)}s limit)`,
+					);
+				}
+
+				// Capture session_id from first message
+				if (!this.sessionId && event.session_id) {
+					this.sessionId = event.session_id;
+					console.log(`GOT session_id: ${this.sessionId.slice(0, 8)}...`);
+					this.saveSession();
+				}
+
+				// Handle different message types
+				if (event.type === "assistant") {
+					for (const block of event.message.content) {
+						// Thinking blocks
+						if (block.type === "thinking") {
+							const thinkingText = block.thinking;
+							if (thinkingText) {
+								console.log(`THINKING BLOCK: ${thinkingText.slice(0, 100)}...`);
+								await statusCallback("thinking", thinkingText);
+							}
+						}
+
+						// Tool use blocks
+						if (block.type === "tool_use") {
+							const toolName = block.name;
+							const toolInput = block.input as Record<string, unknown>;
+
+							// Safety check for Bash commands
+							if (toolName === "Bash") {
+								const command = String(toolInput.command || "");
+								const [isSafe, reason] = checkCommandSafety(command);
+								if (!isSafe) {
+									console.warn(`BLOCKED: ${reason}`);
+									await statusCallback("tool", `BLOCKED: ${reason}`);
+									throw new Error(`Unsafe command blocked: ${reason}`);
+								}
+							}
+
+							// Safety check for file operations
+							if (["Read", "Write", "Edit"].includes(toolName)) {
+								const filePath = String(toolInput.file_path || "");
+								if (filePath) {
+									// Allow reads from temp paths and .claude directories
+									const isTmpRead =
+										toolName === "Read" &&
+										(TEMP_PATHS.some((p) => filePath.startsWith(p)) ||
+											filePath.includes("/.claude/"));
+
+									if (!isTmpRead && !isPathAllowed(filePath)) {
+										console.warn(
+											`BLOCKED: File access outside allowed paths: ${filePath}`,
+										);
+										await statusCallback("tool", `Access denied: ${filePath}`);
+										throw new Error(`File access blocked: ${filePath}`);
+									}
+								}
+							}
+
+							// Segment ends when tool starts
+							if (currentSegmentText) {
+								await statusCallback(
+									"segment_end",
+									currentSegmentText,
+									currentSegmentId,
+								);
+								currentSegmentId++;
+								currentSegmentText = "";
+							}
+
+							// Format and show tool status
+							const toolDisplay = formatToolStatus(toolName, toolInput);
+							this.currentTool = toolDisplay;
+							this.lastTool = toolDisplay;
+							console.log(`Tool: ${toolDisplay}`);
+
+							// Don't show tool status for ask_user - the buttons are self-explanatory
+							if (!toolName.startsWith("mcp__ask-user")) {
+								await statusCallback("tool", toolDisplay);
+							}
+
+							// Check for pending ask_user requests after ask-user MCP tool
+							if (toolName.startsWith("mcp__ask-user") && ctx && chatId) {
+								// Small delay to let MCP server write the file
+								await new Promise((resolve) => setTimeout(resolve, 200));
+
+								// Retry a few times in case of timing issues
+								for (let attempt = 0; attempt < 3; attempt++) {
+									const buttonsSent = await checkPendingAskUserRequests(
+										ctx,
+										chatId,
+									);
+									if (buttonsSent) {
+										askUserTriggered = true;
+										break;
+									}
+									if (attempt < 2) {
+										await new Promise((resolve) => setTimeout(resolve, 100));
+									}
+								}
+							}
+						}
+
+						// Text content
+						if (block.type === "text") {
+							responseParts.push(block.text);
+							currentSegmentText += block.text;
+
+							// Stream text updates (throttled)
+							const now = Date.now();
+							if (
+								now - lastTextUpdate > STREAMING_THROTTLE_MS &&
+								currentSegmentText.length > 20
+							) {
+								await statusCallback(
+									"text",
+									currentSegmentText,
+									currentSegmentId,
+								);
+								lastTextUpdate = now;
+							}
+						}
+					}
+
+					// Break out of event loop if ask_user was triggered
+					if (askUserTriggered) {
+						break;
+					}
+				}
+
+				// Result message
+				if (event.type === "result") {
+					console.log("Response complete");
+					queryCompleted = true;
+
+					// Capture usage if available
+					if ("usage" in event && event.usage) {
+						this.lastUsage = event.usage as TokenUsage;
+						const u = this.lastUsage;
+						console.log(
+							`Usage: in=${u.input_tokens} out=${u.output_tokens} cache_read=${
+								u.cache_read_input_tokens || 0
+							} cache_create=${u.cache_creation_input_tokens || 0}`,
+						);
+					}
+				}
+			}
+
+			// V1 query completes automatically when the generator ends
+		} catch (error) {
+			const errorStr = String(error).toLowerCase();
+			const isCleanupError =
+				errorStr.includes("cancel") || errorStr.includes("abort");
+
+			if (
+				isCleanupError &&
+				(queryCompleted || askUserTriggered || this.stopRequested)
+			) {
+				console.warn(`Suppressed post-completion error: ${error}`);
+			} else {
+				console.error(`Error in query: ${error}`);
+				this.lastError = String(error).slice(0, 100);
+				this.lastErrorTime = new Date();
+				throw error;
+			}
+		} finally {
+			this.isQueryRunning = false;
+			this.abortController = null;
+			this.queryStarted = null;
+			this.currentTool = null;
+		}
+
+		this.lastActivity = new Date();
+		this.lastError = null;
+		this.lastErrorTime = null;
+
+		// If ask_user was triggered, return early - user will respond via button
+		if (askUserTriggered) {
+			await statusCallback("done", "");
+			return "[Waiting for user selection]";
+		}
+
+		// Emit final segment
+		if (currentSegmentText) {
+			await statusCallback("segment_end", currentSegmentText, currentSegmentId);
+		}
+
+		await statusCallback("done", "");
+
+		return responseParts.join("") || "No response from Claude.";
+	}
+
+	/**
+	 * Kill the current session (clear session_id).
+	 */
+	async kill(): Promise<void> {
+		this.sessionId = null;
+		this.lastActivity = null;
+		console.log("Session cleared");
+	}
+
+	/**
+	 * Save session to disk for resume after restart.
+	 */
+	private saveSession(): void {
+		if (!this.sessionId) return;
+
+		try {
+			const data: SessionData = {
+				session_id: this.sessionId,
+				saved_at: new Date().toISOString(),
+				working_dir: this._workingDir,
+			};
+			Bun.write(SESSION_FILE, JSON.stringify(data));
+			console.log(`Session saved to ${SESSION_FILE}`);
+		} catch (error) {
+			console.warn(`Failed to save session: ${error}`);
+		}
+	}
+
+	/**
+	 * Resume the last persisted session.
+	 */
+	resumeLast(): [success: boolean, message: string] {
+		try {
+			const file = Bun.file(SESSION_FILE);
+			if (!file.size) {
+				return [false, "No saved session found"];
+			}
+
+			const text = readFileSync(SESSION_FILE, "utf-8");
+			const data: SessionData = JSON.parse(text);
+
+			if (!data.session_id) {
+				return [false, "Saved session file is empty"];
+			}
+
+			if (data.working_dir && data.working_dir !== this._workingDir) {
+				return [
+					false,
+					`Session was for different directory: ${data.working_dir}`,
+				];
+			}
+
+			this.sessionId = data.session_id;
+			this.lastActivity = new Date();
+			console.log(
+				`Resumed session ${data.session_id.slice(0, 8)}... (saved at ${
+					data.saved_at
+				})`,
+			);
+			return [
+				true,
+				`Resumed session \`${data.session_id.slice(0, 8)}...\` (saved at ${
+					data.saved_at
+				})`,
+			];
+		} catch (error) {
+			console.error(`Failed to resume session: ${error}`);
+			return [false, `Failed to load session: ${error}`];
+		}
+	}
+}
+
+// Global session instance
+export const session = new ClaudeSession();

package/src/types.ts

@@ -0,0 +1,77 @@
+/**
+ * Shared TypeScript types for the Claude Telegram Bot.
+ */
+
+import type { Context } from "grammy";
+import type { Message } from "grammy/types";
+
+// Status callback for streaming updates
+export type StatusCallback = (
+  type: "thinking" | "tool" | "text" | "segment_end" | "done",
+  content: string,
+  segmentId?: number
+) => Promise<void>;
+
+// Rate limit bucket for token bucket algorithm
+export interface RateLimitBucket {
+  tokens: number;
+  lastUpdate: number;
+}
+
+// Session persistence data
+export interface SessionData {
+  session_id: string;
+  saved_at: string;
+  working_dir: string;
+}
+
+// Token usage from Claude
+export interface TokenUsage {
+  input_tokens: number;
+  output_tokens: number;
+  cache_read_input_tokens?: number;
+  cache_creation_input_tokens?: number;
+}
+
+// MCP server configuration types
+export type McpServerConfig = McpStdioConfig | McpHttpConfig;
+
+export interface McpStdioConfig {
+  command: string;
+  args?: string[];
+  env?: Record<string, string>;
+}
+
+export interface McpHttpConfig {
+  type: "http";
+  url: string;
+  headers?: Record<string, string>;
+}
+
+// Audit log event types
+export type AuditEventType =
+  | "message"
+  | "auth"
+  | "tool_use"
+  | "error"
+  | "rate_limit";
+
+export interface AuditEvent {
+  timestamp: string;
+  event: AuditEventType;
+  user_id: number;
+  username?: string;
+  [key: string]: unknown;
+}
+
+// Pending media group for buffering albums
+export interface PendingMediaGroup {
+  items: string[];
+  ctx: Context;
+  caption?: string;
+  statusMsg?: Message;
+  timeout: Timer;
+}
+
+// Bot context with optional message
+export type BotContext = Context;