cursor-usage-tracker 1.15.0 → 1.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +52 -4
- package/package.json +4 -3
package/README.md
CHANGED
|
@@ -193,7 +193,6 @@ DASHBOARD_URL=http://localhost:3000
|
|
|
193
193
|
|
|
194
194
|
# Optional
|
|
195
195
|
CRON_SECRET=your_secret_here # protects the cron endpoint
|
|
196
|
-
DASHBOARD_PASSWORD=your_password # optional basic auth for the dashboard
|
|
197
196
|
|
|
198
197
|
# Email alerts via Resend (optional)
|
|
199
198
|
RESEND_API_KEY=re_xxxxxxxxxxxx
|
|
@@ -277,13 +276,24 @@ volumes:
|
|
|
277
276
|
|
|
278
277
|
</details>
|
|
279
278
|
|
|
280
|
-
###
|
|
279
|
+
### Fly.io (recommended free option)
|
|
281
280
|
|
|
282
|
-
|
|
281
|
+
```bash
|
|
282
|
+
fly launch --copy-config # creates the app from fly.toml
|
|
283
|
+
fly volumes create tracker_data --region ams --size 1
|
|
284
|
+
fly secrets set CURSOR_ADMIN_API_KEY=your_key CRON_SECRET=your_secret
|
|
285
|
+
fly deploy
|
|
286
|
+
# Dashboard at https://your-app.fly.dev
|
|
287
|
+
```
|
|
288
|
+
|
|
289
|
+
Set up hourly collection by adding `DASHBOARD_URL` and `CRON_SECRET` as [GitHub Actions secrets](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions) — the included `.github/workflows/cron.yml` workflow triggers `/api/cron` every hour.
|
|
290
|
+
|
|
291
|
+
### Other cloud platforms
|
|
292
|
+
|
|
293
|
+
Any platform that supports Docker + persistent volumes works:
|
|
283
294
|
|
|
284
295
|
- **[Render](https://render.com)** — use the deploy button above, or `render.yaml` in this repo
|
|
285
296
|
- **[Railway](https://railway.app)** — create a project from this repo, attach a volume at `/app/data`
|
|
286
|
-
- **[Fly.io](https://fly.io)** — deploy with `fly launch`, create a volume for `/app/data`
|
|
287
297
|
|
|
288
298
|
> **Note:** Vercel is not supported — SQLite requires a persistent filesystem that Vercel's serverless functions don't provide.
|
|
289
299
|
|
|
@@ -365,6 +375,44 @@ The import uses HiBob's `Group` and `Team` columns (falling back to `Department`
|
|
|
365
375
|
|
|
366
376
|
---
|
|
367
377
|
|
|
378
|
+
## Authentication
|
|
379
|
+
|
|
380
|
+
Authentication is **fully optional**. When no auth environment variables are set, the dashboard is open (the default behavior). Setting `AUTH_SECRET` enables Google OAuth sign-in.
|
|
381
|
+
|
|
382
|
+
### Setup
|
|
383
|
+
|
|
384
|
+
1. Create a [Google OAuth app](https://console.cloud.google.com/apis/credentials) with redirect URI:
|
|
385
|
+
- Local: `http://localhost:3000/api/auth/callback/google`
|
|
386
|
+
- Production: `https://your-domain.com/api/auth/callback/google`
|
|
387
|
+
|
|
388
|
+
2. Add to your `.env`:
|
|
389
|
+
|
|
390
|
+
```bash
|
|
391
|
+
AUTH_SECRET=$(openssl rand -base64 32) # encryption key for sessions
|
|
392
|
+
AUTH_GOOGLE_ID=your-client-id.apps.google... # Google OAuth client ID
|
|
393
|
+
AUTH_GOOGLE_SECRET=GOCSPX-... # Google OAuth client secret
|
|
394
|
+
AUTH_TRUST_HOST=true # required behind a reverse proxy
|
|
395
|
+
AUTH_URL=https://your-domain.com # public URL (auto-detected locally)
|
|
396
|
+
```
|
|
397
|
+
|
|
398
|
+
3. Optionally restrict access by domain or specific emails:
|
|
399
|
+
|
|
400
|
+
```bash
|
|
401
|
+
AUTH_ALLOWED_DOMAIN=yourcompany.com # only @yourcompany.com emails
|
|
402
|
+
AUTH_ALLOWED_EMAILS=admin@example.com,cto@example.com # or specific emails
|
|
403
|
+
```
|
|
404
|
+
|
|
405
|
+
When both are set, either match grants access. When neither is set, any Google account can sign in.
|
|
406
|
+
|
|
407
|
+
### How It Works
|
|
408
|
+
|
|
409
|
+
- Sessions use encrypted JWT cookies — no database tables needed
|
|
410
|
+
- The `/api/cron` endpoint is excluded from auth (it uses its own `CRON_SECRET`)
|
|
411
|
+
- Sign-in page appears automatically when auth is enabled
|
|
412
|
+
- User avatar and sign-out menu appear in the nav bar
|
|
413
|
+
|
|
414
|
+
---
|
|
415
|
+
|
|
368
416
|
## API Endpoints
|
|
369
417
|
|
|
370
418
|
| Endpoint | Method | Description |
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cursor-usage-tracker",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.17.0",
|
|
4
4
|
"description": "Open-source Cursor IDE usage monitoring, anomaly detection, and alerting for enterprise teams",
|
|
5
5
|
"homepage": "https://github.com/ofershap/cursor-usage-tracker#readme",
|
|
6
6
|
"type": "module",
|
|
@@ -15,8 +15,8 @@
|
|
|
15
15
|
"lint": "eslint . && prettier --check .",
|
|
16
16
|
"format": "prettier --write .",
|
|
17
17
|
"prepare": "husky",
|
|
18
|
-
"collect": "tsx src/lib/cli/collect.ts",
|
|
19
|
-
"detect": "tsx src/lib/cli/detect.ts",
|
|
18
|
+
"collect": "npx tsx --env-file=.env src/lib/cli/collect.ts",
|
|
19
|
+
"detect": "npx tsx --env-file=.env src/lib/cli/detect.ts",
|
|
20
20
|
"generate:mock": "tsx scripts/generate-mock-db.ts",
|
|
21
21
|
"dev:mock": "DATABASE_PATH=data/mock.db next dev"
|
|
22
22
|
},
|
|
@@ -73,6 +73,7 @@
|
|
|
73
73
|
"@tailwindcss/postcss": "^4.1.18",
|
|
74
74
|
"better-sqlite3": "^12.6.2",
|
|
75
75
|
"next": "^16.1.6",
|
|
76
|
+
"next-auth": "^5.0.0-beta.30",
|
|
76
77
|
"react": "^19.2.4",
|
|
77
78
|
"react-dom": "^19.2.4",
|
|
78
79
|
"recharts": "^3.7.0",
|