hedgequantx 1.1.1 → 1.2.31

package/src/services/session.js

@@ -1,60 +1,111 @@
 /**
- * Session Management
- * Handles multi-connection state and persistence
+ * @fileoverview Secure session management with encryption
+ * @module services/session
  */
 
 const fs = require('fs');
 const path = require('path');
 const os = require('os');
+const { encrypt, decrypt, maskSensitive } = require('../security');
 const { ProjectXService } = require('./projectx');
 
-const SESSION_FILE = path.join(os.homedir(), '.hedgequantx', 'session.json');
+const SESSION_DIR = path.join(os.homedir(), '.hedgequantx');
+const SESSION_FILE = path.join(SESSION_DIR, 'session.enc');
 
-// Session Storage
+/**
+ * Secure session storage with AES-256 encryption
+ */
 const storage = {
+  /**
+   * Ensures the session directory exists with proper permissions
+   * @private
+   */
+  _ensureDir() {
+    if (!fs.existsSync(SESSION_DIR)) {
+      fs.mkdirSync(SESSION_DIR, { recursive: true, mode: 0o700 });
+    }
+  },
+
+  /**
+   * Saves sessions with encryption
+   * @param {Array} sessions - Sessions to save
+   */
   save(sessions) {
     try {
-      const dir = path.dirname(SESSION_FILE);
-      if (!fs.existsSync(dir)) {
-        fs.mkdirSync(dir, { recursive: true });
-      }
-      fs.writeFileSync(SESSION_FILE, JSON.stringify(sessions, null, 2));
-    } catch (e) { /* ignore */ }
+      this._ensureDir();
+      const data = JSON.stringify(sessions);
+      const encrypted = encrypt(data);
+      fs.writeFileSync(SESSION_FILE, encrypted, { mode: 0o600 });
+    } catch (e) {
+      // Silently fail - don't expose errors
+    }
   },
-  
+
+  /**
+   * Loads and decrypts sessions
+   * @returns {Array} Decrypted sessions or empty array
+   */
   load() {
     try {
       if (fs.existsSync(SESSION_FILE)) {
-        return JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8'));
+        const encrypted = fs.readFileSync(SESSION_FILE, 'utf8');
+        const decrypted = decrypt(encrypted);
+        if (decrypted) {
+          return JSON.parse(decrypted);
+        }
       }
-    } catch (e) { /* ignore */ }
+    } catch (e) {
+      // Session corrupted or from different machine - clear it
+      this.clear();
+    }
     return [];
   },
-  
+
+  /**
+   * Securely clears session data
+   */
   clear() {
     try {
       if (fs.existsSync(SESSION_FILE)) {
+        // Overwrite with random data before deleting
+        const size = fs.statSync(SESSION_FILE).size;
+        fs.writeFileSync(SESSION_FILE, require('crypto').randomBytes(size));
         fs.unlinkSync(SESSION_FILE);
       }
-    } catch (e) { /* ignore */ }
+    } catch (e) {
+      // Ignore errors
+    }
   }
 };
 
-// Connection Manager
+/**
+ * Multi-connection manager with secure token handling
+ */
 const connections = {
+  /** @type {Array} Active connections */
   services: [],
-  
+
+  /**
+   * Adds a new connection
+   * @param {string} type - Connection type (projectx, rithmic, etc.)
+   * @param {Object} service - Service instance
+   * @param {string} [propfirm] - PropFirm name
+   * @param {string} [token] - Auth token
+   */
   add(type, service, propfirm = null, token = null) {
-    this.services.push({ 
-      type, 
-      service, 
-      propfirm, 
-      token, 
-      connectedAt: new Date() 
+    this.services.push({
+      type,
+      service,
+      propfirm,
+      token: token || service.token,
+      connectedAt: new Date()
     });
     this.saveToStorage();
   },
-  
+
+  /**
+   * Saves all sessions to encrypted storage
+   */
   saveToStorage() {
     const sessions = this.services.map(conn => ({
       type: conn.type,
@@ -63,15 +114,22 @@ const connections = {
     }));
     storage.save(sessions);
   },
-  
+
+  /**
+   * Restores sessions from encrypted storage
+   * @returns {Promise<boolean>} True if sessions were restored
+   */
   async restoreFromStorage() {
     const sessions = storage.load();
+    
     for (const session of sessions) {
       try {
         if (session.type === 'projectx' && session.token) {
-          const service = new ProjectXService(session.propfirm.toLowerCase().replace(/ /g, '_'));
+          const propfirmKey = session.propfirm.toLowerCase().replace(/ /g, '_');
+          const service = new ProjectXService(propfirmKey);
           service.token = session.token;
-          
+
+          // Validate token is still valid
           const userResult = await service.getUser();
           if (userResult.success) {
             this.services.push({
@@ -83,30 +141,61 @@ const connections = {
             });
           }
         }
-      } catch (e) { /* invalid session */ }
+      } catch (e) {
+        // Invalid session - skip
+      }
     }
+    
     return this.services.length > 0;
   },
-  
+
+  /**
+   * Removes a connection by index
+   * @param {number} index - Connection index
+   */
   remove(index) {
-    this.services.splice(index, 1);
-    this.saveToStorage();
+    if (index >= 0 && index < this.services.length) {
+      const conn = this.services[index];
+      if (conn.service && conn.service.logout) {
+        conn.service.logout();
+      }
+      this.services.splice(index, 1);
+      this.saveToStorage();
+    }
   },
-  
+
+  /**
+   * Gets all connections
+   * @returns {Array} All connections
+   */
   getAll() {
     return this.services;
   },
-  
+
+  /**
+   * Gets connections by type
+   * @param {string} type - Connection type
+   * @returns {Array} Filtered connections
+   */
   getByType(type) {
     return this.services.filter(c => c.type === type);
   },
-  
+
+  /**
+   * Gets connection count
+   * @returns {number} Number of connections
+   */
   count() {
     return this.services.length;
   },
-  
+
+  /**
+   * Gets all accounts from all connections
+   * @returns {Promise<Array>} All accounts
+   */
   async getAllAccounts() {
     const allAccounts = [];
+    
     for (const conn of this.services) {
       try {
         const result = await conn.service.getTradingAccounts();
@@ -120,15 +209,25 @@ const connections = {
             });
           });
         }
-      } catch (e) { /* ignore */ }
+      } catch (e) {
+        // Skip failed connections
+      }
     }
+    
     return allAccounts;
   },
-  
+
+  /**
+   * Checks if any connection is active
+   * @returns {boolean} True if connected
+   */
   isConnected() {
     return this.services.length > 0;
   },
-  
+
+  /**
+   * Disconnects all connections and clears sessions
+   */
   disconnectAll() {
     this.services.forEach(conn => {
       if (conn.service && conn.service.logout) {
@@ -137,6 +236,19 @@ const connections = {
     });
     this.services = [];
     storage.clear();
+  },
+
+  /**
+   * Gets masked connection info for logging
+   * @returns {Array} Masked connection info
+   */
+  getInfo() {
+    return this.services.map(conn => ({
+      type: conn.type,
+      propfirm: conn.propfirm,
+      token: maskSensitive(conn.token),
+      connectedAt: conn.connectedAt
+    }));
   }
 };
 

package/src/ui/index.js

@@ -22,6 +22,7 @@ const {
   draw2ColSeparator,
   fmtRow
 } = require('./table');
+const { createBoxMenu } = require('./menu');
 
 module.exports = {
   // Device
@@ -44,5 +45,7 @@ module.exports = {
   draw2ColRow,
   draw2ColRowRaw,
   draw2ColSeparator,
-  fmtRow
+  fmtRow,
+  // Menu
+  createBoxMenu
 };

package/src/ui/menu.js

@@ -0,0 +1,154 @@
+/**
+ * Custom Box Menu with keyboard navigation
+ */
+
+const chalk = require('chalk');
+const readline = require('readline');
+const { getLogoWidth, centerText } = require('./box');
+
+/**
+ * Creates a custom menu inside a box
+ * @param {string} title - Menu title
+ * @param {Array} items - Menu items [{label, value, color, disabled, separator}]
+ * @param {Object} options - Options {headerLines: [], footerText: ''}
+ * @returns {Promise<string>} Selected value
+ */
+const createBoxMenu = async (title, items, options = {}) => {
+  const boxWidth = getLogoWidth();
+  const innerWidth = boxWidth - 2;
+  
+  let selectedIndex = 0;
+  
+  // Find first non-separator, non-disabled item
+  while (selectedIndex < items.length && (items[selectedIndex].separator || items[selectedIndex].disabled)) {
+    selectedIndex++;
+  }
+  
+  const renderMenu = () => {
+    // Clear screen and move cursor to top
+    process.stdout.write('\x1b[2J\x1b[H');
+    
+    const version = require('../../package.json').version;
+    
+    // Full ASCII logo
+    const logo = [
+      '██╗  ██╗███████╗██████╗  ██████╗ ███████╗ ██████╗ ██╗   ██╗ █████╗ ███╗   ██╗████████╗██╗  ██╗',
+      '██║  ██║██╔════╝██╔══██╗██╔════╝ ██╔════╝██╔═══██╗██║   ██║██╔══██╗████╗  ██║╚══██╔══╝╚██╗██╔╝',
+      '███████║█████╗  ██║  ██║██║  ███╗█████╗  ██║   ██║██║   ██║███████║██╔██╗ ██║   ██║    ╚███╔╝ ',
+      '██╔══██║██╔══╝  ██║  ██║██║   ██║██╔══╝  ██║▄▄ ██║██║   ██║██╔══██║██║╚██╗██║   ██║    ██╔██╗ ',
+      '██║  ██║███████╗██████╔╝╚██████╔╝███████╗╚██████╔╝╚██████╔╝██║  ██║██║ ╚████║   ██║   ██╔╝ ██╗',
+      '╚═╝  ╚═╝╚══════╝╚═════╝  ╚═════╝ ╚══════╝ ╚══▀▀═╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═══╝   ╚═╝   ╚═╝  ╚═╝'
+    ];
+    
+    console.log(chalk.cyan('╔' + '═'.repeat(innerWidth) + '╗'));
+    
+    logo.forEach(line => {
+      const padded = centerText(line, innerWidth);
+      console.log(chalk.cyan('║') + chalk.cyan(padded) + chalk.cyan('║'));
+    });
+    
+    console.log(chalk.cyan('╠' + '═'.repeat(innerWidth) + '╣'));
+    console.log(chalk.cyan('║') + chalk.white(centerText(`Prop Futures Algo Trading  v${version}`, innerWidth)) + chalk.cyan('║'));
+    
+    // Stats bar if provided
+    if (options.statsLine) {
+      console.log(chalk.cyan('╠' + '═'.repeat(innerWidth) + '╣'));
+      const statsLen = options.statsLine.replace(/\x1b\[[0-9;]*m/g, '').length;
+      const statsPad = innerWidth - statsLen;
+      const leftPad = Math.floor(statsPad / 2);
+      const rightPad = statsPad - leftPad;
+      console.log(chalk.cyan('║') + ' '.repeat(leftPad) + options.statsLine + ' '.repeat(rightPad) + chalk.cyan('║'));
+    }
+    
+    console.log(chalk.cyan('╠' + '═'.repeat(innerWidth) + '╣'));
+    console.log(chalk.cyan('║') + chalk.white.bold(centerText(title, innerWidth)) + chalk.cyan('║'));
+    console.log(chalk.cyan('╠' + '═'.repeat(innerWidth) + '╣'));
+    
+    // Header lines (connection info, etc.)
+    if (options.headerLines && options.headerLines.length > 0) {
+      options.headerLines.forEach(line => {
+        const text = '  ' + line;
+        console.log(chalk.cyan('║') + text.padEnd(innerWidth) + chalk.cyan('║'));
+      });
+      console.log(chalk.cyan('╠' + '─'.repeat(innerWidth) + '╣'));
+    }
+    
+    // Menu items
+    items.forEach((item, index) => {
+      if (item.separator) {
+        console.log(chalk.cyan('║') + chalk.gray('  ' + '─'.repeat(innerWidth - 4) + '  ') + chalk.cyan('║'));
+      } else {
+        const isSelected = index === selectedIndex;
+        const prefix = isSelected ? chalk.white('▸ ') : '  ';
+        const color = item.disabled ? chalk.gray : (item.color || chalk.cyan);
+        const label = item.label + (item.disabled ? ' (Coming Soon)' : '');
+        const text = prefix + color(label);
+        const visLen = text.replace(/\x1b\[[0-9;]*m/g, '').length;
+        const padding = innerWidth - visLen;
+        
+        if (isSelected && !item.disabled) {
+          console.log(chalk.cyan('║') + chalk.bgGray.white(text + ' '.repeat(padding)) + chalk.cyan('║'));
+        } else {
+          console.log(chalk.cyan('║') + text + ' '.repeat(padding) + chalk.cyan('║'));
+        }
+      }
+    });
+    
+    // Footer
+    console.log(chalk.cyan('╠' + '─'.repeat(innerWidth) + '╣'));
+    const footerText = options.footerText || 'Use ↑↓ arrows to navigate, Enter to select';
+    console.log(chalk.cyan('║') + chalk.gray(centerText(footerText, innerWidth)) + chalk.cyan('║'));
+    console.log(chalk.cyan('╚' + '═'.repeat(innerWidth) + '╝'));
+  };
+  
+  return new Promise((resolve) => {
+    renderMenu();
+    
+    readline.emitKeypressEvents(process.stdin);
+    if (process.stdin.isTTY) {
+      process.stdin.setRawMode(true);
+    }
+    
+    const onKeyPress = (str, key) => {
+      if (key.name === 'up') {
+        // Move up, skip separators and disabled
+        let newIndex = selectedIndex - 1;
+        while (newIndex >= 0 && (items[newIndex].separator || items[newIndex].disabled)) {
+          newIndex--;
+        }
+        if (newIndex >= 0) {
+          selectedIndex = newIndex;
+          renderMenu();
+        }
+      } else if (key.name === 'down') {
+        // Move down, skip separators and disabled
+        let newIndex = selectedIndex + 1;
+        while (newIndex < items.length && (items[newIndex].separator || items[newIndex].disabled)) {
+          newIndex++;
+        }
+        if (newIndex < items.length) {
+          selectedIndex = newIndex;
+          renderMenu();
+        }
+      } else if (key.name === 'return') {
+        // Select current item
+        cleanup();
+        resolve(items[selectedIndex].value);
+      } else if (key.name === 'escape' || (key.ctrl && key.name === 'c')) {
+        cleanup();
+        process.exit(0);
+      }
+    };
+    
+    const cleanup = () => {
+      process.stdin.removeListener('keypress', onKeyPress);
+      if (process.stdin.isTTY) {
+        process.stdin.setRawMode(false);
+      }
+    };
+    
+    process.stdin.on('keypress', onKeyPress);
+  });
+};
+
+module.exports = { createBoxMenu };