libre-webui 0.2.4

package/backend/dist/routes/users.js

@@ -0,0 +1,246 @@
+/*
+ * Libre WebUI
+ * Copyright (C) 2025 Kroonen AI, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import express from 'express';
+import rateLimit from 'express-rate-limit';
+import { userModel } from '../models/userModel.js';
+import { authenticate, requireAdmin, } from '../middleware/auth.js';
+const router = express.Router();
+// Rate limiter for user management routes: 30 requests per 15 minutes
+const userRateLimiter = rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 30, // limit each IP to 30 requests per 15 minutes
+    message: {
+        success: false,
+        message: 'Too many user management requests, please try again later',
+    },
+    standardHeaders: true,
+    legacyHeaders: false,
+});
+/**
+ * Get all users (admin only)
+ */
+router.get('/', userRateLimiter, authenticate, requireAdmin, async (req, res) => {
+    try {
+        const users = userModel.getAllUsers();
+        res.json({
+            success: true,
+            data: users,
+        });
+    }
+    catch (error) {
+        console.error('Get users error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Internal server error',
+        });
+    }
+});
+/**
+ * Create a new user (admin only)
+ */
+router.post('/', userRateLimiter, authenticate, requireAdmin, async (req, res) => {
+    try {
+        const { username, email, password, role } = req.body;
+        // Validate required fields
+        if (!username || !email || !password || !role) {
+            res.status(400).json({
+                success: false,
+                message: 'Username, email, password, and role are required',
+            });
+            return;
+        }
+        // Validate role
+        if (role !== 'admin' && role !== 'user') {
+            res.status(400).json({
+                success: false,
+                message: 'Role must be either "admin" or "user"',
+            });
+            return;
+        }
+        // Check if username exists
+        if (userModel.usernameExists(username)) {
+            res.status(400).json({
+                success: false,
+                message: 'Username already exists',
+            });
+            return;
+        }
+        // Check if email exists
+        if (userModel.emailExists(email)) {
+            res.status(400).json({
+                success: false,
+                message: 'Email already exists',
+            });
+            return;
+        }
+        const { avatar } = req.body;
+        const user = await userModel.createUser({
+            username,
+            email,
+            password,
+            role,
+            avatar,
+        });
+        res.status(201).json({
+            success: true,
+            data: user,
+        });
+    }
+    catch (error) {
+        console.error('Create user error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Internal server error',
+        });
+    }
+});
+/**
+ * Update current user's profile (self-update, avatar only)
+ */
+router.patch('/me/avatar', userRateLimiter, authenticate, async (req, res) => {
+    try {
+        const userId = req.user?.userId;
+        if (!userId) {
+            res.status(401).json({
+                success: false,
+                message: 'Not authenticated',
+            });
+            return;
+        }
+        const { avatar } = req.body;
+        const user = await userModel.updateUser(userId, { avatar });
+        if (!user) {
+            res.status(404).json({
+                success: false,
+                message: 'User not found',
+            });
+            return;
+        }
+        res.json({
+            success: true,
+            data: user,
+        });
+    }
+    catch (error) {
+        console.error('Update avatar error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Internal server error',
+        });
+    }
+});
+/**
+ * Update a user (admin only)
+ */
+router.patch('/:id', userRateLimiter, authenticate, requireAdmin, async (req, res) => {
+    try {
+        const { id } = req.params;
+        const { username, email, password, role, avatar } = req.body;
+        // Validate role if provided
+        if (role && role !== 'admin' && role !== 'user') {
+            res.status(400).json({
+                success: false,
+                message: 'Role must be either "admin" or "user"',
+            });
+            return;
+        }
+        // Check if username exists (and is not the current user)
+        if (username && userModel.usernameExists(username)) {
+            const existingUser = userModel.getUserById(id);
+            if (!existingUser || existingUser.username !== username) {
+                res.status(400).json({
+                    success: false,
+                    message: 'Username already exists',
+                });
+                return;
+            }
+        }
+        // Check if email exists (and is not the current user)
+        if (email && userModel.emailExists(email)) {
+            const existingUser = userModel.getUserById(id);
+            if (!existingUser || existingUser.email !== email) {
+                res.status(400).json({
+                    success: false,
+                    message: 'Email already exists',
+                });
+                return;
+            }
+        }
+        const user = await userModel.updateUser(id, {
+            username,
+            email,
+            password,
+            role,
+            avatar,
+        });
+        if (!user) {
+            res.status(404).json({
+                success: false,
+                message: 'User not found',
+            });
+            return;
+        }
+        res.json({
+            success: true,
+            data: user,
+        });
+    }
+    catch (error) {
+        console.error('Update user error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Internal server error',
+        });
+    }
+});
+/**
+ * Delete a user (admin only)
+ */
+router.delete('/:id', userRateLimiter, authenticate, requireAdmin, async (req, res) => {
+    try {
+        const { id } = req.params;
+        // Prevent deleting yourself
+        if (req.user?.userId === id) {
+            res.status(400).json({
+                success: false,
+                message: 'You cannot delete your own account',
+            });
+            return;
+        }
+        const deleted = userModel.deleteUser(id);
+        if (!deleted) {
+            res.status(404).json({
+                success: false,
+                message: 'User not found',
+            });
+            return;
+        }
+        res.json({
+            success: true,
+            message: 'User deleted successfully',
+        });
+    }
+    catch (error) {
+        console.error('Delete user error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Internal server error',
+        });
+    }
+});
+export default router;
+//# sourceMappingURL=users.js.map

package/backend/dist/routes/users.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"users.js","sourceRoot":"","sources":["../../src/routes/users.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,SAAS,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EACL,YAAY,EACZ,YAAY,GAEb,MAAM,uBAAuB,CAAC;AAE/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;AAEhC,sEAAsE;AACtE,MAAM,eAAe,GAAG,SAAS,CAAC;IAChC,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa;IACvC,GAAG,EAAE,EAAE,EAAE,8CAA8C;IACvD,OAAO,EAAE;QACP,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,2DAA2D;KACrE;IACD,eAAe,EAAE,IAAI;IACrB,aAAa,EAAE,KAAK;CACrB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,GAAG,CACR,GAAG,EACH,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,KAAK,EAAE,GAAyB,EAAE,GAAG,EAAE,EAAE;IACvC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;QACtC,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,KAAK;SACZ,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;QACzC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,IAAI,CACT,GAAG,EACH,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,KAAK,EAAE,GAAyB,EAAE,GAAG,EAAE,EAAE;IACvC,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAErD,2BAA2B;QAC3B,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;YAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,kDAAkD;aAC5D,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,gBAAgB;QAChB,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;YACxC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,uCAAuC;aACjD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,2BAA2B;QAC3B,IAAI,SAAS,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,yBAAyB;aACnC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,wBAAwB;QACxB,IAAI,SAAS,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,sBAAsB;aAChC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE5B,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC;YACtC,QAAQ;YACR,KAAK;YACL,QAAQ;YACR,IAAI;YACJ,MAAM;SACP,CAAC,CAAC;QAEH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;QAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,CACV,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,KAAK,EAAE,GAAyB,EAAE,GAAG,EAAE,EAAE;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC;QAChC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mBAAmB;aAC7B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE5B,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAE5D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,gBAAgB;aAC1B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;QAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,CACV,MAAM,EACN,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,KAAK,EAAE,GAAyB,EAAE,GAAG,EAAE,EAAE;IACvC,IAAI,CAAC;QACH,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAC1B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAE7D,4BAA4B;QAC5B,IAAI,IAAI,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;YAChD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,uCAAuC;aACjD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,yDAAyD;QACzD,IAAI,QAAQ,IAAI,SAAS,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,YAAY,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAC/C,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACxD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,yBAAyB;iBACnC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IAAI,KAAK,IAAI,SAAS,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,YAAY,GAAG,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAC/C,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;gBAClD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,sBAAsB;iBAChC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,EAAE,EAAE;YAC1C,QAAQ;YACR,KAAK;YACL,QAAQ;YACR,IAAI;YACJ,MAAM;SACP,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,gBAAgB;aAC1B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;QAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,CACX,MAAM,EACN,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,KAAK,EAAE,GAAyB,EAAE,GAAG,EAAE,EAAE;IACvC,IAAI,CAAC;QACH,MAAM,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAE1B,4BAA4B;QAC5B,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,KAAK,EAAE,EAAE,CAAC;YAC5B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,oCAAoC;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,gBAAgB;aAC1B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,2BAA2B;SACrC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;QAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CACF,CAAC;AAEF,eAAe,MAAM,CAAC"}

package/backend/dist/services/authService.d.ts

@@ -0,0 +1,51 @@
+import { UserPublic } from '../models/userModel.js';
+export declare const JWT_SECRET: string;
+export interface AuthTokenPayload {
+    userId: string;
+    username: string;
+    role: 'admin' | 'user';
+}
+export interface SystemInfo {
+    requiresAuth: boolean;
+    singleUserMode: boolean;
+    hasUsers: boolean;
+    version?: string;
+}
+export declare class AuthService {
+    /**
+     * Generate JWT token for user
+     */
+    generateToken(user: UserPublic): string;
+    /**
+     * Verify JWT token
+     */
+    verifyToken(token: string): AuthTokenPayload | null;
+    /**
+     * Login user
+     */
+    login(username: string, password: string): Promise<{
+        user: UserPublic;
+        token: string;
+    } | null>;
+    /**
+     * Get system information
+     */
+    getSystemInfo(): SystemInfo;
+    /**
+     * Get user from token
+     */
+    getUserFromToken(token: string): Promise<UserPublic | null>;
+    /**
+     * Get user by username
+     */
+    getUserByUsername(username: string): Promise<UserPublic | null>;
+    /**
+     * Signup user
+     */
+    signup(username: string, password: string, email?: string): Promise<{
+        user: UserPublic;
+        token: string;
+    } | null>;
+}
+export declare const authService: AuthService;
+//# sourceMappingURL=authService.d.ts.map

package/backend/dist/services/authService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authService.d.ts","sourceRoot":"","sources":["../../src/services/authService.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAa,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAoB/D,eAAO,MAAM,UAAU,QAWjB,CAAC;AAEP,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,OAAO,GAAG,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,OAAO,CAAC;IACtB,cAAc,EAAE,OAAO,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,WAAW;IACtB;;OAEG;IACH,aAAa,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM;IAUvC;;OAEG;IACH,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAUnD;;OAEG;IACG,KAAK,CACT,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC;QAAE,IAAI,EAAE,UAAU,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IAkBtD;;OAEG;IACH,aAAa,IAAI,UAAU;IAW3B;;OAEG;IACG,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAOjE;;OAEG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAerE;;OAEG;IACG,MAAM,CACV,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC;QAAE,IAAI,EAAE,UAAU,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CAyBvD;AAED,eAAO,MAAM,WAAW,aAAoB,CAAC"}

package/backend/dist/services/authService.js

@@ -0,0 +1,153 @@
+/*
+ * Libre WebUI
+ * Copyright (C) 2025 Kroonen AI, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import jwt from 'jsonwebtoken';
+import { userModel } from '../models/userModel.js';
+import { readFileSync } from 'fs';
+import { fileURLToPath } from 'url';
+import { dirname, join } from 'path';
+import { randomBytes } from 'crypto';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+// Read version from package.json
+let packageVersion = '0.1.0';
+try {
+    const packageJsonPath = join(__dirname, '..', '..', 'package.json');
+    const packageJson = JSON.parse(readFileSync(packageJsonPath, 'utf8'));
+    packageVersion = packageJson.version;
+}
+catch (_error) {
+    console.warn('Could not read version from package.json, using default');
+}
+// Generate or use JWT secret - never use hardcoded secrets in production
+export const JWT_SECRET = process.env.JWT_SECRET ||
+    (() => {
+        const generatedSecret = randomBytes(64).toString('hex');
+        console.warn('⚠️  JWT_SECRET not provided - generated random secret for this session');
+        console.warn('🔒 For production, set JWT_SECRET environment variable to persist sessions across restarts');
+        return generatedSecret;
+    })();
+export class AuthService {
+    /**
+     * Generate JWT token for user
+     */
+    generateToken(user) {
+        const payload = {
+            userId: user.id,
+            username: user.username,
+            role: user.role,
+        };
+        return jwt.sign(payload, JWT_SECRET, { expiresIn: '24h' });
+    }
+    /**
+     * Verify JWT token
+     */
+    verifyToken(token) {
+        try {
+            const payload = jwt.verify(token, JWT_SECRET);
+            return payload;
+        }
+        catch (error) {
+            console.error('Token verification failed:', error);
+            return null;
+        }
+    }
+    /**
+     * Login user
+     */
+    async login(username, password) {
+        const user = await userModel.verifyPassword(username, password);
+        if (!user)
+            return null;
+        const userPublic = {
+            id: user.id,
+            username: user.username,
+            email: user.email,
+            role: user.role,
+            avatar: user.avatar,
+            createdAt: new Date(user.created_at).toISOString(),
+            updatedAt: new Date(user.updated_at).toISOString(),
+        };
+        const token = this.generateToken(userPublic);
+        return { user: userPublic, token };
+    }
+    /**
+     * Get system information
+     */
+    getSystemInfo() {
+        const userCount = userModel.getUserCount();
+        return {
+            requiresAuth: true, // For now, always require auth
+            singleUserMode: userCount === 1,
+            hasUsers: userCount > 0,
+            version: packageVersion,
+        };
+    }
+    /**
+     * Get user from token
+     */
+    async getUserFromToken(token) {
+        const payload = this.verifyToken(token);
+        if (!payload)
+            return null;
+        return userModel.getUserById(payload.userId);
+    }
+    /**
+     * Get user by username
+     */
+    async getUserByUsername(username) {
+        const user = userModel.getUserByUsername(username);
+        if (!user)
+            return null;
+        return {
+            id: user.id,
+            username: user.username,
+            email: user.email,
+            role: user.role,
+            avatar: user.avatar,
+            createdAt: new Date(user.created_at).toISOString(),
+            updatedAt: new Date(user.updated_at).toISOString(),
+        };
+    }
+    /**
+     * Signup user
+     */
+    async signup(username, password, email) {
+        try {
+            const userCount = userModel.getUserCount();
+            // Only the very first real user (excluding the default system user) becomes admin
+            const isFirstRealUser = userCount === 0;
+            const userData = {
+                username,
+                password,
+                email: email || null, // Use null instead of empty string
+                // First real user becomes admin, subsequent users are regular users
+                role: isFirstRealUser ? 'admin' : 'user',
+            };
+            const user = await userModel.createUser(userData);
+            if (!user)
+                return null;
+            const token = this.generateToken(user);
+            return { user, token };
+        }
+        catch (error) {
+            console.error('Signup error:', error);
+            return null;
+        }
+    }
+}
+export const authService = new AuthService();
+//# sourceMappingURL=authService.js.map

package/backend/dist/services/authService.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authService.js","sourceRoot":"","sources":["../../src/services/authService.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,EAAE,SAAS,EAAc,MAAM,wBAAwB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AAErC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,iCAAiC;AACjC,IAAI,cAAc,GAAG,OAAO,CAAC;AAC7B,IAAI,CAAC;IACH,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;IACpE,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,CAAC;IACtE,cAAc,GAAG,WAAW,CAAC,OAAO,CAAC;AACvC,CAAC;AAAC,OAAO,MAAM,EAAE,CAAC;IAChB,OAAO,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;AAC1E,CAAC;AAED,yEAAyE;AACzE,MAAM,CAAC,MAAM,UAAU,GACrB,OAAO,CAAC,GAAG,CAAC,UAAU;IACtB,CAAC,GAAG,EAAE;QACJ,MAAM,eAAe,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CACV,wEAAwE,CACzE,CAAC;QACF,OAAO,CAAC,IAAI,CACV,4FAA4F,CAC7F,CAAC;QACF,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC,EAAE,CAAC;AAeP,MAAM,OAAO,WAAW;IACtB;;OAEG;IACH,aAAa,CAAC,IAAgB;QAC5B,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC;QAEF,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,KAAa;QACvB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,CAAqB,CAAC;YAClE,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YACnD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CACT,QAAgB,EAChB,QAAgB;QAEhB,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAChE,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QAEvB,MAAM,UAAU,GAAe;YAC7B,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;YAClD,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;SACnD,CAAC;QAEF,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAC7C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,aAAa;QACX,MAAM,SAAS,GAAG,SAAS,CAAC,YAAY,EAAE,CAAC;QAE3C,OAAO;YACL,YAAY,EAAE,IAAI,EAAE,+BAA+B;YACnD,cAAc,EAAE,SAAS,KAAK,CAAC;YAC/B,QAAQ,EAAE,SAAS,GAAG,CAAC;YACvB,OAAO,EAAE,cAAc;SACxB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,KAAa;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACxC,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,OAAO,SAAS,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,QAAgB;QACtC,MAAM,IAAI,GAAG,SAAS,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QACnD,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QAEvB,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;YAClD,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;SACnD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,QAAgB,EAChB,QAAgB,EAChB,KAAc;QAEd,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,SAAS,CAAC,YAAY,EAAE,CAAC;YAE3C,kFAAkF;YAClF,MAAM,eAAe,GAAG,SAAS,KAAK,CAAC,CAAC;YAExC,MAAM,QAAQ,GAAG;gBACf,QAAQ;gBACR,QAAQ;gBACR,KAAK,EAAE,KAAK,IAAI,IAAI,EAAE,mCAAmC;gBACzD,oEAAoE;gBACpE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAE,OAAiB,CAAC,CAAC,CAAE,MAAgB;aAC/D,CAAC;YAEF,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAClD,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC;YAEvB,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YACvC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;QACzB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC"}

package/backend/dist/services/chatService.d.ts

@@ -0,0 +1,52 @@
+import { ChatSession, ChatMessage } from '../types/index.js';
+declare class ChatService {
+    private sessions;
+    constructor();
+    private loadSessions;
+    private saveSessions;
+    createSession(model: string, title?: string, userId?: string, personaId?: string): Promise<ChatSession>;
+    getSession(sessionId: string, userId?: string): ChatSession | undefined;
+    getAllSessions(userId?: string): ChatSession[];
+    updateSession(sessionId: string, updates: Partial<ChatSession>, userId?: string): Promise<ChatSession | undefined>;
+    addMessage(sessionId: string, message: Omit<ChatMessage, 'id' | 'timestamp'> & {
+        id?: string;
+    }, userId?: string): ChatMessage | undefined;
+    updateMessage(sessionId: string, messageId: string, updates: Partial<ChatMessage>, userId?: string): ChatMessage | undefined;
+    deleteSession(sessionId: string, userId?: string): boolean;
+    clearAllSessions(userId?: string): void;
+    private generateTitle;
+    getMessagesForContext(sessionId: string, maxMessages?: number): ChatMessage[];
+    private updateSystemMessageForPersona;
+    private updateSystemMessageToDefault;
+    private replaceSystemMessage;
+    /**
+     * Process advanced persona interactions: memory storage, retrieval, and mutations
+     */
+    private processAdvancedPersonaInteraction;
+    /**
+     * Update system message to include relevant memories
+     */
+    private updateSystemMessageWithMemories;
+    /**
+     * Process advanced persona response - store AI responses as memories for future reference
+     */
+    private processAdvancedPersonaResponse;
+    /**
+     * Create a new branch for a message (used for regeneration)
+     * This marks the original message as inactive and creates a new active variant
+     */
+    createMessageBranch(sessionId: string, originalMessageId: string, newMessage: Omit<ChatMessage, 'id' | 'timestamp'> & {
+        id?: string;
+    }, userId?: string): ChatMessage | undefined;
+    /**
+     * Switch to a different branch of a message
+     */
+    switchMessageBranch(sessionId: string, messageId: string, targetBranchIndex: number, userId?: string): ChatMessage | undefined;
+    /**
+     * Get all branches for a message
+     */
+    getMessageBranches(sessionId: string, messageId: string, userId?: string): ChatMessage[];
+}
+declare const _default: ChatService;
+export default _default;
+//# sourceMappingURL=chatService.d.ts.map

package/backend/dist/services/chatService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"chatService.d.ts","sourceRoot":"","sources":["../../src/services/chatService.ts"],"names":[],"mappings":"AAiBA,OAAO,EACL,WAAW,EACX,WAAW,EAGZ,MAAM,mBAAmB,CAAC;AAQ3B,cAAM,WAAW;IACf,OAAO,CAAC,QAAQ,CAAuC;;IAMvD,OAAO,CAAC,YAAY;IAYpB,OAAO,CAAC,YAAY;IAKd,aAAa,CACjB,KAAK,EAAE,MAAM,EACb,KAAK,CAAC,EAAE,MAAM,EACd,MAAM,GAAE,MAAkB,EAC1B,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,WAAW,CAAC;IAsGvB,UAAU,CACR,SAAS,EAAE,MAAM,EACjB,MAAM,GAAE,MAAkB,GACzB,WAAW,GAAG,SAAS;IAqC1B,cAAc,CAAC,MAAM,GAAE,MAAkB,GAAG,WAAW,EAAE;IAanD,aAAa,CACjB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,EAC7B,MAAM,GAAE,MAAkB,GACzB,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IA6CnC,UAAU,CACR,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,GAAG,WAAW,CAAC,GAAG;QAAE,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,EAChE,MAAM,GAAE,MAAkB,GACzB,WAAW,GAAG,SAAS;IA+G1B,aAAa,CACX,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,EAC7B,MAAM,GAAE,MAAkB,GACzB,WAAW,GAAG,SAAS;IAmC1B,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,GAAE,MAAkB,GAAG,OAAO;IAYrE,gBAAgB,CAAC,MAAM,GAAE,MAAkB,GAAG,IAAI;IAelD,OAAO,CAAC,aAAa;IAYrB,qBAAqB,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,SAAK,GAAG,WAAW,EAAE;YAgC3D,6BAA6B;IA6C3C,OAAO,CAAC,4BAA4B;IAWpC,OAAO,CAAC,oBAAoB;IAgC5B;;OAEG;YACW,iCAAiC;IA4G/C;;OAEG;YACW,+BAA+B;IA8G7C;;OAEG;YACW,8BAA8B;IA2D5C;;;OAGG;IACH,mBAAmB,CACjB,SAAS,EAAE,MAAM,EACjB,iBAAiB,EAAE,MAAM,EACzB,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,GAAG,WAAW,CAAC,GAAG;QAAE,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,EACnE,MAAM,GAAE,MAAkB,GACzB,WAAW,GAAG,SAAS;IAgD1B;;OAEG;IACH,mBAAmB,CACjB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,iBAAiB,EAAE,MAAM,EACzB,MAAM,GAAE,MAAkB,GACzB,WAAW,GAAG,SAAS;IA6B1B;;OAEG;IACH,kBAAkB,CAChB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,MAAM,GAAE,MAAkB,GACzB,WAAW,EAAE;CAcjB;;AAED,wBAAiC"}