otherwise-cli 0.1.0

package/src/config.js

@@ -0,0 +1,137 @@
+import Conf from 'conf';
+
+// Default configuration
+const defaults = {
+  apiKeys: {
+    anthropic: null,
+    openai: null,
+    google: null,
+    xai: null,
+    openrouter: null,
+  },
+  model: 'claude-sonnet-4-20250514',
+  maxTokens: 8192,
+  temperature: 0.7,
+  ollamaUrl: 'http://localhost:11434',
+  // Email configuration
+  // MyMX for receiving (inbound) + Resend for sending (outbound)
+  mymx: { 
+    secret: null, // Webhook signing secret from MyMX dashboard
+  },
+  resend: {
+    apiKey: null, // API key from resend.com
+    from: null,   // Default "from" address (e.g., "you@yourdomain.com")
+  },
+  // Legacy email config (kept for backward compatibility)
+  email: {
+    smtp: { host: null, port: 587, user: null, pass: null },
+    imap: { host: null, port: 993, user: null, pass: null },
+  },
+  permissions: {
+    fileRead: ['~/*'],
+    fileWrite: ['~/ai-workspace/*'],
+    shell: true,
+    email: true,
+  },
+  server: {
+    port: 3000,
+  },
+  tunnel: {
+    enabled: false,
+    domain: null,
+  },
+  remote: {
+    backendUrl: null,
+    pairingToken: null,
+  },
+  // Browser automation settings
+  browserHeadless: false, // Run browser visible by default (user can see navigation)
+  // Use system/default browser: 'chrome' | 'msedge' | 'chromium' | executable path, or null to prompt user
+  browserChannel: null,
+};
+
+// Create config store
+export const config = new Conf({
+  projectName: 'otherwise',
+  defaults,
+  schema: {
+    apiKeys: {
+      type: 'object',
+      properties: {
+        anthropic: { type: ['string', 'null'] },
+        openai: { type: ['string', 'null'] },
+        google: { type: ['string', 'null'] },
+        xai: { type: ['string', 'null'] },
+        openrouter: { type: ['string', 'null'] },
+      },
+    },
+    model: { type: 'string' },
+    maxTokens: { type: 'number', minimum: 1, maximum: 200000 },
+    temperature: { type: 'number', minimum: 0, maximum: 2 },
+    ollamaUrl: { type: 'string' },
+    permissions: {
+      type: 'object',
+      properties: {
+        fileRead: { type: 'array', items: { type: 'string' } },
+        fileWrite: { type: 'array', items: { type: 'string' } },
+        shell: { type: 'boolean' },
+        email: { type: 'boolean' },
+      },
+    },
+    browserHeadless: { type: 'boolean' },
+    browserChannel: { type: ['string', 'null'] },
+  },
+});
+
+// Migration: fix OpenRouter key that was stored at root level instead of apiKeys
+// This happened because 'openrouter' was missing from the keyMap in the CLI config set command
+if (config.has('openrouter') && !config.get('apiKeys.openrouter')) {
+  const misplacedKey = config.get('openrouter');
+  if (typeof misplacedKey === 'string') {
+    config.set('apiKeys.openrouter', misplacedKey.trim());
+    config.delete('openrouter');
+  }
+}
+
+/**
+ * Get API key for a provider
+ * @param {string} provider - Provider name (anthropic, openai, google, xai)
+ * @returns {string|null}
+ */
+export function getApiKey(provider) {
+  return config.get(`apiKeys.${provider}`) || null;
+}
+
+/**
+ * Get the configured model
+ * @returns {string}
+ */
+export function getModel() {
+  return config.get('model');
+}
+
+/**
+ * Get config for frontend (with redacted API keys and secrets)
+ * @returns {object}
+ */
+export function getPublicConfig() {
+  const fullConfig = config.store;
+  return {
+    ...fullConfig,
+    // Redact API keys - only show if configured (boolean)
+    apiKeys: Object.fromEntries(
+      Object.entries(fullConfig.apiKeys || {}).map(([k, v]) => [k, v ? true : false])
+    ),
+    // Redact MyMX secret - only show if configured (boolean)
+    mymx: {
+      configured: !!fullConfig.mymx?.secret,
+    },
+    // Redact Resend config - show configured status and from address (not API key)
+    resend: {
+      configured: !!fullConfig.resend?.apiKey,
+      from: fullConfig.resend?.from || null,
+    },
+  };
+}
+
+export default config;

package/src/email/client.js

@@ -0,0 +1,503 @@
+import { createHmac, timingSafeEqual } from 'crypto';
+import { runAgent } from '../agent/index.js';
+import { getDb } from '../storage/db.js';
+
+// ============================================
+// Helper Functions
+// ============================================
+
+/**
+ * Extract just the email address from a "Name <email>" string
+ * @param {string} emailString - Email string like "John Doe <john@example.com>"
+ * @returns {string} - Just the email address
+ */
+function extractEmailAddress(emailString) {
+  if (!emailString) return '';
+  const match = emailString.match(/<([^>]+)>/);
+  return match ? match[1] : emailString.trim();
+}
+
+// ============================================
+// MyMX Webhook Signature Verification
+// ============================================
+
+/**
+ * Verify MyMX webhook signature
+ * @param {string} rawBody - Raw request body as string
+ * @param {string} signatureHeader - The MyMX-Signature header value
+ * @param {string} secret - Your webhook secret
+ * @returns {{ valid: boolean, error?: string }}
+ */
+function verifyWebhookSignature(rawBody, signatureHeader, secret) {
+  if (!signatureHeader) {
+    return { valid: false, error: 'Missing MyMX-Signature header' };
+  }
+
+  if (!secret) {
+    // If no secret configured, skip verification (development mode)
+    console.warn('[MyMX] No webhook secret configured - skipping signature verification');
+    return { valid: true };
+  }
+
+  try {
+    // Parse header: t=1734523200,v1=abc123...
+    const parts = {};
+    for (const part of signatureHeader.split(',')) {
+      const [key, value] = part.split('=');
+      if (key && value) {
+        parts[key] = value;
+      }
+    }
+
+    const timestamp = parseInt(parts.t, 10);
+    const signature = parts.v1;
+
+    if (!timestamp || !signature) {
+      return { valid: false, error: 'Invalid signature header format' };
+    }
+
+    // Check timestamp (5 minute tolerance to prevent replay attacks)
+    const now = Math.floor(Date.now() / 1000);
+    if (Math.abs(now - timestamp) > 300) {
+      return { valid: false, error: 'Signature timestamp expired (>5 minutes old)' };
+    }
+
+    // Compute expected signature: HMAC-SHA256 of "{timestamp}.{rawBody}"
+    const signedPayload = `${timestamp}.${rawBody}`;
+    const expectedSignature = createHmac('sha256', secret)
+      .update(signedPayload)
+      .digest('hex');
+
+    // Constant-time comparison to prevent timing attacks
+    const sigBuffer = Buffer.from(signature, 'hex');
+    const expectedBuffer = Buffer.from(expectedSignature, 'hex');
+
+    if (sigBuffer.length !== expectedBuffer.length) {
+      return { valid: false, error: 'Signature length mismatch' };
+    }
+
+    if (!timingSafeEqual(sigBuffer, expectedBuffer)) {
+      return { valid: false, error: 'Invalid signature' };
+    }
+
+    return { valid: true };
+  } catch (err) {
+    return { valid: false, error: `Signature verification failed: ${err.message}` };
+  }
+}
+
+// ============================================
+// MyMX Webhook Handler
+// ============================================
+
+/**
+ * Parse MyMX email payload into a simple structure
+ * @param {object} payload - MyMX webhook payload
+ * @returns {object} - Simplified email object
+ */
+function parseMyMXEmail(payload) {
+  const email = payload.email || {};
+  const headers = email.headers || {};
+  const parsed = email.parsed || {};
+  const smtp = email.smtp || {};
+  const auth = email.auth || {};
+
+  return {
+    // Event info
+    eventId: payload.id,
+    eventType: payload.event, // 'email.received'
+    
+    // Email identifiers
+    emailId: email.id,
+    messageId: headers.message_id,
+    receivedAt: email.received_at,
+    
+    // Addresses
+    from: headers.from,
+    to: headers.to,
+    replyTo: parsed.reply_to,
+    cc: parsed.cc,
+    
+    // Content
+    subject: headers.subject,
+    bodyText: parsed.body_text,
+    bodyHtml: parsed.body_html,
+    date: headers.date,
+    
+    // SMTP envelope (the "real" sender/recipient)
+    envelope: {
+      mailFrom: smtp.mail_from,
+      rcptTo: smtp.rcpt_to,
+      helo: smtp.helo,
+    },
+    
+    // Attachments
+    attachments: (parsed.attachments || []).map(att => ({
+      filename: att.filename,
+      contentType: att.content_type,
+      size: att.size_bytes,
+      sha256: att.sha256,
+    })),
+    attachmentsDownloadUrl: parsed.attachments_download_url,
+    
+    // Thread info (for replies)
+    inReplyTo: parsed.in_reply_to,
+    references: parsed.references,
+    
+    // Authentication results
+    auth: {
+      spf: auth.spf,
+      dkim: auth.dmarc,
+      dmarc: auth.dmarc,
+      dmarcPolicy: auth.dmarcPolicy,
+    },
+    
+    // Spam score
+    spamScore: email.analysis?.spamassassin?.score,
+    
+    // Raw email access
+    rawDownloadUrl: email.content?.download?.url,
+    rawExpiresAt: email.content?.download?.expires_at,
+  };
+}
+
+/**
+ * Handle MyMX webhook for incoming emails
+ * @param {object} request - Fastify request
+ * @param {object} reply - Fastify reply
+ * @param {object} config - Configuration
+ */
+export async function handleEmailWebhook(request, reply, config) {
+  const secret = config.mymx?.secret;
+  
+  // Get raw body for signature verification
+  // The server captures this via preParsing hook
+  const rawBody = request.rawBody || JSON.stringify(request.body);
+  
+  // Verify webhook signature
+  const signatureHeader = request.headers['mymx-signature'];
+  const verification = verifyWebhookSignature(rawBody, signatureHeader, secret);
+  
+  if (!verification.valid) {
+    console.error('[MyMX] Webhook verification failed:', verification.error);
+    return reply.status(401).send({ 
+      error: 'Webhook verification failed',
+      details: verification.error,
+    });
+  }
+
+  try {
+    const payload = typeof request.body === 'string' 
+      ? JSON.parse(request.body) 
+      : request.body;
+    
+    // Verify this is an email.received event
+    if (payload.event !== 'email.received') {
+      console.log('[MyMX] Ignoring non-email event:', payload.event);
+      return reply.status(200).send({ success: true, ignored: true });
+    }
+    
+    // Parse the email into a simple structure
+    const email = parseMyMXEmail(payload);
+    
+    console.log('[MyMX] 📧 Received email:');
+    console.log(`  From: ${email.from}`);
+    console.log(`  To: ${email.to}`);
+    console.log(`  Subject: ${email.subject}`);
+    console.log(`  Spam Score: ${email.spamScore ?? 'N/A'}`);
+    console.log(`  Attachments: ${email.attachments.length}`);
+
+    // Skip high spam emails
+    if (email.spamScore && email.spamScore > 5) {
+      console.log('[MyMX] Skipping high-spam email (score:', email.spamScore, ')');
+      return reply.status(200).send({ success: true, skipped: 'spam' });
+    }
+
+    // Store the email in the database
+    const db = getDb();
+    
+    // Create a new chat for this email
+    const chatTitle = `📧 ${email.subject || 'Email'} - from ${extractEmailAddress(email.from)}`;
+    const chatResult = db.prepare('INSERT INTO chats (title) VALUES (?)').run(chatTitle);
+    const chatId = chatResult.lastInsertRowid;
+    
+    console.log('[MyMX] Created chat', chatId, 'for incoming email');
+
+    // Format the email as a user message
+    const emailContent = `📧 **Incoming Email**
+
+**From:** ${email.from}
+**To:** ${email.to}
+**Subject:** ${email.subject || '(no subject)'}
+**Date:** ${email.date || email.receivedAt}
+${email.attachments.length > 0 ? `**Attachments:** ${email.attachments.map(a => a.filename || 'unnamed').join(', ')}` : ''}
+
+---
+
+${email.bodyText || email.bodyHtml?.replace(/<[^>]+>/g, ' ').trim() || '(no body content)'}`;
+
+    // Save the email as a "user" message (it's incoming)
+    const emailMetadata = {
+      type: 'email',
+      emailId: email.emailId,
+      messageId: email.messageId,
+      from: email.from,
+      to: email.to,
+      subject: email.subject,
+      spamScore: email.spamScore,
+      attachments: email.attachments,
+    };
+    
+    db.prepare(`
+      INSERT INTO messages (chat_id, role, content, metadata) VALUES (?, ?, ?, ?)
+    `).run(chatId, 'user', emailContent, JSON.stringify(emailMetadata));
+
+    // Create a prompt for the AI to handle the email
+    const prompt = `You received an incoming email. Please read it and respond appropriately.
+
+${emailContent}
+
+---
+
+**Instructions:**
+- Analyze this email and determine the appropriate action
+- If it requires a response, compose and send one using the send_email tool (reply to: ${extractEmailAddress(email.from)})
+- If it's informational, summarize the key points
+- If it's spam or clearly irrelevant, note that
+- Be helpful but concise`;
+
+    // Run the agent to process the email
+    let response = '';
+    try {
+      for await (const chunk of runAgent(prompt, [], config)) {
+        if (chunk.type === 'text') {
+          response += chunk.content;
+        }
+      }
+      console.log('[MyMX] AI processed email, response length:', response.length);
+      
+      // Save the AI's response
+      if (response.length > 0) {
+        db.prepare(`
+          INSERT INTO messages (chat_id, role, content, metadata) VALUES (?, ?, ?, ?)
+        `).run(chatId, 'assistant', response, JSON.stringify({ model: config.model }));
+        
+        // Update chat timestamp
+        db.prepare('UPDATE chats SET updated_at = CURRENT_TIMESTAMP WHERE id = ?').run(chatId);
+      }
+    } catch (agentErr) {
+      console.error('[MyMX] Agent error:', agentErr);
+      // Save error as assistant message so user knows what happened
+      db.prepare(`
+        INSERT INTO messages (chat_id, role, content, metadata) VALUES (?, ?, ?, ?)
+      `).run(chatId, 'assistant', `Error processing email: ${agentErr.message}`, JSON.stringify({ error: true }));
+    }
+
+    // Return success
+    return reply.status(200).send({ 
+      success: true, 
+      processed: true,
+      emailId: email.emailId,
+      chatId: chatId,
+    });
+
+  } catch (err) {
+    console.error('[MyMX] Webhook processing error:', err);
+    // Return 500 so MyMX will retry
+    return reply.status(500).send({ 
+      error: 'Processing failed',
+      details: err.message,
+    });
+  }
+}
+
+// ============================================
+// Email Sending (via Resend API)
+// ============================================
+
+/**
+ * Send email via Resend API
+ * Resend is a modern email API that works great with custom domains.
+ * Get your API key at https://resend.com
+ * 
+ * @param {object} config - Configuration with email settings
+ * @param {string} to - Recipient email address
+ * @param {string} subject - Email subject
+ * @param {string} body - Email body (plain text)
+ * @param {object} options - Additional options (html, replyTo, from, etc.)
+ * @returns {Promise<object>} - Send result
+ */
+export async function sendEmail(config, to, subject, body, options = {}) {
+  const resendApiKey = config.resend?.apiKey;
+  const defaultFrom = config.resend?.from || config.email?.from;
+  
+  if (!resendApiKey) {
+    throw new Error(
+      'Email sending not configured.\n\n' +
+      '📧 To send emails, you need to set up Resend (https://resend.com):\n\n' +
+      '1. Sign up at resend.com and get an API key\n' +
+      '2. Add your domain and verify DNS records\n' +
+      '3. Add the API key in Settings under "Integrations"\n\n' +
+      'Resend works great with MyMX - MyMX handles receiving, Resend handles sending!'
+    );
+  }
+
+  // Build the email payload
+  const emailPayload = {
+    from: options.from || defaultFrom,
+    to: Array.isArray(to) ? to : [to],
+    subject,
+    text: body,
+  };
+
+  // Validate from address
+  if (!emailPayload.from) {
+    throw new Error(
+      'No "from" address configured.\n\n' +
+      'Set resend.from in your config to your verified email address\n' +
+      '(e.g., "you@yourdomain.com" or "Your Name <you@yourdomain.com>")'
+    );
+  }
+
+  // Optional HTML version
+  if (options.html) {
+    emailPayload.html = options.html;
+  }
+
+  // Optional reply-to
+  if (options.replyTo) {
+    emailPayload.reply_to = options.replyTo;
+  }
+
+  // Optional CC/BCC
+  if (options.cc) {
+    emailPayload.cc = Array.isArray(options.cc) ? options.cc : [options.cc];
+  }
+  if (options.bcc) {
+    emailPayload.bcc = Array.isArray(options.bcc) ? options.bcc : [options.bcc];
+  }
+
+  // Send via Resend API
+  const response = await fetch('https://api.resend.com/emails', {
+    method: 'POST',
+    headers: {
+      'Authorization': `Bearer ${resendApiKey}`,
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify(emailPayload),
+  });
+
+  if (!response.ok) {
+    const errorData = await response.json().catch(() => ({}));
+    throw new Error(
+      `Resend API error: ${errorData.message || response.statusText}\n` +
+      (errorData.name === 'validation_error' 
+        ? 'Check that your "from" address is verified in Resend.' 
+        : '')
+    );
+  }
+
+  const result = await response.json();
+
+  console.log('[Email] Sent via Resend:', result.id);
+
+  return {
+    success: true,
+    messageId: result.id,
+  };
+}
+
+// ============================================
+// List Received Emails
+// ============================================
+
+/**
+ * Get list of recently received emails from the database
+ * @param {number} limit - Max number of emails to return
+ * @returns {Array} - Array of email objects
+ */
+export function getReceivedEmails(limit = 10) {
+  const db = getDb();
+  
+  // Find chats that are emails (title starts with 📧)
+  const emailChats = db.prepare(`
+    SELECT c.id, c.title, c.created_at, c.updated_at,
+           m.content, m.metadata
+    FROM chats c
+    JOIN messages m ON m.chat_id = c.id AND m.role = 'user'
+    WHERE c.title LIKE '📧%'
+    ORDER BY c.created_at DESC
+    LIMIT ?
+  `).all(limit);
+  
+  return emailChats.map(chat => {
+    const metadata = chat.metadata ? JSON.parse(chat.metadata) : {};
+    return {
+      chatId: chat.id,
+      title: chat.title,
+      from: metadata.from,
+      to: metadata.to,
+      subject: metadata.subject,
+      receivedAt: chat.created_at,
+      spamScore: metadata.spamScore,
+      hasAttachments: (metadata.attachments?.length || 0) > 0,
+    };
+  });
+}
+
+/**
+ * Check email - lists recent emails received via MyMX webhooks
+ * 
+ * @param {object} config - Configuration
+ * @returns {Promise<string>} - List of recent emails or setup instructions
+ */
+export async function checkEmail(config) {
+  const mymxConfigured = !!config.mymx?.secret;
+  
+  if (!mymxConfigured) {
+    throw new Error(
+      '📧 Email not configured!\n\n' +
+      'To receive emails, set up MyMX:\n' +
+      '1. Sign up at mymx.dev\n' +
+      '2. Add your domain and configure MX records\n' +
+      '3. Set your webhook endpoint to: /api/email/webhook\n' +
+      '4. Add your webhook secret in Settings → Email Integration\n\n' +
+      'MyMX will push emails to your agent automatically!'
+    );
+  }
+  
+  // Get recent emails from database
+  const emails = getReceivedEmails(10);
+  
+  if (emails.length === 0) {
+    return (
+      '📭 No emails received yet.\n\n' +
+      'Emails sent to your domain will appear here automatically.\n' +
+      'Check your MyMX dashboard at mymx.dev to verify your setup.'
+    );
+  }
+  
+  // Format the email list
+  let output = `📬 **Recent Emails** (${emails.length} found)\n\n`;
+  
+  for (const email of emails) {
+    const date = new Date(email.receivedAt).toLocaleString();
+    output += `**${email.subject || '(no subject)'}**\n`;
+    output += `  From: ${email.from}\n`;
+    output += `  Received: ${date}\n`;
+    output += `  Chat ID: ${email.chatId}${email.hasAttachments ? ' 📎' : ''}\n\n`;
+  }
+  
+  output += `\n💡 Each email creates a chat. Use read_memory with the Chat ID to see the full conversation.`;
+  
+  return output;
+}
+
+export default { 
+  checkEmail, 
+  sendEmail, 
+  handleEmailWebhook,
+  verifyWebhookSignature,
+  parseMyMXEmail,
+  getReceivedEmails,
+};