plotlink-ows 0.1.18 → 1.0.4

package/app/routes/publish.ts

@@ -78,6 +78,16 @@ publish.post("/file", async (c) => {
     return c.json({ error: "title and content required" }, 400);
   }
 
+  // Enforce character limits
+  const isGenesis = body.fileName === "genesis.md";
+  const isPlot = /^plot-\d+\.md$/.test(body.fileName);
+  const charLimit = isGenesis ? 1000 : isPlot ? 10000 : null;
+  if (charLimit && body.content.length > charLimit) {
+    return c.json({
+      error: `Content exceeds ${charLimit.toLocaleString()} character limit (${body.content.length.toLocaleString()} chars). Reduce content before publishing.`,
+    }, 400);
+  }
+
   // Get wallet
   let wallets;
   try {
@@ -92,7 +102,7 @@ publish.post("/file", async (c) => {
   console.log("[publish/file] Starting publish for", body.storyName, body.fileName, "wallet:", wallet.name);
 
   // Determine if this is genesis (createStoryline) or plot (chainPlot)
-  const isPlot = body.fileName.match(/^plot-\d+\.md$/);
+  // isPlot already defined above from validation
 
   return streamSSE(c, async (stream) => {
     try {
@@ -127,8 +137,10 @@ publish.post("/file", async (c) => {
           step: "done",
           txHash: result.txHash,
           storylineId: result.storylineId,
+          plotIndex: result.plotIndex,
           contentCid: result.contentCid,
           gasCost: result.gasCost,
+          indexError: result.indexError,
         }),
       });
     } catch (err: unknown) {
@@ -140,4 +152,43 @@ publish.post("/file", async (c) => {
   });
 });
 
+/** POST /api/publish/retry-index — retry indexing for a published file */
+publish.post("/retry-index", async (c) => {
+  const body = await c.req.json<{
+    storyName: string;
+    fileName: string;
+    txHash: string;
+    content: string;
+    storylineId?: number;
+  }>();
+
+  if (!body.txHash || !body.content) {
+    return c.json({ error: "txHash and content required" }, 400);
+  }
+
+  const PLOTLINK_URL = process.env.NEXT_PUBLIC_APP_URL || "https://plotlink.xyz";
+  const isPlot = /^plot-\d+\.md$/.test(body.fileName);
+  const endpoint = isPlot ? "plot" : "storyline";
+  const indexBody = isPlot
+    ? { txHash: body.txHash, content: body.content }
+    : { txHash: body.txHash, content: body.content, genre: undefined };
+
+  try {
+    const indexRes = await fetch(`${PLOTLINK_URL}/api/index/${endpoint}`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(indexBody),
+    });
+    const indexData = await indexRes.json().catch(() => ({})) as Record<string, string>;
+    if (!indexRes.ok || indexData.error) {
+      const error = indexData.error || `Indexing failed: HTTP ${indexRes.status}`;
+      return c.json({ ok: false, error });
+    }
+    return c.json({ ok: true });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : "Indexing request failed";
+    return c.json({ ok: false, error: message });
+  }
+});
+
 export { publish as publishRoutes };

package/app/routes/settings.ts

@@ -0,0 +1,194 @@
+import { Hono } from "hono";
+import { createPublicClient, createWalletClient, http, decodeEventLog } from "viem";
+import { base } from "viem/chains";
+import { erc8004Abi } from "../../packages/cli/src/sdk/abi";
+import { listAgentWallets, getBaseAddress } from "../../lib/ows/wallet";
+import { createOwsAccount } from "../lib/publish";
+import { db } from "../db";
+import {
+  signMessage as owsSignMsg,
+} from "@open-wallet-standard/core";
+
+const ERC_8004 = "0x8004A169FB4a3325136EB29fA0ceB6D2e539a432" as const;
+const rpcUrl = process.env.NEXT_PUBLIC_RPC_URL || "https://mainnet.base.org";
+
+const publicClient = createPublicClient({
+  chain: base,
+  transport: http(rpcUrl),
+});
+
+const settings = new Hono();
+
+/** POST /api/settings/generate-binding — generate wallet binding proof for PlotLink */
+settings.post("/generate-binding", async (c) => {
+  const body = await c.req.json<{ humanWallet: string }>();
+
+  if (!body.humanWallet || !/^0x[a-fA-F0-9]{40}$/.test(body.humanWallet)) {
+    return c.json({ error: "Valid wallet address required (0x...)" }, 400);
+  }
+
+  try {
+    const wallets = listAgentWallets();
+    const wallet = wallets.find((w) => w.name.startsWith("plotlink-writer"));
+    if (!wallet) return c.json({ error: "No OWS wallet found. Create one in Wallet settings first." }, 400);
+
+    const owsWallet = getBaseAddress(wallet);
+    if (!owsWallet) return c.json({ error: "No EVM address on wallet" }, 400);
+
+    const message = `I authorize ${body.humanWallet} as my PlotLink owner. Wallet: ${owsWallet}`;
+    const passphrase = process.env.OWS_PASSPHRASE;
+
+    const result = owsSignMsg(wallet.name, "eip155:8453", message, passphrase);
+    const signature = result.signature.startsWith("0x") ? result.signature : `0x${result.signature}`;
+
+    return c.json({
+      message,
+      signature,
+      owsWallet,
+    });
+  } catch (err: unknown) {
+    const msg = err instanceof Error ? err.message : "Failed to generate binding proof";
+    return c.json({ error: msg }, 500);
+  }
+});
+
+/** POST /api/settings/register-agent — OWS wallet self-registers on ERC-8004 */
+settings.post("/register-agent", async (c) => {
+  const body = await c.req.json<{ name: string; description: string; genre?: string }>();
+
+  if (!body.name?.trim()) {
+    return c.json({ error: "Agent name is required" }, 400);
+  }
+  if (!body.description?.trim()) {
+    return c.json({ error: "Agent description is required" }, 400);
+  }
+
+  try {
+    const wallets = listAgentWallets();
+    const wallet = wallets.find((w) => w.name.startsWith("plotlink-writer"));
+    if (!wallet) return c.json({ error: "No OWS wallet found. Create one in Wallet settings first." }, 400);
+
+    const owsAddress = getBaseAddress(wallet);
+    if (!owsAddress) return c.json({ error: "No EVM address on wallet" }, 400);
+
+    // Check if already registered
+    try {
+      const existingId = await publicClient.readContract({
+        address: ERC_8004,
+        abi: erc8004Abi,
+        functionName: "agentIdByWallet",
+        args: [owsAddress as `0x${string}`],
+      }) as bigint;
+      if (existingId > 0n) {
+        return c.json({ error: `Already registered as Agent #${existingId}` }, 400);
+      }
+    } catch { /* not registered — continue */ }
+
+    // Build agentURI as inline JSON
+    const agentURI = JSON.stringify({
+      name: body.name.trim(),
+      description: body.description.trim(),
+      ...(body.genre?.trim() && { genre: body.genre.trim() }),
+      llmModel: "Claude",
+      registeredBy: "plotlink-ows",
+      registeredAt: new Date().toISOString(),
+    });
+
+    // Create OWS-backed wallet client and call register()
+    const account = createOwsAccount(wallet.name, owsAddress as `0x${string}`);
+    const walletClient = createWalletClient({ account, chain: base, transport: http(rpcUrl) });
+
+    const txHash = await walletClient.writeContract({
+      address: ERC_8004,
+      abi: erc8004Abi,
+      functionName: "register",
+      args: [agentURI],
+    });
+
+    // Wait for confirmation and decode Registered event
+    const receipt = await publicClient.waitForTransactionReceipt({
+      hash: txHash,
+    });
+
+    if (receipt.status === "reverted") {
+      return c.json({ error: "Transaction reverted on-chain" }, 500);
+    }
+
+    let agentId: number | undefined;
+    for (const log of receipt.logs) {
+      try {
+        const decoded = decodeEventLog({
+          abi: erc8004Abi,
+          data: log.data,
+          topics: log.topics,
+        });
+        if (decoded.eventName === "Registered") {
+          agentId = Number((decoded.args as { agentId: bigint }).agentId);
+          break;
+        }
+      } catch { /* not our event */ }
+    }
+
+    if (!agentId) {
+      return c.json({ error: "Transaction succeeded but Registered event not found" }, 500);
+    }
+
+    // Store agentId locally
+    await db.setting.upsert({
+      where: { key: "agent_id" },
+      update: { value: String(agentId) },
+      create: { key: "agent_id", value: String(agentId) },
+    });
+
+    return c.json({
+      agentId,
+      owsWallet: owsAddress,
+      txHash,
+    });
+  } catch (err: unknown) {
+    const msg = err instanceof Error ? err.message : "Registration failed";
+    return c.json({ error: msg }, 500);
+  }
+});
+
+/** GET /api/settings/link-status — check if OWS wallet is registered on ERC-8004 */
+settings.get("/link-status", async (c) => {
+  try {
+    const wallets = listAgentWallets();
+    const wallet = wallets.find((w) => w.name.startsWith("plotlink-writer"));
+    if (!wallet) return c.json({ linked: false, error: "No wallet" });
+
+    const address = getBaseAddress(wallet);
+    if (!address) return c.json({ linked: false, error: "No EVM address" });
+
+    try {
+      const agentId = await publicClient.readContract({
+        address: ERC_8004,
+        abi: erc8004Abi,
+        functionName: "agentIdByWallet",
+        args: [address as `0x${string}`],
+      }) as bigint;
+
+      if (agentId > 0n) {
+        // Fetch NFT owner (ERC-721 ownerOf)
+        let owner: string | undefined;
+        try {
+          owner = await publicClient.readContract({
+            address: ERC_8004,
+            abi: [{ type: "function", name: "ownerOf", stateMutability: "view", inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "address" }] }] as const,
+            functionName: "ownerOf",
+            args: [agentId],
+          }) as string;
+        } catch { /* best effort */ }
+        return c.json({ linked: true, agentId: Number(agentId), owsWallet: address, owner });
+      }
+    } catch { /* contract call may fail */ }
+
+    return c.json({ linked: false, owsWallet: address });
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : "Failed to check link status";
+    return c.json({ linked: false, error: message });
+  }
+});
+
+export { settings as settingsRoutes };

package/app/routes/stories.ts

@@ -18,12 +18,14 @@ function safeName(name: string): string | null {
 
 interface FileStatus {
   file: string;
-  status: "published" | "pending" | "draft";
+  status: "published" | "published-not-indexed" | "pending" | "draft";
   txHash?: string;
   storylineId?: number;
+  plotIndex?: number;
   contentCid?: string;
   publishedAt?: string;
   gasCost?: string;
+  indexError?: string;
 }
 
 interface StoryInfo {
@@ -56,7 +58,7 @@ function scanStory(storyDir: string, name: string): StoryInfo {
 
   const files: FileStatus[] = entries.map((file) => {
     const existing = publishStatus[file];
-    if (existing?.status === "published") {
+    if (existing?.status === "published" || existing?.status === "published-not-indexed") {
       return existing;
     }
     return { file, status: "pending" as const };
@@ -65,7 +67,7 @@ function scanStory(storyDir: string, name: string): StoryInfo {
   const hasStructure = entries.includes("structure.md");
   const hasGenesis = entries.includes("genesis.md");
   const plotCount = entries.filter((f) => f.match(/^plot-\d+\.md$/)).length;
-  const publishedCount = files.filter((f) => f.status === "published").length;
+  const publishedCount = files.filter((f) => f.status === "published" || f.status === "published-not-indexed").length;
 
   return { name, files, hasStructure, hasGenesis, plotCount, publishedCount };
 }
@@ -125,6 +127,42 @@ stories.get("/:name/:file", (c) => {
   return c.json({ ...status, content });
 });
 
+/** PUT /api/stories/:name/:file — update file content */
+stories.put("/:name/:file", async (c) => {
+  const name = safeName(c.req.param("name"));
+  const file = safeName(c.req.param("file"));
+  if (!name || !file) return c.json({ error: "Invalid path" }, 400);
+  if (!file.endsWith(".md")) return c.json({ error: "Only .md files can be edited" }, 400);
+
+  const filePath = path.join(STORIES_DIR, name, file);
+  if (!fs.existsSync(filePath)) {
+    return c.json({ error: "File not found" }, 404);
+  }
+
+  const body = await c.req.json<{ content: string }>();
+  if (typeof body.content !== "string") {
+    return c.json({ error: "Content must be a string" }, 400);
+  }
+
+  // Only write and reset status if content actually changed
+  const existingContent = fs.readFileSync(filePath, "utf-8");
+  if (body.content === existingContent) {
+    return c.json({ ok: true, unchanged: true });
+  }
+
+  fs.writeFileSync(filePath, body.content, "utf-8");
+
+  // Reset publish status to pending if file was previously published
+  const storyDir = path.join(STORIES_DIR, name);
+  const status = readPublishStatus(storyDir);
+  if (status[file] && (status[file].status === "published" || status[file].status === "published-not-indexed")) {
+    status[file].status = "pending";
+    writePublishStatus(storyDir, status);
+  }
+
+  return c.json({ ok: true });
+});
+
 /** POST /api/stories/:name/:file/publish-status — update publish status after publishing */
 stories.post("/:name/:file/publish-status", async (c) => {
   const name = safeName(c.req.param("name"));
@@ -134,19 +172,48 @@ stories.post("/:name/:file/publish-status", async (c) => {
   const body = await c.req.json<{
     txHash: string;
     storylineId?: number;
+    plotIndex?: number;
     contentCid: string;
     gasCost?: string;
+    indexError?: string;
   }>();
 
   const status = readPublishStatus(storyDir);
+  const existing = status[file];
   status[file] = {
     file,
-    status: "published",
-    txHash: body.txHash,
-    storylineId: body.storylineId,
-    contentCid: body.contentCid,
-    gasCost: body.gasCost,
+    status: body.indexError ? "published-not-indexed" : "published",
+    txHash: body.txHash || existing?.txHash,
+    storylineId: body.storylineId ?? existing?.storylineId,
+    plotIndex: body.plotIndex ?? existing?.plotIndex,
+    contentCid: body.contentCid || existing?.contentCid,
+    gasCost: body.gasCost || existing?.gasCost,
     publishedAt: new Date().toISOString(),
+    ...(body.indexError ? { indexError: body.indexError } : {}),
+  };
+  writePublishStatus(storyDir, status);
+
+  return c.json({ ok: true });
+});
+
+/** POST /api/stories/:name/:file/mark-not-indexed — manually mark as not indexed */
+stories.post("/:name/:file/mark-not-indexed", async (c) => {
+  const name = safeName(c.req.param("name"));
+  const file = safeName(c.req.param("file"));
+  if (!name || !file) return c.json({ error: "Invalid path" }, 400);
+  const storyDir = path.join(STORIES_DIR, name);
+
+  const status = readPublishStatus(storyDir);
+  const existing = status[file];
+  if (!existing || (existing.status !== "published" && existing.status !== "published-not-indexed")) {
+    return c.json({ error: "File is not published" }, 400);
+  }
+
+  const body = await c.req.json<{ indexError?: string }>().catch(() => ({}));
+  status[file] = {
+    ...existing,
+    status: "published-not-indexed",
+    indexError: body.indexError || "Manually marked as not indexed",
   };
   writePublishStatus(storyDir, status);
 

package/app/routes/terminal.ts

@@ -1,59 +1,173 @@
 import { Hono } from "hono";
 import * as pty from "node-pty";
 import path from "path";
+import fs from "fs";
 import { fileURLToPath } from "url";
+import { randomUUID } from "crypto";
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const STORIES_DIR = path.join(__dirname, "..", "..", "stories");
+const MAX_SESSIONS = 5;
+const SESSION_FILE = path.join(__dirname, "..", "..", "data", "terminal-sessions.json");
 
 const terminal = new Hono();
 
-// Active PTY sessions keyed by session ID
+// Active PTY sessions keyed by story name
 const ptySessions = new Map<
   string,
-  { term: pty.IPty; ws: WebSocket | null; state: "running" | "stopped" }
+  { term: pty.IPty; ws: WebSocket | null; state: "running" | "stopped"; sessionId: string }
 >();
 
-/** POST /api/terminal/spawn — spawn Claude CLI in stories/ */
-terminal.post("/spawn", (c) => {
-  const sessionId = "default";
-
-  const existing = ptySessions.get(sessionId);
-  if (existing?.term && existing.state === "running") {
-    return c.json({ ok: true, pid: existing.term.pid, reused: true });
+function safeName(name: string): string | null {
+  if (!name || name.includes("..") || name.includes("/") || name.includes("\\") || name.startsWith(".")) {
+    return null;
   }
+  return name;
+}
+
+/** Load stored session UUIDs from disk */
+function loadSessionMap(): Record<string, string> {
+  try {
+    if (fs.existsSync(SESSION_FILE)) {
+      return JSON.parse(fs.readFileSync(SESSION_FILE, "utf-8"));
+    }
+  } catch { /* ignore */ }
+  return {};
+}
 
+/** Save session UUIDs to disk */
+function saveSessionMap(map: Record<string, string>) {
   try {
-    const shell = process.env.SHELL || "/bin/zsh";
-    const term = pty.spawn(shell, ["-l", "-c", "claude"], {
-      name: "xterm-256color",
-      cols: 120,
-      rows: 30,
-      cwd: STORIES_DIR,
-      env: process.env as Record<string, string>,
-    });
-
-    ptySessions.set(sessionId, { term, ws: null, state: "running" });
-
-    term.onExit(({ exitCode }) => {
-      const session = ptySessions.get(sessionId);
-      if (session?.term === term) {
-        session.state = "stopped";
-        if (session.ws && session.ws.readyState <= 1) {
-          session.ws.close(1000, `exited:${exitCode}`);
-        }
-        session.ws = null;
+    const dir = path.dirname(SESSION_FILE);
+    if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+    fs.writeFileSync(SESSION_FILE, JSON.stringify(map, null, 2) + "\n");
+  } catch { /* ignore */ }
+}
+
+function spawnPty(storyName: string, opts?: { sessionId?: string; resume?: boolean }) {
+  const storyDir = path.join(STORIES_DIR, storyName);
+  if (!fs.existsSync(storyDir)) fs.mkdirSync(storyDir, { recursive: true });
+  const shell = process.env.SHELL || "/bin/zsh";
+
+  // Determine session ID
+  const sessionMap = loadSessionMap();
+  let sessionId: string;
+
+  // Build Claude CLI command with session flags
+  // Note: no --cwd flag — Claude CLI uses process cwd, set via pty.spawn({ cwd: storyDir })
+  let claudeCmd = "claude";
+  if (opts?.resume && sessionMap[storyName]) {
+    // Resume: reuse stored session
+    sessionId = sessionMap[storyName];
+    claudeCmd += ` --resume "${sessionId}"`;
+  } else {
+    // Fresh: always generate new UUID
+    sessionId = opts?.sessionId || randomUUID();
+    claudeCmd += ` --session-id "${sessionId}"`;
+  }
+
+  const term = pty.spawn(shell, ["-l", "-c", claudeCmd], {
+    name: "xterm-256color",
+    cols: 120,
+    rows: 30,
+    cwd: storyDir,
+    env: process.env as Record<string, string>,
+  });
+
+  // Persist session ID
+  sessionMap[storyName] = sessionId;
+  saveSessionMap(sessionMap);
+
+  const isResume = !!opts?.resume;
+  const spawnTime = Date.now();
+  const session = { term, ws: null as WebSocket | null, state: "running" as const, sessionId };
+  ptySessions.set(storyName, session);
+
+  term.onExit(({ exitCode }) => {
+    const s = ptySessions.get(storyName);
+    if (s?.term !== term) return;
+
+    // If a resumed session exits quickly (< 5s), signal client to auto-reconnect fresh
+    const elapsed = Date.now() - spawnTime;
+    if (isResume && elapsed < 5000 && exitCode !== 0) {
+      console.log(`Resume for "${storyName}" failed (exit ${exitCode} in ${elapsed}ms), signaling fresh fallback`);
+      ptySessions.delete(storyName);
+      if (s.ws && s.ws.readyState <= 1) {
+        // Close code 4000 = resume-failed, client should auto-reconnect fresh
+        s.ws.close(4000, "resume-failed");
       }
-    });
+      s.ws = null;
+      return;
+    }
+
+    s.state = "stopped";
+    if (s.ws && s.ws.readyState <= 1) {
+      s.ws.close(1000, `exited:${exitCode}`);
+    }
+    s.ws = null;
+  });
+
+  return session;
+}
+
+/** POST /api/terminal/spawn — spawn Claude CLI for a story */
+terminal.post("/spawn", async (c) => {
+  const body = await c.req.json<{ storyName?: string; resume?: boolean }>().catch(() => ({}));
+  const storyName = safeName(body.storyName || "default");
+  if (!storyName) return c.json({ error: "Invalid story name" }, 400);
+
+  const existing = ptySessions.get(storyName);
+  if (existing?.term && existing.state === "running") {
+    return c.json({ ok: true, pid: existing.term.pid, storyName, sessionId: existing.sessionId, reused: true });
+  }
+
+  // Enforce max concurrent sessions
+  const running = [...ptySessions.values()].filter((s) => s.state === "running").length;
+  if (running >= MAX_SESSIONS) {
+    return c.json({ error: `Max ${MAX_SESSIONS} concurrent sessions`, ok: false }, 429);
+  }
 
-    return c.json({ ok: true, pid: term.pid });
+  try {
+    const session = spawnPty(storyName, { resume: body.resume });
+    return c.json({ ok: true, pid: session.term.pid, storyName, sessionId: session.sessionId });
   } catch (err: unknown) {
     const message = err instanceof Error ? err.message : "Failed to spawn PTY";
     return c.json({ ok: false, error: message }, 500);
   }
 });
 
-/** POST /api/terminal/stop — kill PTY */
+/** GET /api/terminal/session/:storyName — get stored session ID for a story */
+terminal.get("/session/:storyName", (c) => {
+  const storyName = safeName(c.req.param("storyName"));
+  if (!storyName) return c.json({ error: "Invalid story name" }, 400);
+
+  const sessionMap = loadSessionMap();
+  const sessionId = sessionMap[storyName] || null;
+  const active = ptySessions.get(storyName);
+
+  return c.json({
+    sessionId,
+    running: !!active && active.state === "running",
+  });
+});
+
+/** DELETE /api/terminal/:storyName — kill a story's PTY */
+terminal.delete("/:storyName", (c) => {
+  const storyName = safeName(c.req.param("storyName"));
+  if (!storyName) return c.json({ error: "Invalid story name" }, 400);
+
+  const session = ptySessions.get(storyName);
+  if (session?.term && session.state === "running") {
+    session.term.kill();
+    session.state = "stopped";
+    ptySessions.delete(storyName);
+    return c.json({ ok: true });
+  }
+  ptySessions.delete(storyName);
+  return c.json({ ok: true, message: "not running" });
+});
+
+/** POST /api/terminal/stop — kill PTY (legacy, kills default) */
 terminal.post("/stop", (c) => {
   const session = ptySessions.get("default");
   if (session?.term && session.state === "running") {
@@ -64,48 +178,38 @@ terminal.post("/stop", (c) => {
   return c.json({ ok: true, message: "not running" });
 });
 
-/** GET /api/terminal/status */
+/** GET /api/terminal/status — list all sessions */
 terminal.get("/status", (c) => {
-  const session = ptySessions.get("default");
-  return c.json({
-    running: session?.state === "running",
-    pid: session?.term?.pid ?? null,
-  });
+  const sessions: Record<string, { running: boolean; pid: number | null; sessionId: string }> = {};
+  for (const [name, session] of ptySessions) {
+    sessions[name] = {
+      running: session.state === "running",
+      pid: session.term?.pid ?? null,
+      sessionId: session.sessionId,
+    };
+  }
+  return c.json({ sessions });
 });
 
 /**
- * Attach a raw WebSocket to the PTY session.
+ * Attach a raw WebSocket to a story's PTY session.
  * Called from server.ts WebSocket upgrade handler.
  */
-export function attachTerminalWs(ws: WebSocket) {
-  const sessionId = "default";
-  let session = ptySessions.get(sessionId);
+export function attachTerminalWs(ws: WebSocket, storyName?: string, resume?: boolean) {
+  const name = storyName && safeName(storyName) ? storyName : "default";
+  let session = ptySessions.get(name);
 
   // Lazy spawn if no PTY exists
   if (!session || session.state !== "running") {
+    // Enforce max concurrent sessions
+    const running = [...ptySessions.values()].filter((s) => s.state === "running").length;
+    if (running >= MAX_SESSIONS) {
+      ws.close(1013, "max-sessions");
+      return;
+    }
+
     try {
-      const shell = process.env.SHELL || "/bin/zsh";
-    const term = pty.spawn(shell, ["-l", "-c", "claude"], {
-        name: "xterm-256color",
-        cols: 120,
-        rows: 30,
-        cwd: STORIES_DIR,
-        env: process.env as Record<string, string>,
-      });
-
-      session = { term, ws: null, state: "running" };
-      ptySessions.set(sessionId, session);
-
-      term.onExit(({ exitCode }) => {
-        const s = ptySessions.get(sessionId);
-        if (s?.term === term) {
-          s.state = "stopped";
-          if (s.ws && s.ws.readyState <= 1) {
-            s.ws.close(1000, `exited:${exitCode}`);
-          }
-          s.ws = null;
-        }
-      });
+      session = spawnPty(name, { resume });
     } catch (err) {
       console.error("PTY spawn failed:", err);
       ws.close(1011, "pty-spawn-failed");