quadwork 1.2.1 → 1.2.3

package/server/index.js

@@ -8,6 +8,7 @@ const pty = require("node-pty");
 const { spawn } = require("child_process");
 const { readConfig, resolveAgentCwd, resolveAgentCommand, resolveProjectChattr, resolveChattrSpawn, syncChattrToken, CONFIG_PATH } = require("./config");
 const routes = require("./routes");
+const { waitForAgentChattrReady, registerAgent, deregisterAgent } = require("./agentchattr-registry");
 
 const net = require("net");
 const config = readConfig();
@@ -207,6 +208,39 @@ const PERMISSION_FLAGS = {
  * Generate a per-agent MCP config file for Claude (--mcp-config).
  * Returns the absolute path to the written JSON file.
  */
+/**
+ * Per-agent registration tokens persisted across QuadWork restarts so
+ * #242 stale-slot reclaim works after a crash. Without this the
+ * in-memory _tokenCache is empty on startup and the family-name
+ * deregister returns 403 (app.py:2123-2135).
+ */
+function _agentTokenPath(projectId, agentId) {
+  const configDir = path.join(os.homedir(), ".quadwork", projectId);
+  return path.join(configDir, `agent-token-${agentId}.txt`);
+}
+
+function readPersistedAgentToken(projectId, agentId) {
+  try {
+    return fs.readFileSync(_agentTokenPath(projectId, agentId), "utf8").trim() || null;
+  } catch {
+    return null;
+  }
+}
+
+function writePersistedAgentToken(projectId, agentId, token) {
+  try {
+    const configDir = path.join(os.homedir(), ".quadwork", projectId);
+    if (!fs.existsSync(configDir)) fs.mkdirSync(configDir, { recursive: true });
+    fs.writeFileSync(_agentTokenPath(projectId, agentId), token, { mode: 0o600 });
+  } catch {
+    // non-fatal — stale-slot reclaim will degrade but registration still works
+  }
+}
+
+function clearPersistedAgentToken(projectId, agentId) {
+  try { fs.unlinkSync(_agentTokenPath(projectId, agentId)); } catch {}
+}
+
 function writeMcpConfigFile(projectId, agentId, mcpHttpPort, token) {
   const os = require("os");
   const configDir = path.join(os.homedir(), ".quadwork", projectId);
@@ -233,12 +267,14 @@ function writeMcpConfigFile(projectId, agentId, mcpHttpPort, token) {
 async function buildAgentArgs(projectId, agentId) {
   const cfg = readConfig();
   const project = cfg.projects?.find((p) => p.id === projectId);
-  if (!project) return [];
+  if (!project) return { args: [], acRegistrationName: null, acServerPort: null };
 
   const agentCfg = project.agents?.[agentId] || {};
   const command = agentCfg.command || "claude";
   const cliBase = command.split("/").pop().split(" ")[0]; // extract base CLI name
   const args = [];
+  let acRegistrationName = null;
+  let acServerPort = null;
 
   // Permission bypass flags
   if (agentCfg.auto_approve !== false) {
@@ -252,21 +288,63 @@ async function buildAgentArgs(projectId, agentId) {
   if (mcpHttpPort) {
     const injectMode = agentCfg.mcp_inject || (cliBase === "codex" ? "proxy_flag" : cliBase === "gemini" ? "env" : "flag");
     if (injectMode === "flag") {
-      // Claude/Kimi: write config file, pass --mcp-config
-      const mcpConfigPath = writeMcpConfigFile(projectId, agentId, mcpHttpPort, token);
+      // Claude/Kimi: register with AgentChattr to obtain a per-agent
+      // token (#239 — session_token is browser auth, not MCP auth) and
+      // write that into the per-agent MCP config file.
+      const chattrInfo = resolveProjectChattr(projectId);
+      acServerPort = Number(new URL(chattrInfo.url).port) || 8300;
+      await waitForAgentChattrReady(acServerPort);
+      // #242: best-effort deregister any stale registration of the
+      // canonical name (left over by a crashed previous QuadWork
+      // session) so the fresh register lands at slot 1 instead of
+      // head-2 / reviewer2-2. We need the previous agent's bearer
+      // token because app.py:2123 requires authenticated agent
+      // session for family names — load it from disk (persisted
+      // across restarts). Failures are non-fatal.
+      const stalePersistedToken = readPersistedAgentToken(projectId, agentId);
+      if (stalePersistedToken) {
+        await deregisterAgent(acServerPort, agentId, stalePersistedToken).catch(() => {});
+        clearPersistedAgentToken(projectId, agentId);
+      }
+      const registration = await registerAgent(acServerPort, agentId, agentCfg.display_name || null);
+      if (!registration) {
+        throw new Error(`Failed to register ${agentId}: ${registerAgent.lastError}`);
+      }
+      acRegistrationName = registration.name;
+      writePersistedAgentToken(projectId, agentId, registration.token);
+      const mcpConfigPath = writeMcpConfigFile(projectId, agentId, mcpHttpPort, registration.token);
       const flag = agentCfg.mcp_flag || "--mcp-config";
       args.push(flag, mcpConfigPath);
     } else if (injectMode === "proxy_flag") {
-      // Codex: start local auth proxy, pass proxy URL via -c flag
+      // Codex: register with AgentChattr first (#240) so the proxy
+      // injects a real per-agent token, not the global session token.
+      // Resolve via resolveProjectChattr so legacy/global-config
+      // projects without a per-project agentchattr_url still work.
+      const chattrInfo = resolveProjectChattr(projectId);
+      acServerPort = Number(new URL(chattrInfo.url).port) || 8300;
+      await waitForAgentChattrReady(acServerPort);
+      // #242: best-effort deregister stale canonical name first using
+      // the persisted bearer token from a previous session.
+      const stalePersistedToken = readPersistedAgentToken(projectId, agentId);
+      if (stalePersistedToken) {
+        await deregisterAgent(acServerPort, agentId, stalePersistedToken).catch(() => {});
+        clearPersistedAgentToken(projectId, agentId);
+      }
+      const registration = await registerAgent(acServerPort, agentId, agentCfg.display_name || null);
+      if (!registration) {
+        throw new Error(`Failed to register ${agentId}: ${registerAgent.lastError}`);
+      }
+      acRegistrationName = registration.name;
+      writePersistedAgentToken(projectId, agentId, registration.token);
       const upstreamUrl = `http://127.0.0.1:${mcpHttpPort}`;
-      const proxyUrl = await startMcpProxy(projectId, agentId, upstreamUrl, token);
+      const proxyUrl = await startMcpProxy(projectId, agentId, upstreamUrl, registration.token);
       if (proxyUrl) {
         args.push("-c", `mcp_servers.agentchattr.url="${proxyUrl}"`);
       }
     }
   }
 
-  return args;
+  return { args, acRegistrationName, acServerPort };
 }
 
 /**
@@ -313,7 +391,8 @@ async function spawnAgentPty(project, agent) {
   if (!cwd) return { ok: false, error: `Unknown agent: ${key}` };
 
   const command = resolveAgentCommand(project, agent) || (process.env.SHELL || "/bin/zsh");
-  const args = await buildAgentArgs(project, agent);
+  const built = await buildAgentArgs(project, agent);
+  const args = built.args;
   const extraEnv = buildAgentEnv(project, agent);
 
   try {
@@ -325,7 +404,16 @@ async function spawnAgentPty(project, agent) {
       env: { ...process.env, ...extraEnv },
     });
 
-    const session = { projectId: project, agentId: agent, term, ws: null, state: "running", error: null };
+    const session = {
+      projectId: project,
+      agentId: agent,
+      term,
+      ws: null,
+      state: "running",
+      error: null,
+      acRegistrationName: built.acRegistrationName,
+      acServerPort: built.acServerPort,
+    };
     agentSessions.set(key, session);
 
     term.onExit(({ exitCode }) => {
@@ -349,8 +437,11 @@ async function spawnAgentPty(project, agent) {
   }
 }
 
-// Helper: stop an agent session — kill PTY, close WS
-function stopAgentSession(key) {
+// Helper: stop an agent session — kill PTY, close WS, deregister.
+// Async because deregister must complete before a restart re-registers,
+// otherwise the old slot stays occupied and a fresh register lands at
+// head-2 instead of slot 1 (#241).
+async function stopAgentSession(key) {
   const session = agentSessions.get(key);
   if (!session) {
     agentSessions.set(key, { projectId: null, agentId: null, term: null, ws: null, state: "stopped", error: null });
@@ -366,6 +457,19 @@ function stopAgentSession(key) {
   session.ws = null;
   session.state = "stopped";
   session.error = null;
+  // Best-effort deregister from AgentChattr (#241) so the slot frees
+  // and the next register lands at slot 1 instead of head-2.
+  if (session.acRegistrationName && session.acServerPort) {
+    try {
+      await deregisterAgent(session.acServerPort, session.acRegistrationName);
+    } catch {
+      // best-effort — failures are non-fatal
+    }
+    if (session.projectId && session.agentId) {
+      clearPersistedAgentToken(session.projectId, session.agentId);
+    }
+    session.acRegistrationName = null;
+  }
   // Clean up MCP auth proxy if running
   const [projectId, agentId] = key.split("/");
   if (projectId && agentId) stopMcpProxy(projectId, agentId);
@@ -630,10 +734,10 @@ app.post("/api/agents/:project/:agent/start", async (req, res) => {
 
 // --- Lifecycle: stop kills PTY + closes WS ---
 
-app.post("/api/agents/:project/:agent/stop", (req, res) => {
+app.post("/api/agents/:project/:agent/stop", async (req, res) => {
   const { project, agent } = req.params;
   const key = `${project}/${agent}`;
-  stopAgentSession(key);
+  await stopAgentSession(key);
   res.json({ ok: true, state: "stopped" });
 });
 
@@ -643,16 +747,16 @@ app.post("/api/agents/:project/:agent/restart", async (req, res) => {
   const { project, agent } = req.params;
   const key = `${project}/${agent}`;
 
-  stopAgentSession(key);
+  // #241: must await deregister before respawn so the slot frees and
+  // the fresh register lands at slot 1 instead of head-2.
+  await stopAgentSession(key);
 
-  setTimeout(async () => {
-    const result = await spawnAgentPty(project, agent);
-    if (result.ok) {
-      res.json({ ok: true, state: "running", pid: result.pid });
-    } else {
-      res.status(500).json({ ok: false, state: "error", error: result.error });
-    }
-  }, 500);
+  const result = await spawnAgentPty(project, agent);
+  if (result.ok) {
+    res.json({ ok: true, state: "running", pid: result.pid });
+  } else {
+    res.status(500).json({ ok: false, state: "error", error: result.error });
+  }
 });
 
 // --- Sessions tracking (for /api/projects dashboard) ---

package/server/routes.js

@@ -122,19 +122,108 @@ router.get("/api/chat", async (req, res) => {
   }
 });
 
+// #225 sub-E: send chat messages from the dashboard via the
+// AgentChattr WebSocket, not via /api/send.
+//
+// /api/send requires `Authorization: Bearer <registration_token>` and
+// the token must resolve to a registered instance via
+// `registry.resolve_token()`. The session_token we store on the
+// project entry only authorizes browser/middleware traffic — it is
+// NOT a registration token, so /api/send always 401s with
+// "missing Authorization: Bearer <token>". The dashboard browser
+// already sends through the WebSocket on `/ws?token=<session_token>`
+// and the server accepts that path, so we mirror that exact flow
+// from the express server: open a one-shot ws, push the message,
+// wait briefly for ack, close.
+const { WebSocket: NodeWebSocket } = require("ws");
+const { syncChattrToken } = require("./config");
+
+function sendViaWebSocket(baseUrl, sessionToken, message) {
+  return new Promise((resolve, reject) => {
+    const wsUrl = `${baseUrl.replace(/^http/, "ws")}/ws?token=${encodeURIComponent(sessionToken || "")}`;
+    const ws = new NodeWebSocket(wsUrl);
+    let settled = false;
+    const finish = (err, value) => {
+      if (settled) return;
+      settled = true;
+      try { ws.close(); } catch {}
+      if (err) reject(err); else resolve(value);
+    };
+    const giveUp = setTimeout(() => finish(new Error("websocket send timeout")), 4000);
+    ws.on("open", () => {
+      try {
+        ws.send(JSON.stringify({ type: "message", ...message }));
+        // Server acks via broadcast, but the dashboard's POST /api/chat
+        // contract only needs to know the message was accepted. Wait
+        // ~250ms for the server to enqueue + close cleanly.
+        setTimeout(() => { clearTimeout(giveUp); finish(null, { ok: true }); }, 250);
+      } catch (err) { clearTimeout(giveUp); finish(err); }
+    });
+    ws.on("error", (err) => { clearTimeout(giveUp); finish(err); });
+    ws.on("close", (code, reason) => {
+      // Code 4003 = bad token (see app.py /ws handler). Surface as
+      // 401 so the dashboard's chat error banner shows the right thing.
+      if (!settled && code === 4003) {
+        clearTimeout(giveUp);
+        const msg = (reason && reason.toString()) || "forbidden: invalid session token";
+        const e = new Error(msg);
+        e.code = "EAGENTCHATTR_401";
+        finish(e);
+      }
+    });
+  });
+}
+
 router.post("/api/chat", async (req, res) => {
-  const { url: base, token } = getChattrConfig(req.query.project || req.body.project);
-  const tokenParam = token ? `?token=${encodeURIComponent(token)}` : "";
+  const projectId = req.query.project || req.body.project;
+  const { url: base, token: sessionToken } = getChattrConfig(projectId);
+  if (!base) return res.status(400).json({ error: "Missing project" });
+
+  // #230: ignore any client-supplied sender. /api/chat is the
+  // dashboard's send path, so the message must always be attributed
+  // to "user". Forwarding `req.body.sender` would let any caller
+  // hitting QuadWork's /api/chat impersonate an agent identity (t1,
+  // t3, …) over the AgentChattr ws path, which the old /api/send
+  // flow could not do.
+  const message = {
+    text: typeof req.body?.text === "string" ? req.body.text : "",
+    channel: req.body?.channel || "general",
+    sender: "user",
+    attachments: Array.isArray(req.body?.attachments) ? req.body.attachments : [],
+  };
+  if (!message.text && message.attachments.length === 0) {
+    return res.status(400).json({ error: "text or attachments required" });
+  }
+
+  const attemptSend = () => sendViaWebSocket(base, sessionToken, message);
+
   try {
-    const r = await fetch(`${base}/api/send${tokenParam}`, {
-      method: "POST",
-      headers: { "Content-Type": "application/json", ...chatAuthHeaders(token) },
-      body: JSON.stringify(req.body),
-    });
-    if (!r.ok) return res.status(r.status).json({ error: `AgentChattr returned ${r.status}` });
-    res.json(await r.json());
+    await attemptSend();
+    return res.json({ ok: true });
   } catch (err) {
-    res.status(502).json({ error: "AgentChattr unreachable", detail: err.message });
+    // If the cached session_token is stale (AgentChattr regenerates
+    // one on every restart) the ws closes with code 4003 — re-sync
+    // the token from AgentChattr's HTML and retry once before giving
+    // up. This is the actual fix for the "401 after restart" report
+    // in #230 (the cache was stuck on an old token).
+    if (err && err.code === "EAGENTCHATTR_401") {
+      console.warn(`[chat] ws auth failed for project ${projectId}, re-syncing session token and retrying...`);
+      try { await syncChattrToken(projectId); }
+      catch (syncErr) { console.warn(`[chat] syncChattrToken failed: ${syncErr.message}`); }
+      const { token: refreshed } = getChattrConfig(projectId);
+      if (refreshed && refreshed !== sessionToken) {
+        try {
+          await sendViaWebSocket(base, refreshed, message);
+          return res.json({ ok: true, resynced: true });
+        } catch (retryErr) {
+          console.warn(`[chat] retry after token resync failed: ${retryErr.message}`);
+          return res.status(401).json({ error: "AgentChattr auth failed (token resync did not help)", detail: retryErr.message });
+        }
+      }
+      return res.status(401).json({ error: "AgentChattr auth failed", detail: err.message });
+    }
+    console.warn(`[chat] send failed for project ${projectId}: ${err && err.message}`);
+    return res.status(502).json({ error: "AgentChattr unreachable", detail: err && err.message });
   }
 });
 

package/out/_next/static/chunks/03v5eoc-wic6o.js

@@ -1 +0,0 @@
-(globalThis.TURBOPACK||(globalThis.TURBOPACK=[])).push(["object"==typeof document?document.currentScript:void 0,16348,e=>{"use strict";var t=e.i(85899),s=e.i(4232),r=e.i(2270);e.s(["default",0,function(){let[e,a]=(0,s.useState)([]),[c,i]=(0,s.useState)([]);return(0,s.useEffect)(()=>{fetch("/api/projects").then(e=>{if(!e.ok)throw Error(`${e.status}`);return e.json()}).then(e=>{e.projects&&Array.isArray(e.projects)&&a(e.projects.filter(e=>!e.archived)),e.recentEvents&&Array.isArray(e.recentEvents)&&i(e.recentEvents)}).catch(()=>{})},[]),(0,t.jsxs)("div",{className:"h-full overflow-y-auto p-6",children:[(0,t.jsxs)("div",{className:"mb-6",children:[(0,t.jsx)("h1",{className:"text-lg font-semibold text-text tracking-tight",children:"Projects"}),(0,t.jsxs)("p",{className:"text-xs text-text-muted mt-1",children:[e.length," configured project",1!==e.length?"s":""]})]}),(0,t.jsxs)("div",{className:"grid grid-cols-1 md:grid-cols-2 xl:grid-cols-3 gap-3 mb-8",children:[e.map(e=>(0,t.jsxs)(r.default,{href:`/project/${e.id}`,className:"block border border-border bg-bg-surface p-4 hover:bg-[#1a1a1a] transition-colors group",children:[(0,t.jsxs)("div",{className:"flex items-center justify-between mb-3",children:[(0,t.jsxs)("div",{className:"flex items-center gap-2",children:[(0,t.jsx)("span",{className:`w-1.5 h-1.5 rounded-full ${"active"===e.state?"bg-accent":"bg-text-muted"}`}),(0,t.jsx)("span",{className:"text-sm font-semibold text-text",children:e.name}),(0,t.jsx)("span",{className:"text-[10px] text-text-muted",children:e.state})]}),(0,t.jsx)("span",{className:"text-[10px] text-text-muted opacity-0 group-hover:opacity-100 transition-opacity",children:"open →"})]}),(0,t.jsxs)("div",{className:"flex gap-4 text-[11px] mb-2",children:[(0,t.jsxs)("div",{children:[(0,t.jsx)("span",{className:"text-text-muted",children:"agents"}),(0,t.jsx)("span",{className:"ml-1.5 text-text",children:e.agentCount})]}),(0,t.jsxs)("div",{children:[(0,t.jsx)("span",{className:"text-text-muted",children:"PRs"}),(0,t.jsx)("span",{className:"ml-1.5 text-text",children:e.openPrs})]}),(0,t.jsxs)("div",{children:[(0,t.jsx)("span",{className:"text-text-muted",children:"repo"}),(0,t.jsx)("span",{className:"ml-1.5 text-text",children:e.repo})]})]}),e.lastActivity&&(0,t.jsxs)("div",{className:"text-[10px] text-text-muted",children:["last activity: ",function(e){let t=Math.floor((Date.now()-new Date(e).getTime())/6e4);if(t<1)return"just now";if(t<60)return`${t}m ago`;let s=Math.floor(t/60);if(s<24)return`${s}h ago`;let r=Math.floor(s/24);return`${r}d ago`}(e.lastActivity)]})]},e.id)),(0,t.jsx)(r.default,{href:"/setup",className:"border border-dashed border-border p-4 flex items-center justify-center text-text-muted hover:text-text hover:border-text-muted transition-colors min-h-[88px]",children:(0,t.jsx)("span",{className:"text-sm",children:"+ New Project"})})]}),(0,t.jsxs)("div",{className:"mb-6",children:[(0,t.jsx)("h2",{className:"text-xs text-text-muted uppercase tracking-wider mb-3",children:"Recent Activity"}),(0,t.jsxs)("div",{className:"border border-border bg-bg-surface",children:[0===c.length&&(0,t.jsx)("div",{className:"px-3 py-3 text-[11px] text-text-muted",children:"No recent activity"}),c.map((e,s)=>(0,t.jsxs)("div",{className:"flex gap-3 px-3 py-1.5 border-b border-border/50 last:border-b-0 text-[11px]",children:[(0,t.jsx)("span",{className:"text-text-muted shrink-0 w-10 text-right tabular-nums",children:e.time?.slice(0,5)||""}),(0,t.jsx)("span",{className:"text-accent shrink-0 font-semibold w-12",children:e.projectName}),(0,t.jsx)("span",{className:"text-[#ffcc00] shrink-0 font-semibold w-6",children:e.actor}),(0,t.jsx)("span",{className:"text-text truncate min-w-0",children:e.text})]},`${e.time}-${s}`))]})]})]})}])}]);