rechrome 1.10.2 → 1.11.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rechrome",
-  "version": "1.10.2",
+  "version": "1.11.0",
   "repository": {
     "type": "git",
     "url": "https://github.com/snomiao/rechrome.git"

package/rech.js

@@ -120,7 +120,7 @@ export function parseUrl(raw: string) {
 export async function getOrCreateUrl(): Promise<string> {
   // Treat a URL without a bearer key as missing — it cannot authenticate
   try { if (process.env[ENV_KEY] && new URL(process.env[ENV_KEY]!).username) return process.env[ENV_KEY]!; } catch {}
-  const key = randomBytes(9).toString("base64url"); // 12 chars
+  const key = randomBytes(12).toString("base64url"); // 16 chars
   const url = `http://${key}@127.0.0.1:${DEFAULT_PORT}`;
   const newLine = `${ENV_KEY}=${url}`;
   // Write to ~/.env.local so it's not shadowed by project .env.local
@@ -362,7 +362,7 @@ async function callServe(
     process.exit(1);
   });
   if (res.status === 401) {
-    console.error(`[rech] rech-client -> rech-server[ok]\n  -x: token rejected (used: ${key.slice(0, 6)}...) -> playwright[unknown]`);
+    console.error(`[rech] rech-client -> rech-server[ok]\n  -x: bearer key rejected (used: ${key.slice(0, 4)}...) -> playwright[unknown]`);
     process.exit(1);
   }
   return res.json();
@@ -486,6 +486,17 @@ async function runOxmgr(args: string[]): Promise<number> {
 }
 
 async function daemonInstall(serveUrl: string): Promise<void> {
+  // Persist the URL to ~/.env.local before starting the daemon. The daemon's
+  // loadEnv() walks CWD→root reading .env.local files and unconditionally
+  // overwrites process.env.RECHROME_URL from whichever file it finds first.
+  // Without this write, oxmgr's --env RECHROME_URL=... gets clobbered by a
+  // stale ~/.env.local entry — the daemon then listens on a different bearer
+  // key than the one daemonInstall was called with, and every client request
+  // is rejected with "bearer key rejected".
+  const envRaw = await file(globalEnvFile).text().catch(() => "");
+  const filtered = envRaw.trimEnd().split("\n").filter(l => !l.startsWith(`${ENV_KEY}=`));
+  await Bun.write(globalEnvFile, [...filtered, `${ENV_KEY}=${serveUrl}`, ""].join("\n"));
+
   const home = process.env.HOME!;
   const bunBin = Bun.which("bun") ?? process.execPath;
   const rechScript = import.meta.filename;
@@ -543,6 +554,13 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
 
   // [1/4] Daemon
   console.log("\n[1/4] Setting up serve daemon...");
+
+  // Bind address (persists to ~/.env.local as RECH_HOST).
+  // Read the persisted value from ~/.env.local directly — process.env may be shadowed by nearer .env files.
+  const globalEnvRaw = await file(globalEnvFile).text().catch(() => "");
+  const persistedBindMatch = globalEnvRaw.match(/^\s*RECH_HOST\s*=\s*(.*?)\s*$/m);
+  const persistedBind = persistedBindMatch?.[1].replace(/^["']|["']$/g, "") || "127.0.0.1";
+
   // Clear stale hostname-based URL so we always use 127.0.0.1 locally
   if (process.env[ENV_KEY]) {
     try {
@@ -560,14 +578,35 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
     headers: { Authorization: `Bearer ${serveKey}` },
     signal: AbortSignal.timeout(2000),
   }).catch(() => null) : null;
-  if (anonPing && authPing?.ok) {
-    console.log(`      Already running at ${protocol}://${host}:${port} — skipping reinstall`);
-  } else if (anonPing && !authPing?.ok) {
-    console.log(`      Server running but key mismatch — reinstalling with new key`);
-    await daemonInstall(url);
-  } else {
-    await daemonInstall(url);
-    console.log(`      Registered daemon: ${OXMGR_PROCESS_NAME}`);
+  // The daemon's *live* bind (from /ping) is authoritative — persisted RECH_HOST may diverge if the user edited it manually.
+  const liveBind = authPing?.ok
+    ? await authPing.clone().json().then((b: { bind?: string }) => b?.bind).catch(() => undefined)
+    : undefined;
+  // Pre-patch daemons return plain "ok" with no bind info — we can't trust persisted/env values to match their live bind, so force reinstall to be safe.
+  const liveBindUnknown = !!authPing?.ok && !liveBind;
+  const currentBind = liveBind || persistedBind;
+
+  // Non-TTY honors explicit process.env.RECH_HOST (shell or merged env stack) — matches the documented `RECH_HOST=0.0.0.0 rech setup` flow.
+  let desiredBind = process.env.RECH_HOST || currentBind;
+  if (isTTY) {
+    console.log(`\n      Bind address (current: ${currentBind}):`);
+    console.log(`        1.  127.0.0.1  (localhost only)`);
+    console.log(`        2.  0.0.0.0    (all interfaces — HTTP plaintext, trust your network)`);
+    const defaultBindChoice = currentBind === "0.0.0.0" ? "2" : "1";
+    const bindAns = (await ask(`      Choice [${defaultBindChoice}]: `, defaultBindChoice)).trim();
+    desiredBind = bindAns === "2" || bindAns === "0.0.0.0" ? "0.0.0.0" : "127.0.0.1";
+  }
+  const bindChanged = desiredBind !== currentBind;
+  const persistedChanged = desiredBind !== persistedBind;
+  if (persistedChanged) {
+    const lines = globalEnvRaw.trimEnd().split("\n").filter(l => !/^\s*RECH_HOST\s*=/.test(l));
+    await Bun.write(globalEnvFile, [...lines, `RECH_HOST=${desiredBind}`, ""].join("\n"));
+    console.log(`      Saved RECH_HOST=${desiredBind} to ~/.env.local`);
+  }
+  // Always align process.env with the desired bind — a nearer .env.local may have shadowed it.
+  process.env.RECH_HOST = desiredBind;
+
+  const waitForServe = async () => {
     process.stdout.write("      Starting");
     let ping = null;
     for (let i = 0; i < 15; i++) {
@@ -583,6 +622,26 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
       process.exit(1);
     }
     console.log(`      Serve running at ${protocol}://${host}:${port}`);
+  };
+
+  if (anonPing && authPing?.ok && !bindChanged && !liveBindUnknown) {
+    console.log(`      Already running at ${protocol}://${host}:${port} — skipping reinstall`);
+  } else if (anonPing && authPing?.ok && liveBindUnknown) {
+    console.log(`      Pre-patch daemon detected (no live bind info) — reinstalling to verify bind`);
+    await daemonInstall(url);
+    await waitForServe();
+  } else if (anonPing && bindChanged) {
+    console.log(`      Bind changed (${currentBind} → ${desiredBind}) — reinstalling`);
+    await daemonInstall(url);
+    await waitForServe();
+  } else if (anonPing && !authPing?.ok) {
+    console.log(`      Server running but key mismatch — reinstalling with new key`);
+    await daemonInstall(url);
+    await waitForServe();
+  } else {
+    await daemonInstall(url);
+    console.log(`      Registered daemon: ${OXMGR_PROCESS_NAME}`);
+    await waitForServe();
   }
 
   const cache = await readChromeProfileCache();
@@ -682,7 +741,7 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
 
   // Build RECHROME_URL and show it before asking where to save
   const rechUrl = new URL(url);
-  if (!rechUrl.username) rechUrl.username = randomBytes(9).toString("base64url");
+  if (!rechUrl.username) rechUrl.username = randomBytes(12).toString("base64url");
   rechUrl.searchParams.set("extension_id", extId);
   rechUrl.searchParams.set("token", token);
   rechUrl.searchParams.set("profile", profileEmail);

package/rech.ts

@@ -120,7 +120,7 @@ export function parseUrl(raw: string) {
 export async function getOrCreateUrl(): Promise<string> {
   // Treat a URL without a bearer key as missing — it cannot authenticate
   try { if (process.env[ENV_KEY] && new URL(process.env[ENV_KEY]!).username) return process.env[ENV_KEY]!; } catch {}
-  const key = randomBytes(9).toString("base64url"); // 12 chars
+  const key = randomBytes(12).toString("base64url"); // 16 chars
   const url = `http://${key}@127.0.0.1:${DEFAULT_PORT}`;
   const newLine = `${ENV_KEY}=${url}`;
   // Write to ~/.env.local so it's not shadowed by project .env.local
@@ -362,7 +362,7 @@ async function callServe(
     process.exit(1);
   });
   if (res.status === 401) {
-    console.error(`[rech] rech-client -> rech-server[ok]\n  -x: token rejected (used: ${key.slice(0, 6)}...) -> playwright[unknown]`);
+    console.error(`[rech] rech-client -> rech-server[ok]\n  -x: bearer key rejected (used: ${key.slice(0, 4)}...) -> playwright[unknown]`);
     process.exit(1);
   }
   return res.json();
@@ -486,6 +486,17 @@ async function runOxmgr(args: string[]): Promise<number> {
 }
 
 async function daemonInstall(serveUrl: string): Promise<void> {
+  // Persist the URL to ~/.env.local before starting the daemon. The daemon's
+  // loadEnv() walks CWD→root reading .env.local files and unconditionally
+  // overwrites process.env.RECHROME_URL from whichever file it finds first.
+  // Without this write, oxmgr's --env RECHROME_URL=... gets clobbered by a
+  // stale ~/.env.local entry — the daemon then listens on a different bearer
+  // key than the one daemonInstall was called with, and every client request
+  // is rejected with "bearer key rejected".
+  const envRaw = await file(globalEnvFile).text().catch(() => "");
+  const filtered = envRaw.trimEnd().split("\n").filter(l => !l.startsWith(`${ENV_KEY}=`));
+  await Bun.write(globalEnvFile, [...filtered, `${ENV_KEY}=${serveUrl}`, ""].join("\n"));
+
   const home = process.env.HOME!;
   const bunBin = Bun.which("bun") ?? process.execPath;
   const rechScript = import.meta.filename;
@@ -543,6 +554,13 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
 
   // [1/4] Daemon
   console.log("\n[1/4] Setting up serve daemon...");
+
+  // Bind address (persists to ~/.env.local as RECH_HOST).
+  // Read the persisted value from ~/.env.local directly — process.env may be shadowed by nearer .env files.
+  const globalEnvRaw = await file(globalEnvFile).text().catch(() => "");
+  const persistedBindMatch = globalEnvRaw.match(/^\s*RECH_HOST\s*=\s*(.*?)\s*$/m);
+  const persistedBind = persistedBindMatch?.[1].replace(/^["']|["']$/g, "") || "127.0.0.1";
+
   // Clear stale hostname-based URL so we always use 127.0.0.1 locally
   if (process.env[ENV_KEY]) {
     try {
@@ -560,14 +578,35 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
     headers: { Authorization: `Bearer ${serveKey}` },
     signal: AbortSignal.timeout(2000),
   }).catch(() => null) : null;
-  if (anonPing && authPing?.ok) {
-    console.log(`      Already running at ${protocol}://${host}:${port} — skipping reinstall`);
-  } else if (anonPing && !authPing?.ok) {
-    console.log(`      Server running but key mismatch — reinstalling with new key`);
-    await daemonInstall(url);
-  } else {
-    await daemonInstall(url);
-    console.log(`      Registered daemon: ${OXMGR_PROCESS_NAME}`);
+  // The daemon's *live* bind (from /ping) is authoritative — persisted RECH_HOST may diverge if the user edited it manually.
+  const liveBind = authPing?.ok
+    ? await authPing.clone().json().then((b: { bind?: string }) => b?.bind).catch(() => undefined)
+    : undefined;
+  // Pre-patch daemons return plain "ok" with no bind info — we can't trust persisted/env values to match their live bind, so force reinstall to be safe.
+  const liveBindUnknown = !!authPing?.ok && !liveBind;
+  const currentBind = liveBind || persistedBind;
+
+  // Non-TTY honors explicit process.env.RECH_HOST (shell or merged env stack) — matches the documented `RECH_HOST=0.0.0.0 rech setup` flow.
+  let desiredBind = process.env.RECH_HOST || currentBind;
+  if (isTTY) {
+    console.log(`\n      Bind address (current: ${currentBind}):`);
+    console.log(`        1.  127.0.0.1  (localhost only)`);
+    console.log(`        2.  0.0.0.0    (all interfaces — HTTP plaintext, trust your network)`);
+    const defaultBindChoice = currentBind === "0.0.0.0" ? "2" : "1";
+    const bindAns = (await ask(`      Choice [${defaultBindChoice}]: `, defaultBindChoice)).trim();
+    desiredBind = bindAns === "2" || bindAns === "0.0.0.0" ? "0.0.0.0" : "127.0.0.1";
+  }
+  const bindChanged = desiredBind !== currentBind;
+  const persistedChanged = desiredBind !== persistedBind;
+  if (persistedChanged) {
+    const lines = globalEnvRaw.trimEnd().split("\n").filter(l => !/^\s*RECH_HOST\s*=/.test(l));
+    await Bun.write(globalEnvFile, [...lines, `RECH_HOST=${desiredBind}`, ""].join("\n"));
+    console.log(`      Saved RECH_HOST=${desiredBind} to ~/.env.local`);
+  }
+  // Always align process.env with the desired bind — a nearer .env.local may have shadowed it.
+  process.env.RECH_HOST = desiredBind;
+
+  const waitForServe = async () => {
     process.stdout.write("      Starting");
     let ping = null;
     for (let i = 0; i < 15; i++) {
@@ -583,6 +622,26 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
       process.exit(1);
     }
     console.log(`      Serve running at ${protocol}://${host}:${port}`);
+  };
+
+  if (anonPing && authPing?.ok && !bindChanged && !liveBindUnknown) {
+    console.log(`      Already running at ${protocol}://${host}:${port} — skipping reinstall`);
+  } else if (anonPing && authPing?.ok && liveBindUnknown) {
+    console.log(`      Pre-patch daemon detected (no live bind info) — reinstalling to verify bind`);
+    await daemonInstall(url);
+    await waitForServe();
+  } else if (anonPing && bindChanged) {
+    console.log(`      Bind changed (${currentBind} → ${desiredBind}) — reinstalling`);
+    await daemonInstall(url);
+    await waitForServe();
+  } else if (anonPing && !authPing?.ok) {
+    console.log(`      Server running but key mismatch — reinstalling with new key`);
+    await daemonInstall(url);
+    await waitForServe();
+  } else {
+    await daemonInstall(url);
+    console.log(`      Registered daemon: ${OXMGR_PROCESS_NAME}`);
+    await waitForServe();
   }
 
   const cache = await readChromeProfileCache();
@@ -682,7 +741,7 @@ async function setup(opts: { profile?: string } = {}): Promise<void> {
 
   // Build RECHROME_URL and show it before asking where to save
   const rechUrl = new URL(url);
-  if (!rechUrl.username) rechUrl.username = randomBytes(9).toString("base64url");
+  if (!rechUrl.username) rechUrl.username = randomBytes(12).toString("base64url");
   rechUrl.searchParams.set("extension_id", extId);
   rechUrl.searchParams.set("token", token);
   rechUrl.searchParams.set("profile", profileEmail);

package/serve.js

@@ -110,7 +110,7 @@ export async function serve() {
       if (reqUrl.pathname === "/ping") {
         const denied = authCheck(req, key);
         if (denied) return denied;
-        return new Response("ok");
+        return Response.json({ ok: true, bind: listenHost });
       }
       if (reqUrl.pathname !== "/run") return new Response("rech server\n");
       const denied = authCheck(req, key);

package/serve.ts

@@ -110,7 +110,7 @@ export async function serve() {
       if (reqUrl.pathname === "/ping") {
         const denied = authCheck(req, key);
         if (denied) return denied;
-        return new Response("ok");
+        return Response.json({ ok: true, bind: listenHost });
       }
       if (reqUrl.pathname !== "/run") return new Response("rech server\n");
       const denied = authCheck(req, key);