tabminal 1.1.0

package/shell/terminal_ver

@@ -0,0 +1,12 @@
+#!/bin/bash
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+ROOT_DIR="$(dirname "$DIR")"
+PACKAGE_JSON="$ROOT_DIR/package.json"
+
+if [ -f "$PACKAGE_JSON" ]; then
+    NAME=$(grep -o '"name": *"[^"]*"' "$PACKAGE_JSON" | cut -d'"' -f4)
+    VERSION=$(grep -o '"version": *"[^"]*"' "$PACKAGE_JSON" | cut -d'"' -f4)
+    echo "$NAME v$VERSION"
+else
+    echo "Error: package.json not found at $PACKAGE_JSON"
+fi

package/src/auth.mjs

@@ -0,0 +1,86 @@
+import { config } from './config.mjs';
+
+let failedAttempts = 0;
+let isLocked = false;
+const MAX_ATTEMPTS = 30;
+
+export function checkAuth(providedHash) {
+    if (isLocked) {
+        return { success: false, locked: true };
+    }
+
+    if (!providedHash || providedHash !== config.passwordHash) {
+        failedAttempts++;
+        if (failedAttempts >= MAX_ATTEMPTS) {
+            isLocked = true;
+            console.error('[Auth] Maximum failed attempts reached. Service locked.');
+        }
+        return { success: false, locked: isLocked };
+    }
+
+    // Reset attempts on success? 
+    // Requirement says "already wrong 30 times, service locked". 
+    // Usually success resets counter, but strict interpretation might mean cumulative.
+    // Assuming standard behavior: success resets counter to avoid accidental lockout over long periods.
+    failedAttempts = 0;
+    return { success: true, locked: false };
+}
+
+export async function authMiddleware(ctx, next) {
+    // Allow health check without auth
+    if (ctx.path === '/healthz') {
+        return next();
+    }
+
+    // Check for Authorization header
+    const authHeader = ctx.get('Authorization') || ctx.query.token;
+    // Expecting "Authorization: <sha256-hash>"
+    // Some clients might send "Bearer <hash>", let's handle raw hash for simplicity as per prompt
+    // "header中攜帶這個編碼過的密碼" -> implies the value is the hash.
+    
+    const { success, locked } = checkAuth(authHeader);
+
+    if (locked) {
+        ctx.status = 403;
+        ctx.body = { error: 'Service locked due to too many failed attempts. Please restart the service.' };
+        return;
+    }
+
+    if (!success) {
+        ctx.status = 401;
+        ctx.body = { error: 'Unauthorized' };
+        return;
+    }
+
+    await next();
+}
+
+export function verifyClient(info, cb) {
+    const { req } = info;
+    // WebSocket headers are in req.headers
+    let authHeader = req.headers['authorization'];
+
+    // If no header, check query parameter
+    if (!authHeader && req.url) {
+        try {
+            const url = new URL(req.url, `http://${req.headers.host}`);
+            authHeader = url.searchParams.get('token');
+        } catch (e) {
+            // ignore invalid url
+        }
+    }
+    
+    const { success, locked } = checkAuth(authHeader);
+
+    if (locked) {
+        cb(false, 403, 'Service locked');
+        return;
+    }
+
+    if (!success) {
+        cb(false, 401, 'Unauthorized');
+        return;
+    }
+
+    cb(true);
+}

package/src/config.mjs

@@ -0,0 +1,199 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+import crypto from 'node:crypto';
+import { parseArgs } from 'node:util';
+
+const DEFAULT_CONFIG = {
+    host: '127.0.0.1',
+    port: 9846,
+    heartbeatInterval: 10000,
+    historyLimit: 524288,
+    acceptTerms: false,
+    password: null,
+    model: 'gemini-2.5-flash-preview-09-2025',
+    debug: false,
+    openrouterKey: null,
+    googleKey: null,
+    googleCx: null
+};
+
+function loadJson(filePath) {
+    try {
+        if (fs.existsSync(filePath)) {
+            const content = fs.readFileSync(filePath, 'utf8');
+            return JSON.parse(content);
+        }
+    } catch (error) {
+        console.warn(`[Config] Failed to load config from ${filePath}:`, error.message);
+    }
+    return {};
+}
+
+function generateRandomPassword(length = 32) {
+    return crypto.randomBytes(Math.ceil(length / 2)).toString('hex').slice(0, length);
+}
+
+function sha256(input) {
+    return crypto.createHash('sha256').update(input).digest('hex');
+}
+
+function loadConfig() {
+    // 1. Load from ~/.tabminal/config.json
+    const configDir = path.join(os.homedir(), '.tabminal');
+    const homeConfigPath = path.join(configDir, 'config.json');
+
+    try {
+        if (!fs.existsSync(configDir)) {
+            fs.mkdirSync(configDir, { recursive: true });
+        }
+    } catch (e) {
+        console.warn('[Config] Failed to create config directory:', e.message);
+    }
+
+    const homeConfig = loadJson(homeConfigPath);
+
+    // 2. Load from ./config.json
+    const localConfigPath = path.join(process.cwd(), 'config.json');
+    const localConfig = loadJson(localConfigPath);
+
+    // 3. Parse CLI arguments
+    const { values: args } = parseArgs({
+        options: {
+            host: {
+                type: 'string',
+                short: 'h'
+            },
+            port: {
+                type: 'string', // Parse as string first to handle potential non-numeric input safely
+                short: 'p'
+            },
+            password: {
+                type: 'string',
+                short: 'a'
+            },
+            'openrouter-key': {
+                type: 'string',
+                short: 'k'
+            },
+            model: {
+                type: 'string',
+                short: 'm'
+            },
+            debug: {
+                type: 'boolean',
+                short: 'd'
+            },
+            'google-key': {
+                type: 'string',
+                short: 'g'
+            },
+            'google-cx': {
+                type: 'string',
+                short: 'c'
+            },
+            help: {
+                type: 'boolean'
+            },
+            'accept-terms': {
+                type: 'boolean',
+                short: 'y'
+            }
+        },
+        strict: false // Allow other args if necessary
+    });
+
+    if (args.help) {
+        console.log(`
+Tabminal - A modern web terminal
+
+Usage:
+  node src/server.mjs [options]
+
+Options:
+  --host, -h            Host to bind to (default: 127.0.0.1)
+  --port, -p            Port to listen on (default: 9846)
+  --password, -a        Set access password
+  --openrouter-key, -k  Set OpenRouter API Key
+  --model, -m           Set AI Model
+  --google-key, -g      Set Google Search API Key
+  --google-cx, -c       Set Google Search Engine ID
+  --debug, -d           Enable debug mode
+  --accept-terms, -y    Accept security warning and start server
+  --help                Show this help message
+        `);
+        process.exit(0);
+    }
+
+    // Merge configurations: Defaults < Home < Local < CLI
+    const finalConfig = {
+        ...DEFAULT_CONFIG,
+        ...homeConfig,
+        ...localConfig
+    };
+
+    // Normalize config keys (support kebab-case in JSON)
+    if (finalConfig['accept-terms']) finalConfig.acceptTerms = finalConfig['accept-terms'];
+    if (finalConfig['openrouter-key']) finalConfig.openrouterKey = finalConfig['openrouter-key'];
+    if (finalConfig['ai-key']) finalConfig.openrouterKey = finalConfig['ai-key']; // Backwards compat
+    if (finalConfig['google-key']) finalConfig.googleKey = finalConfig['google-key'];
+    if (finalConfig['google-cx']) finalConfig.googleCx = finalConfig['google-cx'];
+
+    if (args.host) {
+        finalConfig.host = args.host;
+    }
+    if (args.port) {
+        const parsedPort = parseInt(args.port, 10);
+        if (!isNaN(parsedPort)) {
+            finalConfig.port = parsedPort;
+        }
+    }
+    if (args['accept-terms']) {
+        finalConfig.acceptTerms = true;
+    }
+    if (args.password) {
+        finalConfig.password = args.password;
+    }
+    if (args['openrouter-key']) {
+        finalConfig.openrouterKey = args['openrouter-key'];
+    }
+    if (args.model) {
+        finalConfig.model = args.model;
+    }
+    if (args.debug) {
+        finalConfig.debug = true;
+    }
+    if (args['google-key']) {
+        finalConfig.googleKey = args['google-key'];
+    }
+    if (args['google-cx']) {
+        finalConfig.googleCx = args['google-cx'];
+    }
+
+    // Environment variables override (for backward compatibility/container usage)
+    if (process.env.HOST) finalConfig.host = process.env.HOST;
+    if (process.env.PORT) finalConfig.port = parseInt(process.env.PORT, 10);
+    if (process.env.TABMINAL_HEARTBEAT) finalConfig.heartbeatInterval = parseInt(process.env.TABMINAL_HEARTBEAT, 10);
+    if (process.env.TABMINAL_HISTORY) finalConfig.historyLimit = parseInt(process.env.TABMINAL_HISTORY, 10);
+    if (process.env.TABMINAL_PASSWORD) finalConfig.password = process.env.TABMINAL_PASSWORD;
+    if (process.env.TABMINAL_OPENROUTER_KEY) finalConfig.openrouterKey = process.env.TABMINAL_OPENROUTER_KEY;
+    if (process.env.TABMINAL_MODEL) finalConfig.model = process.env.TABMINAL_MODEL;
+    if (process.env.TABMINAL_DEBUG) finalConfig.debug = true;
+    if (process.env.TABMINAL_GOOGLE_KEY) finalConfig.googleKey = process.env.TABMINAL_GOOGLE_KEY;
+    if (process.env.TABMINAL_GOOGLE_CX) finalConfig.googleCx = process.env.TABMINAL_GOOGLE_CX;
+
+    // Password Logic
+    if (!finalConfig.password) {
+        finalConfig.password = generateRandomPassword();
+        console.log('\n[SECURITY] No password provided. Generated temporary password:');
+        console.log(`\x1b[36m${finalConfig.password}\x1b[0m`);
+        console.log('Please save this password or set a custom one using -a/--passwd.\n');
+    }
+
+    // Store SHA256 hash in memory
+    finalConfig.passwordHash = sha256(finalConfig.password);
+
+    return finalConfig;
+}
+
+export const config = loadConfig();

package/src/fs-routes.mjs

@@ -0,0 +1,125 @@
+import fs from 'node:fs/promises';
+import { constants } from 'node:fs';
+import path from 'node:path';
+import process from 'node:process';
+
+// Helper to safely resolve path
+const resolvePath = (baseDir, targetPath) => {
+    return path.resolve(baseDir, targetPath);
+};
+
+export const setupFsRoutes = (router) => {
+    const baseDir = process.cwd(); // Or config.homeDir if you want to restrict/change it
+
+    // List directory
+    router.get('/api/fs/list', async (ctx) => {
+        const dirPath = ctx.query.path || '.';
+        try {
+            const fullPath = resolvePath(baseDir, dirPath);
+            const stats = await fs.stat(fullPath);
+
+            if (!stats.isDirectory()) {
+                ctx.status = 400;
+                ctx.body = { error: 'Not a directory' };
+                return;
+            }
+
+            const dirents = await fs.readdir(fullPath, { withFileTypes: true });
+            
+            const files = dirents
+                .filter(dirent => dirent.name !== '.DS_Store')
+                .map(dirent => {
+                    return {
+                        name: dirent.name,
+                        isDirectory: dirent.isDirectory(),
+                        path: path.join(dirPath, dirent.name),
+                        // Add basic icon/type hint logic here if needed later
+                    };
+                });
+
+            // Sort: Directories first, then files
+            files.sort((a, b) => {
+                if (a.isDirectory === b.isDirectory) {
+                    return a.name.localeCompare(b.name);
+                }
+                return a.isDirectory ? -1 : 1;
+            });
+
+            ctx.body = files;
+        } catch (err) {
+            console.error('FS List Error:', err);
+            ctx.status = 500;
+            ctx.body = { error: err.message };
+        }
+    });
+
+    // Read file
+    router.get('/api/fs/read', async (ctx) => {
+        const filePath = ctx.query.path;
+        if (!filePath) {
+            ctx.status = 400;
+            ctx.body = { error: 'Path required' };
+            return;
+        }
+
+        try {
+            const fullPath = resolvePath(baseDir, filePath);
+            const stats = await fs.stat(fullPath);
+
+            if (stats.size > 1024 * 1024 * 5) { // 5MB limit for now
+                ctx.status = 400;
+                ctx.body = { error: 'File too large' };
+                return;
+            }
+
+            const content = await fs.readFile(fullPath, 'utf-8');
+            
+            let readonly = false;
+            try {
+                const handle = await fs.open(fullPath, 'r+');
+                await handle.close();
+            } catch (e) {
+                readonly = true;
+            }
+
+            ctx.body = { content, readonly };
+        } catch (err) {
+            console.error('FS Read Error:', err);
+            ctx.status = 500;
+            ctx.body = { error: err.message };
+        }
+    });
+
+    // Raw file access (for images)
+    router.get('/api/fs/raw', async (ctx) => {
+        const filePath = ctx.query.path;
+        if (!filePath) {
+            ctx.status = 400;
+            return;
+        }
+
+        try {
+            const fullPath = resolvePath(baseDir, filePath);
+            // Basic mime type handling could be added here
+            const ext = path.extname(fullPath).toLowerCase();
+            const mimeTypes = {
+                '.png': 'image/png',
+                '.jpg': 'image/jpeg',
+                '.jpeg': 'image/jpeg',
+                '.gif': 'image/gif',
+                '.svg': 'image/svg+xml',
+                '.webp': 'image/webp'
+            };
+
+            if (mimeTypes[ext]) {
+                ctx.type = mimeTypes[ext];
+                ctx.body = await fs.readFile(fullPath);
+            } else {
+                ctx.status = 400;
+                ctx.body = 'Unsupported file type for raw access';
+            }
+        } catch (err) {
+            ctx.status = 404;
+        }
+    });
+};

package/src/persistence.mjs

@@ -0,0 +1,174 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import os from 'node:os';
+
+const HOME_DIR = os.homedir();
+const BASE_DIR = path.join(HOME_DIR, '.tabminal');
+const SESSIONS_DIR = path.join(BASE_DIR, 'sessions');
+const MEMORY_FILE = path.join(BASE_DIR, 'memory.json');
+
+// Ensure directories exist
+const init = async () => {
+    try {
+        await fs.mkdir(SESSIONS_DIR, { recursive: true });
+    } catch (e) {
+        console.error('[Persistence] Failed to create directories:', e);
+    }
+};
+
+// --- Session Persistence ---
+
+export const saveSession = async (id, data) => {
+    await init();
+    const filePath = path.join(SESSIONS_DIR, `${id}.json`);
+    try {
+        // We only save serializable data
+        const serializable = {
+            id: data.id,
+            title: data.title,
+            cwd: data.cwd,
+            env: data.env,
+            cols: data.cols,
+            rows: data.rows,
+            createdAt: data.createdAt,
+            // Editor State
+            editorState: data.editorState || {},
+            executions: data.executions || []
+        };
+        await fs.writeFile(filePath, JSON.stringify(serializable, null, 2));
+    } catch (e) {
+        console.error(`[Persistence] Failed to save session ${id}:`, e);
+    }
+};
+
+export const deleteSession = async (id) => {
+    const jsonPath = path.join(SESSIONS_DIR, `${id}.json`);
+    const logPath = path.join(SESSIONS_DIR, `${id}.log`);
+    
+    try {
+        await fs.unlink(jsonPath);
+    } catch (e) {
+        if (e.code !== 'ENOENT') console.error(`[Persistence] Failed to delete session config ${id}:`, e);
+    }
+
+    try {
+        await fs.unlink(logPath);
+    } catch (e) {
+        if (e.code !== 'ENOENT') console.error(`[Persistence] Failed to delete session log ${id}:`, e);
+    }
+};
+
+export const loadSessions = async () => {
+    await init();
+    try {
+        const files = await fs.readdir(SESSIONS_DIR);
+        const sessions = [];
+        for (const file of files) {
+            if (file.endsWith('.json')) {
+                try {
+                    const content = await fs.readFile(path.join(SESSIONS_DIR, file), 'utf-8');
+                    sessions.push(JSON.parse(content));
+                } catch (e) {
+                    console.warn(`[Persistence] Failed to parse session file ${file}, deleting it:`, e);
+                    try {
+                        await fs.unlink(path.join(SESSIONS_DIR, file));
+                    } catch (delErr) {
+                        console.error(`[Persistence] Failed to delete corrupted file ${file}:`, delErr);
+                    }
+                }
+            }
+        }
+        // Sort by creation time if possible, or just return
+        return sessions.sort((a, b) => new Date(a.createdAt) - new Date(b.createdAt));
+    } catch (e) {
+        console.error('[Persistence] Failed to load sessions:', e);
+        return [];
+    }
+};
+
+// --- Memory Persistence (Global State) ---
+
+const defaultMemory = {
+    expandedFolders: [] // Array of { path: string, timestamp: number }
+};
+
+export const loadMemory = async () => {
+    await init();
+    try {
+        const content = await fs.readFile(MEMORY_FILE, 'utf-8');
+        return { ...defaultMemory, ...JSON.parse(content) };
+    } catch (e) {
+        return defaultMemory;
+    }
+};
+
+export const saveMemory = async (memory) => {
+    await init();
+    try {
+        await fs.writeFile(MEMORY_FILE, JSON.stringify(memory, null, 2));
+    } catch (e) {
+        console.error('[Persistence] Failed to save memory:', e);
+    }
+};
+
+export const updateExpandedFolder = async (folderPath, isExpanded) => {
+    const memory = await loadMemory();
+    let list = memory.expandedFolders || [];
+
+    if (isExpanded) {
+        // Remove existing if present (to update timestamp/position)
+        list = list.filter(item => item.path !== folderPath);
+        // Add to top
+        list.unshift({ path: folderPath, timestamp: Date.now() });
+        // Limit to 100
+        if (list.length > 100) {
+            list = list.slice(0, 100);
+        }
+    } else {
+        // Remove
+        list = list.filter(item => item.path !== folderPath);
+    }
+
+    memory.expandedFolders = list;
+    await saveMemory(memory);
+    return list.map(item => item.path); // Return just paths for frontend
+};
+
+export const getExpandedFolders = async () => {
+    const memory = await loadMemory();
+    return (memory.expandedFolders || []).map(item => item.path);
+};
+
+// --- Raw Log Persistence ---
+
+export const appendSessionLog = async (id, chunk) => {
+    await init();
+    const filePath = path.join(SESSIONS_DIR, `${id}.log`);
+    try {
+        await fs.appendFile(filePath, chunk);
+    } catch (e) {
+        console.error(`[Persistence] Failed to append log for ${id}:`, e);
+    }
+};
+
+export const loadSessionLog = async (id, limit = 1024 * 1024) => {
+    const filePath = path.join(SESSIONS_DIR, `${id}.log`);
+    try {
+        const stats = await fs.stat(filePath);
+        const size = stats.size;
+        const start = Math.max(0, size - limit);
+        const length = size - start;
+        
+        if (length <= 0) return '';
+
+        const handle = await fs.open(filePath, 'r');
+        const buffer = Buffer.alloc(length);
+        await handle.read(buffer, 0, length, start);
+        await handle.close();
+        
+        return buffer.toString('utf-8');
+    } catch (e) {
+        if (e.code !== 'ENOENT') console.error(`[Persistence] Failed to load log for ${id}:`, e);
+        return '';
+    }
+};