thinkpool-pair 0.7.2 → 0.7.3

package/account.mjs

@@ -0,0 +1,140 @@
+/* account.mjs — account-mode bridge (Phase 1).
+   One `npx thinkpool-pair` per ACCOUNT instead of per room:
+     login   — link this device to your ThinkPool account (realtime handoff).
+     bind    — map a room code → a working directory on THIS machine.
+     account — discover your code sessions and serve each one (a headless child
+               bridge per room, run in its bound directory). Reuses the proven
+               single-room bridge verbatim; the supervisor only adds discovery.
+   Spec: docs/specs/2026-06-16-account-bridge.md */
+import { spawn } from 'node:child_process'
+import { fileURLToPath } from 'node:url'
+import { randomUUID } from 'node:crypto'
+import path from 'node:path'
+import fs from 'node:fs'
+import { createClient } from '@supabase/supabase-js'
+import os from 'node:os'
+import { saveAuth, loadAuth, clearAuth, loadDirs, bindDir } from './auth-store.mjs'
+
+const VERSION = (() => { try { return JSON.parse(fs.readFileSync(new URL('./package.json', import.meta.url), 'utf8')).version } catch { return null } })()
+
+const BRIDGE = fileURLToPath(new URL('./bridge.mjs', import.meta.url))
+
+// ── login: web hands the bridge a session over an ephemeral realtime channel ──
+// The bridge prints a one-time URL with a high-entropy code; the signed-in web
+// page broadcasts {refresh_token,…} to tplink:<code> after the user approves.
+// (Phase-1 handoff — an edge-function device-code flow can harden this later.)
+export async function runLogin(SUPABASE_URL, SUPABASE_ANON, WEB_BASE) {
+  const sb = createClient(SUPABASE_URL, SUPABASE_ANON, { auth: { persistSession: false } })
+  const code = randomUUID().replace(/-/g, '').slice(0, 12)
+  const ch = sb.channel(`tplink:${code}`, { config: { broadcast: { self: false } } })
+  let done = false
+  ch.on('broadcast', { event: 'session' }, async ({ payload }) => {
+    if (done || !payload?.refresh_token) return
+    done = true
+    saveAuth(payload)
+    process.stderr.write(`\n  ◆ linked as ${payload.email || 'your account'}. You can close the browser tab.\n    Now run:  npx thinkpool-pair\n`)
+    try { await sb.removeChannel(ch) } catch { /* noop */ }
+    process.exit(0)
+  })
+  await new Promise((res) => ch.subscribe((s) => { if (s === 'SUBSCRIBED') res() }))
+  const url = `${WEB_BASE}/code/link?c=${code}`
+  process.stderr.write(`\n  ◆ Link this device to your ThinkPool account.\n    Open (signed in) and approve:\n\n    ${url}\n\n  Code: ${code}  —  waiting up to 5 min…\n`)
+  setTimeout(() => { if (!done) { process.stderr.write('\n  ◇ link timed out — run `npx thinkpool-pair login` again.\n'); process.exit(1) } }, 5 * 60 * 1000)
+  await new Promise(() => {})
+}
+
+// Exchange the stored refresh token for a live session + authed client.
+export async function authedClient(SUPABASE_URL, SUPABASE_ANON) {
+  const a = loadAuth()
+  if (!a?.refresh_token) return null
+  const sb = createClient(SUPABASE_URL, SUPABASE_ANON, { auth: { persistSession: false, autoRefreshToken: false } })
+  try {
+    const { data, error } = await sb.auth.refreshSession({ refresh_token: a.refresh_token })
+    if (error || !data?.session) return null
+    saveAuth(data.session)   // rotate the refresh token
+    return { sb, session: data.session }
+  } catch { return null }
+}
+
+export function runBind(room, dir) {
+  const r = (room || '').toUpperCase().trim()
+  if (!r) { console.error('usage: npx thinkpool-pair bind <ROOM> <directory>'); process.exit(1) }
+  const abs = path.resolve(dir || '.')
+  if (!fs.existsSync(abs) || !fs.statSync(abs).isDirectory()) { console.error(`✗ not a directory: ${abs}`); process.exit(1) }
+  bindDir(r, abs)
+  console.error(`✓ bound ${r} → ${abs}\n  Run \`npx thinkpool-pair\` (or restart it) to serve this session.`)
+  process.exit(0)
+}
+
+// ── account supervisor: a headless child bridge per bound room, in its dir ──
+export async function runAccount(SUPABASE_URL, SUPABASE_ANON) {
+  const auth = await authedClient(SUPABASE_URL, SUPABASE_ANON)
+  if (!auth) {
+    clearAuth()
+    console.error('\n  Not linked (or the link expired). Run:\n\n    npx thinkpool-pair login\n')
+    process.exit(1)
+  }
+  const { sb, session } = auth
+  const email = session.user?.email || 'your account'
+
+  // Owner-gate (Contract C-CODE-2): hosting a code session — spawning the agent and
+  // burning compute on this machine — requires Pro or Enterprise. This is the layer
+  // with teeth on cost; the start_code_session RPC gates the web create flow, this
+  // stops a crafted-row bypass from ever serving. Invited partners don't run a bridge.
+  let plan = 'free'
+  try {
+    const { data } = await sb.from('profiles').select('plan').eq('id', session.user.id).single()
+    plan = data?.plan || 'free'
+  } catch { /* transient read — fall through to the gate, fail closed */ }
+  if (plan !== 'pro' && plan !== 'enterprise') {
+    process.stderr.write(`\n  ◇ ThinkPool Code requires a Pro or Enterprise plan to host a session.\n    Your account (${email}) is on the ${plan} plan.\n    Upgrade:  https://thinkpool.io/pro\n\n    (Anyone you invite can still join and steer a Pro host's session for free.)\n`)
+    process.exit(1)
+  }
+
+  process.stderr.write(`\n  ◆ thinkpool-pair — account mode · ${email}\n    Serving your code sessions. Add a session's directory with \`bind\`.\n`)
+
+  const children = new Map()   // room -> child process
+  const warned = new Set()
+
+  // Account presence — so the web dashboard can show "● Bridge active" for this
+  // account without per-room probing. We TRACK this machine (name + served room
+  // codes + version) on a per-account channel; the dashboard subscribes read-only.
+  const machine = os.hostname().replace(/\.local$/, '')
+  const acct = sb.channel(`tpacct:${session.user.id}`, { config: { presence: { key: machine } } })
+  const pushPresence = () => { try { acct.track({ name: machine, version: VERSION, rooms: [...children.keys()], ts: Date.now() }) } catch { /* noop */ } }
+  await new Promise((res) => acct.subscribe((st) => { if (st === 'SUBSCRIBED') { pushPresence(); res() } }))
+
+  const tick = async () => {
+    let rooms = []
+    try {
+      const { data } = await sb.from('code_sessions').select('code,name,last_active_at').order('last_active_at', { ascending: false })
+      rooms = data || []
+    } catch { /* transient — keep existing children, retry next tick */ }
+    const dirs = loadDirs()
+    for (const r of rooms) {
+      const room = r.code
+      if (!room || children.has(room)) continue
+      const dir = dirs[room]
+      if (!dir) {
+        if (!warned.has(room)) { warned.add(room); process.stderr.write(`\n  ◇ session ${r.name ? `"${r.name}" ` : ''}(${room}) needs a directory:\n      npx thinkpool-pair bind ${room} <path>\n`) }
+        continue
+      }
+      if (!fs.existsSync(dir)) {
+        if (!warned.has(room)) { warned.add(room); process.stderr.write(`\n  ◇ ${room}: bound directory is gone (${dir}) — re-bind it.\n`) }
+        continue
+      }
+      warned.delete(room)
+      process.stderr.write(`\n  ◆ serving ${room}${r.name ? ` "${r.name}"` : ''}  →  ${dir}\n`)
+      const child = spawn(process.execPath, [BRIDGE, room, '--headless'], { cwd: dir, stdio: 'inherit' })
+      children.set(room, child)
+      child.on('exit', () => { children.delete(room) })   // re-served on the next tick
+    }
+    pushPresence()
+  }
+
+  await tick()
+  const iv = setInterval(tick, 15000)
+  const stop = (sig) => { clearInterval(iv); try { acct.untrack(); sb.removeChannel(acct) } catch { /* noop */ } for (const c of children.values()) { try { c.kill(sig) } catch { /* noop */ } } setTimeout(() => process.exit(0), 400) }
+  for (const sig of ['SIGINT', 'SIGTERM']) process.on(sig, () => stop(sig))
+  await new Promise(() => {})
+}

package/auth-store.mjs

@@ -0,0 +1,43 @@
+/* auth-store.mjs — account-mode credentials + per-session directory map for the
+   ThinkPool bridge. Files live under ~/.thinkpool-pair/ (chmod 600 for the token).
+   - auth.json: the linked account's Supabase refresh token (rotated on each use).
+   - dirs.json: per-MACHINE map of room code → absolute working directory, so one
+     account bridge can run each session's terminals in its own repo.
+   Phase 1 of the account-bridge spec (docs/specs/2026-06-16-account-bridge.md). */
+import os from 'node:os'
+import fs from 'node:fs'
+import path from 'node:path'
+
+const DIR  = path.join(os.homedir(), '.thinkpool-pair')
+const AUTH = path.join(DIR, 'auth.json')
+const DIRS = path.join(DIR, 'dirs.json')
+
+function ensureDir() { try { fs.mkdirSync(DIR, { recursive: true }) } catch { /* noop */ } }
+
+export function saveAuth(session) {
+  if (!session?.refresh_token) return
+  ensureDir()
+  try {
+    fs.writeFileSync(AUTH, JSON.stringify({
+      refresh_token: session.refresh_token,
+      access_token: session.access_token || null,
+      email: session.user?.email || session.email || null,
+      savedAt: Date.now(),
+    }), { mode: 0o600 })
+  } catch { /* noop */ }
+}
+export function loadAuth() { try { return JSON.parse(fs.readFileSync(AUTH, 'utf8')) } catch { return null } }
+export function clearAuth() { try { fs.unlinkSync(AUTH) } catch { /* noop */ } }
+
+export function loadDirs() { try { return JSON.parse(fs.readFileSync(DIRS, 'utf8')) } catch { return {} } }
+export function bindDir(room, dir) {
+  const d = loadDirs(); d[room] = dir
+  ensureDir()
+  try { fs.writeFileSync(DIRS, JSON.stringify(d, null, 2)) } catch { /* noop */ }
+  return d
+}
+export function unbindDir(room) {
+  const d = loadDirs(); delete d[room]
+  try { fs.writeFileSync(DIRS, JSON.stringify(d, null, 2)) } catch { /* noop */ }
+  return d
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thinkpool-pair",
-  "version": "0.7.2",
+  "version": "0.7.3",
   "description": "Share a local coding-agent CLI (Claude Code, Codex, Gemini, Aider, …) into a ThinkPool Code room, live.",
   "type": "module",
   "bin": {
@@ -11,6 +11,8 @@
     "claude-session.mjs",
     "session-store.mjs",
     "service.mjs",
+    "account.mjs",
+    "auth-store.mjs",
     "README.md"
   ],
   "scripts": {