tide-commander 0.52.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +364 -0
- package/dist/assets/characters/Textures/colormap.png +0 -0
- package/dist/assets/characters/character-female-a.glb +0 -0
- package/dist/assets/characters/character-female-b.glb +0 -0
- package/dist/assets/characters/character-female-c.glb +0 -0
- package/dist/assets/characters/character-female-d.glb +0 -0
- package/dist/assets/characters/character-female-e.glb +0 -0
- package/dist/assets/characters/character-female-f.glb +0 -0
- package/dist/assets/characters/character-male-a-processed.gltf +11862 -0
- package/dist/assets/characters/character-male-a.glb +0 -0
- package/dist/assets/characters/character-male-b.glb +0 -0
- package/dist/assets/characters/character-male-c.glb +0 -0
- package/dist/assets/characters/character-male-d.glb +0 -0
- package/dist/assets/characters/character-male-e.glb +0 -0
- package/dist/assets/characters/character-male-f.glb +0 -0
- package/dist/assets/icons/icon-192.png +0 -0
- package/dist/assets/icons/icon-512.png +0 -0
- package/dist/assets/landing-Cc0MDBAK.css +1 -0
- package/dist/assets/main-BIpLsrUu.css +1 -0
- package/dist/assets/main-DMTRw3br.js +276 -0
- package/dist/assets/textures/concrete_floor_worn_001_diff_1k.jpg +0 -0
- package/dist/assets/textures/logo-blanco.png +0 -0
- package/dist/assets/vendor-react-uS-d4TUT.js +17 -0
- package/dist/assets/vendor-three-4iQNXcoo.js +3828 -0
- package/dist/assets/web-BZdi2lG9.js +1 -0
- package/dist/assets/web-yHsOO1Qb.js +1 -0
- package/dist/index.html +38 -0
- package/dist/manifest.json +39 -0
- package/dist/src/packages/landing/index.html +463 -0
- package/dist/src/packages/server/app.js +87 -0
- package/dist/src/packages/server/auth/index.js +121 -0
- package/dist/src/packages/server/claude/backend.js +578 -0
- package/dist/src/packages/server/claude/index.js +8 -0
- package/dist/src/packages/server/claude/runner/internal-events.js +22 -0
- package/dist/src/packages/server/claude/runner/process-lifecycle.js +208 -0
- package/dist/src/packages/server/claude/runner/recovery-store.js +72 -0
- package/dist/src/packages/server/claude/runner/resource-monitor.js +51 -0
- package/dist/src/packages/server/claude/runner/restart-policy.js +69 -0
- package/dist/src/packages/server/claude/runner/stdout-pipeline.js +153 -0
- package/dist/src/packages/server/claude/runner/watchdog.js +114 -0
- package/dist/src/packages/server/claude/runner.js +310 -0
- package/dist/src/packages/server/claude/session-loader.js +898 -0
- package/dist/src/packages/server/claude/types.js +5 -0
- package/dist/src/packages/server/cli.js +113 -0
- package/dist/src/packages/server/codex/backend.js +119 -0
- package/dist/src/packages/server/codex/index.js +2 -0
- package/dist/src/packages/server/codex/json-event-parser.js +612 -0
- package/dist/src/packages/server/data/builtin-skills/bitbucket-pr.js +298 -0
- package/dist/src/packages/server/data/builtin-skills/full-notifications.js +49 -0
- package/dist/src/packages/server/data/builtin-skills/git-captain.js +304 -0
- package/dist/src/packages/server/data/builtin-skills/index.js +61 -0
- package/dist/src/packages/server/data/builtin-skills/pm2-logs.js +354 -0
- package/dist/src/packages/server/data/builtin-skills/send-message-to-agent.js +51 -0
- package/dist/src/packages/server/data/builtin-skills/server-logs.js +124 -0
- package/dist/src/packages/server/data/builtin-skills/streaming-exec.js +94 -0
- package/dist/src/packages/server/data/builtin-skills/types.js +4 -0
- package/dist/src/packages/server/data/builtin-skills.js +6 -0
- package/dist/src/packages/server/data/index.js +890 -0
- package/dist/src/packages/server/data/snapshots.js +371 -0
- package/dist/src/packages/server/index.js +96 -0
- package/dist/src/packages/server/prompts/tide-commander.js +13 -0
- package/dist/src/packages/server/routes/agents.js +406 -0
- package/dist/src/packages/server/routes/config.js +347 -0
- package/dist/src/packages/server/routes/custom-models.js +170 -0
- package/dist/src/packages/server/routes/exec.js +269 -0
- package/dist/src/packages/server/routes/files.js +995 -0
- package/dist/src/packages/server/routes/index.js +38 -0
- package/dist/src/packages/server/routes/notifications.js +81 -0
- package/dist/src/packages/server/routes/permissions.js +115 -0
- package/dist/src/packages/server/routes/snapshots.js +224 -0
- package/dist/src/packages/server/routes/stt.js +99 -0
- package/dist/src/packages/server/routes/tts.js +166 -0
- package/dist/src/packages/server/routes/voice-assistant.js +310 -0
- package/dist/src/packages/server/runtime/claude-runtime-provider.js +10 -0
- package/dist/src/packages/server/runtime/codex-runtime-provider.js +11 -0
- package/dist/src/packages/server/runtime/index.js +2 -0
- package/dist/src/packages/server/runtime/types.js +6 -0
- package/dist/src/packages/server/services/agent-lifecycle-service.js +82 -0
- package/dist/src/packages/server/services/agent-service.js +410 -0
- package/dist/src/packages/server/services/boss-message-service.js +430 -0
- package/dist/src/packages/server/services/boss-service.js +553 -0
- package/dist/src/packages/server/services/building-service.js +867 -0
- package/dist/src/packages/server/services/claude-service.js +5 -0
- package/dist/src/packages/server/services/custom-class-service.js +323 -0
- package/dist/src/packages/server/services/database-service.js +914 -0
- package/dist/src/packages/server/services/docker-service.js +865 -0
- package/dist/src/packages/server/services/fileTracker.js +242 -0
- package/dist/src/packages/server/services/index.js +21 -0
- package/dist/src/packages/server/services/permission-service.js +258 -0
- package/dist/src/packages/server/services/pm2-service.js +435 -0
- package/dist/src/packages/server/services/runtime-command-execution.js +168 -0
- package/dist/src/packages/server/services/runtime-events.js +357 -0
- package/dist/src/packages/server/services/runtime-service.js +308 -0
- package/dist/src/packages/server/services/runtime-status-sync.js +104 -0
- package/dist/src/packages/server/services/runtime-subagents.js +50 -0
- package/dist/src/packages/server/services/runtime-watchdog.js +74 -0
- package/dist/src/packages/server/services/secrets-service.js +206 -0
- package/dist/src/packages/server/services/skill-service.js +508 -0
- package/dist/src/packages/server/services/subordinate-context-service.js +223 -0
- package/dist/src/packages/server/services/supervisor-claude.js +132 -0
- package/dist/src/packages/server/services/supervisor-prompts.js +80 -0
- package/dist/src/packages/server/services/supervisor-service.js +659 -0
- package/dist/src/packages/server/services/work-plan-service.js +476 -0
- package/dist/src/packages/server/setup.js +86 -0
- package/dist/src/packages/server/utils/index.js +4 -0
- package/dist/src/packages/server/utils/logger.js +302 -0
- package/dist/src/packages/server/utils/string.js +39 -0
- package/dist/src/packages/server/utils/tool-formatting.js +139 -0
- package/dist/src/packages/server/utils/unicode.js +46 -0
- package/dist/src/packages/server/websocket/handler.js +290 -0
- package/dist/src/packages/server/websocket/handlers/agent-handler.js +515 -0
- package/dist/src/packages/server/websocket/handlers/boss-handler.js +116 -0
- package/dist/src/packages/server/websocket/handlers/boss-response-handler.js +250 -0
- package/dist/src/packages/server/websocket/handlers/building-handler.js +298 -0
- package/dist/src/packages/server/websocket/handlers/command-handler.js +217 -0
- package/dist/src/packages/server/websocket/handlers/custom-class-handler.js +68 -0
- package/dist/src/packages/server/websocket/handlers/database-handler.js +223 -0
- package/dist/src/packages/server/websocket/handlers/notification-handler.js +25 -0
- package/dist/src/packages/server/websocket/handlers/permission-handler.js +21 -0
- package/dist/src/packages/server/websocket/handlers/secrets-handler.js +61 -0
- package/dist/src/packages/server/websocket/handlers/skill-handler.js +148 -0
- package/dist/src/packages/server/websocket/handlers/supervisor-handler.js +44 -0
- package/dist/src/packages/server/websocket/handlers/sync-handler.js +19 -0
- package/dist/src/packages/server/websocket/handlers/types.js +4 -0
- package/dist/src/packages/server/websocket/listeners/boss-listeners.js +21 -0
- package/dist/src/packages/server/websocket/listeners/index.js +32 -0
- package/dist/src/packages/server/websocket/listeners/permission-listeners.js +19 -0
- package/dist/src/packages/server/websocket/listeners/runtime-listeners.js +196 -0
- package/dist/src/packages/server/websocket/listeners/skill-listeners.js +51 -0
- package/dist/src/packages/server/websocket/listeners/supervisor-listeners.js +37 -0
- package/dist/src/packages/shared/agent-types.js +54 -0
- package/dist/src/packages/shared/building-types.js +43 -0
- package/dist/src/packages/shared/common-types.js +1 -0
- package/dist/src/packages/shared/database-types.js +8 -0
- package/dist/src/packages/shared/types/snapshot.js +7 -0
- package/dist/src/packages/shared/types.js +12 -0
- package/dist/src/packages/shared/websocket-messages.js +1 -0
- package/dist/sw.js +37 -0
- package/package.json +90 -0
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Authentication Module
|
|
3
|
+
* Handles token-based authentication for HTTP and WebSocket connections
|
|
4
|
+
*/
|
|
5
|
+
import { logger } from '../utils/logger.js';
|
|
6
|
+
const log = logger.server;
|
|
7
|
+
// Get auth token from environment
|
|
8
|
+
const AUTH_TOKEN = process.env.AUTH_TOKEN || '';
|
|
9
|
+
/**
|
|
10
|
+
* Check if authentication is enabled
|
|
11
|
+
*/
|
|
12
|
+
export function isAuthEnabled() {
|
|
13
|
+
return AUTH_TOKEN.length > 0;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Get the configured auth token (for debugging/display purposes only)
|
|
17
|
+
*/
|
|
18
|
+
export function getAuthTokenPreview() {
|
|
19
|
+
if (!AUTH_TOKEN)
|
|
20
|
+
return '(not set)';
|
|
21
|
+
if (AUTH_TOKEN.length <= 8)
|
|
22
|
+
return '***';
|
|
23
|
+
return `${AUTH_TOKEN.slice(0, 4)}...${AUTH_TOKEN.slice(-4)}`;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* Get the configured auth token (for use in agent curl commands)
|
|
27
|
+
* Returns empty string if auth is not enabled
|
|
28
|
+
*/
|
|
29
|
+
export function getAuthToken() {
|
|
30
|
+
return AUTH_TOKEN;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Validate a token against the configured AUTH_TOKEN
|
|
34
|
+
*/
|
|
35
|
+
export function validateToken(token) {
|
|
36
|
+
if (!isAuthEnabled()) {
|
|
37
|
+
return true; // No auth required if token not configured
|
|
38
|
+
}
|
|
39
|
+
return token === AUTH_TOKEN;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Extract token from various sources in an HTTP request
|
|
43
|
+
* Checks: Authorization header, X-Auth-Token header, query param
|
|
44
|
+
*/
|
|
45
|
+
export function extractTokenFromRequest(req) {
|
|
46
|
+
// Check Authorization header (Bearer token)
|
|
47
|
+
const authHeader = req.headers.authorization;
|
|
48
|
+
if (authHeader?.startsWith('Bearer ')) {
|
|
49
|
+
return authHeader.slice(7);
|
|
50
|
+
}
|
|
51
|
+
// Check X-Auth-Token header
|
|
52
|
+
const tokenHeader = req.headers['x-auth-token'];
|
|
53
|
+
if (typeof tokenHeader === 'string') {
|
|
54
|
+
return tokenHeader;
|
|
55
|
+
}
|
|
56
|
+
// Check query parameter
|
|
57
|
+
const queryToken = req.query.token;
|
|
58
|
+
if (typeof queryToken === 'string') {
|
|
59
|
+
return queryToken;
|
|
60
|
+
}
|
|
61
|
+
return null;
|
|
62
|
+
}
|
|
63
|
+
/**
|
|
64
|
+
* Extract token from WebSocket upgrade request
|
|
65
|
+
* Checks: query param in URL, Sec-WebSocket-Protocol header
|
|
66
|
+
*/
|
|
67
|
+
export function extractTokenFromWebSocket(req) {
|
|
68
|
+
// Check URL query parameter
|
|
69
|
+
const url = new URL(req.url || '', `http://${req.headers.host}`);
|
|
70
|
+
const queryToken = url.searchParams.get('token');
|
|
71
|
+
if (queryToken) {
|
|
72
|
+
return queryToken;
|
|
73
|
+
}
|
|
74
|
+
// Check Sec-WebSocket-Protocol header (client sends token as subprotocol)
|
|
75
|
+
const protocol = req.headers['sec-websocket-protocol'];
|
|
76
|
+
if (typeof protocol === 'string') {
|
|
77
|
+
// Format: "tide-auth, <token>"
|
|
78
|
+
const parts = protocol.split(',').map(p => p.trim());
|
|
79
|
+
const tokenPart = parts.find(p => p.startsWith('auth-'));
|
|
80
|
+
if (tokenPart) {
|
|
81
|
+
return tokenPart.slice(5); // Remove 'auth-' prefix
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
return null;
|
|
85
|
+
}
|
|
86
|
+
/**
|
|
87
|
+
* Express middleware for authenticating HTTP requests
|
|
88
|
+
* Allows unauthenticated access to /api/health for status checks
|
|
89
|
+
*/
|
|
90
|
+
export function authMiddleware(req, res, next) {
|
|
91
|
+
// Always allow health check
|
|
92
|
+
if (req.path === '/health' || req.path === '/api/health') {
|
|
93
|
+
return next();
|
|
94
|
+
}
|
|
95
|
+
// Skip auth if not enabled
|
|
96
|
+
if (!isAuthEnabled()) {
|
|
97
|
+
return next();
|
|
98
|
+
}
|
|
99
|
+
const token = extractTokenFromRequest(req);
|
|
100
|
+
if (!validateToken(token)) {
|
|
101
|
+
log.log(`[AUTH] Unauthorized request to ${req.method} ${req.path}`);
|
|
102
|
+
res.status(401).json({ error: 'Unauthorized', message: 'Invalid or missing auth token' });
|
|
103
|
+
return;
|
|
104
|
+
}
|
|
105
|
+
next();
|
|
106
|
+
}
|
|
107
|
+
/**
|
|
108
|
+
* Validate WebSocket connection authentication
|
|
109
|
+
* Returns true if connection should be allowed
|
|
110
|
+
*/
|
|
111
|
+
export function validateWebSocketAuth(req) {
|
|
112
|
+
if (!isAuthEnabled()) {
|
|
113
|
+
return true;
|
|
114
|
+
}
|
|
115
|
+
const token = extractTokenFromWebSocket(req);
|
|
116
|
+
const isValid = validateToken(token);
|
|
117
|
+
if (!isValid) {
|
|
118
|
+
log.log(`[AUTH] Unauthorized WebSocket connection attempt`);
|
|
119
|
+
}
|
|
120
|
+
return isValid;
|
|
121
|
+
}
|