npm - upfynai-code - Versions diffs - 2.6.0 → 2.6.1 - Mend

upfynai-code 2.6.0 → 2.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (295) hide show

package/README.md +123 -88
package/bin/cli.js +63 -0
package/package.json +48 -106
package/src/auth.js +115 -0
package/src/config.js +33 -0
package/src/connect.js +314 -0
package/src/launch.js +54 -0
package/src/mcp.js +57 -0
package/src/server.js +54 -0
package/client/dist/api-docs.html +0 -879
package/client/dist/assets/AppContent-C0CyP3g5.js +0 -513
package/client/dist/assets/CanvasPanel-0u9QR7U-.js +0 -34
package/client/dist/assets/CanvasPanel-WhZulBJw.css +0 -1
package/client/dist/assets/DashboardPanel-Dgqw1yZk.js +0 -1
package/client/dist/assets/KaTeX_AMS-Regular-BQhdFMY1.woff2 +0 -0
package/client/dist/assets/KaTeX_AMS-Regular-DMm9YOAa.woff +0 -0
package/client/dist/assets/KaTeX_AMS-Regular-DRggAlZN.ttf +0 -0
package/client/dist/assets/KaTeX_Caligraphic-Bold-ATXxdsX0.ttf +0 -0
package/client/dist/assets/KaTeX_Caligraphic-Bold-BEiXGLvX.woff +0 -0
package/client/dist/assets/KaTeX_Caligraphic-Bold-Dq_IR9rO.woff2 +0 -0
package/client/dist/assets/KaTeX_Caligraphic-Regular-CTRA-rTL.woff +0 -0
package/client/dist/assets/KaTeX_Caligraphic-Regular-Di6jR-x-.woff2 +0 -0
package/client/dist/assets/KaTeX_Caligraphic-Regular-wX97UBjC.ttf +0 -0
package/client/dist/assets/KaTeX_Fraktur-Bold-BdnERNNW.ttf +0 -0
package/client/dist/assets/KaTeX_Fraktur-Bold-BsDP51OF.woff +0 -0
package/client/dist/assets/KaTeX_Fraktur-Bold-CL6g_b3V.woff2 +0 -0
package/client/dist/assets/KaTeX_Fraktur-Regular-CB_wures.ttf +0 -0
package/client/dist/assets/KaTeX_Fraktur-Regular-CTYiF6lA.woff2 +0 -0
package/client/dist/assets/KaTeX_Fraktur-Regular-Dxdc4cR9.woff +0 -0
package/client/dist/assets/KaTeX_Main-Bold-Cx986IdX.woff2 +0 -0
package/client/dist/assets/KaTeX_Main-Bold-Jm3AIy58.woff +0 -0
package/client/dist/assets/KaTeX_Main-Bold-waoOVXN0.ttf +0 -0
package/client/dist/assets/KaTeX_Main-BoldItalic-DxDJ3AOS.woff2 +0 -0
package/client/dist/assets/KaTeX_Main-BoldItalic-DzxPMmG6.ttf +0 -0
package/client/dist/assets/KaTeX_Main-BoldItalic-SpSLRI95.woff +0 -0
package/client/dist/assets/KaTeX_Main-Italic-3WenGoN9.ttf +0 -0
package/client/dist/assets/KaTeX_Main-Italic-BMLOBm91.woff +0 -0
package/client/dist/assets/KaTeX_Main-Italic-NWA7e6Wa.woff2 +0 -0
package/client/dist/assets/KaTeX_Main-Regular-B22Nviop.woff2 +0 -0
package/client/dist/assets/KaTeX_Main-Regular-Dr94JaBh.woff +0 -0
package/client/dist/assets/KaTeX_Main-Regular-ypZvNtVU.ttf +0 -0
package/client/dist/assets/KaTeX_Math-BoldItalic-B3XSjfu4.ttf +0 -0
package/client/dist/assets/KaTeX_Math-BoldItalic-CZnvNsCZ.woff2 +0 -0
package/client/dist/assets/KaTeX_Math-BoldItalic-iY-2wyZ7.woff +0 -0
package/client/dist/assets/KaTeX_Math-Italic-DA0__PXp.woff +0 -0
package/client/dist/assets/KaTeX_Math-Italic-flOr_0UB.ttf +0 -0
package/client/dist/assets/KaTeX_Math-Italic-t53AETM-.woff2 +0 -0
package/client/dist/assets/KaTeX_SansSerif-Bold-CFMepnvq.ttf +0 -0
package/client/dist/assets/KaTeX_SansSerif-Bold-D1sUS0GD.woff2 +0 -0
package/client/dist/assets/KaTeX_SansSerif-Bold-DbIhKOiC.woff +0 -0
package/client/dist/assets/KaTeX_SansSerif-Italic-C3H0VqGB.woff2 +0 -0
package/client/dist/assets/KaTeX_SansSerif-Italic-DN2j7dab.woff +0 -0
package/client/dist/assets/KaTeX_SansSerif-Italic-YYjJ1zSn.ttf +0 -0
package/client/dist/assets/KaTeX_SansSerif-Regular-BNo7hRIc.ttf +0 -0
package/client/dist/assets/KaTeX_SansSerif-Regular-CS6fqUqJ.woff +0 -0
package/client/dist/assets/KaTeX_SansSerif-Regular-DDBCnlJ7.woff2 +0 -0
package/client/dist/assets/KaTeX_Script-Regular-C5JkGWo-.ttf +0 -0
package/client/dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 +0 -0
package/client/dist/assets/KaTeX_Script-Regular-D5yQViql.woff +0 -0
package/client/dist/assets/KaTeX_Size1-Regular-C195tn64.woff +0 -0
package/client/dist/assets/KaTeX_Size1-Regular-Dbsnue_I.ttf +0 -0
package/client/dist/assets/KaTeX_Size1-Regular-mCD8mA8B.woff2 +0 -0
package/client/dist/assets/KaTeX_Size2-Regular-B7gKUWhC.ttf +0 -0
package/client/dist/assets/KaTeX_Size2-Regular-Dy4dx90m.woff2 +0 -0
package/client/dist/assets/KaTeX_Size2-Regular-oD1tc_U0.woff +0 -0
package/client/dist/assets/KaTeX_Size3-Regular-CTq5MqoE.woff +0 -0
package/client/dist/assets/KaTeX_Size3-Regular-DgpXs0kz.ttf +0 -0
package/client/dist/assets/KaTeX_Size4-Regular-BF-4gkZK.woff +0 -0
package/client/dist/assets/KaTeX_Size4-Regular-DWFBv043.ttf +0 -0
package/client/dist/assets/KaTeX_Size4-Regular-Dl5lxZxV.woff2 +0 -0
package/client/dist/assets/KaTeX_Typewriter-Regular-C0xS9mPB.woff +0 -0
package/client/dist/assets/KaTeX_Typewriter-Regular-CO6r4hn1.woff2 +0 -0
package/client/dist/assets/KaTeX_Typewriter-Regular-D3Ib7_Hf.ttf +0 -0
package/client/dist/assets/LoginModal-CZDEzqjK.js +0 -19
package/client/dist/assets/MarkdownPreview-CYdvwJaV.js +0 -1
package/client/dist/assets/Onboarding-DR6NZ4Vz.js +0 -1
package/client/dist/assets/SetupForm-D49gtWY4.js +0 -1
package/client/dist/assets/Tableau10-B-NsZVaP.js +0 -1
package/client/dist/assets/WorkflowsPanel-CqlbEJA_.js +0 -1
package/client/dist/assets/_commonjs-dynamic-modules-TDtrdbi3.js +0 -1
package/client/dist/assets/ar-SA-G6X2FPQ2-BWqa1yBH.js +0 -10
package/client/dist/assets/arc-BegSKqEW.js +0 -1
package/client/dist/assets/array-BKyUJesY.js +0 -1
package/client/dist/assets/az-AZ-76LH7QW2-DrVlbZDP.js +0 -1
package/client/dist/assets/bg-BG-XCXSNQG7-DdunjBgT.js +0 -5
package/client/dist/assets/blockDiagram-38ab4fdb-BKMbwGHu.js +0 -118
package/client/dist/assets/bn-BD-2XOGV67Q-_7DtmvwO.js +0 -5
package/client/dist/assets/c4Diagram-3d4e48cf-hJuiHhSn.js +0 -10
package/client/dist/assets/ca-ES-6MX7JW3Y-BFIrmojG.js +0 -8
package/client/dist/assets/channel-Bur-rRTp.js +0 -1
package/client/dist/assets/classDiagram-70f12bd4-BjiAf9cM.js +0 -2
package/client/dist/assets/classDiagram-v2-f2320105-pwBewejc.js +0 -2
package/client/dist/assets/clone-BtqXeoBJ.js +0 -1
package/client/dist/assets/createText-2e5e7dd3-Dq_acOWe.js +0 -5
package/client/dist/assets/cs-CZ-2BRQDIVT-B-x4F6TJ.js +0 -11
package/client/dist/assets/da-DK-5WZEPLOC-Btlc8Dgn.js +0 -5
package/client/dist/assets/de-DE-XR44H4JA-BVu3ZIoD.js +0 -8
package/client/dist/assets/directory-open-01563666-DWU9wJ6I.js +0 -1
package/client/dist/assets/directory-open-4ed118d0-CunoC1EB.js +0 -1
package/client/dist/assets/edges-e0da2a9e-DH0wVTXR.js +0 -4
package/client/dist/assets/el-GR-BZB4AONW-h2ll8_ZC.js +0 -10
package/client/dist/assets/erDiagram-9861fffd-BYezLIR7.js +0 -51
package/client/dist/assets/es-ES-U4NZUMDT-Cveiulwt.js +0 -9
package/client/dist/assets/eu-ES-A7QVB2H4-DQluL2PY.js +0 -11
package/client/dist/assets/fa-IR-HGAKTJCU-BJtcMBSv.js +0 -8
package/client/dist/assets/fi-FI-Z5N7JZ37-D8NfbVXV.js +0 -6
package/client/dist/assets/file-open-002ab408-DIuFHtCF.js +0 -1
package/client/dist/assets/file-open-7c801643-684qeFg4.js +0 -1
package/client/dist/assets/file-save-3189631c-C1wFhQhH.js +0 -1
package/client/dist/assets/file-save-745eba88-Bb9F9Kg7.js +0 -1
package/client/dist/assets/flowDb-956e92f1-scnUykhM.js +0 -10
package/client/dist/assets/flowDiagram-66a62f08-jVyWsfyU.js +0 -4
package/client/dist/assets/flowDiagram-v2-96b9c2cf-N6xgi25h.js +0 -1
package/client/dist/assets/flowchart-elk-definition-4a651766-gKGX3HqR.js +0 -139
package/client/dist/assets/fr-FR-RHASNOE6-vdj42kC6.js +0 -9
package/client/dist/assets/ganttDiagram-c361ad54-C2CiWFUP.js +0 -257
package/client/dist/assets/gitGraphDiagram-72cf32ee-C59Yz2LK.js +0 -70
package/client/dist/assets/gl-ES-HMX3MZ6V-DQo0TzoP.js +0 -10
package/client/dist/assets/graph-Dx_H43Kv.js +0 -1
package/client/dist/assets/he-IL-6SHJWFNN-DKXK5e33.js +0 -10
package/client/dist/assets/hi-IN-IWLTKZ5I-C2Qgqc0R.js +0 -4
package/client/dist/assets/hu-HU-A5ZG7DT2-Ss-6vX0m.js +0 -7
package/client/dist/assets/id-ID-SAP4L64H-D7Wsg1S2.js +0 -10
package/client/dist/assets/image-blob-reduce.esm-D6s-rqMO.js +0 -7
package/client/dist/assets/index-3862675e-u8Nv7hHC.js +0 -1
package/client/dist/assets/index-BVowJdZF.js +0 -97
package/client/dist/assets/index-ce18TYkg.js +0 -27
package/client/dist/assets/index-kQoJx-bc.css +0 -1
package/client/dist/assets/infoDiagram-f8f76790-LmoJYsxo.js +0 -7
package/client/dist/assets/init-Gi6I4Gst.js +0 -1
package/client/dist/assets/it-IT-JPQ66NNP-CAPTVl7M.js +0 -11
package/client/dist/assets/ja-JP-DBVTYXUO-eNVPawR2.js +0 -8
package/client/dist/assets/journeyDiagram-49397b02-BaJqehpR.js +0 -139
package/client/dist/assets/kaa-6HZHGXH3-tpuNkKhS.js +0 -1
package/client/dist/assets/kab-KAB-ZGHBKWFO-Dp83kx4x.js +0 -8
package/client/dist/assets/kk-KZ-P5N5QNE5-B9IlC6YN.js +0 -1
package/client/dist/assets/km-KH-HSX4SM5Z-B_KMYaMj.js +0 -11
package/client/dist/assets/ko-KR-MTYHY66A-yebnUNdb.js +0 -9
package/client/dist/assets/ku-TR-6OUDTVRD-BR6fh6-5.js +0 -9
package/client/dist/assets/layout-DLl5Jwcl.js +0 -1
package/client/dist/assets/line-FpB7omSK.js +0 -1
package/client/dist/assets/linear-CkXqUFJ8.js +0 -1
package/client/dist/assets/lt-LT-XHIRWOB4-SutZSWtR.js +0 -3
package/client/dist/assets/lv-LV-5QDEKY6T-DuAxdcZL.js +0 -7
package/client/dist/assets/mindmap-definition-fc14e90a-DyxXOExh.js +0 -425
package/client/dist/assets/mr-IN-CRQNXWMA-DqDUWM_8.js +0 -13
package/client/dist/assets/my-MM-5M5IBNSE-C40kMFMR.js +0 -1
package/client/dist/assets/nb-NO-T6EIAALU-DVij32Ju.js +0 -10
package/client/dist/assets/nl-NL-IS3SIHDZ-rT84mDYq.js +0 -8
package/client/dist/assets/nn-NO-6E72VCQL-BBZXBW8V.js +0 -8
package/client/dist/assets/oc-FR-POXYY2M6-DzjOugOf.js +0 -8
package/client/dist/assets/ordinal-Cboi1Yqb.js +0 -1
package/client/dist/assets/pa-IN-N4M65BXN-DD1iU8_F.js +0 -4
package/client/dist/assets/path-CbwjOpE9.js +0 -1
package/client/dist/assets/pdf-CE_K4jFx.js +0 -12
package/client/dist/assets/pdf.worker-BA9kU3Pw.mjs +0 -61080
package/client/dist/assets/percentages-BXMCSKIN-WVlHS4wx.js +0 -207
package/client/dist/assets/pica-CQIY57Tf.js +0 -7
package/client/dist/assets/pieDiagram-8a3498a8-Dd_85qBH.js +0 -35
package/client/dist/assets/pl-PL-T2D74RX3-ukVXa48G.js +0 -9
package/client/dist/assets/pt-BR-5N22H2LF-BibawarT.js +0 -9
package/client/dist/assets/pt-PT-UZXXM6DQ-So3i9l9w.js +0 -9
package/client/dist/assets/quadrantDiagram-120e2f19-C4dFVDEx.js +0 -7
package/client/dist/assets/requirementDiagram-deff3bca-DrTO7yFl.js +0 -52
package/client/dist/assets/ro-RO-JPDTUUEW-DY0Xq_Hd.js +0 -11
package/client/dist/assets/roundRect-0PYZxl1G.js +0 -1
package/client/dist/assets/ru-RU-B4JR7IUQ-B7u_Zvkd.js +0 -9
package/client/dist/assets/sankeyDiagram-04a897e0-D24gfzuS.js +0 -8
package/client/dist/assets/sequenceDiagram-704730f1-Dgji2XLQ.js +0 -122
package/client/dist/assets/si-LK-N5RQ5JYF-OejsLzQ_.js +0 -1
package/client/dist/assets/sk-SK-C5VTKIMK-_vy2Bt-M.js +0 -6
package/client/dist/assets/sl-SI-NN7IZMDC-DKOl_u2M.js +0 -6
package/client/dist/assets/stateDiagram-587899a1-CJ8eBaiU.js +0 -1
package/client/dist/assets/stateDiagram-v2-d93cdb3a-C5K3l-Nt.js +0 -1
package/client/dist/assets/styles-6aaf32cf-DAKE0jbx.js +0 -207
package/client/dist/assets/styles-9a916d00-LFAJCgEy.js +0 -160
package/client/dist/assets/styles-c10674c1-CllKO8NG.js +0 -116
package/client/dist/assets/subset-shared.chunk-Uy-J87FQ.js +0 -84
package/client/dist/assets/subset-worker.chunk-dvgDvqt9.js +0 -1
package/client/dist/assets/sv-SE-XGPEYMSR-CDCB2ZV5.js +0 -10
package/client/dist/assets/svgDrawCommon-08f97a94-CObOzbFQ.js +0 -1
package/client/dist/assets/ta-IN-2NMHFXQM-DHUNdO69.js +0 -9
package/client/dist/assets/th-TH-HPSO5L25-zI2hnBq3.js +0 -2
package/client/dist/assets/timeline-definition-85554ec2-C2XHRmxK.js +0 -61
package/client/dist/assets/tr-TR-DEFEU3FU-l-6Hu4-D.js +0 -7
package/client/dist/assets/uk-UA-QMV73CPH-CqSOwrl7.js +0 -6
package/client/dist/assets/vendor-codemirror-D_s0aGBu.js +0 -35
package/client/dist/assets/vendor-i18n-DCFGyhQR.js +0 -1
package/client/dist/assets/vendor-icons-Lb69KSFJ.js +0 -646
package/client/dist/assets/vendor-markdown-BXEi_H3G.js +0 -298
package/client/dist/assets/vendor-react-9mUTKBHH.js +0 -67
package/client/dist/assets/vendor-syntax-DnmwQQJF.js +0 -16
package/client/dist/assets/vendor-xterm-CZq1hqo1.js +0 -66
package/client/dist/assets/vendor-xterm-qxJ8_QYu.css +0 -32
package/client/dist/assets/vi-VN-M7AON7JQ-CUL8-mBZ.js +0 -5
package/client/dist/assets/xychartDiagram-e933f94c-1fmf6slj.js +0 -7
package/client/dist/assets/zh-CN-LNUGB5OW-CB5y5VVU.js +0 -10
package/client/dist/assets/zh-HK-E62DVLB3-BHcrrEeJ.js +0 -1
package/client/dist/assets/zh-TW-RAJ6MFWO-DoDUdkaJ.js +0 -9
package/client/dist/clear-cache.html +0 -85
package/client/dist/convert-icons.md +0 -53
package/client/dist/favicon.png +0 -0
package/client/dist/favicon.svg +0 -9
package/client/dist/generate-icons.js +0 -49
package/client/dist/icons/claude-ai-icon.svg +0 -1
package/client/dist/icons/codex-white.svg +0 -3
package/client/dist/icons/codex.svg +0 -3
package/client/dist/icons/cursor-white.svg +0 -12
package/client/dist/icons/cursor.svg +0 -1
package/client/dist/icons/icon-128x128.png +0 -0
package/client/dist/icons/icon-128x128.svg +0 -12
package/client/dist/icons/icon-144x144.png +0 -0
package/client/dist/icons/icon-144x144.svg +0 -12
package/client/dist/icons/icon-152x152.png +0 -0
package/client/dist/icons/icon-152x152.svg +0 -12
package/client/dist/icons/icon-192x192.png +0 -0
package/client/dist/icons/icon-192x192.svg +0 -12
package/client/dist/icons/icon-384x384.png +0 -0
package/client/dist/icons/icon-384x384.svg +0 -12
package/client/dist/icons/icon-512x512.png +0 -0
package/client/dist/icons/icon-512x512.svg +0 -12
package/client/dist/icons/icon-72x72.png +0 -0
package/client/dist/icons/icon-72x72.svg +0 -12
package/client/dist/icons/icon-96x96.png +0 -0
package/client/dist/icons/icon-96x96.svg +0 -12
package/client/dist/icons/icon-template.svg +0 -12
package/client/dist/index.html +0 -128
package/client/dist/logo-128.png +0 -0
package/client/dist/logo-256.png +0 -0
package/client/dist/logo-32.png +0 -0
package/client/dist/logo-512.png +0 -0
package/client/dist/logo-64.png +0 -0
package/client/dist/logo.svg +0 -17
package/client/dist/manifest.json +0 -61
package/client/dist/mcp-docs.html +0 -119
package/client/dist/screenshots/cli-selection.png +0 -0
package/client/dist/screenshots/desktop-main.png +0 -0
package/client/dist/screenshots/mobile-chat.png +0 -0
package/client/dist/screenshots/tools-modal.png +0 -0
package/client/dist/sw.js +0 -19
package/commands/upfynai-connect.md +0 -59
package/commands/upfynai-disconnect.md +0 -31
package/commands/upfynai-doctor.md +0 -99
package/commands/upfynai-export.md +0 -49
package/commands/upfynai-local.md +0 -82
package/commands/upfynai-status.md +0 -75
package/commands/upfynai-stop.md +0 -49
package/commands/upfynai-uninstall.md +0 -58
package/commands/upfynai.md +0 -69
package/scripts/build-client.js +0 -17
package/scripts/fix-node-pty.js +0 -67
package/scripts/install-commands.js +0 -78
package/server/claude-sdk.js +0 -714
package/server/cli-ui.js +0 -785
package/server/cli.js +0 -596
package/server/constants/config.js +0 -31
package/server/cursor-cli.js +0 -270
package/server/database/auth.db +0 -0
package/server/database/db.js +0 -822
package/server/database/init.sql +0 -70
package/server/index.js +0 -2738
package/server/load-env.js +0 -26
package/server/mcp-server.js +0 -621
package/server/middleware/auth.js +0 -181
package/server/openai-codex.js +0 -403
package/server/openrouter.js +0 -137
package/server/projects.js +0 -1742
package/server/relay-client.js +0 -672
package/server/routes/agent.js +0 -1226
package/server/routes/auth.js +0 -266
package/server/routes/cli-auth.js +0 -263
package/server/routes/codex.js +0 -344
package/server/routes/commands.js +0 -598
package/server/routes/cursor.js +0 -807
package/server/routes/dashboard.js +0 -205
package/server/routes/git.js +0 -1151
package/server/routes/mcp-utils.js +0 -48
package/server/routes/mcp.js +0 -535
package/server/routes/payments.js +0 -172
package/server/routes/projects.js +0 -552
package/server/routes/settings.js +0 -261
package/server/routes/taskmaster.js +0 -1928
package/server/routes/user.js +0 -106
package/server/routes/vapi-chat.js +0 -94
package/server/routes/voice.js +0 -194
package/server/routes/webhooks.js +0 -166
package/server/routes/workflows.js +0 -118
package/server/sandbox.js +0 -120
package/server/services/whisperService.js +0 -84
package/server/services/workflowScheduler.js +0 -186
package/server/utils/commandParser.js +0 -303
package/server/utils/gitConfig.js +0 -24
package/server/utils/mcp-detector.js +0 -198
package/server/utils/taskmaster-websocket.js +0 -129
package/shared/modelConstants.js +0 -96

package/server/routes/auth.js DELETED Viewed

@@ -1,266 +0,0 @@
-import express from 'express';
-import bcrypt from 'bcryptjs';
-import { db, userDb, subscriptionDb, relayTokensDb, apiKeysDb } from '../database/db.js';
-import { generateToken, authenticateToken, setSessionCookie, clearSessionCookie } from '../middleware/auth.js';
-const router = express.Router();
-// Check auth status and setup requirements
-router.get('/status', async (req, res) => {
-  try {
-    const hasUsers = await userDb.hasUsers();
-    res.json({
-      needsSetup: !hasUsers,
-      isAuthenticated: false
-    });
-  } catch (error) {
-    // auth status error
-    res.status(500).json({ error: 'Internal server error' });
-  }
-});
-// User registration — allows multiple users (rate limited)
-router.post('/register', (req, res, next) => {
-  const rl = req.app.locals.authRateLimit;
-  if (rl) return rl(req, res, next);
-  next();
-}, async (req, res) => {
-  try {
-    const { username, password, email, phone, firstName, lastName } = req.body;
-    // Validate input
-    if (!password) {
-      return res.status(400).json({ error: 'Password is required' });
-    }
-    if (password.length < 8) {
-      return res.status(400).json({ error: 'Password must be at least 8 characters' });
-    }
-    if (password.length > 128) {
-      return res.status(400).json({ error: 'Password is too long' });
-    }
-    // Sanitize and validate name/phone inputs
-    const fName = (firstName || '').trim().slice(0, 50);
-    const lName = (lastName || '').trim().slice(0, 50);
-    const displayName = username || [fName, lName].filter(Boolean).join(' ') || 'User';
-    if (displayName.length < 2) {
-      return res.status(400).json({ error: 'Name must be at least 2 characters' });
-    }
-    // Check if email is already registered
-    if (email) {
-      const existingUser = await userDb.getUserByUsername(email);
-      if (existingUser) {
-        return res.status(409).json({ error: 'An account with this email already exists. Please sign in.' });
-      }
-    }
-    // Hash password
-    const passwordHash = await bcrypt.hash(password, 12);
-    // Create user
-    const user = await userDb.createUser(displayName, passwordHash, email || null, phone || null, fName || null, lName || null);
-    // Auto-create default relay token + API key for the new user
-    let connectToken = null;
-    try {
-      const relayToken = await relayTokensDb.createToken(user.id, 'default');
-      connectToken = relayToken.token;
-      await apiKeysDb.createApiKey(user.id, 'default');
-    } catch { /* non-critical — user can create manually later */ }
-    // Generate token + set cookie
-    const token = generateToken(user);
-    setSessionCookie(res, token);
-    await userDb.updateLastLogin(user.id);
-    // New user — no subscription yet
-    res.json({
-      success: true,
-      user: { id: user.user_code || `upc-${String(user.id).padStart(3, '0')}`, username: user.username, first_name: user.first_name, last_name: user.last_name, email: email || null, phone: phone || null, access_override: user.access_override || null, subscription: null },
-      token, // still returned for backward compat / API clients
-      connectToken // relay token for CLI connection
-    });
-  } catch (error) {
-    // registration error
-    if (error.message?.includes('UNIQUE')) {
-      res.status(409).json({ error: 'An account with this name already exists. Try a different name or sign in.' });
-    } else {
-      res.status(500).json({ error: 'Internal server error' });
-    }
-  }
-});
-// User login (rate limited)
-router.post('/login', (req, res, next) => {
-  const rl = req.app.locals.authRateLimit;
-  if (rl) return rl(req, res, next);
-  next();
-}, async (req, res) => {
-  try {
-    const { username, password } = req.body;
-    if (!username || !password) {
-      return res.status(400).json({ error: 'Identifier and password are required' });
-    }
-    const user = await userDb.getUserByUsername(username.trim());
-    if (!user) {
-      return res.status(401).json({ error: 'Invalid credentials' });
-    }
-    const isValidPassword = await bcrypt.compare(password, user.password_hash);
-    if (!isValidPassword) {
-      return res.status(401).json({ error: 'Invalid credentials' });
-    }
-    const updatedUser = user;
-    // Generate token + set cookie
-    const token = generateToken(updatedUser);
-    setSessionCookie(res, token);
-    await userDb.updateLastLogin(updatedUser.id);
-    // Backfill relay token + API key if missing (for users created before auto-provisioning)
-    try {
-      const existingTokens = await relayTokensDb.getTokens(updatedUser.id);
-      if (existingTokens.length === 0) {
-        await relayTokensDb.createToken(updatedUser.id, 'default');
-      }
-      const existingKeys = await apiKeysDb.getApiKeys(updatedUser.id);
-      if (existingKeys.length === 0) {
-        await apiKeysDb.createApiKey(updatedUser.id, 'default');
-      }
-    } catch { /* non-critical backfill */ }
-    // Include active subscription if any
-    let subscription = null;
-    try {
-      await subscriptionDb.expireOverdue();
-      const sub = await subscriptionDb.getActiveSub(updatedUser.id);
-      if (sub) {
-        subscription = { id: sub.id, planId: sub.plan_id, status: sub.status, startsAt: sub.starts_at, expiresAt: sub.expires_at };
-      }
-    } catch { /* non-critical */ }
-    res.json({
-      success: true,
-      user: { id: updatedUser.user_code || `upc-${String(updatedUser.id).padStart(3, '0')}`, username: updatedUser.username, first_name: updatedUser.first_name, last_name: updatedUser.last_name, email: updatedUser.email, phone: updatedUser.phone, access_override: updatedUser.access_override || null, subscription },
-      token // backward compat
-    });
-  } catch (error) {
-    // login error
-    res.status(500).json({ error: 'Internal server error' });
-  }
-});
-// Get current user (protected route) — includes active subscription
-router.get('/user', authenticateToken, async (req, res) => {
-  try {
-    // Expire overdue subs, then fetch active
-    await subscriptionDb.expireOverdue();
-    const sub = await subscriptionDb.getActiveSub(req.user.id);
-    // Map internal id → user_code for frontend, include all user details
-    const user = {
-      id: req.user.user_code || `upc-${String(req.user.id).padStart(3, '0')}`,
-      username: req.user.username,
-      first_name: req.user.first_name,
-      last_name: req.user.last_name,
-      email: req.user.email,
-      phone: req.user.phone,
-      access_override: req.user.access_override || null,
-      created_at: req.user.created_at,
-    };
-    if (sub) {
-      user.subscription = {
-        id: sub.id,
-        planId: sub.plan_id,
-        status: sub.status,
-        startsAt: sub.starts_at,
-        expiresAt: sub.expires_at,
-      };
-    } else {
-      user.subscription = null;
-    }
-    res.json({ user });
-  } catch (error) {
-    // user fetch error
-    const u = req.user;
-    res.json({ user: { id: u.user_code || `upc-${String(u.id).padStart(3, '0')}`, username: u.username, first_name: u.first_name, last_name: u.last_name, email: u.email, phone: u.phone } });
-  }
-});
-// Get a fresh JWT for the current session (used by frontend to pass to iframe)
-router.get('/token', authenticateToken, (req, res) => {
-  const token = generateToken(req.user);
-  res.json({ token });
-});
-// Get user's tokens — relay token (for Connect + MCP) and API key
-router.get('/connect-token', authenticateToken, async (req, res) => {
-  try {
-    // Relay token — used for both CLI connect and MCP auth
-    const tokens = await relayTokensDb.getTokens(req.user.id);
-    let active = tokens.find(t => t.is_active);
-    if (!active) {
-      // Auto-create if none exists (backfill for existing users)
-      active = await relayTokensDb.createToken(req.user.id, 'default');
-    }
-    // API key — also available if user needs it
-    const keys = await apiKeysDb.getApiKeys(req.user.id);
-    let activeKey = keys.find(k => k.is_active);
-    if (!activeKey) {
-      activeKey = await apiKeysDb.createApiKey(req.user.id, 'default');
-    }
-    res.json({
-      token: active.token,        // relay token — works for Connect + MCP
-      apiKey: activeKey.api_key,   // API key — alternative auth method
-      userCode: req.user.user_code || null,
-    });
-  } catch (error) {
-    res.status(500).json({ error: 'Could not fetch connect token' });
-  }
-});
-// Update profile — phone only (email and other sensitive fields are read-only)
-router.patch('/profile', authenticateToken, async (req, res) => {
-  try {
-    const userId = req.user.id;
-    const { phone } = req.body;
-    if (phone === undefined) {
-      return res.status(400).json({ error: 'No fields to update' });
-    }
-    const trimmed = (phone || '').trim().slice(0, 20);
-    if (trimmed && !/^[+]?[\d\s()-]{7,20}$/.test(trimmed)) {
-      return res.status(400).json({ error: 'Invalid phone format' });
-    }
-    await db.execute({ sql: 'UPDATE users SET phone = ? WHERE id = ?', args: [trimmed || null, userId] });
-    const updated = await userDb.getUserById(userId);
-    res.json({
-      success: true,
-      user: { phone: updated?.phone || null }
-    });
-  } catch (error) {
-    res.status(500).json({ error: 'Failed to update profile' });
-  }
-});
-// Logout — clear the session cookie
-router.post('/logout', authenticateToken, (req, res) => {
-  clearSessionCookie(res);
-  res.json({ success: true, message: 'Logged out successfully' });
-});
-export default router;

package/server/routes/cli-auth.js DELETED Viewed

@@ -1,263 +0,0 @@
-import express from 'express';
-import { spawn } from 'child_process';
-import fs from 'fs/promises';
-import path from 'path';
-import os from 'os';
-const router = express.Router();
-router.get('/claude/status', async (req, res) => {
-  try {
-    const credentialsResult = await checkClaudeCredentials();
-    if (credentialsResult.authenticated) {
-      return res.json({
-        authenticated: true,
-        email: credentialsResult.email || 'Authenticated',
-        method: 'credentials_file'
-      });
-    }
-    return res.json({
-      authenticated: false,
-      email: null,
-      error: credentialsResult.error || 'Not authenticated'
-    });
-  } catch (error) {
-    // auth status error
-    res.status(500).json({
-      authenticated: false,
-      email: null,
-      error: 'An error occurred'
-    });
-  }
-});
-router.get('/cursor/status', async (req, res) => {
-  try {
-    const result = await checkCursorStatus();
-    res.json({
-      authenticated: result.authenticated,
-      email: result.email,
-      error: result.error
-    });
-  } catch (error) {
-    // auth status error
-    res.status(500).json({
-      authenticated: false,
-      email: null,
-      error: 'An error occurred'
-    });
-  }
-});
-router.get('/codex/status', async (req, res) => {
-  try {
-    const result = await checkCodexCredentials();
-    res.json({
-      authenticated: result.authenticated,
-      email: result.email,
-      error: result.error
-    });
-  } catch (error) {
-    // auth status error
-    res.status(500).json({
-      authenticated: false,
-      email: null,
-      error: 'An error occurred'
-    });
-  }
-});
-async function checkClaudeCredentials() {
-  try {
-    const credPath = path.join(os.homedir(), '.claude', '.credentials.json');
-    const content = await fs.readFile(credPath, 'utf8');
-    const creds = JSON.parse(content);
-    const oauth = creds.claudeAiOauth;
-    if (oauth && oauth.accessToken) {
-      const isExpired = oauth.expiresAt && Date.now() >= oauth.expiresAt;
-      if (!isExpired) {
-        return {
-          authenticated: true,
-          email: creds.email || creds.user || null
-        };
-      }
-    }
-    return {
-      authenticated: false,
-      email: null
-    };
-  } catch (error) {
-    return {
-      authenticated: false,
-      email: null
-    };
-  }
-}
-function checkCursorStatus() {
-  return new Promise((resolve) => {
-    let processCompleted = false;
-    const timeout = setTimeout(() => {
-      if (!processCompleted) {
-        processCompleted = true;
-        if (childProcess) {
-          childProcess.kill();
-        }
-        resolve({
-          authenticated: false,
-          email: null,
-          error: 'Command timeout'
-        });
-      }
-    }, 5000);
-    let childProcess;
-    try {
-      childProcess = spawn('cursor-agent', ['status']);
-    } catch (err) {
-      clearTimeout(timeout);
-      processCompleted = true;
-      resolve({
-        authenticated: false,
-        email: null,
-        error: 'Cursor CLI not found or not installed'
-      });
-      return;
-    }
-    let stdout = '';
-    let stderr = '';
-    childProcess.stdout.on('data', (data) => {
-      stdout += data.toString();
-    });
-    childProcess.stderr.on('data', (data) => {
-      stderr += data.toString();
-    });
-    childProcess.on('close', (code) => {
-      if (processCompleted) return;
-      processCompleted = true;
-      clearTimeout(timeout);
-      if (code === 0) {
-        const emailMatch = stdout.match(/Logged in as ([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})/i);
-        if (emailMatch) {
-          resolve({
-            authenticated: true,
-            email: emailMatch[1],
-            output: stdout
-          });
-        } else if (stdout.includes('Logged in')) {
-          resolve({
-            authenticated: true,
-            email: 'Logged in',
-            output: stdout
-          });
-        } else {
-          resolve({
-            authenticated: false,
-            email: null,
-            error: 'Not logged in'
-          });
-        }
-      } else {
-        resolve({
-          authenticated: false,
-          email: null,
-          error: stderr || 'Not logged in'
-        });
-      }
-    });
-    childProcess.on('error', (err) => {
-      if (processCompleted) return;
-      processCompleted = true;
-      clearTimeout(timeout);
-      resolve({
-        authenticated: false,
-        email: null,
-        error: 'Cursor CLI not found or not installed'
-      });
-    });
-  });
-}
-async function checkCodexCredentials() {
-  try {
-    const authPath = path.join(os.homedir(), '.codex', 'auth.json');
-    const content = await fs.readFile(authPath, 'utf8');
-    const auth = JSON.parse(content);
-    // Tokens are nested under 'tokens' key
-    const tokens = auth.tokens || {};
-    // Check for valid tokens (id_token or access_token)
-    if (tokens.id_token || tokens.access_token) {
-      // Try to extract email from id_token JWT payload
-      let email = 'Authenticated';
-      if (tokens.id_token) {
-        try {
-          // JWT is base64url encoded: header.payload.signature
-          const parts = tokens.id_token.split('.');
-          if (parts.length >= 2) {
-            // Decode the payload (second part)
-            const payload = JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf8'));
-            email = payload.email || payload.user || 'Authenticated';
-          }
-        } catch {
-          // If JWT decoding fails, use fallback
-          email = 'Authenticated';
-        }
-      }
-      return {
-        authenticated: true,
-        email
-      };
-    }
-    // Also check for OPENAI_API_KEY as fallback auth method
-    if (auth.OPENAI_API_KEY) {
-      return {
-        authenticated: true,
-        email: 'API Key Auth'
-      };
-    }
-    return {
-      authenticated: false,
-      email: null,
-      error: 'No valid tokens found'
-    };
-  } catch (error) {
-    if (error.code === 'ENOENT') {
-      return {
-        authenticated: false,
-        email: null,
-        error: 'Codex not configured'
-      };
-    }
-    return {
-      authenticated: false,
-      email: null,
-      error: 'An error occurred'
-    };
-  }
-}
-export default router;