npm - web-agent-bridge - Versions diffs - 1.1.1 → 1.1.2 - Mend

web-agent-bridge 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/LICENSE +21 -21
package/README.ar.md +446 -446
package/README.md +844 -844
package/bin/cli.js +80 -80
package/bin/wab.js +80 -80
package/docs/DEPLOY.md +118 -118
package/docs/SPEC.md +1540 -1540
package/examples/bidi-agent.js +119 -119
package/examples/mcp-agent.js +94 -94
package/examples/puppeteer-agent.js +108 -108
package/examples/vision-agent.js +171 -171
package/package.json +78 -78
package/public/admin/dashboard.html +848 -848
package/public/admin/login.html +84 -84
package/public/cookies.html +208 -208
package/public/css/styles.css +1235 -1235
package/public/dashboard.html +704 -704
package/public/docs.html +585 -585
package/public/index.html +332 -332
package/public/js/auth-nav.js +31 -31
package/public/js/auth-redirect.js +12 -12
package/public/js/cookie-consent.js +56 -56
package/public/js/ws-client.js +74 -74
package/public/login.html +83 -83
package/public/privacy.html +295 -295
package/public/register.html +103 -103
package/public/terms.html +254 -254
package/script/ai-agent-bridge.js +1513 -1513
package/sdk/README.md +55 -55
package/sdk/index.js +203 -203
package/sdk/package.json +14 -14
package/server/config/secrets.js +92 -92
package/server/index.js +181 -181
package/server/middleware/adminAuth.js +30 -30
package/server/middleware/auth.js +41 -41
package/server/middleware/rateLimits.js +24 -24
package/server/migrations/001_add_analytics_indexes.sql +7 -7
package/server/models/adapters/index.js +33 -33
package/server/models/adapters/mysql.js +183 -183
package/server/models/adapters/postgresql.js +172 -172
package/server/models/adapters/sqlite.js +7 -7
package/server/models/db.js +561 -561
package/server/routes/admin.js +247 -247
package/server/routes/api.js +138 -138
package/server/routes/auth.js +51 -51
package/server/routes/billing.js +45 -45
package/server/routes/discovery.js +329 -329
package/server/routes/license.js +240 -240
package/server/routes/noscript.js +543 -543
package/server/routes/wab-api.js +476 -476
package/server/services/email.js +204 -204
package/server/services/fairness.js +420 -420
package/server/services/stripe.js +192 -192
package/server/utils/cache.js +125 -125
package/server/utils/migrate.js +81 -81
package/server/utils/secureFields.js +50 -50
package/server/ws.js +101 -101
package/wab-mcp-adapter/README.md +136 -136
package/wab-mcp-adapter/index.js +555 -555
package/wab-mcp-adapter/package.json +17 -17
package/public/css/premium.css +0 -317
package/public/premium-dashboard.html +0 -2075
package/public/premium.html +0 -791
package/server/migrations/002_premium_features.sql +0 -418
package/server/routes/premium.js +0 -724
package/server/services/premium.js +0 -1680

package/server/config/secrets.js CHANGED Viewed

@@ -1,92 +1,92 @@
-/**
- * Central JWT and startup secret checks.
- * User tokens and admin tokens use different secrets and audiences in production.
- */
-const jwt = require('jsonwebtoken');
-const JWT_ISSUER = 'wab';
-const JWT_AUD_USER = 'wab:user';
-const JWT_AUD_ADMIN = 'wab:admin';
-const jwtVerifyUser = { issuer: JWT_ISSUER, audience: JWT_AUD_USER };
-const jwtVerifyAdmin = { issuer: JWT_ISSUER, audience: JWT_AUD_ADMIN };
-function isTest() {
-  return process.env.NODE_ENV === 'test';
-}
-function isProd() {
-  return process.env.NODE_ENV === 'production';
-}
-function assertSecretsAtStartup() {
-  if (isTest()) return;
-  if (isProd()) {
-    if (!process.env.JWT_SECRET) {
-      throw new Error('FATAL: JWT_SECRET is required in production');
-    }
-    if (!process.env.JWT_SECRET_ADMIN) {
-      throw new Error('FATAL: JWT_SECRET_ADMIN is required in production');
-    }
-  }
-}
-function getJwtUserSecret() {
-  if (isTest()) {
-    return process.env.JWT_SECRET || 'test-secret-key-for-testing';
-  }
-  if (isProd()) {
-    return process.env.JWT_SECRET;
-  }
-  return process.env.JWT_SECRET || 'dev-user-secret-change-in-development';
-}
-function getJwtAdminSecret() {
-  if (isTest()) {
-    return process.env.JWT_SECRET_ADMIN || process.env.JWT_SECRET || 'test-secret-key-for-testing-admin';
-  }
-  if (isProd()) {
-    return process.env.JWT_SECRET_ADMIN;
-  }
-  return process.env.JWT_SECRET_ADMIN || process.env.JWT_SECRET || 'dev-admin-secret-change-in-development';
-}
-function signUserToken(payload, options = {}) {
-  return jwt.sign(
-    { ...payload },
-    getJwtUserSecret(),
-    { expiresIn: options.expiresIn || '7d', issuer: JWT_ISSUER, audience: JWT_AUD_USER }
-  );
-}
-function signAdminToken(payload, options = {}) {
-  return jwt.sign(
-    { ...payload },
-    getJwtAdminSecret(),
-    { expiresIn: options.expiresIn || '12h', issuer: JWT_ISSUER, audience: JWT_AUD_ADMIN }
-  );
-}
-function verifyUserToken(token) {
-  return jwt.verify(token, getJwtUserSecret(), jwtVerifyUser);
-}
-function verifyAdminToken(token) {
-  return jwt.verify(token, getJwtAdminSecret(), jwtVerifyAdmin);
-}
-module.exports = {
-  assertSecretsAtStartup,
-  getJwtUserSecret,
-  getJwtAdminSecret,
-  signUserToken,
-  signAdminToken,
-  verifyUserToken,
-  verifyAdminToken,
-  JWT_ISSUER,
-  JWT_AUD_USER,
-  JWT_AUD_ADMIN,
-  jwtVerifyUser,
-  jwtVerifyAdmin
-};
+/**
+ * Central JWT and startup secret checks.
+ * User tokens and admin tokens use different secrets and audiences in production.
+ */
+const jwt = require('jsonwebtoken');
+const JWT_ISSUER = 'wab';
+const JWT_AUD_USER = 'wab:user';
+const JWT_AUD_ADMIN = 'wab:admin';
+const jwtVerifyUser = { issuer: JWT_ISSUER, audience: JWT_AUD_USER };
+const jwtVerifyAdmin = { issuer: JWT_ISSUER, audience: JWT_AUD_ADMIN };
+function isTest() {
+  return process.env.NODE_ENV === 'test';
+}
+function isProd() {
+  return process.env.NODE_ENV === 'production';
+}
+function assertSecretsAtStartup() {
+  if (isTest()) return;
+  if (isProd()) {
+    if (!process.env.JWT_SECRET) {
+      throw new Error('FATAL: JWT_SECRET is required in production');
+    }
+    if (!process.env.JWT_SECRET_ADMIN) {
+      throw new Error('FATAL: JWT_SECRET_ADMIN is required in production');
+    }
+  }
+}
+function getJwtUserSecret() {
+  if (isTest()) {
+    return process.env.JWT_SECRET || 'test-secret-key-for-testing';
+  }
+  if (isProd()) {
+    return process.env.JWT_SECRET;
+  }
+  return process.env.JWT_SECRET || 'dev-user-secret-change-in-development';
+}
+function getJwtAdminSecret() {
+  if (isTest()) {
+    return process.env.JWT_SECRET_ADMIN || process.env.JWT_SECRET || 'test-secret-key-for-testing-admin';
+  }
+  if (isProd()) {
+    return process.env.JWT_SECRET_ADMIN;
+  }
+  return process.env.JWT_SECRET_ADMIN || process.env.JWT_SECRET || 'dev-admin-secret-change-in-development';
+}
+function signUserToken(payload, options = {}) {
+  return jwt.sign(
+    { ...payload },
+    getJwtUserSecret(),
+    { expiresIn: options.expiresIn || '7d', issuer: JWT_ISSUER, audience: JWT_AUD_USER }
+  );
+}
+function signAdminToken(payload, options = {}) {
+  return jwt.sign(
+    { ...payload },
+    getJwtAdminSecret(),
+    { expiresIn: options.expiresIn || '12h', issuer: JWT_ISSUER, audience: JWT_AUD_ADMIN }
+  );
+}
+function verifyUserToken(token) {
+  return jwt.verify(token, getJwtUserSecret(), jwtVerifyUser);
+}
+function verifyAdminToken(token) {
+  return jwt.verify(token, getJwtAdminSecret(), jwtVerifyAdmin);
+}
+module.exports = {
+  assertSecretsAtStartup,
+  getJwtUserSecret,
+  getJwtAdminSecret,
+  signUserToken,
+  signAdminToken,
+  verifyUserToken,
+  verifyAdminToken,
+  JWT_ISSUER,
+  JWT_AUD_USER,
+  JWT_AUD_ADMIN,
+  jwtVerifyUser,
+  jwtVerifyAdmin
+};

package/server/index.js CHANGED Viewed

@@ -1,181 +1,181 @@
-require('dotenv').config();
-const { assertSecretsAtStartup } = require('./config/secrets');
-assertSecretsAtStartup();
-const express = require('express');
-const http = require('http');
-const cors = require('cors');
-const helmet = require('helmet');
-const rateLimit = require('express-rate-limit');
-const path = require('path');
-const { setupWebSocket } = require('./ws');
-const { runMigrations } = require('./utils/migrate');
-const { maybeBootstrapAdmin } = require('./models/db');
-const authRoutes = require('./routes/auth');
-const apiRoutes = require('./routes/api');
-const licenseRoutes = require('./routes/license');
-const adminRoutes = require('./routes/admin');
-const billingRoutes = require('./routes/billing');
-const noscriptRoutes = require('./routes/noscript');
-const discoveryRoutes = require('./routes/discovery');
-const wabApiRoutes = require('./routes/wab-api');
-const { handleWebhookRequest } = require('./services/stripe');
-const app = express();
-const PORT = process.env.PORT || 3000;
-app.set('trust proxy', 1);
-const corsOrigins = (process.env.ALLOWED_ORIGINS
-  || 'http://localhost:3000,http://127.0.0.1:3000,http://localhost:5173')
-  .split(',')
-  .map((s) => s.trim())
-  .filter(Boolean);
-app.use(
-  cors({
-    origin(origin, callback) {
-      if (!origin) return callback(null, true);
-      if (corsOrigins.includes(origin)) return callback(null, true);
-      if (process.env.NODE_ENV !== 'production' && /^https?:\/\/(localhost|127\.0\.0\.1)(:\d+)?$/i.test(origin)) {
-        return callback(null, true);
-      }
-      return callback(null, false);
-    },
-    credentials: true
-  })
-);
-const scriptSrc = process.env.CSP_ALLOW_UNSAFE_INLINE === 'false'
-  ? ["'self'"]
-  : ["'self'", "'unsafe-inline'"];
-const styleSrc = process.env.CSP_ALLOW_UNSAFE_INLINE === 'false'
-  ? ["'self'"]
-  : ["'self'", "'unsafe-inline'"];
-app.use(
-  helmet({
-    contentSecurityPolicy: {
-      directives: {
-        defaultSrc: ["'self'"],
-        scriptSrc,
-        styleSrc,
-        imgSrc: ["'self'", 'data:', 'https:'],
-        connectSrc: ["'self'", 'ws:', 'wss:'],
-        fontSrc: ["'self'", 'https:', 'data:'],
-        frameSrc: ["'none'"],
-        frameAncestors: ["'none'"],
-        objectSrc: ["'none'"],
-        baseUri: ["'self'"]
-      }
-    },
-    crossOriginEmbedderPolicy: false
-  })
-);
-app.post('/api/billing/webhook', express.raw({ type: 'application/json' }), async (req, res) => {
-  try {
-    await handleWebhookRequest(req);
-    res.json({ received: true });
-  } catch (err) {
-    console.error('Webhook error:', err.message);
-    res.status(400).json({ error: err.message });
-  }
-});
-app.use(express.json());
-const apiLimiter = rateLimit({
-  windowMs: 15 * 60 * 1000,
-  max: 200,
-  standardHeaders: true,
-  legacyHeaders: false,
-  message: { error: 'Too many requests, please try again later' }
-});
-const licenseLimiter = rateLimit({
-  windowMs: 60 * 1000,
-  max: 120,
-  standardHeaders: true,
-  legacyHeaders: false,
-  keyGenerator: (req) => {
-    const key = req.body?.licenseKey || req.body?.siteId || req.ip;
-    return `${req.ip}:${key}`;
-  }
-});
-app.use(express.static(path.join(__dirname, '..', 'public')));
-app.use('/script', express.static(path.join(__dirname, '..', 'script')));
-app.use('/api/auth', apiLimiter, authRoutes);
-app.use('/api', apiLimiter, apiRoutes);
-app.use('/api/license', licenseLimiter, licenseRoutes);
-app.use('/api/admin', apiLimiter, adminRoutes);
-app.use('/api/billing', apiLimiter, billingRoutes);
-app.use('/api/noscript', noscriptRoutes);
-app.use('/api/wab', wabApiRoutes);
-app.use('/', discoveryRoutes);
-app.get('/dashboard', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'dashboard.html'));
-});
-app.get('/docs', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'docs.html'));
-});
-app.get('/login', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'login.html'));
-});
-app.get('/register', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'register.html'));
-});
-app.get('/admin/login', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'admin', 'login.html'));
-});
-app.get('/admin', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'admin', 'dashboard.html'));
-});
-app.get('/premium', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'premium.html'));
-});
-app.get('/privacy', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'privacy.html'));
-});
-app.get('/terms', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'terms.html'));
-});
-app.get('/cookies', (req, res) => {
-  res.sendFile(path.join(__dirname, '..', 'public', 'cookies.html'));
-});
-const pkg = require('../package.json');
-app.use(`/v${pkg.version.split('.')[0]}`, express.static(path.join(__dirname, '..', 'script')));
-app.use('/latest', express.static(path.join(__dirname, '..', 'script')));
-app.get('*', (req, res) => {
-  if (req.accepts('html')) {
-    res.sendFile(path.join(__dirname, '..', 'public', 'index.html'));
-  } else {
-    res.status(404).json({ error: 'Not found' });
-  }
-});
-if (process.env.NODE_ENV !== 'test') {
-  console.log('Running database migrations...');
-  runMigrations();
-  maybeBootstrapAdmin();
-  const server = http.createServer(app);
-  setupWebSocket(server);
-  server.listen(PORT, () => {
-    console.log(`\n  ╔══════════════════════════════════════════╗`);
-    console.log(`  ║   Web Agent Bridge v${pkg.version}                ║`);
-    console.log(`  ║   Server running on http://localhost:${PORT} ║`);
-    console.log(`  ║   WebSocket: ws://localhost:${PORT}/ws/analytics ║`);
-    console.log(`  ╚══════════════════════════════════════════╝\n`);
-  });
-}
-module.exports = app;
+require('dotenv').config();
+const { assertSecretsAtStartup } = require('./config/secrets');
+assertSecretsAtStartup();
+const express = require('express');
+const http = require('http');
+const cors = require('cors');
+const helmet = require('helmet');
+const rateLimit = require('express-rate-limit');
+const path = require('path');
+const { setupWebSocket } = require('./ws');
+const { runMigrations } = require('./utils/migrate');
+const { maybeBootstrapAdmin } = require('./models/db');
+const authRoutes = require('./routes/auth');
+const apiRoutes = require('./routes/api');
+const licenseRoutes = require('./routes/license');
+const adminRoutes = require('./routes/admin');
+const billingRoutes = require('./routes/billing');
+const noscriptRoutes = require('./routes/noscript');
+const discoveryRoutes = require('./routes/discovery');
+const wabApiRoutes = require('./routes/wab-api');
+const { handleWebhookRequest } = require('./services/stripe');
+const app = express();
+const PORT = process.env.PORT || 3000;
+app.set('trust proxy', 1);
+const corsOrigins = (process.env.ALLOWED_ORIGINS
+  || 'http://localhost:3000,http://127.0.0.1:3000,http://localhost:5173')
+  .split(',')
+  .map((s) => s.trim())
+  .filter(Boolean);
+app.use(
+  cors({
+    origin(origin, callback) {
+      if (!origin) return callback(null, true);
+      if (corsOrigins.includes(origin)) return callback(null, true);
+      if (process.env.NODE_ENV !== 'production' && /^https?:\/\/(localhost|127\.0\.0\.1)(:\d+)?$/i.test(origin)) {
+        return callback(null, true);
+      }
+      return callback(null, false);
+    },
+    credentials: true
+  })
+);
+const scriptSrc = process.env.CSP_ALLOW_UNSAFE_INLINE === 'false'
+  ? ["'self'"]
+  : ["'self'", "'unsafe-inline'"];
+const styleSrc = process.env.CSP_ALLOW_UNSAFE_INLINE === 'false'
+  ? ["'self'"]
+  : ["'self'", "'unsafe-inline'"];
+app.use(
+  helmet({
+    contentSecurityPolicy: {
+      directives: {
+        defaultSrc: ["'self'"],
+        scriptSrc,
+        styleSrc,
+        imgSrc: ["'self'", 'data:', 'https:'],
+        connectSrc: ["'self'", 'ws:', 'wss:'],
+        fontSrc: ["'self'", 'https:', 'data:'],
+        frameSrc: ["'none'"],
+        frameAncestors: ["'none'"],
+        objectSrc: ["'none'"],
+        baseUri: ["'self'"]
+      }
+    },
+    crossOriginEmbedderPolicy: false
+  })
+);
+app.post('/api/billing/webhook', express.raw({ type: 'application/json' }), async (req, res) => {
+  try {
+    await handleWebhookRequest(req);
+    res.json({ received: true });
+  } catch (err) {
+    console.error('Webhook error:', err.message);
+    res.status(400).json({ error: err.message });
+  }
+});
+app.use(express.json());
+const apiLimiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 200,
+  standardHeaders: true,
+  legacyHeaders: false,
+  message: { error: 'Too many requests, please try again later' }
+});
+const licenseLimiter = rateLimit({
+  windowMs: 60 * 1000,
+  max: 120,
+  standardHeaders: true,
+  legacyHeaders: false,
+  keyGenerator: (req) => {
+    const key = req.body?.licenseKey || req.body?.siteId || req.ip;
+    return `${req.ip}:${key}`;
+  }
+});
+app.use(express.static(path.join(__dirname, '..', 'public')));
+app.use('/script', express.static(path.join(__dirname, '..', 'script')));
+app.use('/api/auth', apiLimiter, authRoutes);
+app.use('/api', apiLimiter, apiRoutes);
+app.use('/api/license', licenseLimiter, licenseRoutes);
+app.use('/api/admin', apiLimiter, adminRoutes);
+app.use('/api/billing', apiLimiter, billingRoutes);
+app.use('/api/noscript', noscriptRoutes);
+app.use('/api/wab', wabApiRoutes);
+app.use('/', discoveryRoutes);
+app.get('/dashboard', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'dashboard.html'));
+});
+app.get('/docs', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'docs.html'));
+});
+app.get('/login', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'login.html'));
+});
+app.get('/register', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'register.html'));
+});
+app.get('/admin/login', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'admin', 'login.html'));
+});
+app.get('/admin', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'admin', 'dashboard.html'));
+});
+app.get('/premium', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'premium.html'));
+});
+app.get('/privacy', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'privacy.html'));
+});
+app.get('/terms', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'terms.html'));
+});
+app.get('/cookies', (req, res) => {
+  res.sendFile(path.join(__dirname, '..', 'public', 'cookies.html'));
+});
+const pkg = require('../package.json');
+app.use(`/v${pkg.version.split('.')[0]}`, express.static(path.join(__dirname, '..', 'script')));
+app.use('/latest', express.static(path.join(__dirname, '..', 'script')));
+app.get('*', (req, res) => {
+  if (req.accepts('html')) {
+    res.sendFile(path.join(__dirname, '..', 'public', 'index.html'));
+  } else {
+    res.status(404).json({ error: 'Not found' });
+  }
+});
+if (process.env.NODE_ENV !== 'test') {
+  console.log('Running database migrations...');
+  runMigrations();
+  maybeBootstrapAdmin();
+  const server = http.createServer(app);
+  setupWebSocket(server);
+  server.listen(PORT, () => {
+    console.log(`\n  ╔══════════════════════════════════════════╗`);
+    console.log(`  ║   Web Agent Bridge v${pkg.version}                ║`);
+    console.log(`  ║   Server running on http://localhost:${PORT} ║`);
+    console.log(`  ║   WebSocket: ws://localhost:${PORT}/ws/analytics ║`);
+    console.log(`  ╚══════════════════════════════════════════╝\n`);
+  });
+}
+module.exports = app;

package/server/middleware/adminAuth.js CHANGED Viewed

@@ -1,30 +1,30 @@
-const { signAdminToken, verifyAdminToken } = require('../config/secrets');
-function generateAdminToken(admin) {
-  return signAdminToken(
-    { id: admin.id, email: admin.email, name: admin.name, role: admin.role, isAdmin: true },
-    { expiresIn: '12h' }
-  );
-}
-function authenticateAdmin(req, res, next) {
-  const authHeader = req.headers['authorization'];
-  const token = authHeader && authHeader.split(' ')[1];
-  if (!token) {
-    return res.status(401).json({ error: 'Admin access token required' });
-  }
-  try {
-    const decoded = verifyAdminToken(token);
-    if (!decoded.isAdmin) {
-      return res.status(403).json({ error: 'Admin privileges required' });
-    }
-    req.admin = decoded;
-    next();
-  } catch (err) {
-    return res.status(403).json({ error: 'Invalid or expired admin token' });
-  }
-}
-module.exports = { generateAdminToken, authenticateAdmin };
+const { signAdminToken, verifyAdminToken } = require('../config/secrets');
+function generateAdminToken(admin) {
+  return signAdminToken(
+    { id: admin.id, email: admin.email, name: admin.name, role: admin.role, isAdmin: true },
+    { expiresIn: '12h' }
+  );
+}
+function authenticateAdmin(req, res, next) {
+  const authHeader = req.headers['authorization'];
+  const token = authHeader && authHeader.split(' ')[1];
+  if (!token) {
+    return res.status(401).json({ error: 'Admin access token required' });
+  }
+  try {
+    const decoded = verifyAdminToken(token);
+    if (!decoded.isAdmin) {
+      return res.status(403).json({ error: 'Admin privileges required' });
+    }
+    req.admin = decoded;
+    next();
+  } catch (err) {
+    return res.status(403).json({ error: 'Invalid or expired admin token' });
+  }
+}
+module.exports = { generateAdminToken, authenticateAdmin };