web-agent-bridge 2.3.1 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/README.ar.md +524 -31
  2. package/README.md +592 -47
  3. package/bin/agent-runner.js +10 -1
  4. package/package.json +1 -1
  5. package/public/agent-workspace.html +347 -0
  6. package/public/browser.html +484 -0
  7. package/public/css/agent-workspace.css +1713 -0
  8. package/public/index.html +94 -0
  9. package/public/js/agent-workspace.js +1740 -0
  10. package/sdk/index.d.ts +253 -0
  11. package/sdk/index.js +360 -1
  12. package/sdk/package.json +1 -1
  13. package/server/config/secrets.js +13 -5
  14. package/server/control-plane/index.js +301 -0
  15. package/server/data-plane/index.js +354 -0
  16. package/server/index.js +185 -4
  17. package/server/llm/index.js +404 -0
  18. package/server/middleware/adminAuth.js +6 -1
  19. package/server/middleware/auth.js +11 -2
  20. package/server/middleware/rateLimits.js +78 -2
  21. package/server/migrations/003_ads_integer_cents.sql +33 -0
  22. package/server/models/db.js +126 -25
  23. package/server/observability/index.js +394 -0
  24. package/server/protocol/capabilities.js +223 -0
  25. package/server/protocol/index.js +243 -0
  26. package/server/protocol/schema.js +584 -0
  27. package/server/registry/index.js +326 -0
  28. package/server/routes/admin.js +16 -2
  29. package/server/routes/ads.js +130 -0
  30. package/server/routes/agent-workspace.js +378 -0
  31. package/server/routes/api.js +21 -2
  32. package/server/routes/auth.js +26 -6
  33. package/server/routes/runtime.js +725 -0
  34. package/server/routes/sovereign.js +78 -0
  35. package/server/routes/universal.js +177 -0
  36. package/server/routes/wab-api.js +20 -5
  37. package/server/runtime/event-bus.js +210 -0
  38. package/server/runtime/index.js +233 -0
  39. package/server/runtime/sandbox.js +266 -0
  40. package/server/runtime/scheduler.js +395 -0
  41. package/server/runtime/state-manager.js +188 -0
  42. package/server/security/index.js +355 -0
  43. package/server/services/agent-chat.js +506 -0
  44. package/server/services/agent-symphony.js +6 -0
  45. package/server/services/agent-tasks.js +1807 -0
  46. package/server/services/fairness-engine.js +409 -0
  47. package/server/services/plugins.js +27 -3
  48. package/server/services/price-intelligence.js +565 -0
  49. package/server/services/price-shield.js +1137 -0
  50. package/server/services/search-engine.js +357 -0
  51. package/server/services/security.js +513 -0
  52. package/server/services/universal-scraper.js +661 -0
  53. package/server/ws.js +61 -1
package/server/index.js CHANGED
@@ -11,7 +11,10 @@ const rateLimit = require('express-rate-limit');
11
11
  const path = require('path');
12
12
  const { setupWebSocket } = require('./ws');
13
13
  const { runMigrations } = require('./utils/migrate');
14
- const { maybeBootstrapAdmin } = require('./models/db');
14
+ const { maybeBootstrapAdmin, db } = require('./models/db');
15
+ const { initSearchEngine, search, getSuggestions, getTrendingSearches, getSearchStats, purgeOldCache } = require('./services/search-engine');
16
+ const { processMessage: agentChat } = require('./services/agent-chat');
17
+ const agentTasks = require('./services/agent-tasks');
15
18
 
16
19
  const authRoutes = require('./routes/auth');
17
20
  const apiRoutes = require('./routes/api');
@@ -21,6 +24,15 @@ const billingRoutes = require('./routes/billing');
21
24
  const sovereignRoutes = require('./routes/sovereign');
22
25
  const meshRoutes = require('./routes/mesh');
23
26
  const commanderRoutes = require('./routes/commander');
27
+ const adsRoutes = require('./routes/ads');
28
+ const wabApiRoutes = require('./routes/wab-api');
29
+ const noscriptRoutes = require('./routes/noscript');
30
+ const discoveryRoutes = require('./routes/discovery');
31
+ const premiumRoutes = require('./routes/premium');
32
+ const adminPremiumRoutes = require('./routes/admin-premium');
33
+ const workspaceRoutes = require('./routes/agent-workspace');
34
+ const universalRoutes = require('./routes/universal');
35
+ const runtimeRoutes = require('./routes/runtime');
24
36
  const { handleWebhookRequest } = require('./services/stripe');
25
37
 
26
38
  const app = express();
@@ -62,11 +74,11 @@ app.use(
62
74
  defaultSrc: ["'self'"],
63
75
  scriptSrc,
64
76
  scriptSrcAttr: scriptSrc,
65
- styleSrc,
77
+ styleSrc: [...styleSrc, 'https://fonts.googleapis.com'],
66
78
  imgSrc: ["'self'", 'data:', 'https:'],
67
79
  connectSrc: ["'self'", 'ws:', 'wss:'],
68
- fontSrc: ["'self'", 'https:', 'data:'],
69
- frameSrc: ["'none'"],
80
+ fontSrc: ["'self'", 'https://fonts.gstatic.com', 'https:', 'data:'],
81
+ frameSrc: ["'self'", 'https:', 'http:'],
70
82
  frameAncestors: ["'none'"],
71
83
  objectSrc: ["'none'"],
72
84
  baseUri: ["'self'"],
@@ -119,6 +131,52 @@ app.use('/api/billing', apiLimiter, billingRoutes);
119
131
  app.use('/api/sovereign', apiLimiter, sovereignRoutes);
120
132
  app.use('/api/mesh', apiLimiter, meshRoutes);
121
133
  app.use('/api/commander', apiLimiter, commanderRoutes);
134
+ app.use('/api/ads', apiLimiter, adsRoutes);
135
+ app.use('/api/wab', wabApiRoutes);
136
+ app.use('/api/noscript', apiLimiter, noscriptRoutes);
137
+ app.use('/api/discovery', apiLimiter, discoveryRoutes);
138
+ app.use('/api/premium', apiLimiter, premiumRoutes);
139
+ app.use('/api/admin/premium', apiLimiter, adminPremiumRoutes);
140
+ app.use('/api/workspace', apiLimiter, workspaceRoutes);
141
+ app.use('/api/universal', apiLimiter, universalRoutes);
142
+ app.use('/api/os', apiLimiter, runtimeRoutes);
143
+
144
+ // ─── WAB Search Engine ────────────────────────────────────────────────
145
+
146
+ const searchLimiter = rateLimit({
147
+ windowMs: 60 * 1000,
148
+ max: 30,
149
+ standardHeaders: true,
150
+ legacyHeaders: false,
151
+ message: { error: 'Too many search requests, please slow down' }
152
+ });
153
+
154
+ app.get('/api/search', searchLimiter, async (req, res) => {
155
+ const q = (req.query.q || '').trim();
156
+ if (!q) return res.json({ results: [], cached: false });
157
+ if (q.length > 200) return res.status(400).json({ error: 'Query too long' });
158
+ const crypto = require('crypto');
159
+ const ipHash = crypto.createHash('sha256').update(req.ip || '').digest('hex').slice(0, 16);
160
+ const result = await search(q, ipHash);
161
+ res.json(result);
162
+ });
163
+
164
+ app.get('/api/search/suggest', searchLimiter, (req, res) => {
165
+ const q = (req.query.q || '').trim();
166
+ if (!q) return res.json({ suggestions: [] });
167
+ const suggestions = getSuggestions(q, 8);
168
+ res.json({ suggestions });
169
+ });
170
+
171
+ app.get('/api/search/trending', apiLimiter, (req, res) => {
172
+ const trending = getTrendingSearches(10);
173
+ res.json({ trending });
174
+ });
175
+
176
+ app.get('/api/search/stats', apiLimiter, (req, res) => {
177
+ const stats = getSearchStats();
178
+ res.json(stats);
179
+ });
122
180
 
123
181
  app.get('/dashboard', (req, res) => {
124
182
  res.sendFile(path.join(__dirname, '..', 'public', 'dashboard.html'));
@@ -153,6 +211,125 @@ app.get('/terms', (req, res) => {
153
211
  app.get('/cookies', (req, res) => {
154
212
  res.sendFile(path.join(__dirname, '..', 'public', 'cookies.html'));
155
213
  });
214
+ app.get('/browser', (req, res) => {
215
+ res.sendFile(path.join(__dirname, '..', 'public', 'browser.html'));
216
+ });
217
+ app.get('/workspace', (req, res) => {
218
+ res.sendFile(path.join(__dirname, '..', 'public', 'agent-workspace.html'));
219
+ });
220
+
221
+ // Browser downloads
222
+ app.use('/downloads', express.static(path.join(__dirname, '..', 'downloads'), {
223
+ maxAge: '1d',
224
+ setHeaders: (res, filePath) => {
225
+ res.set('Content-Disposition', 'attachment');
226
+ }
227
+ }));
228
+
229
+ // Agent chat endpoint for WAB Browser — Real AI Agent
230
+ const chatLimiter = rateLimit({
231
+ windowMs: 60 * 1000,
232
+ max: 20,
233
+ standardHeaders: true,
234
+ legacyHeaders: false,
235
+ message: { error: 'Too many messages, please slow down' }
236
+ });
237
+
238
+ app.post('/api/wab/agent-chat', chatLimiter, async (req, res) => {
239
+ const { message, context, sessionId, taskId, taskAction } = req.body || {};
240
+ if (!message || typeof message !== 'string') {
241
+ return res.status(400).json({ error: 'Message required' });
242
+ }
243
+ if (message.length > 3000) {
244
+ return res.status(400).json({ error: 'Message too long' });
245
+ }
246
+
247
+ const sid = sessionId || req.ip || 'anonymous';
248
+
249
+ try {
250
+ // ── Task actions (user responding to an active task) ──
251
+ if (taskId && taskAction) {
252
+ if (taskAction === 'answer') {
253
+ const result = agentTasks.answerClarification(taskId, message);
254
+ if (result.status === 'planning') {
255
+ // Auto-execute after planning
256
+ const execResult = await agentTasks.executeTask(taskId);
257
+ return res.json({ ...execResult, type: 'task' });
258
+ }
259
+ return res.json({ ...result, type: 'task' });
260
+ }
261
+ if (taskAction === 'select') {
262
+ const idx = parseInt(message.replace(/\D/g, '')) - 1;
263
+ const result = agentTasks.selectOffer(taskId, idx);
264
+ return res.json({ ...result, type: 'task' });
265
+ }
266
+ if (taskAction === 'cancel') {
267
+ const result = agentTasks.cancelTask(taskId);
268
+ return res.json({ ...result, type: 'task' });
269
+ }
270
+ }
271
+
272
+ // ── Check if user wants to select from existing offers ──
273
+ if (!taskId) {
274
+ const selectMatch = message.match(/(?:اختر|اخت(?:ا|ي)ر|select|choose|pick)\s*(\d+)/i);
275
+ if (selectMatch) {
276
+ const tasks = agentTasks.getSessionTasks(sid, 1);
277
+ if (tasks.length > 0 && tasks[0].status === 'presenting') {
278
+ const idx = parseInt(selectMatch[1]) - 1;
279
+ const result = agentTasks.selectOffer(tasks[0].id, idx);
280
+ return res.json({ ...result, type: 'task' });
281
+ }
282
+ }
283
+ }
284
+
285
+ // ── Detect URL paste — create URL negotiation task ──
286
+ const urlData = agentTasks.parseBookingUrl(message);
287
+ if (urlData) {
288
+ const task = agentTasks.createUrlTask(sid, message, urlData);
289
+ const execResult = await agentTasks.executeUrlTask(task.taskId);
290
+ return res.json({ ...execResult, type: 'task', urlData });
291
+ }
292
+
293
+ // ── Detect if this is a task-type request (booking, shopping, etc.) ──
294
+ const intent = agentTasks.detectIntent(message);
295
+ if (intent.confidence >= 0.7 && intent.intent !== 'general') {
296
+ const task = agentTasks.createTask(sid, message);
297
+
298
+ if (task.status === 'clarifying') {
299
+ return res.json({ ...task, type: 'task' });
300
+ }
301
+
302
+ // If requirements are complete, auto-execute
303
+ const execResult = await agentTasks.executeTask(task.taskId);
304
+ return res.json({ ...execResult, type: 'task' });
305
+ }
306
+
307
+ // ── Regular chat (not a task) ──
308
+ const chatContext = {
309
+ url: context?.url || '',
310
+ platform: context?.platform || 'unknown',
311
+ sessionId: sid,
312
+ };
313
+ const result = await agentChat(message, chatContext);
314
+ res.json(result);
315
+ } catch (err) {
316
+ console.error('[agent-chat] Error:', err.message);
317
+ res.json({ reply: '🤖 عذراً، حدث خطأ. حاول مرة أخرى.', type: 'text' });
318
+ }
319
+ });
320
+
321
+ // Agent task status & history
322
+ app.get('/api/wab/agent-task/:id', chatLimiter, (req, res) => {
323
+ const state = agentTasks.getTaskState(req.params.id);
324
+ if (!state) return res.status(404).json({ error: 'Task not found' });
325
+ res.json(state);
326
+ });
327
+
328
+ app.get('/api/wab/agent-tasks', chatLimiter, (req, res) => {
329
+ const sid = req.query.sessionId || req.ip || 'anonymous';
330
+ const tasks = agentTasks.getSessionTasks(sid, 20);
331
+ res.json({ tasks });
332
+ });
156
333
 
157
334
  const pkg = require('../package.json');
158
335
  app.use(`/v${pkg.version.split('.')[0]}`, express.static(path.join(__dirname, '..', 'script')));
@@ -170,6 +347,10 @@ if (process.env.NODE_ENV !== 'test') {
170
347
  console.log('Running database migrations...');
171
348
  runMigrations();
172
349
  maybeBootstrapAdmin();
350
+ initSearchEngine(db);
351
+
352
+ // Purge old search cache every hour
353
+ setInterval(purgeOldCache, 60 * 60 * 1000);
173
354
 
174
355
  const server = http.createServer(app);
175
356
  setupWebSocket(server);
package/server/llm/index.js ADDED
@@ -0,0 +1,404 @@
1
+ 'use strict';
2
+
3
+ /**
4
+ * WAB LLM Abstraction Layer
5
+ *
6
+ * Model-agnostic LLM interface. Supports:
7
+ * - OpenAI (GPT-4, GPT-3.5)
8
+ * - Anthropic (Claude)
9
+ * - Ollama (local models)
10
+ * - Custom providers
11
+ *
12
+ * Provides a unified API with automatic fallback,
13
+ * cost tracking, and response caching.
14
+ */
15
+
16
+ const { metrics, logger } = require('../observability');
17
+
18
+ // ─── Provider Interface ─────────────────────────────────────────────────────
19
+
20
+ class LLMProvider {
21
+ constructor(name, config = {}) {
22
+ this.name = name;
23
+ this.config = config;
24
+ this.available = false;
25
+ this.models = [];
26
+ }
27
+
28
+ async initialize() { throw new Error('Not implemented'); }
29
+ async complete(prompt, options) { throw new Error('Not implemented'); }
30
+ async embed(text) { throw new Error('Not implemented'); }
31
+ async listModels() { return this.models; }
32
+ }
33
+
34
+ // ─── OpenAI Provider ────────────────────────────────────────────────────────
35
+
36
+ class OpenAIProvider extends LLMProvider {
37
+ constructor(config) {
38
+ super('openai', config);
39
+ this.apiKey = config.apiKey || process.env.OPENAI_API_KEY;
40
+ this.baseUrl = config.baseUrl || 'https://api.openai.com/v1';
41
+ this.models = ['gpt-4o', 'gpt-4o-mini', 'gpt-4-turbo', 'gpt-3.5-turbo'];
42
+ }
43
+
44
+ async initialize() {
45
+ this.available = !!this.apiKey;
46
+ return this.available;
47
+ }
48
+
49
+ async complete(prompt, options = {}) {
50
+ if (!this.available) throw new Error('OpenAI provider not initialized');
51
+
52
+ const model = options.model || 'gpt-4o-mini';
53
+ const messages = [];
54
+ if (options.systemPrompt) messages.push({ role: 'system', content: options.systemPrompt });
55
+ messages.push({ role: 'user', content: prompt });
56
+
57
+ const body = {
58
+ model,
59
+ messages,
60
+ temperature: options.temperature ?? 0.7,
61
+ max_tokens: options.maxTokens || 2048,
62
+ };
63
+
64
+ const res = await fetch(`${this.baseUrl}/chat/completions`, {
65
+ method: 'POST',
66
+ headers: {
67
+ 'Content-Type': 'application/json',
68
+ 'Authorization': `Bearer ${this.apiKey}`,
69
+ },
70
+ body: JSON.stringify(body),
71
+ });
72
+
73
+ if (!res.ok) {
74
+ const err = await res.text();
75
+ throw new Error(`OpenAI error ${res.status}: ${err}`);
76
+ }
77
+
78
+ const data = await res.json();
79
+ return {
80
+ text: data.choices[0]?.message?.content || '',
81
+ model,
82
+ provider: 'openai',
83
+ usage: {
84
+ promptTokens: data.usage?.prompt_tokens || 0,
85
+ completionTokens: data.usage?.completion_tokens || 0,
86
+ totalTokens: data.usage?.total_tokens || 0,
87
+ },
88
+ finishReason: data.choices[0]?.finish_reason,
89
+ };
90
+ }
91
+
92
+ async embed(text) {
93
+ if (!this.available) throw new Error('OpenAI provider not initialized');
94
+
95
+ const res = await fetch(`${this.baseUrl}/embeddings`, {
96
+ method: 'POST',
97
+ headers: {
98
+ 'Content-Type': 'application/json',
99
+ 'Authorization': `Bearer ${this.apiKey}`,
100
+ },
101
+ body: JSON.stringify({ model: 'text-embedding-3-small', input: text }),
102
+ });
103
+
104
+ if (!res.ok) throw new Error(`OpenAI embed error ${res.status}`);
105
+ const data = await res.json();
106
+ return { embedding: data.data[0]?.embedding || [], model: 'text-embedding-3-small', provider: 'openai' };
107
+ }
108
+ }
109
+
110
+ // ─── Anthropic Provider ─────────────────────────────────────────────────────
111
+
112
+ class AnthropicProvider extends LLMProvider {
113
+ constructor(config) {
114
+ super('anthropic', config);
115
+ this.apiKey = config.apiKey || process.env.ANTHROPIC_API_KEY;
116
+ this.baseUrl = config.baseUrl || 'https://api.anthropic.com/v1';
117
+ this.models = ['claude-sonnet-4-20250514', 'claude-3-5-haiku-20241022', 'claude-3-5-sonnet-20241022'];
118
+ }
119
+
120
+ async initialize() {
121
+ this.available = !!this.apiKey;
122
+ return this.available;
123
+ }
124
+
125
+ async complete(prompt, options = {}) {
126
+ if (!this.available) throw new Error('Anthropic provider not initialized');
127
+
128
+ const model = options.model || 'claude-3-5-haiku-20241022';
129
+ const body = {
130
+ model,
131
+ max_tokens: options.maxTokens || 2048,
132
+ messages: [{ role: 'user', content: prompt }],
133
+ };
134
+ if (options.systemPrompt) body.system = options.systemPrompt;
135
+ if (options.temperature !== undefined) body.temperature = options.temperature;
136
+
137
+ const res = await fetch(`${this.baseUrl}/messages`, {
138
+ method: 'POST',
139
+ headers: {
140
+ 'Content-Type': 'application/json',
141
+ 'x-api-key': this.apiKey,
142
+ 'anthropic-version': '2023-06-01',
143
+ },
144
+ body: JSON.stringify(body),
145
+ });
146
+
147
+ if (!res.ok) {
148
+ const err = await res.text();
149
+ throw new Error(`Anthropic error ${res.status}: ${err}`);
150
+ }
151
+
152
+ const data = await res.json();
153
+ return {
154
+ text: data.content?.[0]?.text || '',
155
+ model,
156
+ provider: 'anthropic',
157
+ usage: {
158
+ promptTokens: data.usage?.input_tokens || 0,
159
+ completionTokens: data.usage?.output_tokens || 0,
160
+ totalTokens: (data.usage?.input_tokens || 0) + (data.usage?.output_tokens || 0),
161
+ },
162
+ finishReason: data.stop_reason,
163
+ };
164
+ }
165
+ }
166
+
167
+ // ─── Ollama Provider (Local) ────────────────────────────────────────────────
168
+
169
+ class OllamaProvider extends LLMProvider {
170
+ constructor(config) {
171
+ super('ollama', config);
172
+ this.baseUrl = config.baseUrl || process.env.OLLAMA_URL || 'http://localhost:11434';
173
+ }
174
+
175
+ async initialize() {
176
+ try {
177
+ const res = await fetch(`${this.baseUrl}/api/tags`, { signal: AbortSignal.timeout(3000) });
178
+ if (res.ok) {
179
+ const data = await res.json();
180
+ this.models = (data.models || []).map(m => m.name);
181
+ this.available = true;
182
+ }
183
+ } catch (_) {
184
+ this.available = false;
185
+ }
186
+ return this.available;
187
+ }
188
+
189
+ async complete(prompt, options = {}) {
190
+ if (!this.available) throw new Error('Ollama not available');
191
+
192
+ const model = options.model || this.models[0] || 'llama3.2';
193
+ const body = {
194
+ model,
195
+ prompt: options.systemPrompt ? `${options.systemPrompt}\n\n${prompt}` : prompt,
196
+ stream: false,
197
+ options: {},
198
+ };
199
+ if (options.temperature !== undefined) body.options.temperature = options.temperature;
200
+
201
+ const res = await fetch(`${this.baseUrl}/api/generate`, {
202
+ method: 'POST',
203
+ headers: { 'Content-Type': 'application/json' },
204
+ body: JSON.stringify(body),
205
+ });
206
+
207
+ if (!res.ok) throw new Error(`Ollama error ${res.status}`);
208
+ const data = await res.json();
209
+
210
+ return {
211
+ text: data.response || '',
212
+ model,
213
+ provider: 'ollama',
214
+ usage: {
215
+ promptTokens: data.prompt_eval_count || 0,
216
+ completionTokens: data.eval_count || 0,
217
+ totalTokens: (data.prompt_eval_count || 0) + (data.eval_count || 0),
218
+ },
219
+ finishReason: data.done ? 'stop' : 'length',
220
+ };
221
+ }
222
+
223
+ async embed(text) {
224
+ if (!this.available) throw new Error('Ollama not available');
225
+
226
+ const model = this.models.find(m => m.includes('embed')) || 'nomic-embed-text';
227
+ const res = await fetch(`${this.baseUrl}/api/embeddings`, {
228
+ method: 'POST',
229
+ headers: { 'Content-Type': 'application/json' },
230
+ body: JSON.stringify({ model, prompt: text }),
231
+ });
232
+
233
+ if (!res.ok) throw new Error(`Ollama embed error ${res.status}`);
234
+ const data = await res.json();
235
+ return { embedding: data.embedding || [], model, provider: 'ollama' };
236
+ }
237
+ }
238
+
239
+ // ─── LLM Manager (Unified Interface) ───────────────────────────────────────
240
+
241
+ class LLMManager {
242
+ constructor() {
243
+ this._providers = new Map();
244
+ this._defaultProvider = null;
245
+ this._fallbackOrder = [];
246
+ this._cache = new Map();
247
+ this._maxCache = 500;
248
+ this._stats = { requests: 0, cacheHits: 0, failures: 0, totalTokens: 0 };
249
+ }
250
+
251
+ /**
252
+ * Register a provider
253
+ */
254
+ registerProvider(provider) {
255
+ this._providers.set(provider.name, provider);
256
+ if (!this._defaultProvider) this._defaultProvider = provider.name;
257
+ this._fallbackOrder.push(provider.name);
258
+ }
259
+
260
+ /**
261
+ * Initialize all providers
262
+ */
263
+ async initialize() {
264
+ const results = {};
265
+ for (const [name, provider] of this._providers) {
266
+ try {
267
+ results[name] = await provider.initialize();
268
+ } catch (_) {
269
+ results[name] = false;
270
+ }
271
+ }
272
+
273
+ // Set default to first available
274
+ for (const name of this._fallbackOrder) {
275
+ if (this._providers.get(name)?.available) {
276
+ this._defaultProvider = name;
277
+ break;
278
+ }
279
+ }
280
+
281
+ return results;
282
+ }
283
+
284
+ /**
285
+ * Complete a prompt (with automatic fallback)
286
+ */
287
+ async complete(prompt, options = {}) {
288
+ this._stats.requests++;
289
+
290
+ // Check cache
291
+ if (options.cache !== false) {
292
+ const cacheKey = this._cacheKey(prompt, options);
293
+ const cached = this._cache.get(cacheKey);
294
+ if (cached && (Date.now() - cached.timestamp < 300_000)) {
295
+ this._stats.cacheHits++;
296
+ return { ...cached.result, cached: true };
297
+ }
298
+ }
299
+
300
+ const providerName = options.provider || this._defaultProvider;
301
+ const providers = [providerName, ...this._fallbackOrder.filter(p => p !== providerName)];
302
+
303
+ const endTimer = metrics.startTimer('llm.request.duration');
304
+
305
+ for (const name of providers) {
306
+ const provider = this._providers.get(name);
307
+ if (!provider?.available) continue;
308
+
309
+ try {
310
+ const result = await provider.complete(prompt, options);
311
+
312
+ endTimer();
313
+ metrics.increment('llm.requests.success', 1, { provider: name });
314
+ this._stats.totalTokens += result.usage?.totalTokens || 0;
315
+
316
+ // Cache result
317
+ if (options.cache !== false) {
318
+ const cacheKey = this._cacheKey(prompt, options);
319
+ this._cache.set(cacheKey, { result, timestamp: Date.now() });
320
+ if (this._cache.size > this._maxCache) {
321
+ const oldest = this._cache.keys().next().value;
322
+ this._cache.delete(oldest);
323
+ }
324
+ }
325
+
326
+ return { ...result, duration: endTimer() };
327
+ } catch (err) {
328
+ metrics.increment('llm.requests.failure', 1, { provider: name });
329
+ this._stats.failures++;
330
+ // Try next provider
331
+ continue;
332
+ }
333
+ }
334
+
335
+ endTimer();
336
+ throw new Error('All LLM providers failed');
337
+ }
338
+
339
+ /**
340
+ * Generate embeddings
341
+ */
342
+ async embed(text, options = {}) {
343
+ const providerName = options.provider || this._defaultProvider;
344
+ const provider = this._providers.get(providerName);
345
+ if (!provider?.available) throw new Error(`Provider ${providerName} not available`);
346
+ if (!provider.embed) throw new Error(`Provider ${providerName} does not support embeddings`);
347
+ return provider.embed(text);
348
+ }
349
+
350
+ /**
351
+ * List available models across all providers
352
+ */
353
+ listModels() {
354
+ const models = [];
355
+ for (const [name, provider] of this._providers) {
356
+ if (!provider.available) continue;
357
+ for (const model of provider.models) {
358
+ models.push({ model, provider: name });
359
+ }
360
+ }
361
+ return models;
362
+ }
363
+
364
+ /**
365
+ * Get provider status
366
+ */
367
+ getStatus() {
368
+ const providers = {};
369
+ for (const [name, provider] of this._providers) {
370
+ providers[name] = {
371
+ available: provider.available,
372
+ models: provider.models,
373
+ };
374
+ }
375
+ return {
376
+ defaultProvider: this._defaultProvider,
377
+ providers,
378
+ stats: { ...this._stats },
379
+ };
380
+ }
381
+
382
+ _cacheKey(prompt, options) {
383
+ const key = `${options.provider || ''}:${options.model || ''}:${prompt.slice(0, 200)}`;
384
+ return require('crypto').createHash('md5').update(key).digest('hex');
385
+ }
386
+ }
387
+
388
+ // ─── Singleton ──────────────────────────────────────────────────────────────
389
+
390
+ const llm = new LLMManager();
391
+
392
+ // Register default providers
393
+ llm.registerProvider(new OpenAIProvider({}));
394
+ llm.registerProvider(new AnthropicProvider({}));
395
+ llm.registerProvider(new OllamaProvider({}));
396
+
397
+ module.exports = {
398
+ LLMProvider,
399
+ OpenAIProvider,
400
+ AnthropicProvider,
401
+ OllamaProvider,
402
+ LLMManager,
403
+ llm,
404
+ };
package/server/middleware/adminAuth.js CHANGED
@@ -1,9 +1,10 @@
1
1
  const { signAdminToken, verifyAdminToken } = require('../config/secrets');
2
+ const { isJWTRevoked } = require('../services/security');
2
3
 
3
4
  function generateAdminToken(admin) {
4
5
  return signAdminToken(
5
6
  { id: admin.id, email: admin.email, name: admin.name, role: admin.role, isAdmin: true },
6
- { expiresIn: '12h' }
7
+ { expiresIn: '4h' }
7
8
  );
8
9
  }
9
10
 
@@ -16,11 +17,15 @@ function authenticateAdmin(req, res, next) {
16
17
  }
17
18
 
18
19
  try {
20
+ if (isJWTRevoked(token)) {
21
+ return res.status(403).json({ error: 'Token has been revoked' });
22
+ }
19
23
  const decoded = verifyAdminToken(token);
20
24
  if (!decoded.isAdmin) {
21
25
  return res.status(403).json({ error: 'Admin privileges required' });
22
26
  }
23
27
  req.admin = decoded;
28
+ req._rawToken = token;
24
29
  next();
25
30
  } catch (err) {
26
31
  return res.status(403).json({ error: 'Invalid or expired admin token' });
package/server/middleware/auth.js CHANGED
@@ -1,9 +1,10 @@
1
1
  const { signUserToken, verifyUserToken } = require('../config/secrets');
2
+ const { isJWTRevoked } = require('../services/security');
2
3
 
3
4
  function generateToken(user) {
4
5
  return signUserToken(
5
6
  { id: user.id, email: user.email, name: user.name },
6
- { expiresIn: '7d' }
7
+ { expiresIn: '24h' }
7
8
  );
8
9
  }
9
10
 
@@ -16,8 +17,13 @@ function authenticateToken(req, res, next) {
16
17
  }
17
18
 
18
19
  try {
20
+ // Check revocation list
21
+ if (isJWTRevoked(token)) {
22
+ return res.status(403).json({ error: 'Token has been revoked' });
23
+ }
19
24
  const decoded = verifyUserToken(token);
20
25
  req.user = decoded;
26
+ req._rawToken = token;
21
27
  next();
22
28
  } catch (err) {
23
29
  return res.status(403).json({ error: 'Invalid or expired token' });
@@ -30,7 +36,10 @@ function optionalAuth(req, res, next) {
30
36
 
31
37
  if (token) {
32
38
  try {
33
- req.user = verifyUserToken(token);
39
+ if (!isJWTRevoked(token)) {
40
+ req.user = verifyUserToken(token);
41
+ req._rawToken = token;
42
+ }
34
43
  } catch (e) {
35
44
  // ignore invalid tokens for optional auth
36
45
  }