ralphx 0.3.5__py3-none-any.whl → 0.4.1__py3-none-any.whl

ralphx/api/routes/auth.py

@@ -93,6 +93,53 @@ class AssignAccountRequest(BaseModel):
 # ============================================================================
 
 
+async def _fetch_account_profile(access_token: str) -> Optional[dict]:
+    """Fetch account profile from Anthropic API.
+
+    Returns subscription type, rate limit tier, and other account info.
+    """
+    try:
+        async with httpx.AsyncClient() as client:
+            response = await client.get(
+                "https://api.anthropic.com/api/oauth/profile",
+                headers={
+                    "Authorization": f"Bearer {access_token}",
+                    "Content-Type": "application/json",
+                    "anthropic-beta": "oauth-2025-04-20",
+                },
+                timeout=10.0,
+            )
+
+            if response.status_code != 200:
+                logger.warning(f"Profile fetch failed: {response.status_code}")
+                return None
+
+            data = response.json()
+            org = data.get("organization", {})
+            account = data.get("account", {})
+
+            # Map organization_type to subscription type
+            org_type = org.get("organization_type")
+            subscription_map = {
+                "claude_max": "max",
+                "claude_pro": "pro",
+                "claude_enterprise": "enterprise",
+                "claude_team": "team",
+            }
+            subscription_type = subscription_map.get(org_type)
+
+            return {
+                "subscription_type": subscription_type,
+                "rate_limit_tier": org.get("rate_limit_tier"),
+                "has_extra_usage_enabled": org.get("has_extra_usage_enabled"),
+                "display_name": account.get("display_name"),
+                "full_name": account.get("full_name"),
+            }
+    except Exception as e:
+        logger.warning(f"Profile fetch error: {e}")
+        return None
+
+
 async def _fetch_account_usage(access_token: str) -> Optional[dict]:
     """Fetch usage data from Anthropic API."""
     try:
@@ -112,6 +159,7 @@ async def _fetch_account_usage(access_token: str) -> Optional[dict]:
             data = response.json()
             five_hour = data.get("five_hour", {})
             seven_day = data.get("seven_day", {})
+
             return {
                 "five_hour": five_hour.get("utilization", 0),
                 "seven_day": seven_day.get("utilization", 0),
@@ -184,6 +232,7 @@ from ralphx.core.auth import (
     AuthStatus,
     CLIENT_ID,
     TOKEN_URL,
+    _token_refresh_lock,
     get_auth_status,
     refresh_token_if_needed,
     force_refresh_token,
@@ -424,9 +473,20 @@ async def add_account(expected_email: Optional[str] = None):
 
             # Use store_oauth_tokens to properly serialize scopes to JSON
             account = store_oauth_tokens(tokens)
-
-            # Fetch usage data immediately
             db = Database()
+
+            # Fetch profile to get subscription type
+            profile_data = await _fetch_account_profile(tokens["access_token"])
+            if profile_data:
+                update_fields = {}
+                if profile_data.get("subscription_type"):
+                    update_fields["subscription_type"] = profile_data["subscription_type"]
+                if profile_data.get("rate_limit_tier"):
+                    update_fields["rate_limit_tier"] = profile_data["rate_limit_tier"]
+                if update_fields:
+                    db.update_account(account["id"], **update_fields)
+
+            # Fetch usage data
             usage_data = await _fetch_account_usage(tokens["access_token"])
             if usage_data:
                 db.update_account_usage_cache(
@@ -565,45 +625,58 @@ async def refresh_account_token(account_id: int):
         return {"success": False, "message": "No refresh token available"}
 
     try:
-        async with httpx.AsyncClient() as client:
-            resp = await client.post(
-                TOKEN_URL,
-                json={
-                    "grant_type": "refresh_token",
-                    "refresh_token": account["refresh_token"],
-                    "client_id": CLIENT_ID,
-                },
-                headers={
-                    "Content-Type": "application/json",
-                    "anthropic-beta": "oauth-2025-04-20",
-                },
-            )
+        # Use token refresh lock to prevent race conditions with background
+        # refresh tasks or concurrent manual refresh requests
+        async with _token_refresh_lock():
+            # Re-fetch account inside lock to get latest refresh_token
+            # (another process may have refreshed while we waited for lock)
+            account = db.get_account(account_id)
+            if not account or not account.get("refresh_token"):
+                return {"success": False, "message": "No refresh token available"}
+
+            async with httpx.AsyncClient() as client:
+                resp = await client.post(
+                    TOKEN_URL,
+                    json={
+                        "grant_type": "refresh_token",
+                        "refresh_token": account["refresh_token"],
+                        "client_id": CLIENT_ID,
+                    },
+                    headers={
+                        "Content-Type": "application/json",
+                        "anthropic-beta": "oauth-2025-04-20",
+                    },
+                )
 
-            if resp.status_code != 200:
-                return {"success": False, "message": f"Token refresh failed: {resp.status_code}"}
+                if resp.status_code != 200:
+                    return {"success": False, "message": f"Token refresh failed: {resp.status_code}"}
 
-            tokens = resp.json()
-            new_expires_at = int(time.time()) + tokens.get("expires_in", 28800)
+                tokens = resp.json()
+                new_expires_at = int(time.time()) + tokens.get("expires_in", 28800)
 
-            # Build update dict with all available fields
-            update_data = {
-                "access_token": tokens["access_token"],
-                "refresh_token": tokens.get("refresh_token", account["refresh_token"]),
-                "expires_at": new_expires_at,
-            }
+                # Build update dict with all available fields
+                update_data = {
+                    "access_token": tokens["access_token"],
+                    "refresh_token": tokens.get("refresh_token", account["refresh_token"]),
+                    "expires_at": new_expires_at,
+                }
 
-            # Capture subscription/plan info if present in refresh response
-            if tokens.get("subscription_type"):
-                update_data["subscription_type"] = tokens["subscription_type"]
-            if tokens.get("rate_limit_tier"):
-                update_data["rate_limit_tier"] = tokens["rate_limit_tier"]
+                db.update_account(account_id, **update_data)
 
-            db.update_account(account_id, **update_data)
+            # Fetch profile outside the lock (uses the new access_token, not refresh_token)
+            profile_data = await _fetch_account_profile(tokens["access_token"])
+            subscription_type = None
+            if profile_data:
+                if profile_data.get("subscription_type"):
+                    subscription_type = profile_data["subscription_type"]
+                    db.update_account(account_id, subscription_type=subscription_type)
+                if profile_data.get("rate_limit_tier"):
+                    db.update_account(account_id, rate_limit_tier=profile_data["rate_limit_tier"])
 
             return {
                 "success": True,
                 "expires_at": new_expires_at,
-                "subscription_type": tokens.get("subscription_type"),
+                "subscription_type": subscription_type,
             }
     except Exception as e:
         return {"success": False, "message": str(e)}

ralphx/api/routes/items.py

@@ -139,6 +139,8 @@ async def list_items(
     source_step_id: Optional[int] = Query(None, description="Filter by source step"),
     limit: int = Query(50, ge=1, le=1000, description="Items per page"),
     offset: int = Query(0, ge=0, description="Offset for pagination"),
+    sort_by: str = Query("created_at", description="Column to sort by"),
+    sort_order: str = Query("desc", description="Sort order: asc or desc"),
 ):
     """List work items with optional filtering."""
     manager, project, project_db = get_project(slug)
@@ -151,6 +153,8 @@ async def list_items(
         source_step_id=source_step_id,
         limit=limit,
         offset=offset,
+        sort_by=sort_by,
+        sort_order=sort_order,
     )
 
     # Convert to response models

ralphx/api/routes/loops.py

@@ -17,6 +17,7 @@ from ralphx.core.project_db import ProjectDatabase
 from ralphx.models.loop import LoopConfig, LoopType, ModeSelectionStrategy, ItemTypes
 from ralphx.models.run import Run, RunStatus
 from ralphx.core.logger import loop_log
+from ralphx.core.checkpoint import kill_orphan_process
 
 router = APIRouter()
 
@@ -54,6 +55,9 @@ def detect_source_cycle(
 # Store for running loops
 _running_loops: dict[str, LoopExecutor] = {}
 
+# Prevent concurrent stop attempts
+_stopping_loops: set[str] = set()
+
 # Security: Validate loop names to prevent path traversal
 LOOP_NAME_PATTERN = re.compile(r'^[a-zA-Z0-9_-]+$')
 
@@ -428,34 +432,110 @@ async def start_loop(
 
 @router.post("/{slug}/loops/{loop_name}/stop")
 async def stop_loop(slug: str, loop_name: str):
-    """Stop a running loop."""
-    # Validate project exists first
-    get_managers(slug)
+    """Stop a running loop.
+
+    Attempts to stop via executor if in memory, otherwise falls back
+    to killing via PID from database (for orphaned processes after
+    server restart/hot-reload).
+    """
+    manager, project, project_db = get_managers(slug)
 
     key = f"{slug}:{loop_name}"
-    executor = _running_loops.get(key)
 
-    if not executor:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"Loop {loop_name} is not running",
-        )
+    # Prevent concurrent stop attempts
+    if key in _stopping_loops:
+        return {"message": f"Stop already in progress for {loop_name}"}
 
-    await executor.stop()
+    _stopping_loops.add(key)
+    try:
+        # Try 1: Stop via executor (normal case)
+        executor = _running_loops.get(key)
+        if executor:
+            await executor.stop()
+            return {
+                "message": f"Stop signal sent to {loop_name}",
+                "method": "executor",
+            }
+
+        # Try 2: Kill via PID (orphan case after server restart)
+        runs = project_db.list_runs(loop_name=loop_name, status=["running", "paused"])
+        if not runs:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=f"Loop {loop_name} is not running",
+            )
 
-    return {"message": f"Stop signal sent to {loop_name}"}
+        # Get most recent running run
+        run = runs[0]
+        pid = run.get("executor_pid")
+
+        if not pid:
+            # No PID recorded - can't kill, just mark as aborted
+            project_db.update_run(
+                run["id"],
+                status="aborted",
+                completed_at=datetime.utcnow().isoformat(),
+                error_message="Stopped by user (no PID available for orphan process)",
+            )
+            return {
+                "message": f"Marked {loop_name} as aborted (no PID available)",
+                "method": "database_only",
+                "warning": "Process may still be running",
+            }
+
+        # Kill the orphan process
+        success, reason = await kill_orphan_process(pid)
+
+        # Update database regardless of kill result
+        if success:
+            error_msg = f"Killed orphan process (PID {pid}) after server restart"
+            if reason == "already_dead":
+                error_msg = f"Orphan process (PID {pid}) already terminated"
+        else:
+            error_msg = f"Could not kill orphan process (PID {pid}): {reason}"
+
+        project_db.update_run(
+            run["id"],
+            status="aborted",
+            completed_at=datetime.utcnow().isoformat(),
+            error_message=error_msg,
+        )
+
+        if success:
+            return {
+                "message": f"Stopped orphan process for {loop_name}",
+                "method": "pid_kill",
+                "pid": pid,
+                "detail": reason,  # "killed" or "already_dead"
+            }
+        else:
+            return {
+                "message": f"Could not kill process {pid}, marked as aborted",
+                "method": "pid_kill_failed",
+                "pid": pid,
+                "reason": reason,
+                "warning": "Process may not have been our process (PID reuse)" if reason == "not_our_process" else None,
+            }
+    finally:
+        _stopping_loops.discard(key)
 
 
 @router.post("/{slug}/loops/{loop_name}/pause")
 async def pause_loop(slug: str, loop_name: str):
     """Pause a running loop."""
-    # Validate project exists first
-    get_managers(slug)
+    manager, project, project_db = get_managers(slug)
 
     key = f"{slug}:{loop_name}"
     executor = _running_loops.get(key)
 
     if not executor:
+        # Check if there's an orphan process
+        runs = project_db.list_runs(loop_name=loop_name, status=["running", "paused"])
+        if runs:
+            raise HTTPException(
+                status_code=status.HTTP_409_CONFLICT,
+                detail=f"Loop {loop_name} is running as orphan process (server restarted). Use stop to terminate it.",
+            )
         raise HTTPException(
             status_code=status.HTTP_404_NOT_FOUND,
             detail=f"Loop {loop_name} is not running",
@@ -469,13 +549,19 @@ async def pause_loop(slug: str, loop_name: str):
 @router.post("/{slug}/loops/{loop_name}/resume")
 async def resume_loop(slug: str, loop_name: str):
     """Resume a paused loop."""
-    # Validate project exists first
-    get_managers(slug)
+    manager, project, project_db = get_managers(slug)
 
     key = f"{slug}:{loop_name}"
     executor = _running_loops.get(key)
 
     if not executor:
+        # Check if there's an orphan process
+        runs = project_db.list_runs(loop_name=loop_name, status=["running", "paused"])
+        if runs:
+            raise HTTPException(
+                status_code=status.HTTP_409_CONFLICT,
+                detail=f"Loop {loop_name} is orphaned (server restarted). Use stop to terminate, then start again.",
+            )
         raise HTTPException(
             status_code=status.HTTP_404_NOT_FOUND,
             detail=f"Loop {loop_name} is not running",