mirror of
https://github.com/siteboon/claudecodeui.git
synced 2026-04-23 05:51:33 +00:00
49dd3cfb23
* feat: implement MCP provider registry and service
- Add provider registry to manage LLM providers (Claude, Codex, Cursor, Gemini).
- Create provider routes for MCP server operations (list, upsert, delete, run).
- Implement MCP service for handling server operations and validations.
- Introduce abstract provider class and MCP provider base for shared functionality.
- Add tests for MCP server operations across different providers and scopes.
- Define shared interfaces and types for MCP functionality.
- Implement utility functions for handling JSON config files and API responses.
* chore: remove dead code related to MCP server
* refactor: put /api/providers in index.js and remove /providers prefix from provider.routes.ts
* refactor(settings): move MCP server management into provider module
Extract MCP server settings out of the settings controller and agents tab into a
dedicated frontend MCP module. The settings UI now delegates MCP rendering and
behavior to a single module that only needs the selected provider and current
projects.
Changes:
- Add `src/components/mcp` as the single frontend MCP module
- Move MCP server list rendering into `McpServers`
- Move MCP add/edit modal into `McpServerFormModal`
- Move MCP API/state logic into `useMcpServers`
- Move MCP form state/validation logic into `useMcpServerForm`
- Add provider-specific MCP constants, types, and formatting helpers
- Use the unified `/api/providers/:provider/mcp/servers` API for all providers
- Support MCP management for Claude, Cursor, Codex, and Gemini
- Remove old settings-owned Claude/Codex MCP modal components
- Remove old provider-specific `McpServersContent` branching from settings
- Strip MCP server state, fetch, save, delete, and modal ownership from
`useSettingsController`
- Simplify agents settings props so MCP only receives `selectedProvider` and
`currentProjects`
- Keep Claude working-directory unsupported while preserving cwd support for
Cursor, Codex, and Gemini
- Add progressive MCP loading:
- render user/global scope first
- load project/local scopes in the background
- append project results as they resolve
- cache MCP lists briefly to avoid slow tab-switch refetches
- ignore stale async responses after provider switches
Verification:
- `npx eslint src/components/mcp`
- `npm run typecheck`
- `npm run build:client`
* fix(mcp): form with multiline text handling for args, env, headers, and envVars
* feat(mcp): add global MCP server creation flow
Add a separate global MCP add path in the settings MCP module so users can create
one shared MCP server configuration across Claude, Cursor, Codex, and Gemini from
the same screen.
The provider-specific add flow is still kept next to it because these two actions
have different intent. A global MCP server must be constrained to the subset of
configuration that every provider can accept, while a provider-specific server can
still use that provider's own supported scopes, transports, and fields. Naming the
buttons as "Add Global MCP Server" and "Add <Provider> MCP Server" makes that
distinction explicit without forcing users to infer it from the selected tab.
This also moves the explanatory copy to button hover text to keep the MCP toolbar
compact while still documenting the difference between global and provider-only
adds at the point of action.
Implementation details:
- Add global MCP form mode with shared user/project scopes and stdio/http transports.
- Submit global creates through `/api/providers/mcp/servers/global`.
- Reuse the existing MCP form modal with configurable scopes, transports, labels,
and descriptions instead of duplicating form logic.
- Disable provider-only fields for the global flow because those fields cannot be
safely written to every provider.
- Clear the MCP server cache globally after a global add because every provider tab
may have changed.
- Surface partial global add failures with provider-specific error messages.
Validation:
- npx eslint src/components/mcp/view/McpServers.tsx
- npm run typecheck
- npm run build:client
* feat: implement platform-specific provider visibility for cursor agent
* refactor(providers): centralize message handling in provider module
Move provider-specific normalizeMessage and fetchHistory logic out of the legacy
server/providers adapters and into the refactored provider classes so callers can
depend on the main provider contract instead of parallel adapter plumbing.
Add a providers service to resolve concrete providers through the registry and
delegate message normalization/history loading from realtime handlers and the
unified messages route. Add shared TypeScript message/history types and normalized
message helpers so provider implementations and callers use the same contract.
Remove the old adapter registry/files now that Claude, Codex, Cursor, and Gemini
implement the required behavior directly.
* refactor(providers): move auth status checks into provider runtimes
Move provider authentication status logic out of the CLI auth route so auth checks
live with the provider implementations that understand each provider's install
and credential model.
Add provider-specific auth runtime classes for Claude, Codex, Cursor, and Gemini,
and expose them through the shared provider contract as `provider.auth`. Add a
provider auth service that resolves providers through the registry and delegates
status checks via `auth.getStatus()`.
Keep the existing `/api/cli/<provider>/status` endpoints, but make them thin route
adapters over the new provider auth service. This removes duplicated route-local
credential parsing and makes auth status a first-class provider capability beside
MCP and message handling.
* refactor(providers): clarify provider auth and MCP naming
Rename provider auth/MCP contracts to remove the overloaded Runtime suffix so
the shared interfaces read as stable provider capabilities instead of execution
implementation details.
Add a consistent provider-first auth class naming convention by renaming
ClaudeAuthProvider, CodexAuthProvider, CursorAuthProvider, and GeminiAuthProvider
to ClaudeProviderAuth, CodexProviderAuth, CursorProviderAuth, and
GeminiProviderAuth.
This keeps the provider module API easier to scan and aligns auth naming with
the main provider ownership model.
* refactor(providers): move session message delegation into sessions service
Move provider-backed session history and message normalization calls out of the
generic providers service so the service name reflects the behavior it owns.
Add a dedicated sessions service for listing session-capable providers,
normalizing live provider events, and fetching persisted session history through
the provider registry. Update realtime handlers and the unified messages route to
depend on `sessionsService` instead of `providersService`.
This separates session message operations from other provider concerns such as
auth and MCP, keeping the provider services easier to navigate as the module
grows.
* refactor(providers): move auth status routes under provider API
Move provider authentication status endpoints out of the legacy `/api/cli` route
namespace so auth status is exposed through the same provider module that owns
provider auth and MCP behavior.
Add `GET /api/providers/:provider/auth/status` to the provider router and route
it through the provider auth service. Remove the old `cli-auth` route file and
`/api/cli` mount now that provider auth status is handled by the unified provider
API.
Update the frontend provider auth endpoint map to call the new provider-scoped
routes and rename the endpoint constant to reflect that it is no longer CLI
specific.
* chore(api): remove unused backend endpoints after MCP audit
Remove legacy backend routes that no longer have frontend or internal
callers, including the old Claude/Codex MCP APIs, unused Cursor and Codex
helper endpoints, stale TaskMaster detection/next/initialize routes,
and unused command/project helpers.
This reduces duplicated MCP behavior now handled by the provider-based
MCP API, shrinks the exposed backend surface, and removes probe/service
code that only existed for deleted endpoints.
Add an MCP settings API audit document to capture the route-usage
analysis and explain why the legacy MCP endpoints were considered safe
to remove.
* refactor(providers): remove debug logging from Claude authentication status checks
* refactor(cursor): lazy-load better-sqlite3 and remove unused type definitions
* refactor(cursor): remove SSE from CursorMcpProvider constructor and error message
* refactor(auth): standardize API response structure and remove unused error handling
* refactor: make providers use dedicated session handling classes
* refactor: remove legacy provider selection UI and logic
* fix(server/providers): harden and correct session history normalization/pagination
Address correctness and safety issues in provider session adapters while
preserving existing normalized message shapes.
Claude sessions:
- Ensure user text content parts generate unique normalized message ids.
- Replace duplicate `${baseId}_text` ids with index-suffixed ids to avoid
collisions when one user message contains multiple text segments.
Cursor sessions:
- Add session id sanitization before constructing SQLite paths to prevent
path traversal via crafted session ids.
- Enforce containment by resolving the computed DB path and asserting it stays
under ~/.cursor/chats/<cwdId>.
- Refactor blob parsing to a two-pass flow: first build blobMap and collect
JSON blobs, then parse binary parent refs against the fully populated map.
- Fix pagination semantics so limit=0 returns an empty page instead of full
history, with consistent total/hasMore/offset/limit metadata.
Gemini sessions:
- Honor FetchHistoryOptions pagination by reading limit/offset and slicing
normalized history accordingly.
- Return consistent hasMore/offset/limit metadata for paged responses.
Validation:
- eslint passed for touched files.
- server TypeScript check passed (tsc --noEmit -p server/tsconfig.json).
---------
555 lines
16 KiB
JavaScript
555 lines
16 KiB
JavaScript
import express from 'express';
|
|
import { promises as fs } from 'fs';
|
|
import path from 'path';
|
|
import os from 'os';
|
|
import { CLAUDE_MODELS, CURSOR_MODELS, CODEX_MODELS } from '../../shared/modelConstants.js';
|
|
import { parseFrontmatter } from '../utils/frontmatter.js';
|
|
import { findAppRoot, getModuleDir } from '../utils/runtime-paths.js';
|
|
|
|
const __dirname = getModuleDir(import.meta.url);
|
|
// This route reads the top-level package.json for the status command, so it needs the real
|
|
// app root even after compilation moves the route file under dist-server/server/routes.
|
|
const APP_ROOT = findAppRoot(__dirname);
|
|
|
|
const router = express.Router();
|
|
|
|
/**
|
|
* Recursively scan directory for command files (.md)
|
|
* @param {string} dir - Directory to scan
|
|
* @param {string} baseDir - Base directory for relative paths
|
|
* @param {string} namespace - Namespace for commands (e.g., 'project', 'user')
|
|
* @returns {Promise<Array>} Array of command objects
|
|
*/
|
|
async function scanCommandsDirectory(dir, baseDir, namespace) {
|
|
const commands = [];
|
|
|
|
try {
|
|
// Check if directory exists
|
|
await fs.access(dir);
|
|
|
|
const entries = await fs.readdir(dir, { withFileTypes: true });
|
|
|
|
for (const entry of entries) {
|
|
const fullPath = path.join(dir, entry.name);
|
|
|
|
if (entry.isDirectory()) {
|
|
// Recursively scan subdirectories
|
|
const subCommands = await scanCommandsDirectory(fullPath, baseDir, namespace);
|
|
commands.push(...subCommands);
|
|
} else if (entry.isFile() && entry.name.endsWith('.md')) {
|
|
// Parse markdown file for metadata
|
|
try {
|
|
const content = await fs.readFile(fullPath, 'utf8');
|
|
const { data: frontmatter, content: commandContent } = parseFrontmatter(content);
|
|
|
|
// Calculate relative path from baseDir for command name
|
|
const relativePath = path.relative(baseDir, fullPath);
|
|
// Remove .md extension and convert to command name
|
|
const commandName = '/' + relativePath.replace(/\.md$/, '').replace(/\\/g, '/');
|
|
|
|
// Extract description from frontmatter or first line of content
|
|
let description = frontmatter.description || '';
|
|
if (!description) {
|
|
const firstLine = commandContent.trim().split('\n')[0];
|
|
description = firstLine.replace(/^#+\s*/, '').trim();
|
|
}
|
|
|
|
commands.push({
|
|
name: commandName,
|
|
path: fullPath,
|
|
relativePath,
|
|
description,
|
|
namespace,
|
|
metadata: frontmatter
|
|
});
|
|
} catch (err) {
|
|
console.error(`Error parsing command file ${fullPath}:`, err.message);
|
|
}
|
|
}
|
|
}
|
|
} catch (err) {
|
|
// Directory doesn't exist or can't be accessed - this is okay
|
|
if (err.code !== 'ENOENT' && err.code !== 'EACCES') {
|
|
console.error(`Error scanning directory ${dir}:`, err.message);
|
|
}
|
|
}
|
|
|
|
return commands;
|
|
}
|
|
|
|
/**
|
|
* Built-in commands that are always available
|
|
*/
|
|
const builtInCommands = [
|
|
{
|
|
name: '/help',
|
|
description: 'Show help documentation for Claude Code',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/clear',
|
|
description: 'Clear the conversation history',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/model',
|
|
description: 'Switch or view the current AI model',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/cost',
|
|
description: 'Display token usage and cost information',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/memory',
|
|
description: 'Open CLAUDE.md memory file for editing',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/config',
|
|
description: 'Open settings and configuration',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/status',
|
|
description: 'Show system status and version information',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
},
|
|
{
|
|
name: '/rewind',
|
|
description: 'Rewind the conversation to a previous state',
|
|
namespace: 'builtin',
|
|
metadata: { type: 'builtin' }
|
|
}
|
|
];
|
|
|
|
/**
|
|
* Built-in command handlers
|
|
* Each handler returns { type: 'builtin', action: string, data: any }
|
|
*/
|
|
const builtInHandlers = {
|
|
'/help': async (args, context) => {
|
|
const helpText = `# Claude Code Commands
|
|
|
|
## Built-in Commands
|
|
|
|
${builtInCommands.map(cmd => `### ${cmd.name}
|
|
${cmd.description}
|
|
`).join('\n')}
|
|
|
|
## Custom Commands
|
|
|
|
Custom commands can be created in:
|
|
- Project: \`.claude/commands/\` (project-specific)
|
|
- User: \`~/.claude/commands/\` (available in all projects)
|
|
|
|
### Command Syntax
|
|
|
|
- **Arguments**: Use \`$ARGUMENTS\` for all args or \`$1\`, \`$2\`, etc. for positional
|
|
- **File Includes**: Use \`@filename\` to include file contents
|
|
- **Bash Commands**: Use \`!command\` to execute bash commands
|
|
|
|
### Examples
|
|
|
|
\`\`\`markdown
|
|
/mycommand arg1 arg2
|
|
\`\`\`
|
|
`;
|
|
|
|
return {
|
|
type: 'builtin',
|
|
action: 'help',
|
|
data: {
|
|
content: helpText,
|
|
format: 'markdown'
|
|
}
|
|
};
|
|
},
|
|
|
|
'/clear': async (args, context) => {
|
|
return {
|
|
type: 'builtin',
|
|
action: 'clear',
|
|
data: {
|
|
message: 'Conversation history cleared'
|
|
}
|
|
};
|
|
},
|
|
|
|
'/model': async (args, context) => {
|
|
// Read available models from centralized constants
|
|
const availableModels = {
|
|
claude: CLAUDE_MODELS.OPTIONS.map(o => o.value),
|
|
cursor: CURSOR_MODELS.OPTIONS.map(o => o.value),
|
|
codex: CODEX_MODELS.OPTIONS.map(o => o.value)
|
|
};
|
|
|
|
const currentProvider = context?.provider || 'claude';
|
|
const currentModel = context?.model || CLAUDE_MODELS.DEFAULT;
|
|
|
|
return {
|
|
type: 'builtin',
|
|
action: 'model',
|
|
data: {
|
|
current: {
|
|
provider: currentProvider,
|
|
model: currentModel
|
|
},
|
|
available: availableModels,
|
|
message: args.length > 0
|
|
? `Switching to model: ${args[0]}`
|
|
: `Current model: ${currentModel}`
|
|
}
|
|
};
|
|
},
|
|
|
|
'/cost': async (args, context) => {
|
|
const tokenUsage = context?.tokenUsage || {};
|
|
const provider = context?.provider || 'claude';
|
|
const model =
|
|
context?.model ||
|
|
(provider === 'cursor'
|
|
? CURSOR_MODELS.DEFAULT
|
|
: provider === 'codex'
|
|
? CODEX_MODELS.DEFAULT
|
|
: CLAUDE_MODELS.DEFAULT);
|
|
|
|
const used = Number(tokenUsage.used ?? tokenUsage.totalUsed ?? tokenUsage.total_tokens ?? 0) || 0;
|
|
const total =
|
|
Number(
|
|
tokenUsage.total ??
|
|
tokenUsage.contextWindow ??
|
|
parseInt(process.env.CONTEXT_WINDOW || '160000', 10),
|
|
) || 160000;
|
|
const percentage = total > 0 ? Number(((used / total) * 100).toFixed(1)) : 0;
|
|
|
|
const inputTokensRaw =
|
|
Number(
|
|
tokenUsage.inputTokens ??
|
|
tokenUsage.input ??
|
|
tokenUsage.cumulativeInputTokens ??
|
|
tokenUsage.promptTokens ??
|
|
0,
|
|
) || 0;
|
|
const outputTokens =
|
|
Number(
|
|
tokenUsage.outputTokens ??
|
|
tokenUsage.output ??
|
|
tokenUsage.cumulativeOutputTokens ??
|
|
tokenUsage.completionTokens ??
|
|
0,
|
|
) || 0;
|
|
const cacheTokens =
|
|
Number(
|
|
tokenUsage.cacheReadTokens ??
|
|
tokenUsage.cacheCreationTokens ??
|
|
tokenUsage.cacheTokens ??
|
|
tokenUsage.cachedTokens ??
|
|
0,
|
|
) || 0;
|
|
|
|
// If we only have total used tokens, treat them as input for display/estimation.
|
|
const inputTokens =
|
|
inputTokensRaw > 0 || outputTokens > 0 || cacheTokens > 0 ? inputTokensRaw + cacheTokens : used;
|
|
|
|
// Rough default rates by provider (USD / 1M tokens).
|
|
const pricingByProvider = {
|
|
claude: { input: 3, output: 15 },
|
|
cursor: { input: 3, output: 15 },
|
|
codex: { input: 1.5, output: 6 },
|
|
};
|
|
const rates = pricingByProvider[provider] || pricingByProvider.claude;
|
|
|
|
const inputCost = (inputTokens / 1_000_000) * rates.input;
|
|
const outputCost = (outputTokens / 1_000_000) * rates.output;
|
|
const totalCost = inputCost + outputCost;
|
|
|
|
return {
|
|
type: 'builtin',
|
|
action: 'cost',
|
|
data: {
|
|
tokenUsage: {
|
|
used,
|
|
total,
|
|
percentage,
|
|
},
|
|
cost: {
|
|
input: inputCost.toFixed(4),
|
|
output: outputCost.toFixed(4),
|
|
total: totalCost.toFixed(4),
|
|
},
|
|
model,
|
|
},
|
|
};
|
|
},
|
|
|
|
'/status': async (args, context) => {
|
|
// Read version from package.json
|
|
const packageJsonPath = path.join(APP_ROOT, 'package.json');
|
|
let version = 'unknown';
|
|
let packageName = 'claude-code-ui';
|
|
|
|
try {
|
|
const packageJson = JSON.parse(await fs.readFile(packageJsonPath, 'utf8'));
|
|
version = packageJson.version;
|
|
packageName = packageJson.name;
|
|
} catch (err) {
|
|
console.error('Error reading package.json:', err);
|
|
}
|
|
|
|
const uptime = process.uptime();
|
|
const uptimeMinutes = Math.floor(uptime / 60);
|
|
const uptimeHours = Math.floor(uptimeMinutes / 60);
|
|
const uptimeFormatted = uptimeHours > 0
|
|
? `${uptimeHours}h ${uptimeMinutes % 60}m`
|
|
: `${uptimeMinutes}m`;
|
|
|
|
return {
|
|
type: 'builtin',
|
|
action: 'status',
|
|
data: {
|
|
version,
|
|
packageName,
|
|
uptime: uptimeFormatted,
|
|
uptimeSeconds: Math.floor(uptime),
|
|
model: context?.model || 'claude-sonnet-4.5',
|
|
provider: context?.provider || 'claude',
|
|
nodeVersion: process.version,
|
|
platform: process.platform
|
|
}
|
|
};
|
|
},
|
|
|
|
'/memory': async (args, context) => {
|
|
const projectPath = context?.projectPath;
|
|
|
|
if (!projectPath) {
|
|
return {
|
|
type: 'builtin',
|
|
action: 'memory',
|
|
data: {
|
|
error: 'No project selected',
|
|
message: 'Please select a project to access its CLAUDE.md file'
|
|
}
|
|
};
|
|
}
|
|
|
|
const claudeMdPath = path.join(projectPath, 'CLAUDE.md');
|
|
|
|
// Check if CLAUDE.md exists
|
|
let exists = false;
|
|
try {
|
|
await fs.access(claudeMdPath);
|
|
exists = true;
|
|
} catch (err) {
|
|
// File doesn't exist
|
|
}
|
|
|
|
return {
|
|
type: 'builtin',
|
|
action: 'memory',
|
|
data: {
|
|
path: claudeMdPath,
|
|
exists,
|
|
message: exists
|
|
? `Opening CLAUDE.md at ${claudeMdPath}`
|
|
: `CLAUDE.md not found at ${claudeMdPath}. Create it to store project-specific instructions.`
|
|
}
|
|
};
|
|
},
|
|
|
|
'/config': async (args, context) => {
|
|
return {
|
|
type: 'builtin',
|
|
action: 'config',
|
|
data: {
|
|
message: 'Opening settings...'
|
|
}
|
|
};
|
|
},
|
|
|
|
'/rewind': async (args, context) => {
|
|
const steps = args[0] ? parseInt(args[0]) : 1;
|
|
|
|
if (isNaN(steps) || steps < 1) {
|
|
return {
|
|
type: 'builtin',
|
|
action: 'rewind',
|
|
data: {
|
|
error: 'Invalid steps parameter',
|
|
message: 'Usage: /rewind [number] - Rewind conversation by N steps (default: 1)'
|
|
}
|
|
};
|
|
}
|
|
|
|
return {
|
|
type: 'builtin',
|
|
action: 'rewind',
|
|
data: {
|
|
steps,
|
|
message: `Rewinding conversation by ${steps} step${steps > 1 ? 's' : ''}...`
|
|
}
|
|
};
|
|
}
|
|
};
|
|
|
|
/**
|
|
* POST /api/commands/list
|
|
* List all available commands from project and user directories
|
|
*/
|
|
router.post('/list', async (req, res) => {
|
|
try {
|
|
const { projectPath } = req.body;
|
|
const allCommands = [...builtInCommands];
|
|
|
|
// Scan project-level commands (.claude/commands/)
|
|
if (projectPath) {
|
|
const projectCommandsDir = path.join(projectPath, '.claude', 'commands');
|
|
const projectCommands = await scanCommandsDirectory(
|
|
projectCommandsDir,
|
|
projectCommandsDir,
|
|
'project'
|
|
);
|
|
allCommands.push(...projectCommands);
|
|
}
|
|
|
|
// Scan user-level commands (~/.claude/commands/)
|
|
const homeDir = os.homedir();
|
|
const userCommandsDir = path.join(homeDir, '.claude', 'commands');
|
|
const userCommands = await scanCommandsDirectory(
|
|
userCommandsDir,
|
|
userCommandsDir,
|
|
'user'
|
|
);
|
|
allCommands.push(...userCommands);
|
|
|
|
// Separate built-in and custom commands
|
|
const customCommands = allCommands.filter(cmd => cmd.namespace !== 'builtin');
|
|
|
|
// Sort commands alphabetically by name
|
|
customCommands.sort((a, b) => a.name.localeCompare(b.name));
|
|
|
|
res.json({
|
|
builtIn: builtInCommands,
|
|
custom: customCommands,
|
|
count: allCommands.length
|
|
});
|
|
} catch (error) {
|
|
console.error('Error listing commands:', error);
|
|
res.status(500).json({
|
|
error: 'Failed to list commands',
|
|
message: error.message
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* POST /api/commands/execute
|
|
* Execute a command with argument replacement
|
|
* This endpoint prepares the command content but doesn't execute bash commands yet
|
|
* (that will be handled in the command parser utility)
|
|
*/
|
|
router.post('/execute', async (req, res) => {
|
|
try {
|
|
const { commandName, commandPath, args = [], context = {} } = req.body;
|
|
|
|
if (!commandName) {
|
|
return res.status(400).json({
|
|
error: 'Command name is required'
|
|
});
|
|
}
|
|
|
|
// Handle built-in commands
|
|
const handler = builtInHandlers[commandName];
|
|
if (handler) {
|
|
try {
|
|
const result = await handler(args, context);
|
|
return res.json({
|
|
...result,
|
|
command: commandName
|
|
});
|
|
} catch (error) {
|
|
console.error(`Error executing built-in command ${commandName}:`, error);
|
|
return res.status(500).json({
|
|
error: 'Command execution failed',
|
|
message: error.message,
|
|
command: commandName
|
|
});
|
|
}
|
|
}
|
|
|
|
// Handle custom commands
|
|
if (!commandPath) {
|
|
return res.status(400).json({
|
|
error: 'Command path is required for custom commands'
|
|
});
|
|
}
|
|
|
|
// Load command content
|
|
// Security: validate commandPath is within allowed directories
|
|
{
|
|
const resolvedPath = path.resolve(commandPath);
|
|
const userBase = path.resolve(path.join(os.homedir(), '.claude', 'commands'));
|
|
const projectBase = context?.projectPath
|
|
? path.resolve(path.join(context.projectPath, '.claude', 'commands'))
|
|
: null;
|
|
const isUnder = (base) => {
|
|
const rel = path.relative(base, resolvedPath);
|
|
return rel !== '' && !rel.startsWith('..') && !path.isAbsolute(rel);
|
|
};
|
|
if (!(isUnder(userBase) || (projectBase && isUnder(projectBase)))) {
|
|
return res.status(403).json({
|
|
error: 'Access denied',
|
|
message: 'Command must be in .claude/commands directory'
|
|
});
|
|
}
|
|
}
|
|
const content = await fs.readFile(commandPath, 'utf8');
|
|
const { data: metadata, content: commandContent } = parseFrontmatter(content);
|
|
// Basic argument replacement (will be enhanced in command parser utility)
|
|
let processedContent = commandContent;
|
|
|
|
// Replace $ARGUMENTS with all arguments joined
|
|
const argsString = args.join(' ');
|
|
processedContent = processedContent.replace(/\$ARGUMENTS/g, argsString);
|
|
|
|
// Replace $1, $2, etc. with positional arguments
|
|
args.forEach((arg, index) => {
|
|
const placeholder = `$${index + 1}`;
|
|
processedContent = processedContent.replace(new RegExp(`\\${placeholder}\\b`, 'g'), arg);
|
|
});
|
|
|
|
res.json({
|
|
type: 'custom',
|
|
command: commandName,
|
|
content: processedContent,
|
|
metadata,
|
|
hasFileIncludes: processedContent.includes('@'),
|
|
hasBashCommands: processedContent.includes('!')
|
|
});
|
|
} catch (error) {
|
|
if (error.code === 'ENOENT') {
|
|
return res.status(404).json({
|
|
error: 'Command not found',
|
|
message: `Command file not found: ${req.body.commandPath}`
|
|
});
|
|
}
|
|
|
|
console.error('Error executing command:', error);
|
|
res.status(500).json({
|
|
error: 'Failed to execute command',
|
|
message: error.message
|
|
});
|
|
}
|
|
});
|
|
|
|
export default router;
|