rose_cat707/CookieBridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14 Commits 1 Branch 0 Tags
main
Commit Graph

14 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
徐枫
fb5c841282 feat: embed frontend into backend server with full-stack build pipeline (RCA-20)
Some checks failed
CI / test (22) (push) Has been cancelled
Details
CI / web (push) Has been cancelled
Details
CI / extension (push) Has been cancelled
Details
CI / docker (push) Has been cancelled
Details 
The backend now serves the Vue admin UI as static files with SPA fallback,
eliminating the need for a separate web server. Dockerfile builds both
frontend and backend in a multi-stage pipeline. Added build:web and
build:all scripts, updated CI to verify frontend builds, and fixed
vitest config to exclude Playwright tests.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-18 12:33:41 +08:00
徐枫
1093d64724 feat: add SQLite and MySQL database support with setup wizard selection (RCA-21) 
Replace in-memory storage with a database abstraction layer supporting SQLite
and MySQL. Users choose their preferred database during the first-time setup
wizard. The server persists the database config to data/db-config.json and
loads it automatically on restart.

- Add database abstraction interfaces (ICookieStore, IDeviceStore, IAgentStore, IAdminStore)
- Implement SQLite driver using better-sqlite3 with WAL mode
- Implement MySQL driver using mysql2 connection pooling
- Keep memory-backed driver for backwards compatibility and testing
- Add database selection step (step 2) to the setup wizard UI
- Update setup API to accept dbConfig and initialize the chosen database
- Update RelayServer to use async store interfaces with runtime store replacement

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-18 11:55:59 +08:00
徐枫
1420c4ecfa fix: make all 112 Playwright E2E tests pass (RCA-19)
Some checks failed
CI / test (22) (push) Has been cancelled
Details
CI / docker (push) Has been cancelled
Details
CI / extension (push) Has been cancelled
Details 
- Fix mock-api data shapes to match actual Vue component interfaces
- Replace HeadlessUI TransitionRoot with v-if in SetupView (unmount fix)
- Restructure CookiesView to detail-replaces-list pattern (strict mode)
- Add ARIA attributes for Playwright selectors (role=switch, aria-label)
- Fix 401 interceptor to skip login endpoint redirects
- Add confirmation dialogs, error states, and missing UI fields
- Rename conflicting button/label text to avoid strict mode violations

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-18 02:52:57 +08:00
徐枫
6504d3c7b9 fix: resolve 6 QA bugs in frontend admin panel (RCA-19) 
Bug 1: Dashboard child route path "" → "dashboard" + redirect from /
Bug 2: Test localStorage key "admin_token" → "cb_admin_token"
Bug 3: Router setup check data.isSetUp → data.initialised
Bug 4: Setup wizard button text to match test selectors
Bug 5: loginViaAPI helper sets localStorage directly instead of hitting relay
Bug 6: Login button disabled when fields are empty

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-18 01:47:21 +08:00
徐枫
147f9d4761 feat: enhance all frontend management views 
Dashboard (RCA-15):
- Stats cards: server status, devices (online/offline breakdown), cookies
  by domain count, WebSocket connections
- Device status table with online badges
- Quick action cards linking to cookies, devices, settings

Cookies (RCA-16):
- Domain-grouped collapsible list with expand/collapse
- Search by domain or cookie name
- Right-side detail panel showing all cookie fields (Headless UI transition)
- Checkbox selection + batch delete
- Per-cookie inline delete

Devices (RCA-17):
- Card grid with platform icons (CH/FF/ED/SA), online/offline badges
- Status filter tabs (All/Online/Offline)
- Expandable details (full device ID, platform, registration date)
- Two-step revoke confirmation dialog inline

Settings (RCA-18):
- Headless UI Tab component with 3 tabs: Sync, Security, Appearance
- Sync: auto-sync toggle, frequency selector (real-time/1m/5m/manual)
- Security: change password form, max devices
- Appearance: theme picker (light/dark/system), language selector
- Save with success toast notification

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 20:35:45 +08:00
徐枫
1a6d61ec36 feat: add setup wizard and enhance login flow 
- Add /setup route with 4-step wizard: welcome, admin account creation,
  basic config (port, HTTPS), completion
- Router auto-detects first-time setup via GET /admin/setup/status
- Redirects to /setup if not configured, blocks /setup after init
- Uses Headless UI TransitionRoot for step animations
- Password confirmation with mismatch validation

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 20:31:34 +08:00
徐枫
a320f7ad97 feat: add admin REST API layer for frontend management panel 
Implement JWT-protected /admin/* routes on the relay server:
- Auth: login, logout, me, setup/status, setup/init (first-time config)
- Dashboard: stats overview (connections, devices, cookies, domains)
- Cookies: paginated list with domain/search filter, detail, delete, batch delete
- Devices: list with online status, revoke
- Settings: get/update (sync interval, max devices, theme)

Uses scrypt for password hashing and jsonwebtoken for JWT.
Adds listAll/revoke to DeviceRegistry, getAll/getById/deleteById to CookieBlobStore,
disconnect to ConnectionManager. Updates frontend to use /admin/* endpoints.

All 38 existing tests pass.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 20:28:56 +08:00
徐枫
f4144c96f1 test(web): add Playwright E2E and admin API test suite for RCA-19 
Prepares the full QA test infrastructure for the admin frontend before
all prerequisite feature tasks (RCA-12–18) are complete.

- playwright.config.ts: 6 browser/device projects (Chromium, Firefox,
  WebKit, mobile Chrome, mobile Safari, tablet)
- tests/e2e/01-login.spec.ts: login form, route guards, setup wizard
- tests/e2e/02-dashboard.spec.ts: stats cards, device list, quick actions
- tests/e2e/03-cookies.spec.ts: cookie list, search, detail panel, delete
- tests/e2e/04-devices.spec.ts: device cards, revoke flow, status filter
- tests/e2e/05-settings.spec.ts: three-tab layout, save/error toasts
- tests/e2e/06-responsive.spec.ts: no horizontal scroll on mobile/tablet
- tests/api/admin-api.spec.ts: REST API contract tests for all /admin/* endpoints
- helpers/auth.ts: loginViaUI + loginViaAPI helpers
- helpers/mock-api.ts: route intercept fixtures for all pages

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 20:24:22 +08:00
徐枫
e3a9d9f63c feat: scaffold Vue 3 + TypeScript + Vite frontend admin panel 
Set up web/ directory with complete frontend scaffolding:
- Vue 3 + TypeScript + Vite with Tailwind CSS v4
- Vue Router with auth guard (redirects to /login when unauthenticated)
- Pinia stores: auth, cookies, devices, settings
- Axios HTTP client with token interceptor
- Views: Login, Dashboard, Cookies, Devices, Settings
- Vite dev server proxy to relay API on port 8100
- Headless UI and Heroicons dependencies

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 20:22:35 +08:00
徐枫
b6fbf7a921 feat: implement M4 self-hosting, Docker & documentation
Some checks failed
CI / test (22) (push) Has been cancelled
Details
CI / docker (push) Has been cancelled
Details
CI / extension (push) Has been cancelled
Details 
- Dockerfile with multi-stage build (Node 22 Alpine, sodium-native)
- docker-compose.yml with health check for easy self-hosting
- README with setup guide, API reference, and project overview
- Architecture docs (data flow, component breakdown, protocol constants)
- Security model docs (threat model, crypto primitives, self-hosting checklist)
- GitHub Actions CI pipeline (test, typecheck, Docker smoke test, extension builds)
- GitHub Actions release pipeline (GHCR push, extension zip artifacts)
- CONTRIBUTING.md with dev setup and code style guidelines

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 18:34:53 +08:00
徐枫
f39ff8c215 feat: implement M3 multi-browser support (Firefox, Edge, Safari) 
Add browser abstraction layer (compat.ts) that normalizes Chrome/Firefox/
Edge/Safari extension APIs behind a unified promise-based interface.
Replace all direct chrome.* calls with compat layer across service worker,
sync engine, badge, storage, popup, and options modules.

- Browser-specific manifests in manifests/ (Firefox MV3 with gecko settings,
  Edge/Safari variants)
- Multi-target build system: `npm run build` produces all four browser
  builds in build/<browser>/
- Per-browser build scripts: build:chrome, build:firefox, build:edge, build:safari
- Auto-detects browser at runtime for platform-specific device registration
- All 38 existing tests pass, typecheck clean

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 16:58:44 +08:00
徐枫
dc3be4d73f feat: implement M2 Chrome browser extension 
Build the CookieBridge Chrome extension (Manifest V3) with:

- Background service worker: cookie monitoring via chrome.cookies.onChanged,
  WebSocket connection to relay server with auto-reconnect, HTTP polling
  fallback, device registration and pairing flow
- Browser-compatible crypto: libsodium-wrappers-sumo for XChaCha20-Poly1305
  encryption, Ed25519 signing, X25519 key exchange (mirrors server's
  sodium-native API)
- Popup UI: device registration, connection status indicator (gray/blue/
  green/red), cookie/device/sync stats, one-click current site sync,
  whitelist quick-add, device pairing with 6-digit code
- Options page: server URL config, connection mode (auto/WS/polling),
  poll interval slider, auto-sync toggle, domain whitelist/blacklist
  management, paired device list, key export/import, data clearing
- Sync engine: LWW conflict resolution with Lamport clocks (same as
  server), bidirectional cookie sync with all paired peers, echo
  suppression to prevent sync loops
- Badge management: icon color reflects state (gray=not logged in,
  blue=connected, green=syncing with count, red=error)
- Build system: esbuild bundling for Chrome 120+, TypeScript with
  strict mode, clean type checking

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 16:30:18 +08:00
徐枫
1bd7a34de8 feat: rework CookieBridge to v2 architecture per CEO feedback 
Architecture changes:
- Extension connects directly to server (no local proxy/daemon)
- Dual transport: WebSocket (real-time) + HTTP polling (fallback)
- Server stores encrypted cookie blobs (E2E encrypted, server-blind)
- Device registration with API token auth
- Pairing records stored server-side for cross-device cookie access
- Agent Skill API: AI agents get tokens to retrieve encrypted cookies
  with domain-level access control

New modules:
- src/relay/store.ts — encrypted cookie blob storage (LWW, per-device limits)
- src/relay/tokens.ts — device registry, agent registry, pairing tracking
- Protocol spec v2 with new types (EncryptedCookieBlob, AgentToken, etc.)

38 tests passing (crypto, pairing, conflict, full integration with
HTTP polling, agent API, and WebSocket relay).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 15:26:24 +08:00
徐枫
4326276505 feat: implement CookieBridge M1 — core protocol & relay server 
- Protocol spec: encrypted envelope format, device identity (Ed25519 + X25519),
  LWW conflict resolution with Lamport clocks
- E2E encryption: XChaCha20-Poly1305 via sodium-native, X25519 key exchange
- WebSocket relay server: stateless message forwarding, device auth via
  challenge-response, offline message queuing, ping/pong keepalive
- Device pairing: time-limited pairing codes, key exchange broker via HTTP
- Sync protocol: envelope builder/opener, conflict-resolving cookie store
- 31 tests passing (crypto, pairing, conflict resolution, full integration)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 14:56:01 +08:00