1use std::collections::HashMap;
2use std::path::Path;
3use std::sync::Arc;
4use tokio::io::{AsyncReadExt, AsyncWriteExt};
5use tokio::net::TcpListener;
6
7const DEFAULT_PORT: u16 = 3333;
8const DEFAULT_HOST: &str = "127.0.0.1";
9const DASHBOARD_HTML: &str = include_str!("dashboard.html");
10
11pub async fn start(port: Option<u16>, host: Option<String>) {
12 let port = port.unwrap_or_else(|| {
13 std::env::var("LEAN_CTX_PORT")
14 .ok()
15 .and_then(|p| p.parse().ok())
16 .unwrap_or(DEFAULT_PORT)
17 });
18
19 let host = host.unwrap_or_else(|| {
20 std::env::var("LEAN_CTX_HOST")
21 .ok()
22 .unwrap_or_else(|| DEFAULT_HOST.to_string())
23 });
24
25 let addr = format!("{host}:{port}");
26 let is_local = host == "127.0.0.1" || host == "localhost" || host == "::1";
27
28 if is_local && dashboard_responding(&host, port) {
31 println!("\n lean-ctx dashboard already running → http://{host}:{port}");
32 println!(" Tip: use Ctrl+C in the existing terminal to stop it.\n");
33 open_browser(&format!("http://localhost:{port}"));
34 return;
35 }
36
37 let token = if !is_local {
38 let t = generate_token();
39 save_token(&t);
40 Some(Arc::new(t))
41 } else {
42 None
43 };
44
45 if !is_local {
46 let t = token.as_ref().unwrap();
47 eprintln!(
48 " \x1b[33m⚠\x1b[0m Binding to {host} — authentication enabled.\n \
49 Bearer token: \x1b[1;32m{t}\x1b[0m\n \
50 Browser URL: http://<your-ip>:{port}/?token={t}"
51 );
52 }
53
54 let listener = match TcpListener::bind(&addr).await {
55 Ok(l) => l,
56 Err(e) => {
57 eprintln!("Failed to bind to {addr}: {e}");
58 std::process::exit(1);
59 }
60 };
61
62 let stats_path = crate::core::data_dir::lean_ctx_data_dir()
63 .map(|d| d.join("stats.json").display().to_string())
64 .unwrap_or_else(|_| "~/.lean-ctx/stats.json".to_string());
65
66 if host == "0.0.0.0" {
67 println!("\n lean-ctx dashboard → http://0.0.0.0:{port} (all interfaces)");
68 println!(" Local access: http://localhost:{port}");
69 } else {
70 println!("\n lean-ctx dashboard → http://{host}:{port}");
71 }
72 println!(" Stats file: {stats_path}");
73 println!(" Press Ctrl+C to stop\n");
74
75 if is_local {
76 open_browser(&format!("http://localhost:{port}"));
77 }
78 if crate::shell::is_container() && is_local {
79 println!(" Tip (Docker): bind 0.0.0.0 + publish port:");
80 println!(" lean-ctx dashboard --host=0.0.0.0 --port={port}");
81 println!(" docker run ... -p {port}:{port} ...");
82 println!();
83 }
84
85 loop {
86 if let Ok((stream, _)) = listener.accept().await {
87 let token_ref = token.clone();
88 tokio::spawn(handle_request(stream, token_ref));
89 }
90 }
91}
92
93fn generate_token() -> String {
94 use std::time::{SystemTime, UNIX_EPOCH};
95 let seed = SystemTime::now()
96 .duration_since(UNIX_EPOCH)
97 .unwrap_or_default()
98 .as_nanos();
99 format!("lctx_{:016x}", seed ^ 0xdeadbeef_cafebabe)
100}
101
102fn save_token(token: &str) {
103 if let Ok(dir) = crate::core::data_dir::lean_ctx_data_dir() {
104 let _ = std::fs::create_dir_all(&dir);
105 let _ = std::fs::write(dir.join("dashboard.token"), token);
106 }
107}
108
109fn open_browser(url: &str) {
110 #[cfg(target_os = "macos")]
111 {
112 let _ = std::process::Command::new("open").arg(url).spawn();
113 }
114
115 #[cfg(target_os = "linux")]
116 {
117 let _ = std::process::Command::new("xdg-open")
118 .arg(url)
119 .stderr(std::process::Stdio::null())
120 .spawn();
121 }
122
123 #[cfg(target_os = "windows")]
124 {
125 let _ = std::process::Command::new("cmd")
126 .args(["/C", "start", url])
127 .spawn();
128 }
129}
130
131fn dashboard_responding(host: &str, port: u16) -> bool {
132 use std::io::{Read, Write};
133 use std::net::TcpStream;
134 use std::time::Duration;
135
136 let addr = format!("{host}:{port}");
137 let Ok(mut s) = TcpStream::connect_timeout(
138 &addr
139 .parse()
140 .unwrap_or_else(|_| std::net::SocketAddr::from(([127, 0, 0, 1], port))),
141 Duration::from_millis(150),
142 ) else {
143 return false;
144 };
145 let _ = s.set_read_timeout(Some(Duration::from_millis(150)));
146 let _ = s.set_write_timeout(Some(Duration::from_millis(150)));
147
148 let req = "GET /api/version HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n";
149 if s.write_all(req.as_bytes()).is_err() {
150 return false;
151 }
152 let mut buf = [0u8; 256];
153 let Ok(n) = s.read(&mut buf) else {
154 return false;
155 };
156 let head = String::from_utf8_lossy(&buf[..n]);
157 head.starts_with("HTTP/1.1 200") || head.starts_with("HTTP/1.0 200")
158}
159
160async fn handle_request(mut stream: tokio::net::TcpStream, token: Option<Arc<String>>) {
161 let mut buf = vec![0u8; 4096];
162 let n = match stream.read(&mut buf).await {
163 Ok(n) if n > 0 => n,
164 _ => return,
165 };
166
167 let request = String::from_utf8_lossy(&buf[..n]);
168
169 let raw_path = request
170 .lines()
171 .next()
172 .and_then(|line| line.split_whitespace().nth(1))
173 .unwrap_or("/");
174
175 let (path, query_token) = if let Some(idx) = raw_path.find('?') {
176 let p = &raw_path[..idx];
177 let qs = &raw_path[idx + 1..];
178 let tok = qs
179 .split('&')
180 .find_map(|pair| pair.strip_prefix("token="))
181 .map(|t| t.to_string());
182 (p.to_string(), tok)
183 } else {
184 (raw_path.to_string(), None)
185 };
186
187 let query_str = raw_path.find('?').map(|i| &raw_path[i + 1..]).unwrap_or("");
188
189 let is_api = path.starts_with("/api/");
190
191 if let Some(ref expected) = token {
192 let has_header_auth = check_auth(&request, expected);
193 let has_query_auth = query_token
194 .as_deref()
195 .map(|t| t == expected.as_str())
196 .unwrap_or(false);
197
198 if is_api && !has_header_auth && !has_query_auth {
199 let body = r#"{"error":"unauthorized"}"#;
200 let response = format!(
201 "HTTP/1.1 401 Unauthorized\r\n\
202 Content-Type: application/json\r\n\
203 Content-Length: {}\r\n\
204 WWW-Authenticate: Bearer\r\n\
205 Connection: close\r\n\
206 \r\n\
207 {body}",
208 body.len()
209 );
210 let _ = stream.write_all(response.as_bytes()).await;
211 return;
212 }
213 }
214
215 let path = path.as_str();
216
217 let compute =
218 std::panic::catch_unwind(|| route_response(path, query_str, &query_token, &token));
219 let (status, content_type, body) = match compute {
220 Ok(v) => v,
221 Err(_) => (
222 "500 Internal Server Error",
223 "application/json",
224 r#"{"error":"dashboard route panicked"}"#.to_string(),
225 ),
226 };
227
228 let cache_header = if content_type.starts_with("application/json") {
229 "Cache-Control: no-cache, no-store, must-revalidate\r\nPragma: no-cache\r\n"
230 } else {
231 ""
232 };
233
234 let response = format!(
235 "HTTP/1.1 {status}\r\n\
236 Content-Type: {content_type}\r\n\
237 Content-Length: {}\r\n\
238 {cache_header}\
239 Access-Control-Allow-Origin: *\r\n\
240 Connection: close\r\n\
241 \r\n\
242 {body}",
243 body.len()
244 );
245
246 let _ = stream.write_all(response.as_bytes()).await;
247}
248
249fn route_response(
250 path: &str,
251 query_str: &str,
252 query_token: &Option<String>,
253 token: &Option<Arc<String>>,
254) -> (&'static str, &'static str, String) {
255 match path {
256 "/api/stats" => {
257 let store = crate::core::stats::load();
258 let json = serde_json::to_string(&store).unwrap_or_else(|_| "{}".to_string());
259 ("200 OK", "application/json", json)
260 }
261 "/api/gain" => {
262 let env_model = std::env::var("LEAN_CTX_MODEL")
263 .or_else(|_| std::env::var("LCTX_MODEL"))
264 .ok();
265 let engine = crate::core::gain::GainEngine::load();
266 let payload = serde_json::json!({
267 "summary": engine.summary(env_model.as_deref()),
268 "tasks": engine.task_breakdown(),
269 "heatmap": engine.heatmap_gains(20),
270 });
271 let json = serde_json::to_string(&payload).unwrap_or_else(|_| "{}".to_string());
272 ("200 OK", "application/json", json)
273 }
274 "/api/mcp" => {
275 let mcp_path = crate::core::data_dir::lean_ctx_data_dir()
276 .map(|d| d.join("mcp-live.json"))
277 .unwrap_or_default();
278 let json = std::fs::read_to_string(&mcp_path).unwrap_or_else(|_| "{}".to_string());
279 ("200 OK", "application/json", json)
280 }
281 "/api/agents" => {
282 let json = build_agents_json();
283 ("200 OK", "application/json", json)
284 }
285 "/api/knowledge" => {
286 let project_root = detect_project_root_for_dashboard();
287 let _ =
288 crate::core::knowledge::ProjectKnowledge::migrate_legacy_empty_root(&project_root);
289 let knowledge = crate::core::knowledge::ProjectKnowledge::load_or_create(&project_root);
290 let json = serde_json::to_string(&knowledge).unwrap_or_else(|_| "{}".to_string());
291 ("200 OK", "application/json", json)
292 }
293 "/api/gotchas" => {
294 let project_root = detect_project_root_for_dashboard();
295 let store = crate::core::gotcha_tracker::GotchaStore::load(&project_root);
296 let json = serde_json::to_string(&store).unwrap_or_else(|_| "{}".to_string());
297 ("200 OK", "application/json", json)
298 }
299 "/api/buddy" => {
300 let buddy = crate::core::buddy::BuddyState::compute();
301 let json = serde_json::to_string(&buddy).unwrap_or_else(|_| "{}".to_string());
302 ("200 OK", "application/json", json)
303 }
304 "/api/version" => {
305 let json = crate::core::version_check::version_info_json();
306 ("200 OK", "application/json", json)
307 }
308 "/api/heatmap" => {
309 let project_root = detect_project_root_for_dashboard();
310 let index = crate::core::graph_index::load_or_build(&project_root);
311 let entries = build_heatmap_json(&index);
312 ("200 OK", "application/json", entries)
313 }
314 "/api/events" => {
315 let evs = crate::core::events::load_events_from_file(200);
316 let json = serde_json::to_string(&evs).unwrap_or_else(|_| "[]".to_string());
317 ("200 OK", "application/json", json)
318 }
319 "/api/graph" => {
320 let root = detect_project_root_for_dashboard();
321 let index = crate::core::graph_index::load_or_build(&root);
322 let json = serde_json::to_string(&index).unwrap_or_else(|_| {
323 "{\"error\":\"failed to serialize project index\"}".to_string()
324 });
325 ("200 OK", "application/json", json)
326 }
327 "/api/feedback" => {
328 let store = crate::core::feedback::FeedbackStore::load();
329 let json = serde_json::to_string(&store).unwrap_or_else(|_| {
330 "{\"error\":\"failed to serialize feedback store\"}".to_string()
331 });
332 ("200 OK", "application/json", json)
333 }
334 "/api/session" => {
335 let session = crate::core::session::SessionState::load_latest().unwrap_or_default();
336 let json = serde_json::to_string(&session)
337 .unwrap_or_else(|_| "{\"error\":\"failed to serialize session\"}".to_string());
338 ("200 OK", "application/json", json)
339 }
340 "/api/search-index" => {
341 let root_s = detect_project_root_for_dashboard();
342 let root = std::path::Path::new(&root_s);
343 let index = crate::core::vector_index::BM25Index::load_or_build(root);
344 let summary = bm25_index_summary_json(&index);
345 let json = serde_json::to_string(&summary).unwrap_or_else(|_| {
346 "{\"error\":\"failed to serialize search index summary\"}".to_string()
347 });
348 ("200 OK", "application/json", json)
349 }
350 "/api/compression-demo" => {
351 let body = match extract_query_param(query_str, "path") {
352 None => r#"{"error":"missing path query parameter"}"#.to_string(),
353 Some(rel) => {
354 let task = extract_query_param(query_str, "task");
355 let root = detect_project_root_for_dashboard();
356 let root_pb = std::path::Path::new(&root);
357 let candidate = std::path::Path::new(&rel);
358 let full = if candidate.is_absolute() {
359 candidate.to_path_buf()
360 } else {
361 let direct = root_pb.join(&rel);
362 if direct.exists() {
363 direct
364 } else {
365 let in_rust = root_pb.join("rust").join(&rel);
366 if in_rust.exists() {
367 in_rust
368 } else {
369 direct
370 }
371 }
372 };
373 match std::fs::read_to_string(&full) {
374 Ok(content) => {
375 let ext = full.extension().and_then(|e| e.to_str()).unwrap_or("rs");
376 let path_str = full.to_string_lossy().to_string();
377 let original_lines = content.lines().count();
378 let original_tokens = crate::core::tokens::count_tokens(&content);
379 let modes = compression_demo_modes_json(
380 &content,
381 &path_str,
382 ext,
383 original_tokens,
384 task.as_deref(),
385 );
386 let original_preview: String = content.chars().take(8000).collect();
387 serde_json::json!({
388 "path": path_str,
389 "task": task,
390 "original_lines": original_lines,
391 "original_tokens": original_tokens,
392 "original": original_preview,
393 "modes": modes,
394 })
395 .to_string()
396 }
397 Err(_) => r#"{"error":"failed to read file"}"#.to_string(),
398 }
399 }
400 };
401 ("200 OK", "application/json", body)
402 }
403 "/" | "/index.html" => {
404 let mut html = DASHBOARD_HTML.to_string();
405 if let Some(ref tok) = query_token {
406 let script = format!(
407 "<script>window.__LEAN_CTX_TOKEN__=\"{}\";</script>",
408 tok.replace('"', "")
409 );
410 html = html.replacen("<head>", &format!("<head>{script}"), 1);
411 } else if let Some(ref t) = token {
412 let script = format!(
413 "<script>window.__LEAN_CTX_TOKEN__=\"{}\";</script>",
414 t.as_str()
415 );
416 html = html.replacen("<head>", &format!("<head>{script}"), 1);
417 }
418 ("200 OK", "text/html; charset=utf-8", html)
419 }
420 "/favicon.ico" => ("204 No Content", "text/plain", String::new()),
421 _ => ("404 Not Found", "text/plain", "Not Found".to_string()),
422 }
423}
424
425fn check_auth(request: &str, expected_token: &str) -> bool {
426 for line in request.lines() {
427 let lower = line.to_lowercase();
428 if lower.starts_with("authorization:") {
429 let value = line["authorization:".len()..].trim();
430 if let Some(token) = value.strip_prefix("Bearer ") {
431 return token.trim() == expected_token;
432 }
433 if let Some(token) = value.strip_prefix("bearer ") {
434 return token.trim() == expected_token;
435 }
436 }
437 }
438 false
439}
440
441fn extract_query_param(qs: &str, key: &str) -> Option<String> {
442 for pair in qs.split('&') {
443 let (k, v) = match pair.split_once('=') {
444 Some(kv) => kv,
445 None => continue,
446 };
447 if k == key {
448 return Some(percent_decode_query_component(v));
449 }
450 }
451 None
452}
453
454fn percent_decode_query_component(s: &str) -> String {
455 let mut out: Vec<u8> = Vec::with_capacity(s.len());
456 let b = s.as_bytes();
457 let mut i = 0;
458 while i < b.len() {
459 match b[i] {
460 b'+' => {
461 out.push(b' ');
462 i += 1;
463 }
464 b'%' if i + 2 < b.len() => {
465 let h1 = (b[i + 1] as char).to_digit(16);
466 let h2 = (b[i + 2] as char).to_digit(16);
467 if let (Some(a), Some(d)) = (h1, h2) {
468 out.push(((a << 4) | d) as u8);
469 i += 3;
470 } else {
471 out.push(b'%');
472 i += 1;
473 }
474 }
475 _ => {
476 out.push(b[i]);
477 i += 1;
478 }
479 }
480 }
481 String::from_utf8_lossy(&out).into_owned()
482}
483
484fn compression_mode_json(output: &str, original_tokens: usize) -> serde_json::Value {
485 let tokens = crate::core::tokens::count_tokens(output);
486 let savings_pct = if original_tokens > 0 {
487 ((original_tokens.saturating_sub(tokens)) as f64 / original_tokens as f64 * 100.0).round()
488 as i64
489 } else {
490 0
491 };
492 serde_json::json!({
493 "output": output,
494 "tokens": tokens,
495 "savings_pct": savings_pct
496 })
497}
498
499fn compression_demo_modes_json(
500 content: &str,
501 path: &str,
502 ext: &str,
503 original_tokens: usize,
504 task: Option<&str>,
505) -> serde_json::Value {
506 let map_out = crate::core::signatures::extract_file_map(path, content);
507 let sig_out = crate::core::signatures::extract_signatures(content, ext)
508 .iter()
509 .map(|s| s.to_compact())
510 .collect::<Vec<_>>()
511 .join("\n");
512 let aggressive_out = crate::core::filters::aggressive_filter(content);
513 let entropy_out = crate::core::entropy::entropy_compress_adaptive(content, path).output;
514
515 let mut cache = crate::core::cache::SessionCache::new();
516 let reference_out =
517 crate::tools::ctx_read::handle(&mut cache, path, "reference", crate::tools::CrpMode::Off);
518 let task_out = task.filter(|t| !t.trim().is_empty()).map(|t| {
519 crate::tools::ctx_read::handle_with_task(
520 &mut cache,
521 path,
522 "task",
523 crate::tools::CrpMode::Off,
524 Some(t),
525 )
526 });
527
528 serde_json::json!({
529 "map": compression_mode_json(&map_out, original_tokens),
530 "signatures": compression_mode_json(&sig_out, original_tokens),
531 "reference": compression_mode_json(&reference_out, original_tokens),
532 "aggressive": compression_mode_json(&aggressive_out, original_tokens),
533 "entropy": compression_mode_json(&entropy_out, original_tokens),
534 "task": task_out.as_deref().map(|s| compression_mode_json(s, original_tokens)).unwrap_or(serde_json::Value::Null),
535 })
536}
537
538fn bm25_index_summary_json(index: &crate::core::vector_index::BM25Index) -> serde_json::Value {
539 let mut sorted: Vec<&crate::core::vector_index::CodeChunk> = index.chunks.iter().collect();
540 sorted.sort_by_key(|c| std::cmp::Reverse(c.token_count));
541 let top: Vec<serde_json::Value> = sorted
542 .into_iter()
543 .take(20)
544 .map(|c| {
545 serde_json::json!({
546 "file_path": c.file_path,
547 "symbol_name": c.symbol_name,
548 "token_count": c.token_count,
549 "kind": c.kind,
550 "start_line": c.start_line,
551 "end_line": c.end_line,
552 })
553 })
554 .collect();
555 let mut lang: HashMap<String, usize> = HashMap::new();
556 for c in &index.chunks {
557 let e = std::path::Path::new(&c.file_path)
558 .extension()
559 .and_then(|e| e.to_str())
560 .unwrap_or("")
561 .to_string();
562 *lang.entry(e).or_default() += 1;
563 }
564 serde_json::json!({
565 "doc_count": index.doc_count,
566 "chunk_count": index.chunks.len(),
567 "top_chunks_by_token_count": top,
568 "language_distribution": lang,
569 })
570}
571
572fn build_heatmap_json(index: &crate::core::graph_index::ProjectIndex) -> String {
573 let mut connection_counts: std::collections::HashMap<String, usize> =
574 std::collections::HashMap::new();
575 for edge in &index.edges {
576 *connection_counts.entry(edge.from.clone()).or_default() += 1;
577 *connection_counts.entry(edge.to.clone()).or_default() += 1;
578 }
579
580 let max_tokens = index
581 .files
582 .values()
583 .map(|f| f.token_count)
584 .max()
585 .unwrap_or(1) as f64;
586 let max_connections = connection_counts.values().max().copied().unwrap_or(1) as f64;
587
588 let mut entries: Vec<serde_json::Value> = index
589 .files
590 .values()
591 .map(|f| {
592 let connections = connection_counts.get(&f.path).copied().unwrap_or(0);
593 let token_norm = f.token_count as f64 / max_tokens;
594 let conn_norm = connections as f64 / max_connections;
595 let heat = token_norm * 0.4 + conn_norm * 0.6;
596 serde_json::json!({
597 "path": f.path,
598 "tokens": f.token_count,
599 "connections": connections,
600 "language": f.language,
601 "heat": (heat * 100.0).round() / 100.0,
602 })
603 })
604 .collect();
605
606 entries.sort_by(|a, b| {
607 b["heat"]
608 .as_f64()
609 .unwrap_or(0.0)
610 .partial_cmp(&a["heat"].as_f64().unwrap_or(0.0))
611 .unwrap()
612 });
613
614 serde_json::to_string(&entries).unwrap_or_else(|_| "[]".to_string())
615}
616
617fn build_agents_json() -> String {
618 let registry = crate::core::agents::AgentRegistry::load_or_create();
619 let agents: Vec<serde_json::Value> = registry
620 .agents
621 .iter()
622 .filter(|a| a.status != crate::core::agents::AgentStatus::Finished)
623 .map(|a| {
624 let age_min = (chrono::Utc::now() - a.last_active).num_minutes();
625 serde_json::json!({
626 "id": a.agent_id,
627 "type": a.agent_type,
628 "role": a.role,
629 "status": format!("{}", a.status),
630 "status_message": a.status_message,
631 "last_active_minutes_ago": age_min,
632 "pid": a.pid
633 })
634 })
635 .collect();
636
637 let pending_msgs = registry.scratchpad.len();
638
639 let shared_dir = crate::core::data_dir::lean_ctx_data_dir()
640 .unwrap_or_else(|_| dirs::home_dir().unwrap_or_default().join(".lean-ctx"))
641 .join("agents")
642 .join("shared");
643 let shared_count = if shared_dir.exists() {
644 std::fs::read_dir(&shared_dir)
645 .map(|rd| rd.count())
646 .unwrap_or(0)
647 } else {
648 0
649 };
650
651 serde_json::json!({
652 "agents": agents,
653 "total_active": agents.len(),
654 "pending_messages": pending_msgs,
655 "shared_contexts": shared_count
656 })
657 .to_string()
658}
659
660fn detect_project_root_for_dashboard() -> String {
661 if let Some(session) = crate::core::session::SessionState::load_latest() {
664 if let Some(root) = session.project_root.as_deref() {
665 if !root.trim().is_empty() {
666 return promote_to_git_root(root);
667 }
668 }
669 if let Some(cwd) = session.shell_cwd.as_deref() {
670 if !cwd.trim().is_empty() {
671 let r = crate::core::protocol::detect_project_root_or_cwd(cwd);
672 return promote_to_git_root(&r);
673 }
674 }
675 if let Some(last) = session.files_touched.last() {
676 if !last.path.trim().is_empty() {
677 if let Some(parent) = Path::new(&last.path).parent() {
678 let p = parent.to_string_lossy().to_string();
679 let r = crate::core::protocol::detect_project_root_or_cwd(&p);
680 return promote_to_git_root(&r);
681 }
682 }
683 }
684 }
685
686 let cwd = std::env::current_dir()
687 .map(|p| p.to_string_lossy().to_string())
688 .unwrap_or_else(|_| ".".to_string());
689 let r = crate::core::protocol::detect_project_root_or_cwd(&cwd);
690 promote_to_git_root(&r)
691}
692
693fn promote_to_git_root(path: &str) -> String {
694 git_root_for(path).unwrap_or_else(|| path.to_string())
695}
696
697fn git_root_for(path: &str) -> Option<String> {
698 let mut p = Path::new(path);
699 loop {
700 let git = p.join(".git");
701 if git.exists() {
702 return Some(p.to_string_lossy().to_string());
703 }
704 p = p.parent()?;
705 }
706}
707
708#[cfg(test)]
709mod tests {
710 use super::*;
711
712 #[test]
713 fn check_auth_with_valid_bearer() {
714 let req = "GET /api/stats HTTP/1.1\r\nAuthorization: Bearer lctx_abc123\r\n\r\n";
715 assert!(check_auth(req, "lctx_abc123"));
716 }
717
718 #[test]
719 fn check_auth_with_invalid_bearer() {
720 let req = "GET /api/stats HTTP/1.1\r\nAuthorization: Bearer wrong_token\r\n\r\n";
721 assert!(!check_auth(req, "lctx_abc123"));
722 }
723
724 #[test]
725 fn check_auth_missing_header() {
726 let req = "GET /api/stats HTTP/1.1\r\nHost: localhost\r\n\r\n";
727 assert!(!check_auth(req, "lctx_abc123"));
728 }
729
730 #[test]
731 fn check_auth_lowercase_bearer() {
732 let req = "GET /api/stats HTTP/1.1\r\nauthorization: bearer lctx_abc123\r\n\r\n";
733 assert!(check_auth(req, "lctx_abc123"));
734 }
735
736 #[test]
737 fn query_token_parsing() {
738 let raw_path = "/index.html?token=lctx_abc123&other=val";
739 let idx = raw_path.find('?').unwrap();
740 let qs = &raw_path[idx + 1..];
741 let tok = qs.split('&').find_map(|pair| pair.strip_prefix("token="));
742 assert_eq!(tok, Some("lctx_abc123"));
743 }
744
745 #[test]
746 fn api_path_detection() {
747 assert!("/api/stats".starts_with("/api/"));
748 assert!("/api/version".starts_with("/api/"));
749 assert!(!"/".starts_with("/api/"));
750 assert!(!"/index.html".starts_with("/api/"));
751 assert!(!"/favicon.ico".starts_with("/api/"));
752 }
753}