Upload folder using huggingface_hub

TASKS.md

@@ -16,13 +16,13 @@ Legend:
 ## P1 — Backend refactor + lifecycle
 - [x] Refactor backend into modules under `app/` and keep `uvicorn main:app` working.
 - [x] Add FastAPI lifespan management for MCP subprocess and device-login cleanup.
-- [ ] Unify Codex integration further (decide SDK vs CLI as primary, remove redundant paths if safe).
+- [x] Unify Codex integration (CLI-first for device-auth consistency).
 - [ ] Standardize API error schema across endpoints (single shape for UI).
 
 ## P2 — UI/UX, settings, admin, landing
 - [x] Landing + route split (`/` landing, `/login`, `/app`) and UI redirects updated.
 - [x] Split `static/dashboard.html` into JS/CSS files (`static/dashboard.js`, `static/dashboard.css`).
-- [~] Theme tokens shared across login + dashboard (single source of truth via `static/theme.css`).
+- [x] Theme tokens shared across login + dashboard (single source of truth via `static/theme.css`).
 - [~] Separate Settings vs Admin dashboard (admin section scaffolded; full dedicated pages pending).
 
 ## P2 — Provider auth parity (Codex/Gemini/Claude)
@@ -38,13 +38,13 @@ Legend:
 ## P2 — Stream Codex events in Agent mode
 - [x] Use `/api/codex/cli/stream` for agent execution.
 - [x] UI renders streaming events + partial text (agent mode and chat target).
-- [ ] Stop/reconnect improvements (resume stream after transient disconnects).
+- [~] Stop/reconnect improvements (stop kills subprocess; resume still pending).
 
 ## P2/P3 — MCP registry
 - [~] First-class MCP registry storage (per-user persistence via backend).
 - [~] Admin-managed MCP templates (server-side persisted).
-- [ ] “Test connection”, “list tools”, tool allow/deny UI (SSRF-safe).
-- [ ] Import/export `mcp.json` via UI with validation.
+- [~] “Test connection”, “list tools”, tool allow/deny UI (SSRF-safe).
+- [x] Import/export `mcp.json` via UI with validation.
 
 ## P3 — RAG + indexing (docs/web/GitHub) + “password manager”
 - [ ] Clarify “password manager” scope and threat model.

app/routes/codex.py

@@ -215,9 +215,33 @@ async def codex_agent_cli_stream(request: CodexRequest, http_request: Request):
 
                 async for b in emit(event):
                     yield b
+        except asyncio.CancelledError:
+            # Client disconnected (e.g. user pressed Stop). Ensure the subprocess doesn't keep running.
+            try:
+                proc.terminate()
+            except ProcessLookupError:
+                pass
+            try:
+                await asyncio.wait_for(proc.wait(), timeout=3)
+            except Exception:
+                try:
+                    proc.kill()
+                except ProcessLookupError:
+                    pass
+                try:
+                    await proc.wait()
+                except Exception:
+                    pass
+            raise
         finally:
-            await proc.wait()
-            err_text = (await proc.stderr.read()).decode("utf-8", errors="ignore").strip()
+            try:
+                await proc.wait()
+            except Exception:
+                pass
+            try:
+                err_text = (await proc.stderr.read()).decode("utf-8", errors="ignore").strip()
+            except Exception:
+                err_text = ""
             if proc.returncode != 0 and err_text:
                 async for b in emit({"type": "stderr", "message": err_text, "returnCode": proc.returncode}):
                     yield b

docs/TROUBLESHOOTING.md

@@ -31,6 +31,13 @@ Mitigations:
 - Switch to the Terminal view after the page fully loads.
 - Resize the browser window once to trigger a refit.
 
+## MCP “Test” fails even though the server is up
+
+The Settings → MCP “Test” button runs from your browser, so it is subject to CORS and network access from the client.
+
+Also note:
+- `mcp.json` import only accepts `http://` / `https://` URLs.
+
 ## PTY allocation failed
 
 If the backend prints `PTY allocation failed`, the runtime likely lacks `/dev/pts` or has exhausted PTYs.

static/dashboard.css

@@ -1,30 +1,3 @@
-/* Common background utility overrides for light mode */
-[data-theme="light"] .bg-gray-900 { background-color: var(--panel-bg-2) !important; }
-[data-theme="light"] .bg-gray-800 { background-color: var(--panel-bg) !important; }
-[data-theme="light"] .bg-black { background-color: #0b1220 !important; }
-[data-theme="light"] #terminal-view { background-color: var(--panel-bg-2) !important; }
-[data-theme="light"] .border-gray-700 { border-color: var(--border) !important; }
-[data-theme="light"] .border-gray-600 { border-color: var(--border) !important; }
-
-/* Text utility overrides for light mode */
-[data-theme="light"] .text-white { color: var(--app-fg) !important; }
-[data-theme="light"] .text-gray-300 { color: rgba(15, 23, 42, 0.92) !important; }
-[data-theme="light"] .text-gray-400 { color: rgba(15, 23, 42, 0.78) !important; }
-[data-theme="light"] .text-gray-500 { color: rgba(15, 23, 42, 0.66) !important; }
-[data-theme="light"] .text-gray-200 { color: rgba(15, 23, 42, 0.96) !important; }
-
-[data-theme="light"] a { color: #1d4ed8; }
-[data-theme="light"] .prose a { color: #1d4ed8; }
-
-/* Inputs in light mode */
-[data-theme="light"] input,
-[data-theme="light"] textarea,
-[data-theme="light"] select {
-    background-color: #ffffff !important;
-    color: var(--app-fg) !important;
-    border-color: var(--border) !important;
-}
-
 /* Chat bubbles in light mode */
 [data-theme="light"] .user-message {
     background-color: rgba(37, 99, 235, 0.10);
@@ -58,7 +31,7 @@
 }
 
 ::-webkit-scrollbar-track {
-    bg: #1f2937;
+    background: #1f2937;
 }
 
 ::-webkit-scrollbar-thumb {
@@ -102,6 +75,25 @@
     border-radius: 0.35rem;
 }
 
+[data-theme="light"] .chat-message pre {
+    background: rgba(15, 23, 42, 0.04);
+}
+
+[data-theme="light"] .chat-message pre code,
+[data-theme="light"] .chat-message code,
+[data-theme="light"] .chat-message :not(pre) > code {
+    color: rgba(2, 6, 23, 0.92) !important;
+}
+
+[data-theme="light"] .chat-message :not(pre) > code {
+    background: rgba(15, 23, 42, 0.04);
+    border-color: rgba(2, 6, 23, 0.12);
+}
+
+[data-theme="light"] .copy-btn {
+    background: rgba(2, 6, 23, 0.70);
+}
+
 /* Tailwind typography adds backticks via pseudo-elements; disable to avoid confusion. */
 .chat-message.prose code::before,
 .chat-message.prose code::after {

static/dashboard.js

@@ -2228,18 +2228,42 @@ let supabase;
         }
 
         async function importMcpConfigFromFile(file) {
+            if (!file) throw new Error('No file provided');
+            if (file.size > 1_000_000) throw new Error('mcp.json too large (max 1MB)');
             const text = await file.text();
-            const parsed = JSON.parse(text);
+            const parsed = JSON.parse(text || '{}');
+            if (parsed?.version != null && Number(parsed.version) !== 1) {
+                throw new Error('Unsupported mcp.json version');
+            }
             const servers = Array.isArray(parsed?.servers) ? parsed.servers : [];
-            const normalized = servers.map((s) => ({
-                id: s.id || (crypto.randomUUID ? crypto.randomUUID() : String(Date.now())),
-                name: s.name || s.id || 'mcp-server',
-                url: s.url || '',
-                apiKey: s?.auth?.apiKey || '',
-                token: s?.auth?.token || '',
-                headersJson: JSON.stringify(s.headers || {}, null, 2),
-                toolsJson: JSON.stringify(s.tools || [], null, 2)
-            })).filter((s) => s.url);
+            const normalized = servers
+                .filter((s) => s && typeof s === 'object')
+                .map((s) => {
+                    const rawUrl = String(s.url || '').trim();
+                    const urlOk = /^https?:\/\//i.test(rawUrl);
+                    const id = String(s.id || '').trim() || (crypto.randomUUID ? crypto.randomUUID() : String(Date.now()));
+                    const name = String(s.name || s.id || 'mcp-server').trim().slice(0, 80);
+
+                    const auth = s.auth && typeof s.auth === 'object' ? s.auth : {};
+                    const apiKey = String(auth.apiKey || '').trim();
+                    const token = String(auth.token || '').trim();
+
+                    const headers = s.headers && typeof s.headers === 'object' && !Array.isArray(s.headers) ? s.headers : {};
+                    const toolsRaw = Array.isArray(s.tools) ? s.tools : [];
+                    const tools = toolsRaw.map((t) => String(t || '').trim()).filter(Boolean).slice(0, 200);
+
+                    return {
+                        id,
+                        name,
+                        url: urlOk ? rawUrl : '',
+                        apiKey,
+                        token,
+                        headersJson: JSON.stringify(headers, null, 2),
+                        toolsJson: JSON.stringify(tools, null, 2),
+                    };
+                })
+                .filter((s) => s.url);
+            if (!normalized.length) throw new Error('No valid servers found in mcp.json');
             saveMcpServers(normalized);
         }
 
@@ -2258,13 +2282,13 @@ let supabase;
             const statusEl = document.getElementById(statusElementId || `mcp-status-${id}`);
             const server = loadMcpServers().find(s => s.id === id);
             if (!server) return;
-            statusEl.textContent = 'Testing...';
+            if (statusEl) statusEl.textContent = 'Testing...';
 
             let extraHeaders = {};
             try {
                 extraHeaders = server.headersJson ? JSON.parse(server.headersJson) : {};
             } catch (e) {
-                statusEl.textContent = 'Invalid headers JSON';
+                if (statusEl) statusEl.textContent = 'Invalid headers JSON';
                 return;
             }
 
@@ -2276,9 +2300,9 @@ let supabase;
 
             try {
                 const res = await fetch(server.url, { method: 'GET', headers });
-                statusEl.textContent = `HTTP ${res.status}`;
+                if (statusEl) statusEl.textContent = `HTTP ${res.status}`;
             } catch (e) {
-                statusEl.textContent = `Error: ${e.message}`;
+                if (statusEl) statusEl.textContent = `Error: ${e.message}`;
             }
         }
 
@@ -2366,12 +2390,7 @@ let supabase;
             });
         }
 
-        // --- Provider & Models (Restored) ---
-        // (Assuming existing loadProviders/saveProvider/deleteProvider/fetchModels are preserved or need re-insertion if overwritten. 
-        //  The previous replacement block was huge, let's verify if they were cut off. 
-        //  Actually, the replacement block ended at `// ... [Include Chat/Provider JS here]`. 
-        //  So I must re-add them now.)
-
+        // --- Provider & Models ---
         async function fetchModels({ quiet = true } = {}) {
             const apiKey = document.getElementById('chat-api-key')?.value || '';
             const baseUrl = document.getElementById('chat-base-url')?.value || '';