New Features

server/chatStream.js

@@ -6,6 +6,8 @@ import { LIGHTNING_BASE } from "./config.js";
 import WebSocket from "ws";
 import crypto from "crypto";
 import { encoding_for_model } from "tiktoken";
+import { mediaStore } from "./mediaStore.js";
+import { memoryStore } from "./memoryStore.js";
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const WORKER_PATH = path.join(__dirname, "searchWorker.js");
@@ -142,6 +144,7 @@ const SYSTEM_PROMPT =
   "Treat that content as available context and use the provided tools to inspect it before concluding something is absent. " +
   "Use `list_prompt_resources` to find staged resources, `read_prompt_chunk` to read staged text exactly, `load_prompt_images` to inspect staged images, and `write_notes` to keep a compact memory after reading several chunks. " +
   "Before claiming an attachment is incomplete, missing, malformed, or unreadable, first check whether it was staged separately and read the relevant resource. " +
+  "Persistent memories must stay short, concrete, and durable. Only save memories that will still help in future chats, and keep each one to a brief sentence or phrase. " +
   "Your HIGHEST PRIORITY is to help the user. ALWAYS HELP THEM WITH ANYTHING ETHICALLY RIGHT.\n\n" +
   "SESSION NAMING: After you have fully responded to the user, append a session name tag on its own line at the very end of your response (NEVER inside a code block). Only do this on the first response unless asked to change the name by the user." +
   "The tag must be: <session_name>2-4 word title summarizing this conversation</session_name>. " +
@@ -837,7 +840,28 @@ function prepareCurrentUserContext(userMessage, state) {
   return { contextMessages, userMessages };
 }
 
-function buildBasePromptMessages({ sessionId, history, userMessage }) {
+function buildMemorySystemMessages(memories = [], sessionName = "") {
+  const messages = [];
+  if (sessionName) {
+    messages.push({
+      role: "system",
+      content: `Current session name: "${sessionName}". This is hidden metadata and may help with continuity if the user references the chat title.`,
+    });
+  }
+  if (memories.length) {
+    messages.push({
+      role: "system",
+      content: [
+        "Persistent memories from earlier chats:",
+        ...memories.map((memory, index) => `${index + 1}. ${memory.content}`),
+        "Treat these as concise background notes. If one is outdated or wrong, prefer the user's current message.",
+      ].join("\n"),
+    });
+  }
+  return messages;
+}
+
+function buildBasePromptMessages({ sessionId, history, userMessage, memories = [], sessionName = "" }) {
   const state = createPromptState(sessionId);
   const normalizedHistory = history.map(normalizeMessage).filter(Boolean);
   const { summaryMessages, recentMessages } = prepareHistoryContext(normalizedHistory, state);
@@ -845,6 +869,7 @@ function buildBasePromptMessages({ sessionId, history, userMessage }) {
 
   return [
     { role: "system", content: SYSTEM_PROMPT },
+    ...buildMemorySystemMessages(memories, sessionName),
     ...summaryMessages,
     ...recentMessages,
     ...contextMessages,
@@ -1202,6 +1227,8 @@ export async function streamChat({
   history = [],
   userMessage,
   tools,
+  owner = null,
+  sessionName = "",
   accessToken,
   clientId,
   onToken = () => {},
@@ -1209,10 +1236,18 @@ export async function streamChat({
   onError = () => {},
   onToolCall = () => {},
   onNewAsset = () => {},
+  onDraftEdit = () => {},
   abortSignal,
 }) {
   const enabledTools = buildToolList(tools);
-  const baseMessages = buildBasePromptMessages({ sessionId, history, userMessage });
+  const memories = owner ? await memoryStore.list(owner).catch(() => []) : [];
+  const baseMessages = buildBasePromptMessages({
+    sessionId,
+    history,
+    userMessage,
+    memories,
+    sessionName,
+  });
 
   const headers = {
     ...(accessToken ? { Authorization: `Bearer ${accessToken}` } : {}),
@@ -1225,6 +1260,8 @@ export async function streamChat({
     let finished = false;
     const workingMessages = [];
     const allToolCalls = [];
+    const draftState = { text: "" };
+    const responseEdits = [];
 
     while (!finished && agentStep < MAX_AGENT_STEPS) {
       const effectiveMessages = buildModelMessages(baseMessages, workingMessages, sessionId);
@@ -1243,6 +1280,7 @@ export async function streamChat({
       );
 
       assistantText += stepText;
+      draftState.text = assistantText;
 
       if (toolCalls.length > 0) {
         allToolCalls.push(...toolCalls);
@@ -1256,12 +1294,19 @@ export async function streamChat({
           sessionId,
           toolCalls,
           tools,
+          owner,
           accessToken,
           clientId,
           abortSignal,
+          draftState,
           onToolCall,
-          onNewAsset
+          onNewAsset,
+          onDraftEdit(edit, text) {
+            responseEdits.push(edit);
+            onDraftEdit(edit, text);
+          },
         });
+        assistantText = draftState.text || assistantText;
         workingMessages.push(...nextMessages);
 
         agentStep++;
@@ -1296,6 +1341,7 @@ export async function streamChat({
 
       if (finalStepText) {
         assistantText += finalStepText;
+        draftState.text = assistantText;
         workingMessages.push({ role: "assistant", content: finalStepText });
       }
       finished = true;
@@ -1308,7 +1354,7 @@ export async function streamChat({
     const sessionName = extractSessionName(assistantText);
 
     if (typeof onDone === "function") {
-      onDone(assistantText, allToolCalls, false, sessionName);
+      onDone(assistantText, allToolCalls, false, sessionName, responseEdits);
     }
 
     clearPromptState(sessionId);
@@ -1419,6 +1465,67 @@ function buildToolList(tools) {
       parameters: { type: "object", properties: { note: { type: "string" } }, required: ["note"] }
     }
   });
+  list.push({
+    type: "function",
+    function: {
+      name: "list_memories",
+      description: "List the currently saved persistent memories for this user.",
+      parameters: {
+        type: "object",
+        properties: {},
+      },
+    },
+  });
+  list.push({
+    type: "function",
+    function: {
+      name: "save_memory",
+      description: "Save a short persistent memory that may help in future chats. Keep it brief and only use this for durable user preferences or facts.",
+      parameters: {
+        type: "object",
+        properties: {
+          content: { type: "string", description: "A short durable memory, ideally one sentence or shorter." },
+        },
+        required: ["content"],
+      },
+    },
+  });
+  list.push({
+    type: "function",
+    function: {
+      name: "delete_memory",
+      description: "Delete a previously saved persistent memory when it is outdated or incorrect.",
+      parameters: {
+        type: "object",
+        properties: {
+          memory_id: { type: "string", description: "The memory id to delete." },
+        },
+        required: ["memory_id"],
+      },
+    },
+  });
+  list.push({
+    type: "function",
+    function: {
+      name: "edit_response_draft",
+      description: "Revise text that was already streamed to the user. Use this to correct or remove visible text that has already appeared.",
+      parameters: {
+        type: "object",
+        properties: {
+          operation: {
+            type: "string",
+            enum: ["replace_all", "replace_last_match", "delete_last_match", "delete_last_chars", "append", "clear"],
+          },
+          text: { type: "string", description: "Replacement text for replace_all or text to append." },
+          target_text: { type: "string", description: "Exact text to replace or delete for match-based operations." },
+          replacement_text: { type: "string", description: "Replacement text for replace_last_match." },
+          count: { type: "number", description: "Character count for delete_last_chars." },
+          reason: { type: "string", description: "Brief reason for the visible edit." },
+        },
+        required: ["operation"],
+      },
+    },
+  });
   if (config.webSearch) {
     list.push({
       type: "function",
@@ -1528,15 +1635,51 @@ function normalizeRequestedImageIndexes(args, resource) {
   return indexes;
 }
 
+function applyResponseDraftEdit(currentText, args = {}) {
+  const source = String(currentText || "");
+  const operation = args.operation;
+  switch (operation) {
+    case "replace_all":
+      return String(args.text || "");
+    case "append":
+      return source + String(args.text || "");
+    case "clear":
+      return "";
+    case "replace_last_match": {
+      const target = String(args.target_text || "");
+      if (!target) return source;
+      const idx = source.lastIndexOf(target);
+      if (idx === -1) return source;
+      return source.slice(0, idx) + String(args.replacement_text || "") + source.slice(idx + target.length);
+    }
+    case "delete_last_match": {
+      const target = String(args.target_text || "");
+      if (!target) return source;
+      const idx = source.lastIndexOf(target);
+      if (idx === -1) return source;
+      return source.slice(0, idx) + source.slice(idx + target.length);
+    }
+    case "delete_last_chars": {
+      const count = Math.max(0, Number(args.count) || 0);
+      return source.slice(0, Math.max(0, source.length - count));
+    }
+    default:
+      return source;
+  }
+}
+
 async function processToolCalls({
   sessionId,
   toolCalls,
   tools,
+  owner,
   accessToken,
   clientId,
   abortSignal,
+  draftState,
   onToolCall,
   onNewAsset,
+  onDraftEdit,
 }) {
   const nextMessages = [];
   const authHeaders = {};
@@ -1641,6 +1784,52 @@ async function processToolCalls({
         result = "Note stored for the rest of this response.";
       }
 
+      else if (toolName === "list_memories") {
+        const memories = owner ? await memoryStore.list(owner) : [];
+        result = JSON.stringify(memories, null, 2);
+      }
+
+      else if (toolName === "save_memory") {
+        const memory = owner
+          ? await memoryStore.create(owner, {
+              content: args.content,
+              sessionId,
+              source: "assistant",
+            })
+          : null;
+        result = memory
+          ? `Saved memory ${memory.id}: ${memory.content}`
+          : "Memory was empty or could not be saved.";
+      }
+
+      else if (toolName === "delete_memory") {
+        const ok = owner ? await memoryStore.delete(owner, args.memory_id) : false;
+        result = ok ? `Deleted memory ${args.memory_id}.` : `Memory ${args.memory_id} was not found.`;
+      }
+
+      else if (toolName === "edit_response_draft") {
+        const before = draftState?.text || "";
+        const after = applyResponseDraftEdit(before, args);
+        if (draftState) draftState.text = after;
+        const edit = {
+          operation: args.operation,
+          reason: String(args.reason || "").trim() || "Model revised its draft.",
+          before,
+          after,
+          timestamp: Date.now(),
+        };
+        if (before !== after) {
+          onDraftEdit(edit, after);
+          result = [
+            `Draft updated. The visible response now has ${after.length} character(s).`,
+            "Visible draft:",
+            (after || "[empty]").slice(-4000),
+          ].join("\n\n");
+        } else {
+          result = "Draft edit made no visible change.";
+        }
+      }
+
       else if (toolName === "ollama_search") {
         result = await gradioSearch(args.query);
       }
@@ -1674,9 +1863,15 @@ async function processToolCalls({
         if (res.ok) {
           const buf = await res.arrayBuffer();
           const ct = res.headers.get("content-type") || "image/png";
-          const b64 = Buffer.from(buf).toString("base64");
-          const dataUrl = `data:${ct};base64,${b64}`;
-          onNewAsset({ role: "image", content: dataUrl });
+          const stored = await mediaStore.storeBuffer(owner, {
+            name: `generated-image-${Date.now()}.${ct.includes("svg") ? "svg" : ct.split("/")[1] || "png"}`,
+            mimeType: ct,
+            buffer: Buffer.from(buf),
+            sessionId,
+            source: "assistant_generated",
+            kind: "image",
+          });
+          onNewAsset({ id: stored.id, role: "image", mimeType: ct, name: stored.name });
           result = "Image generated successfully and shown to the user.";
         } else if (res.status == 402) {
           result = "An upgraded plan is required for higher limits.";
@@ -1702,9 +1897,16 @@ async function processToolCalls({
         });
         if (res.ok) {
           const buf = await res.arrayBuffer();
-          const b64 = Buffer.from(buf).toString("base64");
-          const dataUrl = `data:video/mp4;base64,${b64}`;
-          onNewAsset({ role: "video", content: dataUrl });
+          const contentType = res.headers.get("content-type") || "video/mp4";
+          const stored = await mediaStore.storeBuffer(owner, {
+            name: `generated-video-${Date.now()}.${contentType.split("/")[1] || "mp4"}`,
+            mimeType: contentType,
+            buffer: Buffer.from(buf),
+            sessionId,
+            source: "assistant_generated",
+            kind: "video",
+          });
+          onNewAsset({ id: stored.id, role: "video", mimeType: contentType, name: stored.name });
           result = "Video generated successfully and shown to the user.";
         } else if (res.status == 402) {
           result = "An upgraded plan is required for higher limits.";
@@ -1724,9 +1926,16 @@ async function processToolCalls({
         });
         if (res.ok) {
           const buf = await res.arrayBuffer();
-          const b64 = Buffer.from(buf).toString("base64");
-          const dataUrl = `data:audio/mpeg;base64,${b64}`;
-          onNewAsset({ role: "audio", content: dataUrl });
+          const contentType = res.headers.get("content-type") || "audio/mpeg";
+          const stored = await mediaStore.storeBuffer(owner, {
+            name: `generated-audio-${Date.now()}.${contentType.split("/")[1] || "mp3"}`,
+            mimeType: contentType,
+            buffer: Buffer.from(buf),
+            sessionId,
+            source: "assistant_generated",
+            kind: "audio",
+          });
+          onNewAsset({ id: stored.id, role: "audio", mimeType: contentType, name: stored.name });
           result = "Audio generated successfully and shown to the user.";
         } else if (res.status == 429) {
           result = "Too many requests. Try again later.";
@@ -1747,5 +1956,5 @@ async function processToolCalls({
     });
   }
 
-  return { nextMessages };
+  return { nextMessages, draftText: draftState?.text || "" };
 }

server/chatTrashStore.js

@@ -0,0 +1,149 @@
+import crypto from 'crypto';
+import path from 'path';
+import { loadEncryptedJson, saveEncryptedJson } from './cryptoUtils.js';
+
+const DATA_ROOT = '/data/deleted_chats';
+const INDEX_FILE = path.join(DATA_ROOT, 'index.json');
+const RETENTION_MS = 30 * 24 * 60 * 60 * 1000;
+
+const state = {
+  loaded: false,
+  index: {
+    deletedChats: {},
+  },
+};
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function ensureOwner(owner) {
+  if (!owner?.type || !owner?.id) throw new Error('Invalid deleted chat owner');
+  return owner;
+}
+
+async function ensureLoaded() {
+  if (state.loaded) return;
+  const stored = await loadEncryptedJson(INDEX_FILE);
+  state.index = {
+    deletedChats: stored?.deletedChats || {},
+  };
+  state.loaded = true;
+  await thisStore.purgeExpired();
+}
+
+async function saveIndex() {
+  await saveEncryptedJson(INDEX_FILE, state.index);
+}
+
+function matchesOwner(record, owner) {
+  return record.ownerType === owner.type && record.ownerId === owner.id;
+}
+
+function sanitize(record) {
+  return {
+    id: record.id,
+    originalSessionId: record.originalSessionId,
+    name: record.name,
+    deletedAt: record.deletedAt,
+    purgeAt: record.purgeAt,
+    created: record.created,
+  };
+}
+
+const thisStore = {
+  async add(owner, sessionSnapshot) {
+    ensureOwner(owner);
+    await ensureLoaded();
+
+    const sessionId = sessionSnapshot?.id;
+    if (!sessionId) return null;
+
+    for (const record of Object.values(state.index.deletedChats)) {
+      if (
+        record.originalSessionId === sessionId &&
+        record.ownerType === owner.type &&
+        record.ownerId === owner.id
+      ) {
+        record.sessionSnapshot = sessionSnapshot;
+        record.name = sessionSnapshot.name || 'Deleted Chat';
+        record.created = sessionSnapshot.created || Date.now();
+        record.deletedAt = nowIso();
+        record.purgeAt = new Date(Date.now() + RETENTION_MS).toISOString();
+        await saveIndex();
+        return sanitize(record);
+      }
+    }
+
+    const deleted = {
+      id: crypto.randomUUID(),
+      originalSessionId: sessionId,
+      ownerType: owner.type,
+      ownerId: owner.id,
+      name: sessionSnapshot.name || 'Deleted Chat',
+      created: sessionSnapshot.created || Date.now(),
+      sessionSnapshot,
+      deletedAt: nowIso(),
+      purgeAt: new Date(Date.now() + RETENTION_MS).toISOString(),
+    };
+    state.index.deletedChats[deleted.id] = deleted;
+    await saveIndex();
+    return sanitize(deleted);
+  },
+
+  async list(owner) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    return Object.values(state.index.deletedChats)
+      .filter((record) => matchesOwner(record, owner))
+      .sort((a, b) => new Date(b.deletedAt).getTime() - new Date(a.deletedAt).getTime())
+      .map(sanitize);
+  },
+
+  async restore(owner, ids) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const restored = [];
+    for (const id of ids || []) {
+      const record = state.index.deletedChats[id];
+      if (!record || !matchesOwner(record, owner)) continue;
+      restored.push(record.sessionSnapshot);
+      delete state.index.deletedChats[id];
+    }
+    if (restored.length) await saveIndex();
+    return restored;
+  },
+
+  async deleteForever(owner, ids) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const removed = [];
+    for (const id of ids || []) {
+      const record = state.index.deletedChats[id];
+      if (!record || !matchesOwner(record, owner)) continue;
+      delete state.index.deletedChats[id];
+      removed.push(id);
+    }
+    if (removed.length) await saveIndex();
+    return removed;
+  },
+
+  async purgeExpired() {
+    if (!state.loaded) return;
+    const now = Date.now();
+    let changed = false;
+    for (const [id, record] of Object.entries(state.index.deletedChats)) {
+      if (new Date(record.purgeAt).getTime() <= now) {
+        delete state.index.deletedChats[id];
+        changed = true;
+      }
+    }
+    if (changed) await saveIndex();
+  },
+};
+
+setInterval(() => {
+  thisStore.purgeExpired().catch((err) => console.error('chatTrashStore cleanup failed:', err));
+}, 6 * 60 * 60 * 1000);
+
+export const chatTrashStore = thisStore;

server/cryptoUtils.js

@@ -2,61 +2,135 @@ import crypto from 'crypto';
 import fs from 'fs/promises';
 import path from 'path';
 
+const JSON_FORMAT_VERSION = 2;
+const BINARY_FORMAT_VERSION = 1;
 const ALGORITHM = 'aes-256-gcm';
-const KEY_LENGTH = 32; // 256 bits
-const IV_LENGTH = 16; // 128 bits for GCM
-const AUTH_TAG_LENGTH = 16; // 128 bits
+const KEY_LENGTH = 32;
+const IV_LENGTH = 12;
+const AUTH_TAG_LENGTH = 16;
 
-// Derive key from environment variable
 function getKey() {
   const keyEnv = process.env.DATA_ENCRYPTION_KEY;
   if (!keyEnv) throw new Error('DATA_ENCRYPTION_KEY environment variable not set');
-  // Use SHA-256 to derive a 32-byte key from the env var
-  return crypto.createHash('sha256').update(keyEnv).digest();
+  return crypto.createHash('sha256').update(keyEnv).digest().subarray(0, KEY_LENGTH);
 }
 
-export function encryptJson(data) {
+function normalizeAad(aad = '') {
+  if (Buffer.isBuffer(aad)) return aad;
+  return Buffer.from(String(aad || ''), 'utf8');
+}
+
+export function encryptBuffer(buffer, aad = '') {
   const key = getKey();
   const iv = crypto.randomBytes(IV_LENGTH);
-  const cipher = crypto.createCipher(ALGORITHM, key);
-  cipher.setAAD(Buffer.from('')); // Optional AAD
-
-  let encrypted = cipher.update(JSON.stringify(data), 'utf8', 'hex');
-  encrypted += cipher.final('hex');
-
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+  const aadBuffer = normalizeAad(aad);
+  if (aadBuffer.length) cipher.setAAD(aadBuffer);
+  const encrypted = Buffer.concat([cipher.update(buffer), cipher.final()]);
   const authTag = cipher.getAuthTag();
   return {
-    iv: iv.toString('hex'),
+    version: BINARY_FORMAT_VERSION,
+    iv,
+    authTag,
     encrypted,
-    authTag: authTag.toString('hex'),
   };
 }
 
-export function decryptJson(encryptedData) {
+export function decryptBuffer(payload, aad = '') {
   const key = getKey();
-  const { iv, encrypted, authTag } = encryptedData;
-  const decipher = crypto.createDecipher(ALGORITHM, key);
-  decipher.setAuthTag(Buffer.from(authTag, 'hex'));
-  decipher.setAAD(Buffer.from('')); // Match AAD
+  const iv = Buffer.isBuffer(payload?.iv) ? payload.iv : Buffer.from(payload?.iv || '', 'hex');
+  const authTag = Buffer.isBuffer(payload?.authTag)
+    ? payload.authTag
+    : Buffer.from(payload?.authTag || '', 'hex');
+  const encrypted = Buffer.isBuffer(payload?.encrypted)
+    ? payload.encrypted
+    : Buffer.from(payload?.encrypted || '', 'hex');
+
+  const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+  const aadBuffer = normalizeAad(aad);
+  if (aadBuffer.length) decipher.setAAD(aadBuffer);
+  decipher.setAuthTag(authTag);
+  return Buffer.concat([decipher.update(encrypted), decipher.final()]);
+}
 
-  let decrypted = decipher.update(encrypted, 'hex', 'utf8');
+export function packEncryptedBuffer(payload) {
+  const header = Buffer.allocUnsafe(1 + 1 + payload.iv.length + payload.authTag.length);
+  header.writeUInt8(payload.version || BINARY_FORMAT_VERSION, 0);
+  header.writeUInt8(payload.iv.length, 1);
+  payload.iv.copy(header, 2);
+  payload.authTag.copy(header, 2 + payload.iv.length);
+  return Buffer.concat([header, payload.encrypted]);
+}
+
+export function unpackEncryptedBuffer(buffer) {
+  const version = buffer.readUInt8(0);
+  if (version !== BINARY_FORMAT_VERSION) {
+    throw new Error(`Unsupported encrypted buffer version: ${version}`);
+  }
+  const ivLength = buffer.readUInt8(1);
+  const ivStart = 2;
+  const ivEnd = ivStart + ivLength;
+  const tagEnd = ivEnd + AUTH_TAG_LENGTH;
+  return {
+    version,
+    iv: buffer.subarray(ivStart, ivEnd),
+    authTag: buffer.subarray(ivEnd, tagEnd),
+    encrypted: buffer.subarray(tagEnd),
+  };
+}
+
+export async function writeEncryptedFile(filePath, buffer, aad = '') {
+  await fs.mkdir(path.dirname(filePath), { recursive: true });
+  const payload = encryptBuffer(buffer, aad);
+  await fs.writeFile(filePath, packEncryptedBuffer(payload));
+}
+
+export async function readEncryptedFile(filePath, aad = '') {
+  const packed = await fs.readFile(filePath);
+  return decryptBuffer(unpackEncryptedBuffer(packed), aad);
+}
+
+function legacyDecryptJson(encryptedData) {
+  const key = getKey();
+  const decipher = crypto.createDecipher(ALGORITHM, key);
+  decipher.setAuthTag(Buffer.from(encryptedData.authTag, 'hex'));
+  let decrypted = decipher.update(encryptedData.encrypted, 'hex', 'utf8');
   decrypted += decipher.final('utf8');
   return JSON.parse(decrypted);
 }
 
-export async function saveEncryptedJson(filePath, data) {
-  const encrypted = encryptJson(data);
+export function encryptJson(data, aad = '') {
+  const payload = encryptBuffer(Buffer.from(JSON.stringify(data), 'utf8'), aad);
+  return {
+    version: JSON_FORMAT_VERSION,
+    iv: payload.iv.toString('hex'),
+    authTag: payload.authTag.toString('hex'),
+    encrypted: payload.encrypted.toString('hex'),
+  };
+}
+
+export function decryptJson(encryptedData, aad = '') {
+  if (!encryptedData) return null;
+  if ((encryptedData.version || 0) >= JSON_FORMAT_VERSION) {
+    const decrypted = decryptBuffer(encryptedData, aad);
+    return JSON.parse(decrypted.toString('utf8'));
+  }
+  return legacyDecryptJson(encryptedData);
+}
+
+export async function saveEncryptedJson(filePath, data, aad = '') {
+  const encrypted = encryptJson(data, aad);
   await fs.mkdir(path.dirname(filePath), { recursive: true });
-  await fs.writeFile(filePath, JSON.stringify(encrypted));
+  await fs.writeFile(filePath, JSON.stringify(encrypted, null, 2), 'utf8');
 }
 
-export async function loadEncryptedJson(filePath) {
+export async function loadEncryptedJson(filePath, aad = '') {
   try {
     const content = await fs.readFile(filePath, 'utf8');
     const encrypted = JSON.parse(content);
-    return decryptJson(encrypted);
+    return decryptJson(encrypted, aad);
   } catch (err) {
-    if (err.code === 'ENOENT') return null; // File not found
+    if (err.code === 'ENOENT') return null;
     throw err;
   }
-}
+}

server/index.js

@@ -13,6 +13,8 @@ import { handleWsMessage } from './wsHandler.js';
 import { sessionStore, initStoreConfig } from './sessionStore.js';
 import { SUPABASE_URL, SUPABASE_ANON_KEY } from './config.js';
 import { safeSend } from './helpers.js';
+import { verifySupabaseToken } from './auth.js';
+import { mediaStore } from './mediaStore.js';
 
 export { SUPABASE_URL, SUPABASE_ANON_KEY };
 export { LIGHTNING_BASE, PUBLIC_URL } from './config.js';
@@ -29,6 +31,17 @@ const GITHUB_REPO = 'incognitolm/InferencePort-Pages';
 const CDN_BASE = `https://cdn.jsdelivr.net/gh/${GITHUB_REPO}`;
 let latestSHA = null;
 const ADMIN_TOKEN = process.env.ADMIN_TOKEN || 'supersecret';
+const LOCAL_UI_DIR = [
+  process.env.UI_LOCAL_PATH,
+  path.resolve(__dirname, '..', '..', 'InferencePort-Pages'),
+  path.resolve(process.cwd(), '..', 'InferencePort-Pages'),
+].filter(Boolean).find((dir) => {
+  try {
+    return fs.existsSync(path.join(dir, 'index.html'));
+  } catch {
+    return false;
+  }
+}) || null;
 
 // Rate limiter for admin endpoints (5 attempts per IP per minute)
 const verifyLimiter = rateLimit({ windowMs: 60*1000, max: 5, standardHeaders: true, legacyHeaders: false });
@@ -107,6 +120,31 @@ app.use('/api', (req, res, next) => {
   return res.status(403).json({ error: 'turnstile:required' });
 });
 
+async function getRequestOwner(req) {
+  const authHeader = req.headers.authorization || '';
+  const accessToken = authHeader.startsWith('Bearer ') ? authHeader.slice(7).trim() : '';
+  if (accessToken) {
+    const user = await verifySupabaseToken(accessToken);
+    if (user) return { owner: { type: 'user', id: user.id }, accessToken };
+  }
+
+  const tempId = String(req.headers['x-temp-id'] || req.query.tempId || '').trim();
+  if (tempId) {
+    sessionStore.initTemp(tempId);
+    return { owner: { type: 'guest', id: tempId }, accessToken: null };
+  }
+  return null;
+}
+
+async function requireRequestOwner(req, res) {
+  const resolved = await getRequestOwner(req);
+  if (!resolved?.owner) {
+    res.status(401).json({ error: 'auth:required' });
+    return null;
+  }
+  return resolved;
+}
+
 app.get('/health', (_req,res) => res.json({ok:true}));
 
 app.get('/api/share/:token', async (req,res) => {
@@ -124,6 +162,176 @@ app.get('/api/share/:token', async (req,res) => {
   } catch { res.status(500).json({error:'Server error'}); }
 });
 
+app.get('/api/media', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const result = await mediaStore.list(resolved.owner, {
+      view: req.query.view === 'trash' ? 'trash' : 'active',
+      parentId: req.query.parentId ? String(req.query.parentId) : null,
+    });
+    res.json(result);
+  } catch (err) {
+    console.error('media list error', err);
+    res.status(500).json({ error: 'media:list_failed' });
+  }
+});
+
+app.post('/api/media/upload', express.raw({ type: () => true, limit: '100mb' }), async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const name = decodeURIComponent(String(req.headers['x-file-name'] || 'upload.bin'));
+    const mimeType = String(req.headers['x-mime-type'] || 'application/octet-stream');
+    const parentId = req.headers['x-parent-id'] ? String(req.headers['x-parent-id']) : null;
+    const sessionId = req.headers['x-session-id'] ? String(req.headers['x-session-id']) : null;
+    const kindHeader = req.headers['x-file-kind'] ? String(req.headers['x-file-kind']) : null;
+    const item = await mediaStore.storeBuffer(resolved.owner, {
+      name,
+      mimeType,
+      buffer: Buffer.isBuffer(req.body) ? req.body : Buffer.from(req.body || []),
+      parentId,
+      sessionId,
+      source: 'user_upload',
+      kind: kindHeader || null,
+    });
+    res.json({ item });
+  } catch (err) {
+    console.error('media upload error', err);
+    res.status(500).json({ error: 'media:upload_failed' });
+  }
+});
+
+app.post('/api/media/folders', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const item = await mediaStore.createFolder(resolved.owner, {
+      name: req.body?.name || 'New Folder',
+      parentId: req.body?.parentId || null,
+    });
+    res.json({ item });
+  } catch (err) {
+    console.error('media create folder error', err);
+    res.status(500).json({ error: 'media:create_folder_failed' });
+  }
+});
+
+app.post('/api/media/documents', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const item = await mediaStore.createDocument(resolved.owner, {
+      name: req.body?.name,
+      parentId: req.body?.parentId || null,
+      richText: !!req.body?.richText,
+      content: req.body?.content || '',
+      source: 'user_upload',
+    });
+    res.json({ item });
+  } catch (err) {
+    console.error('media create document error', err);
+    res.status(500).json({ error: 'media:create_document_failed' });
+  }
+});
+
+app.post('/api/media/move', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const items = await mediaStore.move(resolved.owner, req.body?.ids || [], req.body?.parentId || null);
+    res.json({ items });
+  } catch (err) {
+    console.error('media move error', err);
+    res.status(500).json({ error: 'media:move_failed' });
+  }
+});
+
+app.post('/api/media/trash', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const items = await mediaStore.moveToTrash(resolved.owner, req.body?.ids || []);
+    res.json({ items });
+  } catch (err) {
+    console.error('media trash error', err);
+    res.status(500).json({ error: 'media:trash_failed' });
+  }
+});
+
+app.post('/api/media/restore', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const items = await mediaStore.restore(resolved.owner, req.body?.ids || []);
+    res.json({ items });
+  } catch (err) {
+    console.error('media restore error', err);
+    res.status(500).json({ error: 'media:restore_failed' });
+  }
+});
+
+app.post('/api/media/deleteForever', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const ids = await mediaStore.deleteForever(resolved.owner, req.body?.ids || []);
+    res.json({ ids });
+  } catch (err) {
+    console.error('media delete forever error', err);
+    res.status(500).json({ error: 'media:delete_failed' });
+  }
+});
+
+app.get('/api/media/:id/text', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const loaded = await mediaStore.readText(resolved.owner, req.params.id);
+    if (!loaded) return res.status(404).json({ error: 'media:not_found' });
+    res.json({ item: loaded.entry, content: loaded.text });
+  } catch (err) {
+    console.error('media read text error', err);
+    res.status(500).json({ error: 'media:read_failed' });
+  }
+});
+
+app.put('/api/media/:id/text', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const item = await mediaStore.updateContent(resolved.owner, req.params.id, {
+      buffer: Buffer.from(String(req.body?.content || ''), 'utf8'),
+      mimeType: req.body?.mimeType || null,
+      kind: req.body?.richText ? 'rich_text' : null,
+      name: req.body?.name || null,
+    });
+    if (!item) return res.status(404).json({ error: 'media:not_found' });
+    res.json({ item });
+  } catch (err) {
+    console.error('media update text error', err);
+    res.status(500).json({ error: 'media:update_failed' });
+  }
+});
+
+app.get('/api/media/:id/content', async (req, res) => {
+  const resolved = await requireRequestOwner(req, res);
+  if (!resolved) return;
+  try {
+    const loaded = await mediaStore.readBuffer(resolved.owner, req.params.id);
+    if (!loaded) return res.status(404).json({ error: 'media:not_found' });
+    res.setHeader('Content-Type', loaded.entry.mimeType || 'application/octet-stream');
+    res.setHeader('Cache-Control', 'private, max-age=60');
+    if (req.query.download === '1') {
+      res.setHeader('Content-Disposition', `attachment; filename="${loaded.entry.name}"`);
+    }
+    res.send(loaded.buffer);
+  } catch (err) {
+    console.error('media read binary error', err);
+    res.status(500).json({ error: 'media:read_failed' });
+  }
+});
+
 app.post('/api/turnstile', async (req,res)=>{
   try{
     const token = req.body?.token;
@@ -166,6 +374,7 @@ if (!latestSHA) {
 
 // --- Admin endpoints ---
 app.get('/admin.html', async (req, res) => {
+  if (serveLocalUiFile('/admin.html', res)) return;
   if (!latestSHA) return res.status(500).send('Server not ready');
 
   const url = `${CDN_BASE}@${latestSHA}/admin.html`;
@@ -223,12 +432,31 @@ function getMimeType(filePath){
   }
 }
 
+function resolveLocalUiFile(filePath) {
+  if (!LOCAL_UI_DIR) return null;
+  const resolvedRoot = path.resolve(LOCAL_UI_DIR);
+  const relativePath = String(filePath || '/index.html').replace(/^[/\\]+/, '');
+  const resolvedFile = path.resolve(resolvedRoot, relativePath);
+  if (resolvedFile !== resolvedRoot && !resolvedFile.startsWith(`${resolvedRoot}${path.sep}`)) return null;
+  if (!fs.existsSync(resolvedFile) || fs.statSync(resolvedFile).isDirectory()) return null;
+  return resolvedFile;
+}
+
+function serveLocalUiFile(filePath, res) {
+  const resolvedFile = resolveLocalUiFile(filePath);
+  if (!resolvedFile) return false;
+  res.setHeader('Content-Type', getMimeType(resolvedFile));
+  res.send(fs.readFileSync(resolvedFile));
+  return true;
+}
+
 // Hybrid serving: everything via latest SHA (auto-refresh / manual refresh)
 app.get('*', async (req,res)=>{
   if(req.path.startsWith('/api/')) return res.status(404).send('Not found');
 
   // All client files are fetched from latest SHA
   const filePath = req.path === '/' ? '/index.html' : req.path;
+  if (serveLocalUiFile(filePath, res)) return;
   const url = `${CDN_BASE}@${latestSHA}${filePath}`;
 
   try{
@@ -277,4 +505,4 @@ wss.on('connection',(ws,req)=>{
   safeSend(ws,{type:'connected', tempId:wsClients.get(ws)?.tempId});
 });
 
-httpServer.listen(PORT,'0.0.0.0',()=>console.log(`Running on port ${PORT}`));
+httpServer.listen(PORT,'0.0.0.0',()=>console.log(`Running on port ${PORT}`));

server/mediaStore.js

@@ -0,0 +1,454 @@
+import crypto from 'crypto';
+import fs from 'fs/promises';
+import path from 'path';
+import { loadEncryptedJson, saveEncryptedJson, readEncryptedFile, writeEncryptedFile } from './cryptoUtils.js';
+
+const DATA_ROOT = '/data/media';
+const INDEX_FILE = path.join(DATA_ROOT, 'index.json');
+const BLOBS_DIR = path.join(DATA_ROOT, 'blobs');
+const TRASH_RETENTION_MS = 30 * 24 * 60 * 60 * 1000;
+const GUEST_RETENTION_MS = 24 * 60 * 60 * 1000;
+
+const state = {
+  loaded: false,
+  index: {
+    entries: {},
+  },
+};
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function ownerKey(owner) {
+  return `${owner.type}:${owner.id}`;
+}
+
+function ensureOwner(owner) {
+  if (!owner?.type || !owner?.id) throw new Error('Invalid media owner');
+  return owner;
+}
+
+function normalizeName(name, fallback = 'Untitled') {
+  const clean = String(name || '').trim().replace(/[\\/:*?"<>|]+/g, '_');
+  return clean || fallback;
+}
+
+function extensionFromName(name = '') {
+  const ext = path.extname(String(name || '')).toLowerCase();
+  return ext.startsWith('.') ? ext.slice(1) : ext;
+}
+
+function inferKind(name, mimeType = '') {
+  const mime = String(mimeType || '').toLowerCase();
+  const ext = extensionFromName(name);
+  if (mime.startsWith('image/') || ['png', 'jpg', 'jpeg', 'gif', 'webp', 'svg'].includes(ext)) return 'image';
+  if (mime.startsWith('video/') || ['mp4', 'webm', 'mov'].includes(ext)) return 'video';
+  if (mime.startsWith('audio/') || ['mp3', 'wav', 'ogg', 'm4a'].includes(ext)) return 'audio';
+  if (mime === 'text/html' || ['html', 'htm'].includes(ext)) return 'rich_text';
+  if (mime.startsWith('text/') || ['txt', 'md', 'json', 'js', 'ts', 'css', 'py', 'html', 'xml', 'csv', 'rtf'].includes(ext)) return 'text';
+  return 'file';
+}
+
+function guessMimeType(name, fallbackKind = 'file') {
+  const ext = extensionFromName(name);
+  switch (ext) {
+    case 'txt': return 'text/plain';
+    case 'md': return 'text/markdown';
+    case 'json': return 'application/json';
+    case 'html':
+    case 'htm': return 'text/html';
+    case 'css': return 'text/css';
+    case 'js': return 'application/javascript';
+    case 'ts': return 'text/plain';
+    case 'svg': return 'image/svg+xml';
+    case 'png': return 'image/png';
+    case 'jpg':
+    case 'jpeg': return 'image/jpeg';
+    case 'gif': return 'image/gif';
+    case 'webp': return 'image/webp';
+    case 'mp4': return 'video/mp4';
+    case 'webm': return 'video/webm';
+    case 'mp3': return 'audio/mpeg';
+    case 'wav': return 'audio/wav';
+    case 'ogg': return 'audio/ogg';
+    case 'csv': return 'text/csv';
+    default:
+      if (fallbackKind === 'rich_text') return 'text/html';
+      if (fallbackKind === 'text') return 'text/plain';
+      return 'application/octet-stream';
+  }
+}
+
+async function ensureLoaded() {
+  if (state.loaded) return;
+  const stored = await loadEncryptedJson(INDEX_FILE);
+  state.index = {
+    entries: stored?.entries || {},
+  };
+  state.loaded = true;
+  await purgeExpiredInternal();
+}
+
+async function saveIndex() {
+  await saveEncryptedJson(INDEX_FILE, state.index);
+}
+
+function getEntry(id) {
+  return state.index.entries[id] || null;
+}
+
+function canAccess(entry, owner) {
+  return !!entry && entry.ownerType === owner.type && entry.ownerId === owner.id;
+}
+
+function sanitizeEntry(entry) {
+  return {
+    id: entry.id,
+    type: entry.type,
+    name: entry.name,
+    parentId: entry.parentId || null,
+    ownerType: entry.ownerType,
+    ownerId: entry.ownerId,
+    mimeType: entry.mimeType || null,
+    kind: entry.kind || null,
+    size: entry.size || 0,
+    source: entry.source || null,
+    createdAt: entry.createdAt,
+    updatedAt: entry.updatedAt,
+    trashedAt: entry.trashedAt || null,
+    purgeAt: entry.purgeAt || null,
+    sessionIds: entry.sessionIds || [],
+    deletedByAssistant: !!entry.deletedByAssistant,
+  };
+}
+
+function blobPathFor(id) {
+  return path.join(BLOBS_DIR, `${id}.bin`);
+}
+
+function buildAad(entry) {
+  return `media:${entry.id}:${entry.ownerType}:${entry.ownerId}`;
+}
+
+function getChildren(owner, parentId, includeTrash = true) {
+  return Object.values(state.index.entries).filter((entry) =>
+    entry.ownerType === owner.type &&
+    entry.ownerId === owner.id &&
+    (entry.parentId || null) === (parentId || null) &&
+    (includeTrash || !entry.trashedAt)
+  );
+}
+
+function collectDescendantIds(owner, rootId, acc = new Set()) {
+  acc.add(rootId);
+  const children = getChildren(owner, rootId, true);
+  for (const child of children) {
+    collectDescendantIds(owner, child.id, acc);
+  }
+  return [...acc];
+}
+
+function resolveParentFolder(owner, parentId) {
+  if (!parentId) return null;
+  const parent = getEntry(parentId);
+  if (!parent || !canAccess(parent, owner) || parent.type !== 'folder') return null;
+  return parent.id;
+}
+
+function wouldCreateCycle(owner, entryId, candidateParentId) {
+  let currentId = candidateParentId || null;
+  while (currentId) {
+    if (currentId === entryId) return true;
+    const current = getEntry(currentId);
+    if (!current || !canAccess(current, owner)) return false;
+    currentId = current.parentId || null;
+  }
+  return false;
+}
+
+async function purgeEntry(id) {
+  const entry = getEntry(id);
+  if (!entry) return;
+  if (entry.type === 'file') {
+    await fs.rm(blobPathFor(id), { force: true }).catch(() => {});
+  }
+  delete state.index.entries[id];
+}
+
+async function purgeExpiredInternal() {
+  const now = Date.now();
+  let changed = false;
+  for (const entry of Object.values(state.index.entries)) {
+    const shouldPurge =
+      (entry.purgeAt && new Date(entry.purgeAt).getTime() <= now) ||
+      (entry.expiresAt && new Date(entry.expiresAt).getTime() <= now);
+    if (!shouldPurge) continue;
+    for (const id of collectDescendantIds({ type: entry.ownerType, id: entry.ownerId }, entry.id)) {
+      await purgeEntry(id);
+    }
+    changed = true;
+  }
+  if (changed) await saveIndex();
+}
+
+setInterval(() => {
+  purgeExpiredInternal().catch((err) => console.error('mediaStore cleanup failed:', err));
+}, 6 * 60 * 60 * 1000);
+
+export const mediaStore = {
+  async list(owner, { view = 'active', parentId = null } = {}) {
+    ensureOwner(owner);
+    await ensureLoaded();
+
+    const includeTrash = view === 'trash';
+    const items = getChildren(owner, parentId, true)
+      .filter((entry) => includeTrash ? !!entry.trashedAt : !entry.trashedAt)
+      .sort((a, b) => {
+        if (a.type !== b.type) return a.type === 'folder' ? -1 : 1;
+        return new Date(b.updatedAt || b.createdAt).getTime() - new Date(a.updatedAt || a.createdAt).getTime();
+      })
+      .map(sanitizeEntry);
+
+    const breadcrumbs = [];
+    let currentId = parentId;
+    while (currentId) {
+      const entry = getEntry(currentId);
+      if (!entry || !canAccess(entry, owner)) break;
+      breadcrumbs.unshift({ id: entry.id, name: entry.name });
+      currentId = entry.parentId || null;
+    }
+
+    return { items, breadcrumbs };
+  },
+
+  async get(owner, id) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const entry = getEntry(id);
+    if (!canAccess(entry, owner)) return null;
+    return sanitizeEntry(entry);
+  },
+
+  async storeBuffer(owner, {
+    name,
+    mimeType,
+    buffer,
+    parentId = null,
+    sessionId = null,
+    source = 'upload',
+    kind = null,
+    deletedByAssistant = false,
+  }) {
+    ensureOwner(owner);
+    await ensureLoaded();
+
+    const entryId = crypto.randomUUID();
+    const resolvedParentId = resolveParentFolder(owner, parentId);
+    const fileName = normalizeName(name, 'Untitled');
+    const inferredKind = kind || inferKind(fileName, mimeType);
+    const entry = {
+      id: entryId,
+      type: 'file',
+      name: fileName,
+      ownerType: owner.type,
+      ownerId: owner.id,
+      mimeType: mimeType || guessMimeType(fileName, inferredKind),
+      kind: inferredKind,
+      size: buffer.byteLength,
+      parentId: resolvedParentId,
+      source,
+      createdAt: nowIso(),
+      updatedAt: nowIso(),
+      trashedAt: null,
+      purgeAt: null,
+      sessionIds: sessionId ? [sessionId] : [],
+      expiresAt: owner.type === 'guest' ? new Date(Date.now() + GUEST_RETENTION_MS).toISOString() : null,
+      deletedByAssistant,
+    };
+
+    await writeEncryptedFile(blobPathFor(entry.id), Buffer.from(buffer), buildAad(entry));
+    state.index.entries[entry.id] = entry;
+    await saveIndex();
+    return sanitizeEntry(entry);
+  },
+
+  async createFolder(owner, { name, parentId = null }) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const resolvedParentId = resolveParentFolder(owner, parentId);
+
+    const folder = {
+      id: crypto.randomUUID(),
+      type: 'folder',
+      name: normalizeName(name, 'New Folder'),
+      ownerType: owner.type,
+      ownerId: owner.id,
+      parentId: resolvedParentId,
+      createdAt: nowIso(),
+      updatedAt: nowIso(),
+      trashedAt: null,
+      purgeAt: null,
+      sessionIds: [],
+      expiresAt: owner.type === 'guest' ? new Date(Date.now() + GUEST_RETENTION_MS).toISOString() : null,
+    };
+
+    state.index.entries[folder.id] = folder;
+    await saveIndex();
+    return sanitizeEntry(folder);
+  },
+
+  async createDocument(owner, {
+    name,
+    parentId = null,
+    richText = false,
+    content = '',
+    source = 'upload',
+  }) {
+    const normalizedName = normalizeName(
+      name,
+      richText ? 'Untitled Document.html' : 'Untitled Document.txt'
+    );
+    return this.storeBuffer(owner, {
+      name: normalizedName,
+      mimeType: richText ? 'text/html' : 'text/plain',
+      buffer: Buffer.from(content || (richText ? '<p></p>' : ''), 'utf8'),
+      parentId,
+      source,
+      kind: richText ? 'rich_text' : 'text',
+    });
+  },
+
+  async readBuffer(owner, id) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const entry = getEntry(id);
+    if (!entry || entry.type !== 'file' || !canAccess(entry, owner)) return null;
+    return {
+      entry: sanitizeEntry(entry),
+      buffer: await readEncryptedFile(blobPathFor(id), buildAad(entry)),
+    };
+  },
+
+  async readText(owner, id) {
+    const loaded = await this.readBuffer(owner, id);
+    if (!loaded) return null;
+    return {
+      entry: loaded.entry,
+      text: loaded.buffer.toString('utf8'),
+    };
+  },
+
+  async updateContent(owner, id, { buffer, name = null, mimeType = null, kind = null }) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const entry = getEntry(id);
+    if (!entry || entry.type !== 'file' || !canAccess(entry, owner)) return null;
+
+    if (name) entry.name = normalizeName(name, entry.name);
+    if (mimeType) entry.mimeType = mimeType;
+    if (kind) entry.kind = kind;
+    entry.size = buffer.byteLength;
+    entry.updatedAt = nowIso();
+
+    await writeEncryptedFile(blobPathFor(entry.id), Buffer.from(buffer), buildAad(entry));
+    await saveIndex();
+    return sanitizeEntry(entry);
+  },
+
+  async move(owner, ids, parentId = null) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const destinationId = parentId ? resolveParentFolder(owner, parentId) : null;
+    if (parentId && !destinationId) throw new Error('Invalid destination folder');
+    const updated = [];
+    for (const id of ids || []) {
+      const entry = getEntry(id);
+      if (!entry || !canAccess(entry, owner)) continue;
+      if (destinationId === entry.id) continue;
+      if (wouldCreateCycle(owner, entry.id, destinationId)) continue;
+      entry.parentId = destinationId;
+      entry.updatedAt = nowIso();
+      updated.push(sanitizeEntry(entry));
+    }
+    if (updated.length) await saveIndex();
+    return updated;
+  },
+
+  async moveToTrash(owner, ids) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const trashed = [];
+    const now = nowIso();
+    const purgeAt = new Date(Date.now() + TRASH_RETENTION_MS).toISOString();
+
+    for (const id of ids || []) {
+      const entry = getEntry(id);
+      if (!entry || !canAccess(entry, owner)) continue;
+      for (const targetId of collectDescendantIds(owner, id)) {
+        const target = getEntry(targetId);
+        if (!target) continue;
+        target.trashedAt = now;
+        target.purgeAt = purgeAt;
+        target.updatedAt = now;
+        trashed.push(sanitizeEntry(target));
+      }
+    }
+    if (trashed.length) await saveIndex();
+    return trashed;
+  },
+
+  async restore(owner, ids) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const restored = [];
+    for (const id of ids || []) {
+      const entry = getEntry(id);
+      if (!entry || !canAccess(entry, owner)) continue;
+      for (const targetId of collectDescendantIds(owner, id)) {
+        const target = getEntry(targetId);
+        if (!target) continue;
+        target.trashedAt = null;
+        target.purgeAt = null;
+        target.updatedAt = nowIso();
+        restored.push(sanitizeEntry(target));
+      }
+    }
+    if (restored.length) await saveIndex();
+    return restored;
+  },
+
+  async deleteForever(owner, ids) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const removedIds = new Set();
+    for (const id of ids || []) {
+      const entry = getEntry(id);
+      if (!entry || !canAccess(entry, owner)) continue;
+      for (const targetId of collectDescendantIds(owner, id)) {
+        removedIds.add(targetId);
+      }
+    }
+    for (const targetId of removedIds) {
+      await purgeEntry(targetId);
+    }
+    if (removedIds.size) await saveIndex();
+    return [...removedIds];
+  },
+
+  async attachToSession(owner, ids, sessionId) {
+    ensureOwner(owner);
+    if (!sessionId) return [];
+    await ensureLoaded();
+    const updated = [];
+    for (const id of ids || []) {
+      const entry = getEntry(id);
+      if (!entry || !canAccess(entry, owner)) continue;
+      entry.sessionIds = [...new Set([...(entry.sessionIds || []), sessionId])];
+      entry.updatedAt = nowIso();
+      updated.push(sanitizeEntry(entry));
+    }
+    if (updated.length) await saveIndex();
+    return updated;
+  },
+};

server/memoryStore.js

@@ -0,0 +1,110 @@
+import crypto from 'crypto';
+import path from 'path';
+import { loadEncryptedJson, saveEncryptedJson } from './cryptoUtils.js';
+
+const DATA_ROOT = '/data/memories';
+const INDEX_FILE = path.join(DATA_ROOT, 'index.json');
+const MAX_MEMORY_LENGTH = 220;
+
+const state = {
+  loaded: false,
+  index: {
+    memories: {},
+  },
+};
+
+function ensureOwner(owner) {
+  if (!owner?.type || !owner?.id) throw new Error('Invalid memory owner');
+  return owner;
+}
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function sanitizeText(text) {
+  return String(text || '').replace(/\s+/g, ' ').trim().slice(0, MAX_MEMORY_LENGTH);
+}
+
+async function ensureLoaded() {
+  if (state.loaded) return;
+  const stored = await loadEncryptedJson(INDEX_FILE);
+  state.index = {
+    memories: stored?.memories || {},
+  };
+  state.loaded = true;
+}
+
+async function saveIndex() {
+  await saveEncryptedJson(INDEX_FILE, state.index);
+}
+
+function matchesOwner(memory, owner) {
+  return memory.ownerType === owner.type && memory.ownerId === owner.id;
+}
+
+function sanitize(memory) {
+  return {
+    id: memory.id,
+    content: memory.content,
+    source: memory.source || 'assistant',
+    sessionId: memory.sessionId || null,
+    createdAt: memory.createdAt,
+    updatedAt: memory.updatedAt,
+  };
+}
+
+export const memoryStore = {
+  async list(owner) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    return Object.values(state.index.memories)
+      .filter((memory) => matchesOwner(memory, owner))
+      .sort((a, b) => new Date(b.updatedAt).getTime() - new Date(a.updatedAt).getTime())
+      .map(sanitize);
+  },
+
+  async create(owner, { content, sessionId = null, source = 'assistant' }) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const normalized = sanitizeText(content);
+    if (!normalized) return null;
+
+    const memory = {
+      id: crypto.randomUUID(),
+      ownerType: owner.type,
+      ownerId: owner.id,
+      content: normalized,
+      sessionId,
+      source,
+      createdAt: nowIso(),
+      updatedAt: nowIso(),
+    };
+    state.index.memories[memory.id] = memory;
+    await saveIndex();
+    return sanitize(memory);
+  },
+
+  async update(owner, id, content) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const memory = state.index.memories[id];
+    if (!memory || !matchesOwner(memory, owner)) return null;
+    const normalized = sanitizeText(content);
+    if (!normalized) return null;
+    memory.content = normalized;
+    memory.updatedAt = nowIso();
+    await saveIndex();
+    return sanitize(memory);
+  },
+
+  async delete(owner, id) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const memory = state.index.memories[id];
+    if (!memory || !matchesOwner(memory, owner)) return false;
+    delete state.index.memories[id];
+    await saveIndex();
+    return true;
+  },
+};

server/sessionStore.js

@@ -89,8 +89,24 @@ export const sessionStore = {
     saveTempStore().catch(err => console.error('Failed to save temp store:', err));
     return s;
   },
+  restoreTempSession(t, session) {
+    const d = this.initTemp(t);
+    const restored = JSON.parse(JSON.stringify(session));
+    d.sessions.set(restored.id, restored);
+    d.lastActive = Date.now();
+    saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    return restored;
+  },
   deleteTempSession(t, id) { tempStore.get(t)?.sessions.delete(id); saveTempStore().catch(err => console.error('Failed to save temp store:', err)); },
   deleteTempAll(t)         { tempStore.get(t)?.sessions.clear(); saveTempStore().catch(err => console.error('Failed to save temp store:', err)); },
+  deleteTempSessionEverywhere(id) {
+    let changed = false;
+    for (const temp of tempStore.values()) {
+      if (temp.sessions.delete(id)) changed = true;
+    }
+    if (changed) saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    return changed;
+  },
 
   /**
    * Copy temp sessions into the user's account on login.
@@ -146,6 +162,12 @@ export const sessionStore = {
     await this._persist(userClient(accessToken), userId, s).catch(() => {});
     return s;
   },
+  async restoreUserSession(userId, accessToken, session) {
+    const restored = JSON.parse(JSON.stringify(session));
+    this._ensureUser(userId).sessions.set(restored.id, restored);
+    await this._persist(userClient(accessToken), userId, restored).catch(() => {});
+    return restored;
+  },
   async updateUserSession(userId, accessToken, sessionId, patch) {
     const user = userCache.get(userId); if (!user) { console.error("No user for " + userId); return null; }
     const s = user.sessions.get(sessionId); if (!s) { console.error ("No session found for " + sessionId); return null; }
@@ -237,4 +259,4 @@ export const deviceSessionStore = {
     const s = devSessions.get(token); if (!s || !s.active) return null;
     s.lastSeen = new Date().toISOString(); return s;
   },
-};
+};

server/wsHandler.js

@@ -9,8 +9,12 @@ import {
   getUserProfile, setUsername, getSubscriptionInfo,
   getTierConfig, getUsageInfo,
 } from './auth.js';
-import { streamChat, extractSessionName } from './chatStream.js';
+import { streamChat } from './chatStream.js';
+import { mediaStore } from './mediaStore.js';
+import { memoryStore } from './memoryStore.js';
+import { chatTrashStore } from './chatTrashStore.js';
 import crypto from 'crypto';
+import path from 'path';
 
 /**
  * Message Structure: Tree-based with versioned tails
@@ -134,15 +138,36 @@ const handlers = {
   },
 
   'sessions:delete': async (ws, msg, client) => {
-    if (client.userId) await sessionStore.deleteUserSession(client.userId, client.accessToken, msg.sessionId);
-    else sessionStore.deleteTempSession(client.tempId, msg.sessionId);
+    const owner = getClientOwner(client);
+    const session = client.userId
+      ? sessionStore.getUserSession(client.userId, msg.sessionId)
+      : sessionStore.getTempSession(client.tempId, msg.sessionId);
+    if (!session) return safeSend(ws, { type: 'error', message: 'Session not found' });
+
+    await chatTrashStore.add(owner, JSON.parse(JSON.stringify(session)));
+    if (client.userId) {
+      await sessionStore.deleteUserSession(client.userId, client.accessToken, msg.sessionId);
+      sessionStore.deleteTempSessionEverywhere(msg.sessionId);
+    } else {
+      sessionStore.deleteTempSession(client.tempId, msg.sessionId);
+    }
     safeSend(ws, { type: 'sessions:deleted', sessionId: msg.sessionId });
+    safeSend(ws, { type: 'trash:chats:changed' });
   },
 
   'sessions:deleteAll': async (ws, msg, client) => {
+    const owner = getClientOwner(client);
+    const sessions = client.userId
+      ? sessionStore.getUserSessions(client.userId)
+      : sessionStore.getTempSessions(client.tempId);
+    for (const session of sessions) {
+      await chatTrashStore.add(owner, JSON.parse(JSON.stringify(session)));
+      if (client.userId) sessionStore.deleteTempSessionEverywhere(session.id);
+    }
     if (client.userId) await sessionStore.deleteAllUserSessions(client.userId, client.accessToken);
     else sessionStore.deleteTempAll(client.tempId);
     safeSend(ws, { type: 'sessions:deletedAll' });
+    safeSend(ws, { type: 'trash:chats:changed' });
   },
 
   'sessions:rename': async (ws, msg, client) => {
@@ -175,8 +200,34 @@ const handlers = {
     safeSend(ws, { type: 'sessions:imported', session: ser(s) });
   },
 
+  'trash:chats:list': async (ws, msg, client) => {
+    const owner = getClientOwner(client);
+    const items = await chatTrashStore.list(owner);
+    safeSend(ws, { type: 'trash:chats:list', items });
+  },
+
+  'trash:chats:restore': async (ws, msg, client) => {
+    const owner = getClientOwner(client);
+    const restored = await chatTrashStore.restore(owner, msg.ids || []);
+    const sessions = [];
+    for (const snapshot of restored) {
+      const restoredSession = await restoreDeletedSession(client, snapshot);
+      if (restoredSession) sessions.push(ser(restoredSession));
+    }
+    safeSend(ws, { type: 'trash:chats:restored', sessions });
+    safeSend(ws, { type: 'trash:chats:changed' });
+  },
+
+  'trash:chats:deleteForever': async (ws, msg, client) => {
+    const owner = getClientOwner(client);
+    const removedIds = await chatTrashStore.deleteForever(owner, msg.ids || []);
+    safeSend(ws, { type: 'trash:chats:deletedForever', ids: removedIds });
+    safeSend(ws, { type: 'trash:chats:changed' });
+  },
+
   'chat:send': async (ws, msg, client) => {
     const { sessionId, content, tools } = msg;
+    const owner = getClientOwner(client);
     if (!client.userId) {
       const allowed = await consumeGuestRequest(client.ip || 'unknown');
       if (!allowed) return safeSend(ws, { type: 'guest:rateLimit', message: 'Guest request limit exceeded' });
@@ -194,33 +245,49 @@ const handlers = {
     safeSend(ws, { type: 'chat:start', sessionId });
 
     let fullText = '';
-    const assetsCollected = [], toolCallsCollected = [];
+    const assetsCollected = [], toolCallsCollected = [], responseEditsCollected = [];
 
     // Extract flat history from tree structure
     const rootMessage = session.history?.[0];
     const flatHistory = rootMessage ? extractFlatHistory(rootMessage) : [];
 
+    if (Array.isArray(msg.linkedMediaIds) && msg.linkedMediaIds.length) {
+      await mediaStore.attachToSession(owner, msg.linkedMediaIds, sessionId).catch((err) => {
+        console.error('Failed to link uploaded media to session:', err);
+      });
+    }
+
     await streamChat({
       sessionId,
       model: session.model,
-      history: flatHistory, 
-      userMessage: content, 
+      history: flatHistory,
+      userMessage: content,
       tools: tools || {},
-      accessToken: client.accessToken, 
-      clientId: msg.clientId, 
+      accessToken: client.accessToken,
+      clientId: msg.clientId,
+      owner,
+      sessionName: session.name,
       abortSignal: abort.signal,
       onToken(t) { fullText += t; safeSend(ws, { type: 'chat:token', token: t, sessionId }); },
       onToolCall(call) {
         safeSend(ws, { type: 'chat:toolCall', call, sessionId });
         if (call.state === 'resolved' || call.state === 'canceled') toolCallsCollected.push(call);
       },
-      onNewAsset(asset) { safeSend(ws, { type: 'chat:asset', asset, sessionId }); assetsCollected.push(asset); },
-      async onDone(text, toolCalls, aborted, sessionNameFromTag) {
+      onNewAsset(asset) {
+        safeSend(ws, { type: 'chat:asset', asset, sessionId });
+        assetsCollected.push(asset);
+        safeSend(ws, { type: 'media:changed' });
+      },
+      onDraftEdit(edit, draftText) {
+        responseEditsCollected.push(edit);
+        safeSend(ws, { type: 'chat:draftEdited', edit, text: draftText, sessionId });
+      },
+      async onDone(text, toolCalls, aborted, sessionNameFromTag, responseEdits = []) {
         activeStreams.delete(ws);
         const finalText = text || fullText;
-        
+
         // Only create user entry if content was actually provided
-        const hasContent = content !== undefined && content !== null && content !== '' && 
+        const hasContent = content !== undefined && content !== null && content !== '' &&
           !(Array.isArray(content) && content.length === 0);
         const userEntry = hasContent
           ? buildEntry('user', content)
@@ -231,17 +298,39 @@ const handlers = {
           const resolved = resolvedMap.get(c.id) || {};
           return { ...c, state: resolved.state || 'resolved', result: resolved.result };
         });
-        const asstEntry = buildEntry('assistant', finalText, mergedCalls);
+        const asstEntry = buildEntry('assistant', finalText, mergedCalls, {
+          responseEdits: [...responseEditsCollected, ...responseEdits],
+        });
+
+        const mediaEntries = assetsCollected.map((asset) =>
+          buildMediaEntry(asset.role, {
+            assetId: asset.id,
+            mimeType: asset.mimeType,
+            name: asset.name,
+          })
+        );
+
+        const generatedFiles = extractAssistantGeneratedFiles(finalText);
+        for (const file of generatedFiles) {
+          await mediaStore.storeBuffer(owner, {
+            name: file.name,
+            mimeType: file.mimeType,
+            buffer: file.buffer,
+            sessionId,
+            source: 'assistant_generated',
+            kind: file.kind,
+          }).catch((err) => console.error('Failed to store generated text asset:', err));
+        }
+        if (generatedFiles.length) safeSend(ws, { type: 'media:changed' });
 
         // Rebuild tree structure with new messages appended
         let newRootMessage = rootMessage ? validateAndRepairTree(JSON.parse(JSON.stringify(rootMessage))) : null;
-        
+
         if (!newRootMessage) {
           // First message in session - must have user entry
           if (!userEntry) return safeSend(ws, { type: 'error', message: 'No content for first message' });
           newRootMessage = userEntry;
-          const asstWrap = { ...asstEntry };
-          newRootMessage.versions[0].tail = [asstWrap];
+          newRootMessage.versions[0].tail = [{ ...asstEntry }, ...mediaEntries];
         } else {
           // Append to current tail
           const currentVerIdx = newRootMessage.currentVersionIdx ?? 0;
@@ -251,6 +340,7 @@ const handlers = {
             currentTail.push(userEntry);
           }
           currentTail.push(asstEntry);
+          currentTail.push(...mediaEntries);
           newRootMessage.versions[currentVerIdx].tail = currentTail;
         }
 
@@ -266,13 +356,13 @@ const handlers = {
         if (client.userId)
           await sessionStore.updateUserSession(client.userId, client.accessToken, sessionId, { history: newHistory, name: newName });
         else sessionStore.updateTempSession(client.tempId, sessionId, { history: newHistory, name: newName });
-        
+
         safeSend(ws, { type: aborted ? 'chat:aborted' : 'chat:done', sessionId, name: newName, history: extractFlatHistory(newRootMessage) });
       },
-      onError(err) { 
+      onError(err) {
         activeStreams.delete(ws);
         console.error('streamChat error:', err);
-        safeSend(ws, { type: 'chat:error', error: String(err), sessionId }); 
+        safeSend(ws, { type: 'chat:error', error: String(err), sessionId });
       },
     });
   },
@@ -378,6 +468,37 @@ const handlers = {
     bcast(wsClients, client.userId, { type: 'settings:updated', settings: msg.settings }, ws);
   },
 
+  'memories:list': async (ws, msg, client) => {
+    const owner = getClientOwner(client);
+    const items = await memoryStore.list(owner);
+    safeSend(ws, { type: 'memories:list', items });
+  },
+
+  'memories:create': async (ws, msg, client, wsClients) => {
+    const owner = getClientOwner(client);
+    const memory = await memoryStore.create(owner, {
+      content: msg.content,
+      sessionId: msg.sessionId || null,
+      source: msg.source || 'manual',
+    });
+    safeSend(ws, { type: 'memories:created', memory });
+    if (client.userId) bcast(wsClients, client.userId, { type: 'memories:changed' }, ws);
+  },
+
+  'memories:update': async (ws, msg, client, wsClients) => {
+    const owner = getClientOwner(client);
+    const memory = await memoryStore.update(owner, msg.id, msg.content);
+    safeSend(ws, { type: 'memories:updated', memory });
+    if (client.userId) bcast(wsClients, client.userId, { type: 'memories:changed' }, ws);
+  },
+
+  'memories:delete': async (ws, msg, client, wsClients) => {
+    const owner = getClientOwner(client);
+    const ok = await memoryStore.delete(owner, msg.id);
+    safeSend(ws, { type: 'memories:deleted', id: ok ? msg.id : null });
+    if (client.userId) bcast(wsClients, client.userId, { type: 'memories:changed' }, ws);
+  },
+
   'account:getProfile':      async (ws, msg, c) => { if (!c.userId) return; safeSend(ws, { type: 'account:profile', profile: await getUserProfile(c.userId, c.accessToken) }); },
   'account:setUsername':     async (ws, msg, c) => { if (!c.userId) return; safeSend(ws, { type: 'account:usernameResult', ...await setUsername(c.userId, c.accessToken, msg.username) }); },
   'account:getSubscription': async (ws, msg, c) => { 
@@ -400,11 +521,31 @@ const handlers = {
 
 function ser(s) { return { id: s.id, name: s.name, created: s.created, history: s.history || [], model: s.model }; }
 
+function getClientOwner(client) {
+  return client.userId
+    ? { type: 'user', id: client.userId }
+    : { type: 'guest', id: client.tempId };
+}
+
+async function restoreDeletedSession(client, snapshot) {
+  if (!snapshot) return null;
+  const restored = JSON.parse(JSON.stringify(snapshot));
+  const existing = client.userId
+    ? sessionStore.getUserSession(client.userId, restored.id)
+    : sessionStore.getTempSession(client.tempId, restored.id);
+  if (existing) restored.id = crypto.randomUUID();
+  restored.created = restored.created || Date.now();
+  if (client.userId) {
+    return sessionStore.restoreUserSession(client.userId, client.accessToken, restored);
+  }
+  return sessionStore.restoreTempSession(client.tempId, restored);
+}
+
 function generateMessageId() {
   return `msg-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`;
 }
 
-function buildEntry(role, content, toolCalls = []) {
+function buildEntry(role, content, toolCalls = [], extraFields = {}) {
   const normalizedCalls = toolCalls.map(c => ({
     id:     c.id,
     name:   c.name || c.function?.name,
@@ -420,10 +561,53 @@ function buildEntry(role, content, toolCalls = []) {
     timestamp: Date.now(),
     versions: [{ content: validContent, tail: [], timestamp: Date.now() }], 
     currentVersionIdx: 0,
-    ...(normalizedCalls.length ? { toolCalls: normalizedCalls } : {}) 
+    ...(normalizedCalls.length ? { toolCalls: normalizedCalls } : {}),
+    ...extraFields,
   };
 }
 
+function buildMediaEntry(role, content) {
+  return {
+    id: generateMessageId(),
+    role,
+    content,
+    timestamp: Date.now(),
+    versions: [{ content, tail: [], timestamp: Date.now() }],
+    currentVersionIdx: 0,
+  };
+}
+
+function extractAssistantGeneratedFiles(text) {
+  if (!text || typeof text !== 'string') return [];
+  const files = [];
+  const detailsRe = /<details><summary>([^<]+?)<\/summary>\s*```(?:\w*)\n([\s\S]*?)\n```\s*<\/details>/g;
+  const svgRe = /```svg\n([\s\S]*?)\n```/g;
+  let match;
+
+  while ((match = detailsRe.exec(text)) !== null) {
+    const name = String(match[1] || '').trim();
+    const ext = path.extname(name).toLowerCase();
+    files.push({
+      name: name || 'generated-file.txt',
+      mimeType: ext === '.html' || ext === '.htm' ? 'text/html' : 'text/plain',
+      kind: ext === '.html' || ext === '.htm' ? 'rich_text' : 'text',
+      buffer: Buffer.from(match[2], 'utf8'),
+    });
+  }
+
+  let svgIndex = 1;
+  while ((match = svgRe.exec(text)) !== null) {
+    files.push({
+      name: `generated-image-${svgIndex++}.svg`,
+      mimeType: 'image/svg+xml',
+      kind: 'image',
+      buffer: Buffer.from(match[1], 'utf8'),
+    });
+  }
+
+  return files;
+}
+
 /**
  * Validate and repair tree structure after cloning/modification
  * Ensures all messages and versions have valid content property