Add ScreenConnect-parity features (high + medium)

Viewer: - Toolbar: Ctrl+Alt+Del, clipboard paste, monitor picker, file transfer, chat, WoL buttons - Multi-monitor: agent sends monitor_list on connect, viewer can switch via dropdown - Clipboard sync: agent polls local clipboard → sends to viewer; viewer paste → agent sets remote clipboard - File transfer panel: drag-drop upload to agent, directory browser, download files from remote - Chat panel: bidirectional text chat forwarded through relay Agent: - Multi-monitor capture with set_monitor/set_quality message handlers - exec_key_combo for Ctrl+Alt+Del and arbitrary combos - Clipboard polling via pyperclip (both directions) - File upload/download/list_files with base64 chunked protocol - Attended mode (--attended): zenity/kdialog/PowerShell consent dialog before accepting stream - Auto-update: heartbeat checks version, downloads new binary and exec-replaces self (Linux) - Reports MAC address on registration (for WoL) Relay: - Forwards monitor_list, clipboard_content, file_chunk, file_list, chat_message agent→viewer - Session recording: when RECORDING_DIR env set, saves JPEG frames as .remrec files - ALLOWED_ORIGINS CORS now set from NEXT_PUBLIC_APP_URL in docker-compose Database: - groups table (id, name, description, created_by) - machines: group_id, mac_address, notes, tags text[] - Migration 0003 applied Dashboard: - Machines page: search, tag filter, group filter, inline notes/tags/rename editing - MachineCard: inline tag management, group picker, notes textarea - Admin page: new Groups tab (create/list/delete groups) - API: PATCH /api/machines/[id] (name, notes, tags, groupId) - API: GET/POST/DELETE /api/groups - API: POST /api/machines/wol (broadcast magic packet) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-10 23:57:47 -07:00
parent 27673daa63
commit 61edbf59bf
20 changed files with 1881 additions and 241 deletions
--- a/app/api/agent/heartbeat/route.ts
+++ b/app/api/agent/heartbeat/route.ts
@@ -3,9 +3,12 @@ import { machines, sessionCodes } from '@/lib/db/schema'
 import { eq, and, isNotNull, gt } from 'drizzle-orm'
 import { NextRequest, NextResponse } from 'next/server'

+// Increment this when a new agent binary is published to /downloads/
+const CURRENT_AGENT_VERSION = '1.0.0'
+
 export async function POST(request: NextRequest) {
  try {
-    const { accessKey } = await request.json()
+    const { accessKey, agentVersion } = await request.json()

    if (!accessKey) {
      return NextResponse.json({ error: 'Access key required' }, { status: 400 })
@@ -13,7 +16,7 @@ export async function POST(request: NextRequest) {

    const result = await db
      .update(machines)
-      .set({ isOnline: true, lastSeen: new Date() })
+      .set({ isOnline: true, lastSeen: new Date(), agentVersion: agentVersion || undefined })
      .where(eq(machines.accessKey, accessKey))
      .returning({ id: machines.id })

@@ -38,11 +41,18 @@ export async function POST(request: NextRequest) {
      .orderBy(sessionCodes.usedAt)
      .limit(1)

+    const needsUpdate = agentVersion && agentVersion !== CURRENT_AGENT_VERSION
+    const appUrl = process.env.NEXT_PUBLIC_APP_URL || ''
+    const downloadUrl = needsUpdate
+      ? `${appUrl}/downloads/remotelink-agent-${process.platform === 'win32' ? 'windows.exe' : 'linux'}`
+      : null
+
    return NextResponse.json({
      success: true,
      pendingConnection: pending[0]
        ? { sessionCodeId: pending[0].id, usedBy: pending[0].usedBy }
        : null,
+      updateAvailable: needsUpdate ? { version: CURRENT_AGENT_VERSION, downloadUrl } : null,
    })
  } catch (error) {
    console.error('[Heartbeat] Error:', error)
--- a/app/api/groups/route.ts
+++ b/app/api/groups/route.ts
@@ -0,0 +1,44 @@
+import { auth } from '@/auth'
+import { db } from '@/lib/db'
+import { groups } from '@/lib/db/schema'
+import { eq } from 'drizzle-orm'
+import { NextRequest, NextResponse } from 'next/server'
+
+type AuthUser = { id: string; role?: string }
+
+export async function GET() {
+  const authSession = await auth()
+  if (!authSession?.user?.id) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+
+  const list = await db.select().from(groups).orderBy(groups.name)
+  return NextResponse.json({ groups: list })
+}
+
+export async function POST(request: NextRequest) {
+  const authSession = await auth()
+  if (!authSession?.user?.id) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  const u = authSession.user as AuthUser
+  if (u.role !== 'admin') return NextResponse.json({ error: 'Admin only' }, { status: 403 })
+
+  const { name, description } = await request.json()
+  if (!name?.trim()) return NextResponse.json({ error: 'Name required' }, { status: 400 })
+
+  const [group] = await db.insert(groups).values({
+    name: String(name).slice(0, 100),
+    description: description ? String(description).slice(0, 500) : null,
+    createdBy: u.id,
+  }).returning()
+
+  return NextResponse.json({ group })
+}
+
+export async function DELETE(request: NextRequest) {
+  const authSession = await auth()
+  if (!authSession?.user?.id) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  const u = authSession.user as AuthUser
+  if (u.role !== 'admin') return NextResponse.json({ error: 'Admin only' }, { status: 403 })
+
+  const { id } = await request.json()
+  await db.delete(groups).where(eq(groups.id, id))
+  return NextResponse.json({ success: true })
+}
--- a/app/api/machines/[id]/route.ts
+++ b/app/api/machines/[id]/route.ts
@@ -4,6 +4,40 @@ import { machines } from '@/lib/db/schema'
 import { eq, and } from 'drizzle-orm'
 import { NextRequest, NextResponse } from 'next/server'

+export async function PATCH(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  const session = await auth()
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+  const { id } = await params
+  const body = await request.json()
+
+  const updates: Record<string, unknown> = {}
+  if (body.name !== undefined) updates.name = String(body.name).slice(0, 255)
+  if (body.notes !== undefined) updates.notes = body.notes ? String(body.notes) : null
+  if (body.tags !== undefined) updates.tags = Array.isArray(body.tags) ? body.tags.map(String) : []
+  if (body.groupId !== undefined) updates.groupId = body.groupId || null
+
+  if (Object.keys(updates).length === 0) {
+    return NextResponse.json({ error: 'Nothing to update' }, { status: 400 })
+  }
+
+  const result = await db
+    .update(machines)
+    .set(updates)
+    .where(and(eq(machines.id, id), eq(machines.userId, session.user.id)))
+    .returning({ id: machines.id })
+
+  if (!result[0]) {
+    return NextResponse.json({ error: 'Not found' }, { status: 404 })
+  }
+
+  return NextResponse.json({ success: true })
+}
+
 export async function DELETE(
  _request: NextRequest,
  { params }: { params: Promise<{ id: string }> }
--- a/app/api/machines/wol/route.ts
+++ b/app/api/machines/wol/route.ts
@@ -0,0 +1,60 @@
+import { auth } from '@/auth'
+import { db } from '@/lib/db'
+import { machines } from '@/lib/db/schema'
+import { and, eq } from 'drizzle-orm'
+import { NextRequest, NextResponse } from 'next/server'
+import { createSocket } from 'dgram'
+
+function buildMagicPacket(mac: string): Buffer {
+  // Normalise: strip separators, expect 12 hex chars
+  const hex = mac.replace(/[:\-]/g, '').toLowerCase()
+  if (hex.length !== 12 || !/^[0-9a-f]+$/.test(hex)) {
+    throw new Error('Invalid MAC address')
+  }
+  const macBytes = Buffer.from(hex, 'hex')
+  // Magic packet: 6x 0xFF + 16x MAC
+  const packet = Buffer.alloc(6 + 16 * 6)
+  packet.fill(0xff, 0, 6)
+  for (let i = 0; i < 16; i++) macBytes.copy(packet, 6 + i * 6)
+  return packet
+}
+
+async function sendMagicPacket(mac: string): Promise<void> {
+  const packet = buildMagicPacket(mac)
+  return new Promise((resolve, reject) => {
+    const sock = createSocket('udp4')
+    sock.once('error', reject)
+    sock.bind(() => {
+      sock.setBroadcast(true)
+      sock.send(packet, 0, packet.length, 9, '255.255.255.255', () => {
+        sock.close()
+        resolve()
+      })
+    })
+  })
+}
+
+export async function POST(request: NextRequest) {
+  const session = await auth()
+  if (!session?.user?.id) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+
+  const { machineId } = await request.json()
+  if (!machineId) return NextResponse.json({ error: 'machineId required' }, { status: 400 })
+
+  const result = await db
+    .select({ macAddress: machines.macAddress, name: machines.name })
+    .from(machines)
+    .where(and(eq(machines.id, machineId), eq(machines.userId, session.user.id)))
+    .limit(1)
+
+  const machine = result[0]
+  if (!machine) return NextResponse.json({ error: 'Machine not found' }, { status: 404 })
+  if (!machine.macAddress) return NextResponse.json({ error: 'No MAC address recorded for this machine. Agent must reconnect at least once.' }, { status: 422 })
+
+  try {
+    await sendMagicPacket(machine.macAddress)
+    return NextResponse.json({ success: true, message: `Magic packet sent to ${machine.macAddress}` })
+  } catch (e) {
+    return NextResponse.json({ error: String(e) }, { status: 500 })
+  }
+}