feat(M3+M4): persistent sessions with node attachment + invite token auth

Fork: 0

yangyangxie / cortex-hub

Browse code feat(M3+M4): persistent sessions with node attachment + invite token auth M3 — Persistent Session Model: DB: - Session model: +sync_workspace_id, +attached_node_ids (JSON), +node_sync_status (JSON) - Migration: auto-adds 3 new columns to existing sessions table API (sessions router): - POST /sessions/ now auto-attaches user's default_node_ids from preferences on creation, generates sync_workspace_id, seeds 'pending' sync status - POST /sessions/{id}/nodes attach nodes to an existing session - DELETE /sessions/{id}/nodes/{node_id} detach a node - GET /sessions/{id}/nodes live sync status (merges DB + live registry) Schemas: NodeAttachRequest, NodeSyncStatusEntry, SessionNodeStatusResponse M4 — Invite Token Validation: API (nodes router): - GET /nodes/admin/{id}/config.yaml generate ready-to-deploy agent_config.yaml (contains node_id, hub_url, grpc_endpoint, invite_token, skill toggles) - POST /nodes/validate-token internal endpoint called by gRPC server; validates token against DB, returns skill_config for SandboxPolicy gRPC (grpc_server.py): - SyncConfiguration now calls POST /nodes/validate-token before registering node - HUB_API_URL env var controls this; empty = dev mode (skip validation) - Shell skill disabled by admin → empty allowed_commands in SandboxPolicy - Gracefully degrades if Hub is unreachable (logs warning, proceeds in dev) master
1 parent 856ace0 commit 7d894f9a40cf8860072d495386ab64e66abd1f99 Antigravity AI authored 14 hours ago

Browse code

M3 — Persistent Session Model:
  DB:
  - Session model: +sync_workspace_id, +attached_node_ids (JSON), +node_sync_status (JSON)
  - Migration: auto-adds 3 new columns to existing sessions table
  API (sessions router):
  - POST /sessions/        now auto-attaches user's default_node_ids from preferences
    on creation, generates sync_workspace_id, seeds 'pending' sync status
  - POST /sessions/{id}/nodes       attach nodes to an existing session
  - DELETE /sessions/{id}/nodes/{node_id}   detach a node
  - GET  /sessions/{id}/nodes       live sync status (merges DB + live registry)
  Schemas: NodeAttachRequest, NodeSyncStatusEntry, SessionNodeStatusResponse

M4 — Invite Token Validation:
  API (nodes router):
  - GET  /nodes/admin/{id}/config.yaml  generate ready-to-deploy agent_config.yaml
    (contains node_id, hub_url, grpc_endpoint, invite_token, skill toggles)
  - POST /nodes/validate-token          internal endpoint called by gRPC server;
    validates token against DB, returns skill_config for SandboxPolicy
  gRPC (grpc_server.py):
  - SyncConfiguration now calls POST /nodes/validate-token before registering node
  - HUB_API_URL env var controls this; empty = dev mode (skip validation)
  - Shell skill disabled by admin → empty allowed_commands in SandboxPolicy
  - Gracefully degrades if Hub is unreachable (logs warning, proceeds in dev)

master

1 parent 856ace0 commit 7d894f9a40cf8860072d495386ab64e66abd1f99

Antigravity AI authored 14 hours ago

Patch

Unified Split

Showing 6 changed files

Ignore Space Show notes View ai-hub/app/api/routes/nodes.py

Ignore Space Show notes View ai-hub/app/api/routes/sessions.py

Ignore Space Show notes View ai-hub/app/api/schemas.py

Ignore Space Show notes View ai-hub/app/db/migrate.py

Ignore Space Show notes View ai-hub/app/db/models.py

Ignore Space Show notes View poc-grpc-agent/orchestrator/services/grpc_server.py

Show line notes below