refactor(layout): group account, desktop, and watch modules

Author: liyanbowne

src/account-store-config.ts

@@ -1,56 +1 @@
-import type { AuthSnapshot } from "./auth-snapshot.js";
-
-export function validateConfigSnapshot(
-  name: string,
-  snapshot: AuthSnapshot,
-  rawConfig: string | null,
-): void {
-  if (snapshot.auth_mode !== "apikey") {
-    return;
-  }
-
-  if (!rawConfig) {
-    throw new Error(`Current ~/.codex/config.toml is required to save apikey account "${name}".`);
-  }
-
-  if (!/^\s*model_provider\s*=\s*["'][^"']+["']/mu.test(rawConfig)) {
-    throw new Error(`Current ~/.codex/config.toml is missing model_provider for apikey account "${name}".`);
-  }
-
-  if (!/^\s*base_url\s*=\s*["'][^"']+["']/mu.test(rawConfig)) {
-    throw new Error(`Current ~/.codex/config.toml is missing base_url for apikey account "${name}".`);
-  }
-}
-
-export function sanitizeConfigForAccountAuth(rawConfig: string): string {
-  const lines = rawConfig.split(/\r?\n/u);
-  const result: string[] = [];
-  let skippingProviderSection = false;
-
-  for (const line of lines) {
-    const trimmed = line.trim();
-
-    if (trimmed.startsWith("[") && trimmed.endsWith("]")) {
-      skippingProviderSection = /^\[model_providers\.[^\]]+\]$/u.test(trimmed);
-      if (skippingProviderSection) {
-        continue;
-      }
-    }
-
-    if (skippingProviderSection) {
-      continue;
-    }
-
-    if (/^\s*model_provider\s*=/u.test(line)) {
-      continue;
-    }
-
-    if (/^\s*preferred_auth_method\s*=\s*["']apikey["']\s*$/u.test(line)) {
-      continue;
-    }
-
-    result.push(line);
-  }
-
-  return `${result.join("\n").replace(/\n{3,}/gu, "\n\n").trimEnd()}\n`;
-}
+export * from "./account-store/config.js";

src/account-store-repository.ts

@@ -1,227 +1 @@
-import { join } from "node:path";
-
-import {
-  AuthSnapshot,
-  SnapshotMeta,
-  createSnapshotMeta,
-  getMetaIdentity,
-  getSnapshotAccountId,
-  getSnapshotIdentity,
-  getSnapshotUserId,
-  isSupportedChatGPTAuthMode,
-  parseSnapshotMeta,
-  readAuthSnapshotFile,
-} from "./auth-snapshot.js";
-import type { ManagedAccount, StorePaths, StoreState } from "./account-store-types.js";
-import {
-  DIRECTORY_MODE,
-  FILE_MODE,
-  SCHEMA_VERSION,
-  atomicWriteFile,
-  ensureAccountName,
-  ensureDirectory,
-  pathExists,
-  readJsonFile,
-  stringifyJson,
-} from "./account-store-storage.js";
-
-function canAutoMigrateLegacyChatGPTMeta(
-  meta: SnapshotMeta,
-  snapshot: AuthSnapshot,
-): boolean {
-  if (!isSupportedChatGPTAuthMode(meta.auth_mode) || !isSupportedChatGPTAuthMode(snapshot.auth_mode)) {
-    return false;
-  }
-
-  if (typeof meta.user_id === "string" && meta.user_id.trim() !== "") {
-    return false;
-  }
-
-  const snapshotUserId = getSnapshotUserId(snapshot);
-  if (!snapshotUserId) {
-    return false;
-  }
-
-  return meta.account_id === getSnapshotAccountId(snapshot);
-}
-
-export class AccountStoreRepository {
-  readonly paths: StorePaths;
-
-  constructor(paths: StorePaths) {
-    this.paths = paths;
-  }
-
-  accountDirectory(name: string): string {
-    ensureAccountName(name);
-    return join(this.paths.accountsDir, name);
-  }
-
-  accountAuthPath(name: string): string {
-    return join(this.accountDirectory(name), "auth.json");
-  }
-
-  accountMetaPath(name: string): string {
-    return join(this.accountDirectory(name), "meta.json");
-  }
-
-  accountConfigPath(name: string): string {
-    return join(this.accountDirectory(name), "config.toml");
-  }
-
-  async writeAccountAuthSnapshot(name: string, snapshot: AuthSnapshot): Promise<void> {
-    await atomicWriteFile(
-      this.accountAuthPath(name),
-      stringifyJson(snapshot),
-    );
-  }
-
-  async writeAccountMeta(name: string, meta: SnapshotMeta): Promise<void> {
-    await atomicWriteFile(this.accountMetaPath(name), stringifyJson(meta));
-  }
-
-  async ensureEmptyAccountConfigSnapshot(name: string): Promise<string> {
-    const configPath = this.accountConfigPath(name);
-    await atomicWriteFile(configPath, "");
-    return configPath;
-  }
-
-  async syncCurrentAuthIfMatching(snapshot: AuthSnapshot): Promise<void> {
-    if (!(await pathExists(this.paths.currentAuthPath))) {
-      return;
-    }
-
-    try {
-      const currentSnapshot = await readAuthSnapshotFile(this.paths.currentAuthPath);
-      if (getSnapshotIdentity(currentSnapshot) !== getSnapshotIdentity(snapshot)) {
-        return;
-      }
-
-      await atomicWriteFile(this.paths.currentAuthPath, stringifyJson(snapshot));
-    } catch {
-      // Ignore sync failures here; the stored snapshot is already updated.
-    }
-  }
-
-  async ensureLayout(): Promise<void> {
-    await ensureDirectory(this.paths.codexTeamDir, DIRECTORY_MODE);
-    await ensureDirectory(this.paths.accountsDir, DIRECTORY_MODE);
-    await ensureDirectory(this.paths.backupsDir, DIRECTORY_MODE);
-  }
-
-  async readState(): Promise<StoreState> {
-    if (!(await pathExists(this.paths.statePath))) {
-      return {
-        schema_version: SCHEMA_VERSION,
-        last_switched_account: null,
-        last_backup_path: null,
-      };
-    }
-
-    const raw = await readJsonFile(this.paths.statePath);
-    const parsed = JSON.parse(raw) as Partial<StoreState>;
-
-    return {
-      schema_version: parsed.schema_version ?? SCHEMA_VERSION,
-      last_switched_account: parsed.last_switched_account ?? null,
-      last_backup_path: parsed.last_backup_path ?? null,
-    };
-  }
-
-  async writeState(state: StoreState): Promise<void> {
-    await this.ensureLayout();
-    await atomicWriteFile(this.paths.statePath, stringifyJson(state));
-  }
-
-  async readManagedAccount(name: string): Promise<ManagedAccount> {
-    const metaPath = this.accountMetaPath(name);
-    const authPath = this.accountAuthPath(name);
-    const [rawMeta, snapshot] = await Promise.all([
-      readJsonFile(metaPath),
-      readAuthSnapshotFile(authPath),
-    ]);
-    let meta = parseSnapshotMeta(rawMeta);
-
-    if (meta.name !== name) {
-      throw new Error(`Account metadata name mismatch for "${name}".`);
-    }
-
-    const snapshotIdentity = getSnapshotIdentity(snapshot);
-    if (getMetaIdentity(meta) !== snapshotIdentity) {
-      if (canAutoMigrateLegacyChatGPTMeta(meta, snapshot)) {
-        meta = {
-          ...meta,
-          account_id: getSnapshotAccountId(snapshot),
-          user_id: getSnapshotUserId(snapshot),
-        };
-        await this.writeAccountMeta(name, meta);
-      } else {
-        throw new Error(`Account metadata account_id mismatch for "${name}".`);
-      }
-    }
-
-    if (getMetaIdentity(meta) !== snapshotIdentity) {
-      throw new Error(`Account metadata account_id mismatch for "${name}".`);
-    }
-
-    return {
-      ...meta,
-      identity: getMetaIdentity(meta),
-      authPath,
-      metaPath,
-      configPath: (await pathExists(this.accountConfigPath(name))) ? this.accountConfigPath(name) : null,
-      duplicateAccountId: false,
-    };
-  }
-
-  async listAccounts(): Promise<{ accounts: ManagedAccount[]; warnings: string[] }> {
-    await this.ensureLayout();
-
-    const { readdir } = await import("node:fs/promises");
-    const entries = await readdir(this.paths.accountsDir, { withFileTypes: true });
-    const accounts: ManagedAccount[] = [];
-    const warnings: string[] = [];
-
-    for (const entry of entries) {
-      if (!entry.isDirectory()) {
-        continue;
-      }
-
-      try {
-        accounts.push(await this.readManagedAccount(entry.name));
-      } catch (error) {
-        warnings.push(
-          `Account "${entry.name}" is invalid: ${(error as Error).message}`,
-        );
-      }
-    }
-
-    const counts = new Map<string, number>();
-    for (const account of accounts) {
-      counts.set(account.identity, (counts.get(account.identity) ?? 0) + 1);
-    }
-
-    accounts.sort((left, right) => left.name.localeCompare(right.name));
-
-    return {
-      accounts: accounts.map((account) => ({
-        ...account,
-        duplicateAccountId: (counts.get(account.identity) ?? 0) > 1,
-      })),
-      warnings,
-    };
-  }
-
-  async readCurrentStatusAccounts() {
-    return await this.listAccounts();
-  }
-
-  createSnapshotMeta(
-    name: string,
-    snapshot: AuthSnapshot,
-    now: Date,
-    createdAt?: string | null,
-  ) {
-    return createSnapshotMeta(name, snapshot, now, createdAt ?? undefined);
-  }
-}
+export * from "./account-store/repository.js";

src/account-store-storage.ts

@@ -1,92 +1 @@
-import { homedir } from "node:os";
-import { basename, dirname, join } from "node:path";
-import { chmod, mkdir, readFile, rename, stat, writeFile } from "node:fs/promises";
-
-import type { StorePaths } from "./account-store-types.js";
-
-export const DIRECTORY_MODE = 0o700;
-export const FILE_MODE = 0o600;
-export const SCHEMA_VERSION = 1;
-export const QUOTA_REFRESH_CONCURRENCY = 3;
-
-const ACCOUNT_NAME_PATTERN = /^[A-Za-z0-9][A-Za-z0-9._-]{0,63}$/;
-
-export function defaultPaths(homeDir = homedir()): StorePaths {
-  const codexDir = join(homeDir, ".codex");
-  const codexTeamDir = join(homeDir, ".codex-team");
-
-  return {
-    homeDir,
-    codexDir,
-    codexTeamDir,
-    currentAuthPath: join(codexDir, "auth.json"),
-    currentConfigPath: join(codexDir, "config.toml"),
-    accountsDir: join(codexTeamDir, "accounts"),
-    backupsDir: join(codexTeamDir, "backups"),
-    statePath: join(codexTeamDir, "state.json"),
-  };
-}
-
-export async function chmodIfPossible(path: string, mode: number): Promise<void> {
-  try {
-    await chmod(path, mode);
-  } catch (error) {
-    const nodeError = error as NodeJS.ErrnoException;
-    if (nodeError.code !== "ENOENT") {
-      throw error;
-    }
-  }
-}
-
-export async function ensureDirectory(path: string, mode: number): Promise<void> {
-  await mkdir(path, { recursive: true, mode });
-  await chmodIfPossible(path, mode);
-}
-
-export async function atomicWriteFile(
-  path: string,
-  content: string,
-  mode = FILE_MODE,
-): Promise<void> {
-  const directory = dirname(path);
-  const tempPath = join(
-    directory,
-    `.${basename(path)}.${process.pid}.${Date.now()}.tmp`,
-  );
-
-  await ensureDirectory(directory, DIRECTORY_MODE);
-  await writeFile(tempPath, content, { encoding: "utf8", mode });
-  await chmodIfPossible(tempPath, mode);
-  await rename(tempPath, path);
-  await chmodIfPossible(path, mode);
-}
-
-export function stringifyJson(value: unknown): string {
-  return `${JSON.stringify(value, null, 2)}\n`;
-}
-
-export function ensureAccountName(name: string): void {
-  if (!ACCOUNT_NAME_PATTERN.test(name)) {
-    throw new Error(
-      'Account name must match /^[A-Za-z0-9][A-Za-z0-9._-]{0,63}$/ and cannot contain path separators.',
-    );
-  }
-}
-
-export async function pathExists(path: string): Promise<boolean> {
-  try {
-    await stat(path);
-    return true;
-  } catch (error) {
-    const nodeError = error as NodeJS.ErrnoException;
-    if (nodeError.code === "ENOENT") {
-      return false;
-    }
-
-    throw error;
-  }
-}
-
-export async function readJsonFile(path: string): Promise<string> {
-  return readFile(path, "utf8");
-}
+export * from "./account-store/storage.js";