Upload 13 files

exocore-web/src/console.ts

@@ -0,0 +1,469 @@
+// @ts-check
+
+import fs from "fs";
+import path from "path";
+import { spawn, ChildProcess } from "child_process";
+import { WebSocketServer, WebSocket, RawData } from 'ws';
+import http from 'http';
+import express from 'express';
+
+const LOG_DIR: string = path.resolve(__dirname, "../models/data");
+const LOG_FILE: string = path.join(LOG_DIR, "logs.txt");
+
+let processInstance: ChildProcess | null = null;
+let isRunning: boolean = false;
+let isAwaitingInput: boolean = false;
+
+const INPUT_PROMPT_STRING = "__NEEDS_INPUT__";
+
+interface ApiType {
+    clearLogFile: () => void;
+    broadcast: (msg: string | Buffer, wss?: WebSocketServer, isError?: boolean, silent?: boolean) => void;
+    parseExocoreRun: (filePath: string) => { exportCommands: string[]; runCommand: string | null };
+    executeCommand: (
+        command: string,
+        cwd: string,
+        onCloseCallback: (outcome: number | string | Error) => void,
+        wss?: WebSocketServer
+    ) => ChildProcess | null;
+    runCommandsSequentially: (
+        commands: string[],
+        cwd: string,
+        onSequenceDone: (success: boolean) => void,
+        wss?: WebSocketServer,
+        index?: number
+    ) => void;
+    start: (wss?: WebSocketServer, args?: string) => void;
+    stop: (wss?: WebSocketServer) => void;
+    restart: (wss?: WebSocketServer, args?: string) => void;
+    status: () => "running" | "stopped";
+}
+
+const api: ApiType = {
+    clearLogFile(): void {
+        if (!fs.existsSync(LOG_DIR)) {
+            fs.mkdirSync(LOG_DIR, { recursive: true });
+        }
+        fs.writeFileSync(LOG_FILE, "");
+    },
+
+    broadcast(msg: string | Buffer, wss?: WebSocketServer, isError: boolean = false, silent: boolean = false): void {
+        const data = msg.toString();
+        if (!fs.existsSync(LOG_DIR)) {
+            fs.mkdirSync(LOG_DIR, { recursive: true });
+        }
+        if (!data.includes(INPUT_PROMPT_STRING)) {
+            fs.appendFileSync(LOG_FILE, `${data}`);
+        }
+
+        if (!silent && wss && wss.clients) {
+            wss.clients.forEach((client: WebSocket) => {
+                if (client.readyState === WebSocket.OPEN) {
+                    if (data.includes(INPUT_PROMPT_STRING)) {
+                        const cleanData = data.replace(INPUT_PROMPT_STRING, "").trim();
+                        isAwaitingInput = true;
+                        client.send(JSON.stringify({ type: 'INPUT_REQUIRED', payload: cleanData }));
+                    } else {
+                        client.send(data);
+                    }
+                }
+            });
+        }
+        if (isError) {
+            console.error(`BROADCAST_ERROR_LOG: ${data.trim()}`);
+        }
+    },
+
+    parseExocoreRun(filePath: string): { exportCommands: string[]; runCommand: string | null } {
+        const raw: string = fs.readFileSync(filePath, "utf8");
+        const exportMatch: RegExpMatchArray | null = raw.match(/export\s*=\s*{([\s\S]*?)}/);
+        const functionMatch: RegExpMatchArray | null = raw.match(/function\s*=\s*{([\s\S]*?)}/);
+        const exportCommands: string[] = [];
+
+        if (exportMatch && exportMatch[1]) {
+            const lines: string[] = exportMatch[1].split(";");
+            for (let line of lines) {
+                const matchResult: RegExpMatchArray | null = line.match(/["'](.+?)["']/);
+                if (matchResult && typeof matchResult[1] === 'string' && matchResult[1].trim() !== '') {
+                    exportCommands.push(matchResult[1]);
+                }
+            }
+        }
+
+        let runCommand: string | null = null;
+        if (functionMatch && functionMatch[1]) {
+            const runMatch: RegExpMatchArray | null = functionMatch[1].match(/run\s*=\s*["'](.+?)["']/);
+            if (runMatch && typeof runMatch[1] === 'string' && runMatch[1].trim() !== '') {
+                runCommand = runMatch[1];
+            }
+        }
+        return { exportCommands, runCommand };
+    },
+
+    executeCommand(
+        command: string,
+        cwd: string,
+        onCloseCallback: (outcome: number | string | Error) => void,
+        wss?: WebSocketServer
+    ): ChildProcess | null {
+        let proc: ChildProcess | null = null;
+        try {
+            proc = spawn(command, {
+                cwd,
+                shell: true,
+                env: { ...process.env, FORCE_COLOR: "1", LANG: "en_US.UTF-8" },
+            });
+        } catch (rawErr: unknown) {
+            let errMsg = "Unknown spawn error";
+            if (rawErr instanceof Error) errMsg = rawErr.message;
+            else if (typeof rawErr === 'string') errMsg = rawErr;
+            api.broadcast(`\x1b[31m❌ Spawn error for command "${command}": ${errMsg}\x1b[0m`, wss, true, false);
+            if (typeof onCloseCallback === 'function') {
+                if (rawErr instanceof Error) onCloseCallback(rawErr);
+                else onCloseCallback(new Error(String(rawErr)));
+            }
+            return null;
+        }
+
+        if (proc.stdout) {
+            proc.stdout.on("data", (data: Buffer | string) => api.broadcast(data, wss, false, false));
+        }
+        if (proc.stderr) {
+            proc.stderr.on("data", (data: Buffer | string) => api.broadcast(`\x1b[31m${data.toString()}\x1b[0m`, wss, true, false));
+        }
+
+        proc.on("close", (code: number | null, signal: NodeJS.Signals | null) => {
+            if (typeof onCloseCallback === 'function') {
+                if (code === null) onCloseCallback(signal || 'signaled');
+                else onCloseCallback(code);
+            }
+        });
+
+        proc.on("error", (err: Error) => {
+            api.broadcast(`\x1b[31m❌ Command execution error for "${command}": ${err.message}\x1b[0m`, wss, true, false);
+            if (typeof onCloseCallback === 'function') onCloseCallback(err);
+        });
+        return proc;
+    },
+
+    runCommandsSequentially(
+        commands: string[],
+        cwd: string,
+        onSequenceDone: (success: boolean) => void,
+        wss?: WebSocketServer,
+        index: number = 0
+    ): void {
+        if (index >= commands.length) {
+            if (typeof onSequenceDone === 'function') onSequenceDone(true);
+            return;
+        }
+        const cmd = commands[index];
+
+        if (typeof cmd !== 'string' || cmd.trim() === "") {
+            api.broadcast(`\x1b[31m❌ Invalid or empty setup command at index ${index}.\x1b[0m`, wss, true, false);
+            if (typeof onSequenceDone === 'function') onSequenceDone(false);
+            return;
+        }
+
+        const proc = api.executeCommand(cmd, cwd, (outcome: number | string | Error) => {
+            const benignSignal = (typeof outcome === 'string' && (outcome.toUpperCase() === 'SIGTERM' || outcome.toUpperCase() === 'SIGKILL'));
+            if (outcome !== 0 && (typeof outcome === 'number' || outcome instanceof Error || (typeof outcome === 'string' && !benignSignal))) {
+                const errorMessage = outcome instanceof Error ? outcome.message : String(outcome);
+                api.broadcast(`\x1b[31m❌ Setup command "${cmd}" failed: ${errorMessage}\x1b[0m`, wss, true, false);
+                if (typeof onSequenceDone === 'function') onSequenceDone(false);
+                return;
+            }
+            api.runCommandsSequentially(commands, cwd, onSequenceDone, wss, index + 1);
+        }, wss
+        );
+
+        if (!proc) {
+            api.broadcast(`\x1b[31m❌ Failed to initiate setup command "${cmd}".\x1b[0m`, wss, true, false);
+            if (typeof onSequenceDone === 'function') onSequenceDone(false);
+        }
+    },
+
+    start(wss?: WebSocketServer, args?: string): void {
+        if (isRunning) {
+            api.broadcast("\x1b[33m⚠️ Process is already running.\x1b[0m", wss, true, false);
+            return;
+        }
+        api.clearLogFile();
+        api.broadcast(`\x1b[36m[SYSTEM] Starting process...\x1b[0m`, wss, false, true);
+        isAwaitingInput = false;
+
+        let projectPath: string | undefined;
+
+        try {
+            const configJsonPath: string = path.resolve(process.cwd(), 'config.json');
+            if (fs.existsSync(configJsonPath)) {
+                const configRaw: string = fs.readFileSync(configJsonPath, 'utf-8');
+                if (configRaw.trim() !== "") {
+                    const configData: any = JSON.parse(configRaw);
+                    if (configData && typeof configData.project === 'string' && configData.project.trim() !== "") {
+                        const configJsonDir: string = path.dirname(configJsonPath);
+                        const resolvedPath: string = path.resolve(configJsonDir, configData.project);
+                        if (fs.existsSync(resolvedPath) && fs.statSync(resolvedPath).isDirectory()) {
+                            projectPath = resolvedPath;
+                        } else {
+                            api.broadcast(`\x1b[31m❌ Error: Project path from config.json is invalid: ${resolvedPath}\x1b[0m`, wss, true, false);
+                            return;
+                        }
+                    } else {
+                        api.broadcast(`\x1b[31m❌ Error: 'project' key in config.json is missing or invalid.\x1b[0m`, wss, true, false);
+                        return;
+                    }
+                } else {
+                    api.broadcast(`\x1b[31m❌ Error: config.json is empty.\x1b[0m`, wss, true, false);
+                    return;
+                }
+            } else {
+                api.broadcast(`\x1b[31m❌ Error: Configuration file not found at ${configJsonPath}.\x1b[0m`, wss, true, false);
+                return;
+            }
+        } catch (rawErr: unknown) {
+            api.broadcast(`\x1b[31m❌ Error reading or parsing project configuration.\x1b[0m`, wss, true, false);
+            return;
+        }
+
+        if (typeof projectPath !== 'string') {
+            api.broadcast(`\x1b[31m❌ Project path could not be determined.\x1b[0m`, wss, true, false);
+            return;
+        }
+
+        const currentProjectPath: string = projectPath;
+        const exocoreRunPath: string = path.join(currentProjectPath, "exocore.run");
+
+        if (!fs.existsSync(exocoreRunPath)) {
+            api.broadcast(`\x1b[31m❌ Missing exocore.run file in ${currentProjectPath}.\x1b[0m`, wss, true, false);
+            return;
+        }
+
+        const { exportCommands, runCommand } = api.parseExocoreRun(exocoreRunPath);
+
+        if (!runCommand) {
+            api.broadcast("\x1b[31m❌ Missing run command in exocore.run.\x1b[0m", wss, true, false);
+            return;
+        }
+
+        const currentRunCommand: string = args ? `${runCommand} ${args}` : runCommand;
+
+        api.runCommandsSequentially([...exportCommands], currentProjectPath, (setupSuccess: boolean) => {
+            if (!setupSuccess) {
+                api.broadcast(`\x1b[31m❌ Setup commands failed. Main process will not start.\x1b[0m`, wss, true, false);
+                return;
+            }
+
+            api.broadcast(`\x1b[36m[SYSTEM] Executing: ${currentRunCommand}\x1b[0m`, wss, false, true);
+
+            let spawnedProc: ChildProcess | null = null;
+            try {
+                spawnedProc = spawn(currentRunCommand, {
+                    cwd: currentProjectPath,
+                    shell: true,
+                    detached: true,
+                    env: { ...process.env, FORCE_COLOR: "1", LANG: "en_US.UTF-8" },
+                });
+            } catch (rawErr: unknown) {
+                api.broadcast(`\x1b[31m❌ Failed to spawn main process.\x1b[0m`, wss, true, false);
+                return;
+            }
+
+            if (!spawnedProc || typeof spawnedProc.pid !== 'number') {
+                api.broadcast(`\x1b[31m❌ Failed to get process handle.\x1b[0m`, wss, true, false);
+                return;
+            }
+
+            processInstance = spawnedProc;
+            isRunning = true;
+            api.broadcast(`\x1b[32m[SYSTEM] Process started with PID: ${processInstance.pid}\x1b[0m`, wss, false, true);
+
+            if (processInstance.stdout) {
+                processInstance.stdout.on("data", (data: Buffer | string) => api.broadcast(data, wss, false, false));
+            }
+            if (processInstance.stderr) {
+                processInstance.stderr.on("data", (data: Buffer | string) =>
+                    api.broadcast(`\x1b[31m${data.toString()}\x1b[0m`, wss, true, false)
+                );
+            }
+
+            processInstance.on("close", (code: number | null, signal: NodeJS.Signals | null) => {
+                isRunning = false;
+                processInstance = null;
+                isAwaitingInput = false;
+                const exitReason = signal ? `signal ${signal}` : `code ${code}`;
+                api.broadcast(`\x1b[33m[SYSTEM] Process exited with ${exitReason}. It will not be restarted automatically.\x1b[0m`, wss, false, false);
+            });
+
+            processInstance.on("error", (err: Error) => {
+                api.broadcast(`\x1b[31m❌ Error with main process: ${err.message}\x1b[0m`, wss, true, false);
+                isRunning = false;
+                processInstance = null;
+                isAwaitingInput = false;
+            });
+        }, wss);
+    },
+
+    stop(wss?: WebSocketServer): void {
+        if (!processInstance || typeof processInstance.pid !== 'number') {
+            api.broadcast("\x1b[33m⚠️ No active process to stop.\x1b[0m", wss, true, false);
+            if (isRunning) {
+                isRunning = false;
+                processInstance = null;
+            }
+            return;
+        }
+
+        if (!isRunning) {
+            api.broadcast("\x1b[33m⚠️ Process is already stopped.\x1b[0m", wss, true, false);
+            return;
+        }
+
+        const pidToStop: number = processInstance.pid;
+        api.broadcast(`\x1b[36m[SYSTEM] Stopping process group PID: ${pidToStop}...\x1b[0m`, wss, false, true);
+
+        try {
+            process.kill(-pidToStop, "SIGTERM");
+
+            setTimeout(() => {
+                if (processInstance && processInstance.pid === pidToStop && !processInstance.killed) {
+                    api.broadcast(`\x1b[33m[SYSTEM] ⚠️ Process ${pidToStop} unresponsive, sending SIGKILL.\x1b[0m`, wss, true, false);
+                    try {
+                        process.kill(-pidToStop, "SIGKILL");
+                    } catch (rawKillErr: unknown) {
+                        const err = rawKillErr as NodeJS.ErrnoException;
+                        if (err.code !== 'ESRCH') {
+                            api.broadcast(`\x1b[31m[SYSTEM] ❌ Error sending SIGKILL to PID ${pidToStop}: ${err.message}\x1b[0m`, wss, true, false);
+                        }
+                    } finally {
+                        if (processInstance && processInstance.pid === pidToStop) {
+                            isRunning = false;
+                            processInstance = null;
+                        }
+                    }
+                }
+            }, 3000);
+        } catch (rawTermErr: unknown) {
+            const err = rawTermErr as NodeJS.ErrnoException;
+            if (err.code !== 'ESRCH') {
+                api.broadcast(`\x1b[31m❌ Error sending SIGTERM: ${err.message}\x1b[0m`, wss, true, false);
+            }
+            isRunning = false;
+            processInstance = null;
+        }
+    },
+
+    restart(wss?: WebSocketServer, args?: string): void {
+        api.broadcast(`\x1b[36m[SYSTEM] Restarting process...\x1b[0m`, wss, false, true);
+        api.stop(wss);
+        setTimeout(() => {
+            api.start(wss, args);
+        }, 1000);
+    },
+
+    status(): "running" | "stopped" {
+        if (isRunning && processInstance && !processInstance.killed) {
+            try {
+                process.kill(processInstance.pid!, 0);
+                return "running";
+            } catch (e) {
+                isRunning = false;
+                processInstance = null;
+                return "stopped";
+            }
+        }
+        return "stopped";
+    },
+};
+
+export interface RouteHandlerParamsSuperset {
+    app?: express.Application;
+    req: express.Request;
+    res: express.Response;
+    wss?: WebSocketServer;
+    wssConsole?: WebSocketServer;
+    Shellwss?: WebSocketServer;
+    server?: http.Server;
+}
+
+export interface ExpressRouteModule {
+    method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+    path: string;
+    install: (params: Partial<RouteHandlerParamsSuperset>) => void;
+}
+
+type StartStopRestartParams = Pick<RouteHandlerParamsSuperset, 'req' | 'res' | 'wssConsole'>;
+type ConsoleStatusParams = Pick<RouteHandlerParamsSuperset, 'res'>;
+
+export const modules: Array<{
+    method: "get" | "post";
+    path: string;
+    install: (params: any) => void;
+}> = [
+    {
+        method: "post",
+        path: "/start",
+        install: ({ req, res, wssConsole }: StartStopRestartParams) => {
+            if (!wssConsole) return res.status(500).send("Console WebSocket server not available.");
+            api.start(wssConsole, req.body?.args);
+            res.send(`Process start initiated.`);
+        },
+    },
+    {
+        method: "post",
+        path: "/stop",
+        install: ({ res, wssConsole }: StartStopRestartParams) => {
+            if (!wssConsole) return res.status(500).send("Console WebSocket server not available.");
+            api.stop(wssConsole);
+            res.send(`Process stop initiated.`);
+        },
+    },
+    {
+        method: "post",
+        path: "/restart",
+        install: ({ req, res, wssConsole }: StartStopRestartParams) => {
+            if (!wssConsole) return res.status(500).send("Console WebSocket server not available.");
+            api.restart(wssConsole, req.body?.args);
+            res.send(`Process restart initiated.`);
+        },
+    },
+    {
+        method: "get",
+        path: "/console/status",
+        install: ({ res }: ConsoleStatusParams) => {
+            res.send(api.status());
+        },
+    },
+];
+
+export function setupConsoleWS(wssConsole: WebSocketServer): void {
+    wssConsole.on("connection", (ws: WebSocket) => {
+        console.log("Console WebSocket client connected");
+        try {
+            const logContent: string = fs.existsSync(LOG_FILE) ? fs.readFileSync(LOG_FILE, "utf8") : "\x1b[33mℹ️ No previous logs.\x1b[0m";
+            ws.send(logContent);
+        } catch (err) {
+            ws.send("\x1b[31mError reading past logs.\x1b[0m");
+        }
+
+        ws.on("message", (rawMessage: RawData) => {
+            try {
+                const message = JSON.parse(rawMessage.toString());
+
+                if (message.type === 'STDIN_INPUT' && typeof message.payload === 'string') {
+                    if (processInstance && isRunning && isAwaitingInput && processInstance.stdin && processInstance.stdin.writable) {
+                        processInstance.stdin.write(message.payload + '\n');
+                        isAwaitingInput = false;
+                    } else {
+                        api.broadcast(`\x1b[33m[SYSTEM-WARN] Process not running or not awaiting input.\x1b[0m`, wssConsole, true, false);
+                    }
+                }
+            } catch (e) {
+                console.log(`Received non-command message from client: ${rawMessage.toString()}`);
+            }
+        });
+
+        ws.on("close", () => console.log("Console WebSocket client disconnected"));
+        ws.on("error", (error: Error) => console.error("Console WebSocket client error:", error));
+    });
+}

exocore-web/src/file-manager.ts

@@ -0,0 +1,730 @@
+import fs from 'fs';
+import path from 'path';
+import archiver, { ArchiverError } from 'archiver';
+import multer, { Multer } from 'multer';
+import extract from 'extract-zip';
+import yauzl, { Options as YauzlOptions, ZipFile as YauzlZipFile, Entry as YauzlEntry } from 'yauzl';
+import { Request, Response, Application, RequestHandler } from 'express';
+
+const configJsonPath: string = path.resolve(__dirname, '../config.json');
+const UPLOAD_TEMP_DIR: string = path.resolve(__dirname, '../upload_temp');
+
+let currentProjectPathFromConfig: string = '';
+let currentBaseDir: string = '';
+
+async function pathExists(p: string): Promise<boolean> {
+  try {
+    await fs.promises.access(p, fs.constants.F_OK);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+async function ensureDirExists(dirPath: string): Promise<void> {
+  if (dirPath && !(await pathExists(dirPath))) {
+    await fs.promises.mkdir(dirPath, { recursive: true });
+  }
+}
+
+ensureDirExists(UPLOAD_TEMP_DIR).catch(err => {
+  console.error("FATAL: Failed to create UPLOAD_TEMP_DIR on startup:", err);
+});
+
+interface AppConfig {
+  project?: string;
+  [key: string]: any;
+}
+
+function updatePathsFromConfig(): boolean {
+  const oldRawProjectPath = currentProjectPathFromConfig;
+  const oldBaseDir = currentBaseDir;
+  const wasPreviouslyValid = oldBaseDir !== '';
+
+  let newRawProjectPathCandidate: string = '';
+  let newResolvedBaseDirCandidate: string = '';
+  let isNowValidConfig: boolean = false;
+
+  try {
+    if (!fs.existsSync(configJsonPath)) {
+      newRawProjectPathCandidate = '';
+      newResolvedBaseDirCandidate = '';
+      isNowValidConfig = false;
+    } else {
+      const rawConfigData: string = fs.readFileSync(configJsonPath, 'utf-8');
+      if (rawConfigData.trim() === '') {
+        newRawProjectPathCandidate = '';
+        newResolvedBaseDirCandidate = '';
+        isNowValidConfig = false;
+      } else {
+        const parsedConfig: AppConfig = JSON.parse(rawConfigData);
+        if (parsedConfig && typeof parsedConfig.project === 'string') {
+          newRawProjectPathCandidate = parsedConfig.project;
+          const trimmedProjectPath: string = parsedConfig.project.trim();
+          if (trimmedProjectPath !== '') {
+            const configJsonDir: string = path.dirname(configJsonPath);
+            newResolvedBaseDirCandidate = path.resolve(configJsonDir, trimmedProjectPath);
+            isNowValidConfig = true;
+          } else {
+            newResolvedBaseDirCandidate = '';
+            isNowValidConfig = false;
+          }
+        } else {
+          newRawProjectPathCandidate = '';
+          newResolvedBaseDirCandidate = '';
+          isNowValidConfig = false;
+        }
+      }
+    }
+  } catch (error: any) {
+    const errMsg = error instanceof Error ? error.message : String(error);
+    console.error(`[ConfigMonitor] ERROR reading/parsing ${configJsonPath}: ${errMsg}`);
+    newRawProjectPathCandidate = '';
+    newResolvedBaseDirCandidate = '';
+    isNowValidConfig = false;
+  }
+
+  currentProjectPathFromConfig = newRawProjectPathCandidate;
+  currentBaseDir = isNowValidConfig ? newResolvedBaseDirCandidate : '';
+
+  if (isNowValidConfig) {
+    if (!wasPreviouslyValid) {
+      console.log(`[ConfigMonitor] PROJECT LOADED: Project path "${currentProjectPathFromConfig.trim()}" configured. Base directory: ${currentBaseDir}`);
+    } else if (currentBaseDir !== oldBaseDir) {
+      console.log(`[ConfigMonitor] PROJECT CHANGED: Project path updated to "${currentProjectPathFromConfig.trim()}". New base directory: ${currentBaseDir}`);
+    }
+  } else {
+    if (wasPreviouslyValid) {
+      console.warn(`[ConfigMonitor] PROJECT UNCONFIGURED: Project path "${oldRawProjectPath}" (was base: "${oldBaseDir}") is now invalid, removed, or config error. Waiting for configuration.`);
+    }
+  }
+  return isNowValidConfig;
+}
+
+function startConfigMonitor(): void {
+  console.log(`[ConfigMonitor] Initializing: Monitoring ${configJsonPath} for project configuration.`);
+  const initiallyValid = updatePathsFromConfig();
+
+  if (!initiallyValid) {
+      console.warn(`[ConfigMonitor] Initial Status: No valid project path found in ${configJsonPath}. Waiting for configuration.`);
+  }
+
+  setInterval(() => {
+    updatePathsFromConfig();
+  }, 1000);
+}
+
+startConfigMonitor();
+
+const upload: Multer = multer({ dest: UPLOAD_TEMP_DIR });
+
+function runMulterMiddleware(req: Request, res: Response, multerMiddleware: RequestHandler): Promise<void> {
+  return new Promise<void>((resolve, reject) => {
+    multerMiddleware(req, res, (err: any) => {
+      if (err) {
+        return reject(err);
+      }
+      resolve();
+    });
+  });
+}
+
+async function safePathResolve(relativePathInput: string | undefined | null, checkExists: boolean = false): Promise<string> {
+  if (!currentBaseDir) {
+    console.error("[safePathResolve] Error: Attempted to operate while project base directory is not configured.");
+    throw new Error('Project base directory is not configured. Please check config.json and ensure the "project" key is set to a valid path.');
+  }
+
+  const activeBaseDir: string = path.resolve(currentBaseDir);
+
+  if (relativePathInput === '') {
+      await ensureDirExists(activeBaseDir);
+      if (checkExists && !(await pathExists(activeBaseDir))) {
+           throw new Error(`Base project directory not found: ${activeBaseDir}`);
+      }
+      return activeBaseDir;
+  }
+
+  if (typeof relativePathInput !== 'string' || relativePathInput.trim() === '') {
+    throw new Error('Invalid path provided: path is empty or not a string (and not an intentional empty string for base directory).');
+  }
+
+  const trimmedRelativePath: string = relativePathInput.trim();
+  const resolvedPath: string = path.resolve(activeBaseDir, trimmedRelativePath);
+
+  if (!resolvedPath.startsWith(activeBaseDir + path.sep) && resolvedPath !== activeBaseDir) {
+    console.error(`[safePathResolve] Unsafe path attempt: Resolved "${resolvedPath}" is outside base "${activeBaseDir}" from relative "${trimmedRelativePath}"`);
+    throw new Error('Unsafe path: Access denied due to path traversal attempt.');
+  }
+
+  if (checkExists && !(await pathExists(resolvedPath))) {
+    const displayPath: string = path.relative(activeBaseDir, resolvedPath) || trimmedRelativePath;
+    console.warn(`[safePathResolve] Path not found: "${displayPath}" (resolved from "${trimmedRelativePath}" within base "${activeBaseDir}")`);
+    throw new Error(`Path not found: ${displayPath}`);
+  }
+  return resolvedPath;
+}
+
+interface FileManagerRouteParams {
+  req: Request;
+  res: Response;
+  app?: Application;
+}
+
+type HttpMethod = "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+
+interface FileManagerExpressRouteModule {
+  method: HttpMethod;
+  path: string;
+  install: (params: FileManagerRouteParams) => Promise<void> | void;
+}
+
+export const modules: FileManagerExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/file/list', // <--- Here it is
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const dirToList: string = await safePathResolve('');
+
+        const itemNames: string[] = await fs.promises.readdir(dirToList);
+        const items = await Promise.all(itemNames.map(async (name) => {
+          const fullPath: string = path.join(dirToList, name);
+          const stat: fs.Stats = await fs.promises.stat(fullPath);
+          return { name, isDir: stat.isDirectory() };
+        }));
+        res.json(items);
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/list:', errMsg, e);
+        if (errMsg.includes('Project base directory is not configured')) {
+            res.status(503).send(errMsg);
+        } else if (e instanceof Error && e.message.startsWith('Path not found')) {
+            res.status(404).send("Root project directory not found or accessible.");
+        } else {
+            res.status(500).send(errMsg);
+        }
+      }
+    },
+  },
+
+  {
+    method: 'post',
+    path: '/file/list',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const dirToList: string = await safePathResolve('');
+
+        const itemNames: string[] = await fs.promises.readdir(dirToList);
+        const items = await Promise.all(itemNames.map(async (name) => {
+          const fullPath: string = path.join(dirToList, name);
+          const stat: fs.Stats = await fs.promises.stat(fullPath);
+          return { name, isDir: stat.isDirectory() };
+        }));
+        res.json(items);
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/list:', errMsg, e);
+        if (errMsg.includes('Project base directory is not configured')) {
+            res.status(503).send(errMsg);
+        } else if (e instanceof Error && e.message.startsWith('Path not found')) {
+            res.status(404).send("Root project directory not found or accessible.");
+        } else {
+            res.status(500).send(errMsg);
+        }
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/open',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const filePath: string = await safePathResolve(req.body.file, true);
+        const content: string = await fs.promises.readFile(filePath, 'utf8');
+        res.send(content);
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/open:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        else if (e instanceof Error && e.message.startsWith('Path not found')) statusCode = 404;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/save',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const fileRelativePath: string = req.body.file;
+        const content: string = req.body.content;
+
+        if (typeof content !== 'string') {
+            res.status(400).send('Invalid content for file save.');
+            return;
+        }
+        const filePath: string = await safePathResolve(fileRelativePath, false);
+        const dirForFile: string = path.dirname(filePath);
+        await ensureDirExists(dirForFile);
+
+        await fs.promises.writeFile(filePath, content, 'utf8');
+        res.send('File saved');
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/save:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/upload',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        if (!currentBaseDir) {
+            throw new Error('Project base directory is not configured. Cannot accept uploads.');
+        }
+        await runMulterMiddleware(req, res, upload.single('file'));
+
+        if (!req.file) {
+          res.status(400).send('No file uploaded.');
+          return;
+        }
+        const uploadedFile: Express.Multer.File = req.file as Express.Multer.File;
+
+        const relativeTargetSubfolder: string = typeof req.body.path === 'string' && req.body.path.trim() !== ''
+          ? req.body.path.trim()
+          : '';
+
+        const targetDirectory: string = await safePathResolve(relativeTargetSubfolder, false);
+
+        try {
+            const targetStat: fs.Stats = await fs.promises.stat(targetDirectory);
+            if (!targetStat.isDirectory()) {
+                await fs.promises.unlink(uploadedFile.path);
+                res.status(400).send('Target path exists but is not a directory.');
+                return;
+            }
+        } catch (statError: any) {
+            if (statError && typeof statError === 'object' && 'code' in statError && statError.code === 'ENOENT') {
+                 await ensureDirExists(targetDirectory);
+            } else {
+                await fs.promises.unlink(uploadedFile.path);
+                throw statError;
+            }
+        }
+
+        const finalDestination: string = path.join(targetDirectory, uploadedFile.originalname);
+        if (!finalDestination.startsWith(targetDirectory + path.sep) && finalDestination !== targetDirectory) {
+             await fs.promises.unlink(uploadedFile.path);
+             throw new Error("Upload failed: constructed final path is outside target directory.");
+        }
+
+        await fs.promises.rename(uploadedFile.path, finalDestination);
+        const displayPath: string = path.relative(path.resolve(currentBaseDir), finalDestination).split(path.sep).join('/') || uploadedFile.originalname;
+        res.send('File uploaded to ' + displayPath);
+
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/upload handler:', errMsg, e);
+        const currentReqFile = req.file as Express.Multer.File | undefined;
+        if (currentReqFile && currentReqFile.path && await pathExists(currentReqFile.path)) {
+          await fs.promises.unlink(currentReqFile.path).catch(unlinkErr => console.error("Failed to cleanup temp upload file:", (unlinkErr as Error).message));
+        }
+        if (!res.headersSent) {
+            let statusCode: number = 500;
+            if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+            else if (e instanceof multer.MulterError) statusCode = 400;
+            else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+            res.status(statusCode).send(errMsg);
+        }
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/download',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const filePath: string = await safePathResolve(req.body.file, true);
+        const stat: fs.Stats = await fs.promises.stat(filePath);
+        if (!stat.isFile()) {
+          res.status(400).send('Specified path is not a file.');
+          return;
+        }
+        res.download(filePath);
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/download:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        else if (e instanceof Error && e.message.startsWith('Path not found')) statusCode = 404;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/download-zip',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const folderRelativePath: string = typeof req.body.folder === 'string' ? req.body.folder.trim() : '';
+        const folderToZip: string = await safePathResolve(folderRelativePath, true);
+
+        const stat: fs.Stats = await fs.promises.stat(folderToZip);
+        if (!stat.isDirectory()) {
+          res.status(400).send('Specified path is not a directory.');
+          return;
+        }
+
+        const zipName: string = (path.basename(folderToZip) || 'archive') + '.zip';
+        res.setHeader('Content-Disposition', `attachment; filename="${zipName}"`);
+        res.setHeader('Content-Type', 'application/zip');
+
+        const archive = archiver('zip', { zlib: { level: 9 } });
+
+        archive.on('warning', (err: ArchiverError) => {
+            console.warn('[Archiver Warning]', err.code, err.message);
+        });
+        archive.on('error', (err: Error) => {
+          console.error('[Archiver Error]', err.message, err);
+          if (!res.headersSent) {
+            res.status(500).send({ error: 'Failed to create zip file: ' + err.message });
+          } else if (res.writable && !res.writableEnded) {
+            res.end();
+          }
+        });
+        archive.pipe(res);
+        archive.directory(folderToZip, false);
+        await archive.finalize();
+
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/download-zip setup:', errMsg, e);
+        if (!res.headersSent) {
+            let statusCode: number = 500;
+            if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+            else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+            else if (e instanceof Error && e.message.startsWith('Path not found')) statusCode = 404;
+            res.status(statusCode).send(errMsg);
+        }
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/unzip',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      const {
+        zipFilePath: zipFileRelativePath,
+        destinationPath: destinationRelativePathInput,
+        overwrite
+      }: { zipFilePath: string; destinationPath?: string; overwrite?: boolean } = req.body;
+
+      try {
+        if (typeof zipFileRelativePath !== 'string' || zipFileRelativePath.trim() === '') {
+          res.status(400).send('zipFilePath is required.'); return;
+        }
+        const absoluteZipFilePath: string = await safePathResolve(zipFileRelativePath.trim(), true);
+        if (!(await fs.promises.stat(absoluteZipFilePath)).isFile()) {
+          res.status(400).send(`Specified zipFilePath '${zipFileRelativePath}' is not a file.`); return;
+        }
+        if (!absoluteZipFilePath.toLowerCase().endsWith('.zip')) {
+            console.warn(`[Unzip] Warning: File '${zipFileRelativePath}' may not be a .zip file based on extension. Attempting unzip.`);
+        }
+
+        let absoluteDestinationDir: string;
+        const resolvedCurrentBaseDir: string = path.resolve(currentBaseDir);
+
+        if (typeof destinationRelativePathInput === 'string' && destinationRelativePathInput.trim() !== '') {
+          absoluteDestinationDir = await safePathResolve(destinationRelativePathInput.trim(), false);
+        } else {
+          absoluteDestinationDir = path.dirname(absoluteZipFilePath);
+          if (!absoluteDestinationDir.startsWith(resolvedCurrentBaseDir + path.sep) && absoluteDestinationDir !== resolvedCurrentBaseDir) {
+            console.error(`[Unzip] Default destination dir "${absoluteDestinationDir}" is outside base "${resolvedCurrentBaseDir}"`);
+            throw new Error('Default extraction path is outside the allowed project directory.');
+          }
+        }
+
+        try {
+            const destStat: fs.Stats = await fs.promises.stat(absoluteDestinationDir);
+            if (!destStat.isDirectory()) {
+                res.status(400).send(`Destination path '${path.relative(resolvedCurrentBaseDir, absoluteDestinationDir).split(path.sep).join('/') || '.'}' exists and is not a directory.`); return;
+            }
+        } catch (statError: any) {
+            if (statError && typeof statError === 'object' && 'code' in statError && statError.code === 'ENOENT') {
+            } else {
+                throw statError;
+            }
+        }
+        await ensureDirExists(absoluteDestinationDir);
+
+        if (!overwrite) {
+          const conflictingEntries: string[] = [];
+          const openZipForRead = (filePath: string, options: YauzlOptions): Promise<YauzlZipFile> =>
+            new Promise<YauzlZipFile>((resolveMain, rejectMain) => {
+              yauzl.open(filePath, options, (err: Error | null, zipfile?: YauzlZipFile) => {
+                if (err || !zipfile) rejectMain(err || new Error("Failed to open zipfile. Path: " + filePath));
+                else resolveMain(zipfile);
+              });
+            });
+
+          let zipfile: YauzlZipFile | null = null;
+          try {
+            zipfile = await openZipForRead(absoluteZipFilePath, { lazyEntries: true });
+            const currentZipfile: YauzlZipFile = zipfile;
+            await new Promise<void>((resolveLoop, rejectLoop) => {
+              currentZipfile.on('error', rejectLoop);
+              currentZipfile.on('end', resolveLoop);
+              currentZipfile.on('entry', async (entry: YauzlEntry) => {
+                const targetPath: string = path.resolve(absoluteDestinationDir, entry.fileName);
+                if (!targetPath.startsWith(absoluteDestinationDir)) {
+                    console.warn(`[Unzip] Skipped potentially unsafe entry during conflict check: ${entry.fileName} (resolves outside destination)`);
+                    currentZipfile.readEntry();
+                    return;
+                }
+                if (await pathExists(targetPath)) {
+                  const existingStat: fs.Stats = await fs.promises.stat(targetPath);
+                  const entryIsDirectory: boolean = entry.fileName.endsWith('/');
+                  if (existingStat.isDirectory() !== entryIsDirectory) {
+                    conflictingEntries.push(`${entry.fileName} (type mismatch: existing is ${existingStat.isDirectory() ? 'dir' : 'file'}, zip entry is ${entryIsDirectory ? 'dir' : 'file'})`);
+                  } else if (!entryIsDirectory) {
+                    conflictingEntries.push(entry.fileName);
+                  }
+                }
+                currentZipfile.readEntry();
+              });
+              currentZipfile.readEntry();
+            });
+          } finally {
+            zipfile?.close();
+          }
+
+          if (conflictingEntries.length > 0) {
+            res.status(409).send({
+              message: "Extraction would overwrite or conflict with existing files/directories. Please use 'overwrite: true' in your request to proceed.",
+              conflicts: conflictingEntries
+            });
+            return;
+          }
+        }
+
+        await extract(absoluteZipFilePath, { dir: absoluteDestinationDir });
+        const displayDestPath: string = path.relative(resolvedCurrentBaseDir, absoluteDestinationDir).split(path.sep).join('/') || '.';
+        res.send(`Successfully unzipped '${path.basename(zipFileRelativePath)}' to '${displayDestPath}'`);
+
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        let statusCode: number = 500;
+        let clientMsg: string = `Failed to unzip: ${errMsg}`;
+
+        if (errMsg.includes('Project base directory is not configured')) { statusCode = 503; clientMsg = errMsg; }
+        else if (e instanceof Error) {
+            if (e.message.startsWith('Unsafe path')) { statusCode = 403; clientMsg = errMsg; }
+            else if (e.message.startsWith('Path not found')) { statusCode = 404; clientMsg = errMsg; }
+            else if (e.message.includes('is not a directory')) { statusCode = 400; clientMsg = errMsg; }
+            else if (errMsg.toLowerCase().includes("invalid") && (errMsg.toLowerCase().includes("zip") || errMsg.toLowerCase().includes("archive"))) {
+                statusCode = 400; clientMsg = `Failed to unzip '${zipFileRelativePath || 'file'}': May be corrupted or not a valid ZIP.`;
+            } else if (errMsg.includes("yauzl") && (errMsg.includes("Не найден указанный файл") || errMsg.includes("end of central directory record signature not found") || errMsg.includes("Failed to open zipfile"))) {
+                statusCode = 400; clientMsg = `Failed to read '${zipFileRelativePath || 'file'}': Invalid or corrupted ZIP file.`;
+            } else if (e.message.includes('EEXIST') || e.message.includes('ENOTDIR') || (e.message.includes('entry') && e.message.includes('isDirectory') && e.message.includes('false but is a directory'))) {
+                statusCode = 409;
+                clientMsg = `Failed to unzip: A conflict occurred during extraction (e.g., a file exists where a directory was expected, or vice-versa). Original error: ${errMsg}`;
+            }
+        }
+        console.error(`Error in /file/unzip (HTTP ${statusCode}):`, errMsg, e);
+        if (!res.headersSent) res.status(statusCode).send(clientMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/create',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const fileRelativePath: string = req.body.file;
+        if (typeof fileRelativePath !== 'string' || fileRelativePath.trim() === '') {
+            res.status(400).send('File path is required.'); return;
+        }
+        const filePath: string = await safePathResolve(fileRelativePath.trim(), false);
+        if (await pathExists(filePath)) {
+          res.status(400).send('File or folder already exists at the target path.'); return;
+        }
+        await ensureDirExists(path.dirname(filePath));
+        await fs.promises.writeFile(filePath, '');
+        res.send('File created: ' + (path.relative(path.resolve(currentBaseDir), filePath).split(path.sep).join('/') || path.basename(filePath)));
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/create:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/create-folder',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const folderRelativePath: string = req.body.folder;
+        if (typeof folderRelativePath !== 'string' || folderRelativePath.trim() === '') {
+            res.status(400).send('Folder path is required.'); return;
+        }
+        const folderPath: string = await safePathResolve(folderRelativePath.trim(), false);
+        if (await pathExists(folderPath)) {
+          res.status(400).send('File or folder already exists at the target path.'); return;
+        }
+        await fs.promises.mkdir(folderPath, { recursive: true });
+        res.send('Folder created: ' + (path.relative(path.resolve(currentBaseDir), folderPath).split(path.sep).join('/') || path.basename(folderPath)));
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/create-folder:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/open-folder',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const relativeFolderPath: string = typeof req.body.folder === 'string' ? req.body.folder.trim() : '';
+        const folderPath: string = await safePathResolve(relativeFolderPath, true);
+
+        if (!(await fs.promises.stat(folderPath)).isDirectory()) {
+            res.status(400).send(`Specified path '${relativeFolderPath}' is not a directory.`); return;
+        }
+        const itemNames: string[] = await fs.promises.readdir(folderPath);
+        const items = await Promise.all(itemNames.map(async (name) => {
+          const fullPath: string = path.join(folderPath, name);
+          const itemStat: fs.Stats = await fs.promises.stat(fullPath);
+          return { name, isDir: itemStat.isDirectory(), size: itemStat.size, lastModified: itemStat.mtimeMs };
+        }));
+
+        const resolvedCurrentBaseDir: string = path.resolve(currentBaseDir);
+        const currentDisplayPath: string = path.relative(resolvedCurrentBaseDir, folderPath).split(path.sep).join('/');
+
+        res.json({
+          currentPath: folderPath === resolvedCurrentBaseDir ? '' : currentDisplayPath,
+          items,
+        });
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/open-folder:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        else if (e instanceof Error && e.message.startsWith('Path not found')) statusCode = 404;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/rename',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const { oldPath: oldRelativePath, newPath: newRelativePath }: { oldPath: string; newPath: string } = req.body;
+        if (typeof oldRelativePath !== 'string' || !oldRelativePath.trim() ||
+            typeof newRelativePath !== 'string' || !newRelativePath.trim()) {
+          res.status(400).send('Old and new paths are required and cannot be empty.'); return;
+        }
+
+        const trimmedOldRelativePath: string = oldRelativePath.trim();
+        const trimmedNewRelativePath: string = newRelativePath.trim();
+
+        if (trimmedOldRelativePath === trimmedNewRelativePath) {
+            res.status(400).send('Old and new paths cannot be the same.'); return;
+        }
+
+        const oldFullPath: string = await safePathResolve(trimmedOldRelativePath, true);
+
+        const newName: string = path.basename(trimmedNewRelativePath);
+        if (!newName || newName === '.' || newName === '..') {
+            res.status(400).send('New name is invalid.'); return;
+        }
+        const newParentDirRelative: string = path.dirname(trimmedNewRelativePath);
+        const newParentDirAbsolute: string = await safePathResolve(newParentDirRelative, false);
+        await ensureDirExists(newParentDirAbsolute);
+
+        const newFullPath: string = path.join(newParentDirAbsolute, newName);
+
+        const resolvedCurrentBaseDir: string = path.resolve(currentBaseDir);
+        if (!newFullPath.startsWith(resolvedCurrentBaseDir + path.sep) && newFullPath !== resolvedCurrentBaseDir) {
+            throw new Error('Unsafe new path: Target is outside the allowed directory.');
+        }
+
+        if (oldFullPath === newFullPath) {
+            res.status(400).send('Resolved old and new paths are identical.'); return;
+        }
+        if (await pathExists(newFullPath)) {
+          res.status(400).send(`Item at new path '${trimmedNewRelativePath}' already exists.`); return;
+        }
+
+        await fs.promises.rename(oldFullPath, newFullPath);
+        res.send('Renamed successfully to ' + (path.relative(resolvedCurrentBaseDir, newFullPath).split(path.sep).join('/') || newName));
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/rename:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        else if (e instanceof Error && e.message.startsWith('Path not found')) statusCode = 404;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+  {
+    method: 'post',
+    path: '/file/delete',
+    install: async ({ req, res }: FileManagerRouteParams) => {
+      try {
+        const itemRelativePath: string = req.body.path;
+        if (typeof itemRelativePath !== 'string' || !itemRelativePath.trim()) {
+            res.status(400).send('Path for deletion is required.'); return;
+        }
+        const trimmedItemRelativePath: string = itemRelativePath.trim();
+        if (trimmedItemRelativePath === '.' || trimmedItemRelativePath === '/') {
+            res.status(400).send('Invalid path for deletion. Cannot delete root.'); return;
+        }
+
+        const itemFullPath: string = await safePathResolve(trimmedItemRelativePath, true);
+        const resolvedCurrentBaseDir: string = path.resolve(currentBaseDir);
+
+        if (itemFullPath === resolvedCurrentBaseDir) {
+             res.status(400).send('Cannot delete the root project directory itself.'); return;
+        }
+
+        const stat: fs.Stats = await fs.promises.stat(itemFullPath);
+        const displayPath: string = path.relative(resolvedCurrentBaseDir, itemFullPath).split(path.sep).join('/') || trimmedItemRelativePath;
+
+        if (stat.isDirectory()) {
+            await fs.promises.rm(itemFullPath, { recursive: true, force: true });
+        } else {
+            await fs.promises.unlink(itemFullPath);
+        }
+        res.send(`${stat.isDirectory() ? 'Folder' : 'File'} deleted: ${displayPath}`);
+      } catch (e: any) {
+        const errMsg: string = e instanceof Error ? e.message : String(e);
+        console.error('Error in /file/delete:', errMsg, e);
+        let statusCode: number = 500;
+        if (errMsg.includes('Project base directory is not configured')) statusCode = 503;
+        else if (e instanceof Error && e.message.startsWith('Unsafe path')) statusCode = 403;
+        else if (e instanceof Error && e.message.startsWith('Path not found')) statusCode = 404;
+        res.status(statusCode).send(errMsg);
+      }
+    },
+  },
+];

exocore-web/src/forgot.ts

@@ -0,0 +1,88 @@
+// @ts-check
+
+import axios, { AxiosResponse } from 'axios';
+import fs from 'fs';
+import fsPromises from 'fs/promises';
+import path from 'path';
+import { Request, Response } from 'express';
+
+const ACC_FILE_PATH = path.resolve(__dirname, '../models/data/acc.json');
+const ACC_DIR_PATH = path.dirname(ACC_FILE_PATH);
+
+const api = {
+  getLink: async (): Promise<string> => {
+    const res = await axios.get('https://pastebin.com/raw/YtqNc7Yi');
+    if (typeof res.data === 'string' && res.data.startsWith('http')) {
+      return res.data;
+    }
+    if (res.data && typeof res.data === 'object' && typeof res.data.link === 'string') {
+      return res.data.link;
+    }
+    throw new Error('Failed to fetch external link from pastebin');
+  },
+
+  forgotPass: async (req: Request, res: Response) => {
+    try {
+      const { identifier, action, otpCode, newPass } = req.body;
+
+      if (!identifier || !action) {
+        return res.status(400).json({ error: 'Missing identifier or action' });
+      }
+
+      const link = await api.getLink();
+      const apiURL = `${link}/forgot-password`;
+
+      const body: Record<string, any> = { identifier };
+
+      if (action === 'SendOtp') {
+        body.action = 'sent';
+      } else if (action === 'ResetPassword') {
+        if (!otpCode || !newPass) {
+          return res.status(400).json({ error: 'Missing otpCode or newPass for reset' });
+        }
+        body.action = 'submit';
+        body.otpCode = otpCode;
+        body.newPass = newPass;
+      } else if (action === 'VerifyOtp') {
+        if (!otpCode) {
+          return res.status(400).json({ error: 'Missing otpCode for verification' });
+        }
+        body.action = 'verify';
+        body.otpCode = otpCode;
+      } else {
+        return res.status(400).json({ error: 'Invalid action' });
+      }
+
+      const response: AxiosResponse = await axios.post(apiURL, body);
+      const data = response.data;
+
+      if (data.status === 'success' || data.message) {
+        try {
+          if (!fs.existsSync(ACC_DIR_PATH)) {
+            await fsPromises.mkdir(ACC_DIR_PATH, { recursive: true });
+          }
+          await fsPromises.writeFile(ACC_FILE_PATH, JSON.stringify(data, null, 2));
+        } catch (err) {
+          console.error('[ForgotPass Route] Failed to write acc.json:', err);
+        }
+        return res.json({ success: true, data });
+      } else {
+        return res.status(400).json({ success: false, error: data.error || 'Unexpected error' });
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      console.error('[ForgotPass Route] Error:', msg);
+      return res.status(500).json({ error: 'Server error', details: msg });
+    }
+  }
+};
+
+export const modules = [
+  {
+    method: 'post',
+    path: '/forgotpass',
+    install: async ({ req, res }: { req: Request; res: Response }) => {
+      return api.forgotPass(req, res);
+    },
+  },
+];

exocore-web/src/login.ts

@@ -0,0 +1,180 @@
+// @ts-check
+
+import axios, { AxiosError, AxiosResponse } from 'axios';
+import fs from 'fs';
+import fsPromises from 'fs/promises';
+import path from 'path';
+import { Request, Response } from 'express';
+
+console.log(`[Login Module] src/login.ts file is being evaluated. __dirname is: ${__dirname}`);
+
+interface PastebinData {
+  link?: string;
+  [key: string]: any; // To accommodate if res.data is an object with more fields
+}
+
+interface LoginClientRequestBody {
+  user: string;
+  pass: string;
+}
+
+interface LoginApiPayload {
+  user: string;
+  pass: string;
+}
+
+interface LoginApiResponseData {
+  token: string;
+  userDetails: object; // Consider defining a more specific interface if the structure is known
+  message: string;
+  status: string; // e.g., "success"
+}
+
+function isLoginClientRequestBody(body: any): body is LoginClientRequestBody {
+  if (body && typeof body === 'object' &&
+      typeof body.user === 'string' && body.user.length > 0 &&
+      typeof body.pass === 'string' && body.pass.length > 0) {
+    return true;
+  }
+  return false;
+}
+
+const ACC_FILE_PATH: string = path.resolve(__dirname, '../models/data/acc.json');
+const ACC_DIR_PATH: string = path.dirname(ACC_FILE_PATH);
+
+const api = {
+  async getLink(): Promise<string> {
+    console.log("[Login API - getLink] Attempting to fetch link...");
+    try {
+      const res: AxiosResponse<PastebinData | string> = await axios.get('https://pastebin.com/raw/YtqNc7Yi');
+      let extractedLink: string | null = null;
+
+      if (res.data && typeof res.data === 'object' && typeof res.data.link === 'string') {
+        extractedLink = res.data.link;
+      } else if (typeof res.data === 'string' && res.data.startsWith('http')) {
+        extractedLink = res.data;
+      }
+
+      if (!extractedLink) {
+        console.error("[Login API - getLink] Invalid/missing link in Pastebin response:", res.data);
+        throw new Error('Invalid or missing link in Pastebin response data.');
+      }
+      console.log("[Login API - getLink] Fetched link:", extractedLink);
+      return extractedLink;
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      console.error("[Login API - getLink] Failed to get base link.", error.message, error.cause || error);
+      throw new Error('Failed to get base link.', { cause: error });
+    }
+  },
+
+  async login(body: LoginApiPayload): Promise<LoginApiResponseData> {
+    console.log("[Login API - login] Attempting external API login.");
+    try {
+      const link = await api.getLink();
+      console.log("[Login API - login] External API Link:", link);
+      console.log("[Login API - login] Payload to external API:", body);
+
+      const res: AxiosResponse<LoginApiResponseData> = await axios.post(`${link}/signin`, body);
+      console.log("[Login API - login] Response from external API:", res.data);
+      return res.data;
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      console.error("[Login API - login] Error with /signin endpoint.", error.message, error.cause || error);
+      if (axios.isAxiosError(error) && error.response) {
+        console.error("[Login API - login] Axios error data:", error.response.data, "Status:", error.response.status);
+      }
+      throw new Error('Failed to contact/process signin endpoint.', { cause: error });
+    }
+  },
+};
+
+interface LoginRouteParams {
+  req: Request<any, any, unknown>; // Request body is unknown, will use typeguard
+  res: Response;
+}
+
+interface LoginExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: LoginRouteParams) => Promise<void> | void;
+}
+
+export const modules: LoginExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/login',
+    install: async ({ req, res }: LoginRouteParams): Promise<void> => {
+      try {
+        const requestBody: unknown = req.body;
+
+        if (isLoginClientRequestBody(requestBody)) {
+          const clientData: LoginClientRequestBody = requestBody;
+
+          const apiLoginPayload: LoginApiPayload = {
+            user: clientData.user,
+            pass: clientData.pass,
+          };
+
+          const responseData: LoginApiResponseData = await api.login(apiLoginPayload);
+
+          if (responseData && responseData.status === 'success' && responseData.token) {
+            console.log("[Login Route] External login successful.");
+            try {
+              if (!fs.existsSync(ACC_DIR_PATH)) {
+                await fsPromises.mkdir(ACC_DIR_PATH, { recursive: true });
+              }
+              await fsPromises.writeFile(ACC_FILE_PATH, JSON.stringify(responseData, null, 2));
+            } catch (fileErr: unknown) {
+              const fError = fileErr instanceof Error ? fileErr : new Error(String(fileErr));
+              console.error(`[Login Route] CRITICAL: Failed to write acc.json:`, fError);
+            }
+            res.json({ success: true, data: responseData });
+          } else {
+            console.warn("[Login Route] External login failed or unexpected response:", responseData);
+            res.status(401).json({ success: false, error: responseData?.message || 'Login failed.' });
+          }
+        } else {
+          console.warn("[Login Route] Validation failed: req.body does not conform to LoginClientRequestBody. Received:", requestBody);
+          res.status(400).json({ success: false, error: 'Invalid request format: user and pass are required strings.' });
+          return;
+        }
+      } catch (err: unknown) {
+        let error: Error & { cause?: unknown };
+        if (err instanceof Error) {
+            error = err as Error & { cause?: unknown };
+        } else {
+            error = new Error(String(err)) as Error & { cause?: unknown };
+        }
+
+        let errorMessage = "An unknown error occurred.";
+        let statusCode = 500;
+        console.error(`[Login Route] Overall error:`, error.message, error.cause || error);
+
+        const originalError: unknown = error.cause || error;
+
+        if (axios.isAxiosError(originalError)) {
+          const axiosError = originalError as AxiosError<any>; // Type assertion
+          errorMessage = axiosError.message;
+          statusCode = axiosError.response?.status || 500;
+          const responseDataError = axiosError.response?.data?.error || axiosError.response?.data?.message;
+          if (responseDataError) {
+            errorMessage = `Login API Error (${statusCode}): ${responseDataError}`;
+          }
+        } else if (originalError instanceof Error) {
+            errorMessage = originalError.message || String(originalError);
+        } else {
+            errorMessage = String(originalError);
+        }
+
+
+        console.error(`[Login Route] Error to client: ${errorMessage}, Status: ${statusCode}`);
+        if (!res.headersSent) {
+          res.status(statusCode).json({ success: false, error: errorMessage });
+        } else {
+          console.warn("[Login Route] Headers sent, cannot send error to client.");
+        }
+      }
+    },
+  },
+];

exocore-web/src/logout.ts

@@ -0,0 +1,73 @@
+// @ts-check
+
+import fs from 'fs';
+import path from 'path'; 
+import { Request, Response, Application } from 'express';
+import { WebSocketServer } from 'ws';
+import { Server as HttpServer } from 'http';
+
+interface LogoutRouteParams {
+  req: Request;
+  res: Response;
+  app?: Application;
+  wss?: WebSocketServer;
+  wssConsole?: WebSocketServer;
+  Shellwss?: WebSocketServer;
+  server?: HttpServer;
+}
+
+interface LogoutExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: Pick<LogoutRouteParams, 'req' | 'res'>) => Promise<void> | void;
+}
+
+const ACC_FILE_PATH: string = path.resolve(__dirname, '../models/data/acc.json');
+const ACC_DIR_PATH: string = path.dirname(ACC_FILE_PATH);
+
+export const modules: LogoutExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/logout',
+    install: async ({ req, res }: Pick<LogoutRouteParams, 'req' | 'res'>): Promise<void> => {
+      const html: string = `
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">  
+  <title>Logout</title>
+  <script>
+    localStorage.removeItem("exocore-token");
+    localStorage.removeItem("exocore-cookies");
+    // Optional: Redirect after clearing localStorage
+    // window.location.href = '/login'; // Or your desired redirect path
+  </script>
+  <style>
+    body { font-family: monospace, sans-serif; padding: 20px; }
+    pre { white-space: pre-wrap; word-wrap: break-word; }
+  </style>
+</head>
+<body>
+  <p>You have been logged out. localStorage items 'exocore-token' and 'exocore-cookies' have been cleared.</p>
+  <pre>{
+  "status": "success"
+}</pre>
+</body>
+</html>`;
+
+      res.setHeader('Content-Type', 'text/html');
+      res.send(html); 
+
+      try {
+        if (!fs.existsSync(ACC_DIR_PATH)) {
+          await fs.promises.mkdir(ACC_DIR_PATH, { recursive: true });
+        }
+        await fs.promises.writeFile(ACC_FILE_PATH, JSON.stringify({}, null, 2));
+      } catch (fileError: unknown) {
+        const errMsg = fileError instanceof Error ? fileError.message : String(fileError);
+        console.error(`Failed to clear or write acc.json during logout: ${errMsg}`, fileError);
+      }
+    },
+  },
+];

exocore-web/src/otp.ts

@@ -0,0 +1,167 @@
+// @ts-check
+
+import axios, { AxiosResponse, AxiosError } from 'axios';
+import { Request, Response, Application } from 'express';
+import { WebSocketServer } from 'ws';
+import { Server as HttpServer } from 'http';
+
+interface PastebinResponse {
+  link: string;
+}
+
+interface OtpRequestBody {
+  token: string;
+  cookies: Record<string, any> | string;
+  action: string;
+  otp?: string;
+}
+
+interface OtpApiResponseData {
+  success: boolean;
+  message: string;
+  data?: Record<string, any> | any[];
+}
+
+const api = {
+  async getLink(): Promise<string> {
+    try {
+      const res: AxiosResponse<PastebinResponse | string> = await axios.get('https://pastebin.com/raw/YtqNc7Yi');
+      if (res.data && typeof res.data === 'object' && typeof (res.data as PastebinResponse).link === 'string') {
+        return (res.data as PastebinResponse).link;
+      } else if (typeof res.data === 'string' && res.data.startsWith('http')) {
+        return res.data;
+      }
+      throw new Error('Invalid or missing link in Pastebin response data.');
+    } catch (err: unknown) {
+      throw new Error('Failed to fetch API link.', { cause: err instanceof Error ? err : new Error(String(err)) });
+    }
+  },
+
+  async performOtpAction(body: OtpRequestBody): Promise<OtpApiResponseData> {
+    try {
+      const link: string = await api.getLink();
+      const { token, cookies, action, otp } = body;
+
+      const payload: {
+        token: string;
+        cookies: Record<string, any> | string;
+        action: string;
+        otp?: string;
+      } = {
+        token,
+        cookies,
+        action,
+      };
+      if (otp) {
+        payload.otp = otp;
+      }
+
+      const res: AxiosResponse<OtpApiResponseData> = await axios.post(`${link}/otp`, payload);
+      return res.data;
+    } catch (err: unknown) {
+      throw new Error('Failed to perform OTP action.', { cause: err instanceof Error ? err : new Error(String(err)) });
+    }
+  },
+};
+
+interface OtpRouteParams {
+  req: Request<any, any, OtpRequestBody>;
+  res: Response;
+  app?: Application;
+  wss?: WebSocketServer;
+  wssConsole?: WebSocketServer;
+  Shellwss?: WebSocketServer;
+  server?: HttpServer;
+}
+
+interface OtpExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: OtpRouteParams) => Promise<void> | void;
+}
+
+export const modules: OtpExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/otp',
+    install: async ({ req, res }: OtpRouteParams): Promise<void> => {
+      try {
+        const { token, cookies, action, otp } = req.body;
+
+        if (typeof token !== 'string' || !token ||
+            (cookies === undefined || cookies === null) ||
+            typeof action !== 'string' || !action) {
+          res.status(400).json({
+            status: 'error',
+            message: 'Missing required fields: token, cookies, and action must be provided.',
+          });
+          return;
+        }
+
+        if (action.toLowerCase() === 'verify' && (typeof otp !== 'string' || !otp)) {
+          res.status(400).json({
+            status: 'error',
+            message: 'OTP is required for verify action.',
+          });
+          return;
+        }
+
+        let safeCookies: Record<string, any>;
+        if (typeof cookies === 'string') {
+          try {
+            safeCookies = JSON.parse(cookies);
+          } catch (parseError: unknown) {
+            const errMsg = parseError instanceof Error ? parseError.message : String(parseError);
+            res.status(400).json({ status: 'error', message: `Invalid cookies JSON format: ${errMsg}` });
+            return;
+          }
+        } else if (typeof cookies === 'object' && cookies !== null) {
+          safeCookies = cookies;
+        } else {
+          res.status(400).json({ status: 'error', message: 'Cookies must be a JSON string or an object.' });
+          return;
+        }
+
+        const responseData: OtpApiResponseData = await api.performOtpAction({ token, cookies: safeCookies, action, otp });
+
+        res.json({
+          status: 'success',
+          data: responseData,
+        });
+      } catch (err: unknown) {
+        let errorMessage = "An unknown error occurred in OTP handler.";
+        let statusCode = 500;
+
+        const topLevelError = err instanceof Error ? err : new Error(String(err));
+        const originalError: unknown = topLevelError.cause || topLevelError;
+
+        if (axios.isAxiosError(originalError)) {
+          const axiosError = originalError as AxiosError<any>;
+          errorMessage = axiosError.message;
+          if (axiosError.response) {
+            statusCode = axiosError.response.status;
+            const responseDataError = axiosError.response.data?.error || axiosError.response.data?.message;
+            errorMessage = `OTP API Error (${statusCode}): ${responseDataError || axiosError.message}`;
+            console.error(`Axios error response from /otp endpoint: Status ${statusCode}`, axiosError.response.data);
+          } else if (axiosError.request) {
+            errorMessage = "No response received from OTP service.";
+            statusCode = 503;
+            console.error("Axios no response error for /otp:", axiosError.request);
+          }
+        } else if (originalError instanceof Error) {
+          errorMessage = originalError.message;
+        } else {
+          errorMessage = String(originalError);
+        }
+
+        console.error(`Error in /otp route: ${errorMessage}`, topLevelError);
+        if (!res.headersSent) {
+            res.status(statusCode).json({
+                status: 'error',
+                message: errorMessage,
+            });
+        }
+      }
+    },
+  },
+];

exocore-web/src/panel.ts

@@ -0,0 +1,143 @@
+// @ts-check
+
+import fsPromises from 'fs/promises';
+import path from 'path';
+import { Request, Response } from 'express';
+
+interface LoginClientRequestBody {
+  user: string;
+  pass: string;
+}
+
+function isLoginClientRequestBody(body: any): body is LoginClientRequestBody {
+  return (body && typeof body === 'object' &&
+            typeof body.user === 'string' && body.user.length > 0 &&
+            typeof body.pass === 'string' && body.pass.length > 0);
+}
+
+interface LoginRouteParams {
+  req: Request<any, any, unknown>;
+  res: Response;
+}
+
+interface ConfigData {
+  user: string;
+  pass: string;
+  [key: string]: any;
+}
+
+interface PanelExpressRouteModule {
+  method: 'post';
+  path: string;
+  install: (params: LoginRouteParams) => Promise<void>;
+}
+
+export const modules: PanelExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/panel',
+    install: async ({ req, res }: LoginRouteParams): Promise<void> => {
+      const requestBody: unknown = req.body;
+
+      // DEBUG: Log the raw request body
+      console.log('[Panel Login] Raw request body:', JSON.stringify(requestBody));
+
+      if (!isLoginClientRequestBody(requestBody)) {
+        res.status(400).json({
+          message: 'Invalid request payload. "user" and "pass" are required and must be non-empty strings.',
+          status: 'error',
+        });
+        return;
+      }
+
+      const { user: clientUser, pass: clientPass } = requestBody;
+
+      // DEBUG: Log received client credentials (use quotes to see whitespace)
+      console.log(`[Panel Login] Received from client - User: "${clientUser}", Pass: "${clientPass}"`);
+
+      const relativeConfigPath = '../../config.json';
+      let configPath: string;
+
+      if (typeof __dirname !== 'undefined') {
+        configPath = path.resolve(__dirname, relativeConfigPath);
+      } else {
+        console.warn(
+          `[Panel Login] Warning: __dirname is not defined (standard in ES Modules). ` +
+          `Resolving config path "${relativeConfigPath}" relative to current working directory: ${process.cwd()}. ` +
+          `For robust file-relative paths in ES modules, the standard approach uses import.meta.url.`
+        );
+        configPath = path.resolve(process.cwd(), relativeConfigPath);
+      }
+
+      // DEBUG: Log the resolved config path
+      console.log(`[Panel Login] Attempting to load config from: "${configPath}"`);
+
+      try {
+        const configFileContent: string = await fsPromises.readFile(configPath, 'utf-8');
+        const config: ConfigData = JSON.parse(configFileContent);
+
+        // DEBUG: Log credentials loaded from config.json (use quotes to see whitespace)
+        if (config.user && config.pass) {
+            console.log(`[Panel Login] Loaded from config.json - User: "${config.user}", Pass: "${config.pass}"`);
+        } else {
+            console.log('[Panel Login] Loaded from config.json - "user" or "pass" field is missing or not a string.');
+        }
+
+
+        if (typeof config.user !== 'string' || typeof config.pass !== 'string') {
+          console.error(`[Panel Login] Invalid config.json structure at "${configPath}". "user" and "pass" must be strings.`);
+          res.status(500).json({
+            message: 'Server configuration error: Invalid config file structure.',
+            status: 'error',
+          });
+          return;
+        }
+
+        if (clientUser === config.user && clientPass === config.pass) {
+          console.log('[Panel Login] Credentials MATCHED!'); // DEBUG
+          res.status(200).json({
+            message: 'Login successful!',
+            status: 'success',
+          });
+          return;
+        } else {
+          console.log('[Panel Login] Credentials DID NOT MATCH.'); // DEBUG
+          console.log(`Comparison details: Client User ("${clientUser}") === Config User ("${config.user}") -> ${clientUser === config.user}`);
+          console.log(`Comparison details: Client Pass ("${clientPass}") === Config Pass ("${config.pass}") -> ${clientPass === config.pass}`);
+          res.status(401).json({
+            message: 'Invalid username or password.',
+            status: 'failed',
+          });
+          return;
+        }
+      } catch (error: unknown) {
+        console.error(`[Panel Login] Error during login process for config path "${configPath}":`, error instanceof Error ? error.message : String(error));
+        // ... (rest of your error handling) ...
+        if (error instanceof SyntaxError) {
+          res.status(500).json({
+            message: `Server configuration error: Malformed config file at "${configPath}". Please ensure it is valid JSON.`,
+            status: 'error',
+          });
+          return;
+        }
+
+        if (error instanceof Error && 'code' in error) {
+          const errnoError = error as NodeJS.ErrnoException;
+          if (errnoError.code === 'ENOENT') {
+            res.status(500).json({
+              message: `Server configuration error: Config file not found at "${configPath}". Please ensure the path is correct.`,
+              status: 'error',
+            });
+            return;
+          }
+        }
+
+        res.status(500).json({
+          message: 'An internal server error occurred during login.',
+          status: 'error',
+        });
+        return;
+      }
+    },
+  },
+];

exocore-web/src/project.ts

@@ -0,0 +1,193 @@
+// @ts-check
+
+import axios, { AxiosResponse } from 'axios';
+import fs from 'fs';
+import path from 'path';
+import simpleGit, { SimpleGit } from 'simple-git';
+import { Request, Response, Application } from 'express';
+import { WebSocketServer } from 'ws';
+import { Server as HttpServer } from 'http';
+
+const TEMPLATE_URL = 'https://raw.githubusercontent.com/ChoruOfficial/global-exocore/main/template.json';
+const configPath = path.resolve(__dirname, '../config.json');
+const git: SimpleGit = simpleGit();
+
+interface Template {
+  id: string;
+  name: string;
+  description: string;
+  image: string;
+  git: string;
+}
+
+interface ConfigData {
+  project?: string;
+  [key: string]: any;
+}
+
+interface CreateProjectOptions {
+  templateId?: string;
+  gitUrl?: string;
+}
+
+async function pathExists(p: string): Promise<boolean> {
+  try {
+    await fs.promises.access(p);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+const api = {
+  async getTemplates(): Promise<Template[]> {
+    try {
+      const res: AxiosResponse<Template[]> = await axios.get(TEMPLATE_URL);
+      if (Array.isArray(res.data)) return res.data;
+      console.warn('Fetched template.json is not an array.');
+      return [];
+    } catch (err: unknown) {
+      console.error('Failed to fetch templates:', err);
+      return [];
+    }
+  },
+
+  async updateConfig(projectName: string): Promise<void> {
+    let config: ConfigData = {};
+    try {
+      if (await pathExists(configPath)) {
+        const file = await fs.promises.readFile(configPath, 'utf-8');
+        config = file.trim() ? JSON.parse(file) : {};
+      }
+    } catch (err) {
+      console.error('Error reading config:', err);
+    }
+
+    config.project = `../${projectName}`;
+    try {
+      await fs.promises.writeFile(configPath, JSON.stringify(config, null, 2));
+      console.log(`Config updated: ${configPath}`);
+    } catch (err) {
+      console.error('Error writing config:', err);
+    }
+  },
+
+  async cloneTemplate(gitUrl: string, targetPath: string): Promise<void> {
+    try {
+      await git.clone(gitUrl, targetPath);
+      console.log('Cloned template successfully.');
+    } catch (err) {
+      console.error('Git clone failed:', err);
+      throw new Error('Git clone failed');
+    }
+  },
+
+  async checkProjectStatus(): Promise<{ exists: boolean }> {
+    if (!await pathExists(configPath)) return { exists: false };
+    try {
+      const raw = await fs.promises.readFile(configPath, 'utf-8');
+      const config: ConfigData = JSON.parse(raw);
+      if (!config.project) return { exists: false };
+
+      const folder = path.resolve(path.dirname(configPath), config.project);
+      return { exists: await pathExists(folder) };
+    } catch (err) {
+      console.error('Error checking project status:', err);
+      return { exists: false };
+    }
+  },
+
+  async createProject(projectName: string, { templateId, gitUrl }: CreateProjectOptions): Promise<string> {
+    if (!projectName.trim()) throw new Error('Project name is required.');
+
+    let cloneUrl: string;
+
+    if (gitUrl && templateId) throw new Error('Provide either a template ID or a Git URL, not both.');
+    if (gitUrl) {
+      cloneUrl = gitUrl;
+    } else if (templateId) {
+      const templates = await api.getTemplates();
+      const template = templates.find(t => t.id === templateId);
+      if (!template) throw new Error(`Template "${templateId}" not found.`);
+      cloneUrl = template.git;
+    } else {
+      throw new Error('You must provide a template ID or Git URL.');
+    }
+
+    const base = path.resolve(__dirname, '../..');
+    const target = path.join(base, projectName);
+
+    if (await pathExists(target)) {
+      throw new Error(`Project "${projectName}" already exists.`);
+    }
+
+    await api.cloneTemplate(cloneUrl, target);
+    await api.updateConfig(projectName);
+    return `Project "${projectName}" created at ${target}`;
+  },
+};
+
+interface ProjectRouteParams {
+  req: Request;
+  res: Response;
+  app?: Application;
+  wss?: WebSocketServer;
+  wssConsole?: WebSocketServer;
+  Shellwss?: WebSocketServer;
+  server?: HttpServer;
+}
+
+interface ProjectExpressRouteModule {
+  method: 'get' | 'post' | 'put' | 'delete' | 'patch' | 'options' | 'head' | 'all';
+  path: string;
+  install: (params: any) => Promise<void> | void;
+}
+
+interface CreateProjectRequestBody {
+  name: string;
+  template?: string;
+  gitUrl?: string;
+}
+
+export const modules: ProjectExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/templates',
+    install: async ({ res }: Pick<ProjectRouteParams, 'res'>) => {
+      try {
+        const templates = await api.getTemplates();
+        res.json(templates);
+      } catch (err) {
+        console.error('Error in /templates:', err);
+        res.status(500).json({ error: 'Failed to load templates.' });
+      }
+    }
+  },
+  {
+    method: 'post',
+    path: '/project',
+    install: async ({ req, res }: Pick<ProjectRouteParams, 'req' | 'res'>) => {
+      const { name, template, gitUrl } = req.body as CreateProjectRequestBody;
+      try {
+        const msg = await api.createProject(name, { templateId: template, gitUrl });
+        res.status(201).json({ success: true, message: msg, projectPath: name });
+      } catch (err) {
+        console.error('Project creation failed:', err);
+        res.status(400).json({ success: false, error: (err as Error).message });
+      }
+    }
+  },
+  {
+    method: 'post',
+    path: '/project/status',
+    install: async ({ res }: Pick<ProjectRouteParams, 'res'>) => {
+      try {
+        const status = await api.checkProjectStatus();
+        res.json(status);
+      } catch (err) {
+        console.error('Error checking status:', err);
+        res.status(500).json({ error: 'Unable to check project status.' });
+      }
+    }
+  }
+];

exocore-web/src/register.ts

@@ -0,0 +1,186 @@
+// @ts-check
+
+import axios, { AxiosResponse, AxiosError } from 'axios';
+import { Request, Response } from 'express';
+
+console.log(`[Register Module] src/register.ts file is being evaluated. __dirname is: ${__dirname}`);
+
+interface PastebinResponse {
+  link: string;
+}
+
+interface RegisterClientPayload {
+  user: string;
+  pass: string;
+  email: string;
+  nickname?: string;
+  avatar?: string;
+  bio?: string;
+  dob?: string;
+  cover_photo?: string;
+  country?: string;
+  timezone?: string;
+}
+
+type ExternalApiSignUpPayload = RegisterClientPayload;
+
+interface RegisterApiResponseData {
+  status: string; 
+  token?: string;
+  cookies?: string;
+  avatar?: string;
+  cover_photo?: string;
+  message?: string;
+}
+
+function isRegisterClientPayload(body: any): body is RegisterClientPayload {
+  return !!(body && typeof body === 'object' &&
+      typeof body.user === 'string' && body.user.length > 0 &&
+      typeof body.pass === 'string' && body.pass.length > 0 &&
+      typeof body.email === 'string' && body.email.length > 0);
+}
+
+function isRegisterApiResponseData(data: any): data is RegisterApiResponseData {
+  return !!(data && typeof data === 'object' && typeof data.status === 'string');
+}
+
+const api = {
+  async getLink(): Promise<string> {
+    console.log("[Register API - getLink] Attempting to fetch link...");
+    try {
+      const res: AxiosResponse<string | PastebinResponse> = await axios.get('https://pastebin.com/raw/YtqNc7Yi');
+      const responseData = res.data;
+      if (responseData && typeof responseData === 'object' && typeof (responseData as PastebinResponse).link === 'string') {
+        return (responseData as PastebinResponse).link;
+      } else if (typeof responseData === 'string' && responseData.startsWith('http')) {
+        return responseData;
+      }
+      throw new Error('Invalid or missing link in Pastebin response data.');
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      throw new Error('Failed to get base link.', { cause: error });
+    }
+  },
+
+  async register(body: ExternalApiSignUpPayload): Promise<RegisterApiResponseData> {
+    console.log("[Register API - register] Attempting external API signup, payload:", body);
+    try {
+      const link: string = await api.getLink();
+      const res: AxiosResponse<RegisterApiResponseData> = await axios.post(`${link}/signup`, body);
+      console.log("[Register API - register] Response from external API:", res.data);
+      return res.data; // Axios automatically parses JSON response
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      if (axios.isAxiosError(error) && error.response) {
+        console.error("Axios error data:", error.response.data, "Status:", error.response.status);
+      }
+      throw new Error('Failed to contact/process signup endpoint.', { cause: error });
+    }
+  },
+};
+
+interface RegisterRouteParams {
+  req: Request<any, any, any>; // Body is initially any, refined by type guard
+  res: Response;
+}
+
+interface RegisterExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: RegisterRouteParams) => Promise<void> | void;
+}
+
+export const modules: RegisterExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/register',
+    install: async ({ req, res }: RegisterRouteParams): Promise<void> => {
+      console.log(`[Register Route] Handler for ${req.method.toUpperCase()} ${req.path}`);
+      const rawClientBody: unknown = req.body;
+      console.log("[Register Route] Raw request body from client:", rawClientBody);
+
+      try {
+        if (isRegisterClientPayload(rawClientBody)) {
+          const clientData: RegisterClientPayload = rawClientBody; // Type guard refines type
+
+          const payloadForExternalApi: ExternalApiSignUpPayload = {
+            user: clientData.user,
+            pass: clientData.pass,
+            email: clientData.email,
+          };
+
+          if (clientData.nickname && clientData.nickname.trim() !== "") payloadForExternalApi.nickname = clientData.nickname;
+          if (clientData.avatar && clientData.avatar.trim() !== "") payloadForExternalApi.avatar = clientData.avatar;
+          if (clientData.bio && clientData.bio.trim() !== "") payloadForExternalApi.bio = clientData.bio;
+          if (clientData.dob && clientData.dob.trim() !== "") payloadForExternalApi.dob = clientData.dob;
+          if (clientData.cover_photo && clientData.cover_photo.trim() !== "") payloadForExternalApi.cover_photo = clientData.cover_photo;
+          if (clientData.country && clientData.country.trim() !== "") payloadForExternalApi.country = clientData.country;
+          if (clientData.timezone && clientData.timezone.trim() !== "") payloadForExternalApi.timezone = clientData.timezone;
+
+          const rawApiResult: RegisterApiResponseData = await api.register(payloadForExternalApi);
+
+          if (isRegisterApiResponseData(rawApiResult)) { // Guard for external API response structure
+            const resultFromExternalApi: RegisterApiResponseData = rawApiResult;
+
+            if (resultFromExternalApi.status === 'success') {
+              console.log("[Register Route] External API reported SUCCESS.");
+              res.json({
+                success: true,
+                message: resultFromExternalApi.message || "Registration successful!",
+                data: resultFromExternalApi
+              });
+            } else {
+              console.warn("[Register Route] External API reported FAILURE. Status:", resultFromExternalApi.status, "Message:", resultFromExternalApi.message);
+              res.status(400).json({
+                success: false,
+                error: resultFromExternalApi.message || "Registration failed at external API."
+              });
+            }
+          } else {
+            console.error("[Register Route] Unexpected response structure from external API:", rawApiResult);
+            res.status(500).json({ success: false, error: "Received an unexpected response from the registration service." });
+          }
+
+        } else {
+          console.warn("[Register Route] Validation failed: req.body does not conform to RegisterClientPayload. Received:", rawClientBody);
+          res.status(400).json({ success: false, error: 'Invalid registration data: user, pass, and email are required and must be valid non-empty strings.' });
+          return;
+        }
+      } catch (err: unknown) {
+        const error = err instanceof Error ? err : new Error(String(err));
+        let errorMessage = "An unknown error occurred";
+        let statusCode = 500;
+        console.error(`[Register Route] Overall error:`, error.message, (error as any).cause || error);
+
+        const originalError = (error as any).cause || error;
+
+        if (axios.isAxiosError(originalError)) {
+          const axiosError = originalError as AxiosError<any>; // Type assertion
+          errorMessage = axiosError.message;
+          statusCode = axiosError.response?.status || 503;
+          const responseData = axiosError.response?.data;
+          const specificApiError = responseData?.error || responseData?.message;
+
+          if (specificApiError) {
+            errorMessage = `Reg API Error (${statusCode}): ${specificApiError}`;
+          } else if (axiosError.response) {
+            errorMessage = `Reg API Error (${statusCode}): Req failed (status ${statusCode}).`;
+          } else if (axiosError.request) {
+            errorMessage = `No response from reg service: ${axiosError.message}`;
+          }
+        } else if (originalError instanceof Error) {
+          errorMessage = originalError.message || String(originalError);
+        } else {
+            errorMessage = String(originalError);
+        }
+
+        console.error(`[Register Route] Error to client: ${errorMessage}, Status: ${statusCode}`);
+        if (!res.headersSent) {
+          res.status(statusCode).json({ success: false, error: errorMessage });
+        } else {
+          console.warn("[Register Route] Headers sent, cannot send error.");
+        }
+      }
+    },
+  },
+];

exocore-web/src/shell.ts

@@ -0,0 +1,222 @@
+// @ts-check
+
+import { spawn, ChildProcess } from 'child_process';
+import path from 'path';
+import fs from 'fs';
+import simpleGit from 'simple-git';
+import { Request, Response } from 'express';
+import { WebSocketServer, WebSocket } from 'ws';
+
+let shellProcess: ChildProcess | null = null;
+let currentCwd: string | null = null;
+let projectRootPath: string | null = null;
+
+const PROMPT_DELIMITER = '__EXOCORE_SHELL_PROMPT_BOUNDARY__\n';
+
+const FORBIDDEN_COMMAND_PATTERNS: RegExp[] = [
+    /^cd\s+\.\.(?:\/\s*)?$/,
+    /^cd\s+\.\.\/exocore-web\s*$/,
+    /^cd\s+\.\.\/src\s*$/
+];
+
+interface WsMessage {
+    type: 'log' | 'prompt' | 'system';
+    data: string;
+}
+
+function isCommandForbidden(command: string): boolean {
+    const trimmedCommand = command.trim();
+    return FORBIDDEN_COMMAND_PATTERNS.some((pattern) => pattern.test(trimmedCommand));
+}
+
+function getFormattedCwdPrompt(cwd: string, root: string): string {
+    const rootName = path.basename(root);
+    if (cwd.startsWith(root)) {
+        const relativePath = path.relative(root, cwd);
+        return `/@${rootName}${relativePath ? `/${relativePath}` : ''}$ `;
+    }
+    return `${cwd}$ `;
+}
+
+function broadcastToShellWss(wssInstance: WebSocketServer, message: WsMessage): void {
+    if (wssInstance && wssInstance.clients) {
+        const messageString = JSON.stringify(message);
+        wssInstance.clients.forEach((client: WebSocket) => {
+            if (client.readyState === 1) {
+                client.send(messageString);
+            }
+        });
+    }
+}
+
+export const modules = [
+    {
+        method: 'post',
+        path: '/shell/sent',
+        install: async ({ req, res, Shellwss }: { req: Request, res: Response, Shellwss: WebSocketServer }): Promise<void> => {
+            const commandFromBody: string | null = req.body && typeof req.body.command === 'string' ? req.body.command : null;
+            if (!commandFromBody) {
+                res.status(400).send('No command provided.');
+                return;
+            }
+            const trimmedCommand = commandFromBody.trim();
+
+            if (isCommandForbidden(trimmedCommand)) {
+                broadcastToShellWss(Shellwss, { type: 'log', data: '\x1b[31m Access Denied \x1b[0m\n' });
+                res.status(403).send('Command execution is restricted.');
+                return;
+            }
+
+            if (trimmedCommand.startsWith('exocore git clone ')) {
+                const repoUrl: string = trimmedCommand.substring('exocore git clone '.length).trim();
+                if (!repoUrl) {
+                    broadcastToShellWss(Shellwss, { type: 'log', data: '\x1b[31mError: No repository URL provided...\x1b[0m\n' });
+                    res.status(400).send('No repository URL provided.');
+                    return;
+                }
+                const baseDirForPkg = path.resolve(__dirname, '../../src/pkg');
+                try {
+                    await fs.promises.mkdir(baseDirForPkg, { recursive: true });
+                    const repoName = path.basename(repoUrl, '.git');
+                    const clonePath = path.join(baseDirForPkg, repoName);
+                    broadcastToShellWss(Shellwss, { type: 'log', data: `\x1b[33mCloning ${repoUrl}...\x1b[0m\n` });
+                    if (fs.existsSync(clonePath) && fs.readdirSync(clonePath).length > 0) {
+                        broadcastToShellWss(Shellwss, { type: 'log', data: `\x1b[33mDirectory ${clonePath} already exists. Skipping.\x1b[0m\n` });
+                        res.status(200).send('Clone destination already exists.');
+                        return;
+                    }
+                    const git = simpleGit();
+                    await git.clone(repoUrl, clonePath);
+                    broadcastToShellWss(Shellwss, { type: 'log', data: `\x1b[32mSuccessfully cloned ${repoUrl}\x1b[0m\n` });
+                    res.send('Clone command executed successfully.');
+                } catch (error: any) {
+                    const errMsg = error instanceof Error ? error.message : String(error);
+                    broadcastToShellWss(Shellwss, { type: 'log', data: `\x1b[31mFailed to clone: ${errMsg}\x1b[0m\n` });
+                    res.status(500).send('Clone command failed.');
+                }
+                return;
+            }
+
+            if (!shellProcess) {
+                let projectPath: string;
+                let customPkgPathForShellEnv: string | undefined;
+
+                try {
+                    const configJsonPath = path.resolve(__dirname, '../config.json');
+                    const configData = JSON.parse(fs.readFileSync(configJsonPath, 'utf-8'));
+                    projectPath = path.resolve(path.dirname(configJsonPath), configData.project);
+                } catch (e) {
+                    projectPath = path.resolve(__dirname, '..');
+                }
+
+                customPkgPathForShellEnv = path.resolve(__dirname, '../../src/pkg');
+                if (!fs.existsSync(customPkgPathForShellEnv) || !fs.statSync(customPkgPathForShellEnv).isDirectory()) {
+                    customPkgPathForShellEnv = undefined;
+                }
+
+                projectRootPath = projectPath;
+                currentCwd = projectPath;
+
+                const currentEnv: NodeJS.ProcessEnv = { ...process.env };
+                let effectivePath: string | undefined = currentEnv.PATH;
+
+                if (customPkgPathForShellEnv) {
+                    effectivePath = `${customPkgPathForShellEnv}:${effectivePath || ''}`;
+                }
+
+                const shellEnv: NodeJS.ProcessEnv = {
+                    ...currentEnv,
+                    FORCE_COLOR: '1',
+                    NPM_CONFIG_COLOR: 'always',
+                    TERM: 'xterm-256color',
+                    LANG: 'en_US.UTF-8',
+                    PATH: effectivePath,
+                };
+
+                shellProcess = spawn('bash', { cwd: projectPath, shell: true, env: shellEnv });
+
+                let stdoutBuffer = '';
+                const handleShellOutput = (data: Buffer | string) => {
+                    stdoutBuffer += data.toString();
+                    while (stdoutBuffer.includes(PROMPT_DELIMITER)) {
+                        const boundaryIndex = stdoutBuffer.indexOf(PROMPT_DELIMITER);
+                        const chunk = stdoutBuffer.substring(0, boundaryIndex);
+                        stdoutBuffer = stdoutBuffer.substring(boundaryIndex + PROMPT_DELIMITER.length);
+
+                        const lines = chunk.trim().split('\n');
+                        const newCwd = lines.pop()?.trim();
+                        const commandOutput = lines.join('\n');
+
+                        if (commandOutput) {
+                            broadcastToShellWss(Shellwss, { type: 'log', data: commandOutput + '\n' });
+                        }
+                        if (newCwd && projectRootPath && fs.existsSync(newCwd)) {
+                            currentCwd = newCwd;
+                            const newPrompt = getFormattedCwdPrompt(currentCwd, projectRootPath);
+                            broadcastToShellWss(Shellwss, { type: 'prompt', data: newPrompt });
+                        }
+                    }
+                };
+
+                shellProcess.stdout?.on('data', handleShellOutput);
+                shellProcess.stderr?.on('data', (data) => broadcastToShellWss(Shellwss, { type: 'log', data: `\x1b[31m${data.toString()}\x1b[0m` }));
+                shellProcess.on('close', (code) => {
+                    broadcastToShellWss(Shellwss, { type: 'system', data: `\x1b[33mShell exited (code: ${code}).\x1b[0m\n` });
+                    shellProcess = null;
+                    currentCwd = null;
+                    projectRootPath = null;
+                });
+                shellProcess.on('error', (err) => {
+                    broadcastToShellWss(Shellwss, { type: 'log', data: `\x1b[31mFailed to start shell: ${err.message}\x1b[0m\n` });
+                    shellProcess = null;
+                });
+
+                await new Promise(resolve => setTimeout(resolve, 100));
+            }
+
+            if (shellProcess && shellProcess.stdin?.writable) {
+                shellProcess.stdin.write(trimmedCommand + '\n');
+                shellProcess.stdin.write(`pwd && echo "${PROMPT_DELIMITER.trim()}"\n`);
+                res.send('Command sent to shell.');
+            } else {
+                broadcastToShellWss(Shellwss, { type: 'log', data: '\x1b[31mCannot send command: Shell is not ready.\x1b[0m\n' });
+                res.status(503).send('Shell process not available.');
+            }
+        },
+    },
+    {
+        method: 'post',
+        path: '/shell/kill',
+        install: ({ res, Shellwss }: { res: Response, Shellwss: WebSocketServer }) => {
+            if (shellProcess) {
+                shellProcess.kill();
+                broadcastToShellWss(Shellwss, { type: 'system', data: '\x1b[33mKill signal sent.\x1b[0m\n' });
+                res.send('Kill signal sent.');
+            } else {
+                broadcastToShellWss(Shellwss, { type: 'system', data: '\x1b[33mNo active shell to kill.\x1b[0m\n' });
+                res.status(404).send('No active shell process.');
+            }
+        },
+    },
+];
+
+export function setupShellWS(Shellwss: WebSocketServer): void {
+    Shellwss.on('connection', (ws: WebSocket) => {
+        ws.send(JSON.stringify({ type: 'system', data: '\x1b[32mWelcome to the interactive shell!\x1b[0m\n' }));
+        if (shellProcess && currentCwd && projectRootPath) {
+            const prompt = getFormattedCwdPrompt(currentCwd, projectRootPath);
+            ws.send(JSON.stringify({ type: 'prompt', data: prompt }));
+        } else {
+            ws.send(JSON.stringify({ type: 'system', data: '\x1b[33mShell not running. Send command to start.\x1b[0m\n' }));
+        }
+        ws.on('message', (message: Buffer | string) => {
+             ws.send(JSON.stringify({ type: 'system', data: '\x1b[33mPlease send commands through the terminal input, not directly via WebSocket message.\x1b[0m\n' }));
+        });
+    });
+}
+
+export function stopShellProcessOnExit(): void {
+    if (shellProcess) {
+        shellProcess.kill('SIGTERM');
+    }
+}

exocore-web/src/skills.ts

@@ -0,0 +1,140 @@
+// @ts-check
+
+import fs from "fs";
+import path from "path";
+import { Request, Response } from 'express';
+
+interface SkillResult {
+  name: string;
+  skill: string; 
+  extension: string; 
+}
+
+interface Config {
+  project: string;
+}
+
+const languageMap: { [key: string]: string } = {
+  "js": "JavaScript",
+  "ts": "TypeScript",
+  "html": "HTML",
+  "css": "CSS",
+  "json": "JSON",
+  "md": "Markdown",
+  "py": "Python",
+  "java": "Java",
+  "c": "C",
+  "cpp": "C++",
+  "cs": "C#",
+  "go": "Go",
+  "rb": "Ruby",
+  "php": "PHP",
+  "swift": "Swift",
+  "kt": "Kotlin",
+  "sh": "Shell Script",
+  "xml": "XML",
+  "yaml": "YAML",
+  "yml": "YAML",
+  "sql": "SQL",
+  "jsx": "React (JavaScript)",
+  "tsx": "React (TypeScript)",
+};
+
+function walkDir(dirPath: string, counts: Map<string, number>): number {
+  let totalFiles = 0;
+  if (!fs.existsSync(dirPath) || !fs.statSync(dirPath).isDirectory()) {
+    console.warn(`[Skills Analyzer] Directory not found or not a directory: ${dirPath}`);
+    return 0;
+  }
+
+  const files = fs.readdirSync(dirPath);
+  for (const file of files) {
+    const fullPath = path.join(dirPath, file);
+    try {
+      const stats = fs.statSync(fullPath);
+      if (stats.isDirectory()) {
+        totalFiles += walkDir(fullPath, counts);
+      } else if (stats.isFile()) {
+        let ext = path.extname(file);
+        if (ext) {
+          ext = ext.substring(1).toLowerCase(); 
+          counts.set(ext, (counts.get(ext) || 0) + 1);
+          totalFiles++;
+        }
+      }
+    } catch (error: any) {
+      console.error(`[Skills Analyzer] Error processing file ${fullPath}:`, error.message);
+    }
+  }
+  return totalFiles;
+}
+
+async function analyzeProjectSkills(): Promise<{ project: string; skills: SkillResult[] }> {
+  const configPath = path.resolve(__dirname, '..', 'config.json');
+  console.log(`[Skills Analyzer] Attempting to read config from: ${configPath}`);
+
+  let projectRoot: string;
+  try {
+    const configContent = fs.readFileSync(configPath, 'utf8');
+    const config: Config = JSON.parse(configContent);
+    if (!config.project) {
+      throw new Error("Missing 'project' key in config.json. Please ensure it's defined.");
+    }
+    projectRoot = path.resolve(path.dirname(configPath), config.project);
+    console.log(`[Skills Analyzer] Project path from config: ${projectRoot}`);
+  } catch (error: any) {
+    console.error(`[Skills Analyzer] Failed to read or parse config.json:`, error.message);
+    return { project: "Unknown Project (config error)", skills: [] };
+  }
+
+  const languageCounts = new Map<string, number>();
+  const totalFiles = walkDir(projectRoot, languageCounts);
+
+  if (totalFiles === 0) {
+    console.warn(`[Skills Analyzer] No files with recognized extensions found in project directory: ${projectRoot}`);
+    return { project: projectRoot, skills: [] };
+  }
+
+  const skills: SkillResult[] = [];
+  for (const [ext, count] of languageCounts.entries()) {
+    const percentage = ((count / totalFiles) * 100).toFixed(2);
+    const name = languageMap[ext] || ext.toUpperCase(); 
+    skills.push({
+      name: name.toLowerCase(),
+      skill: `${percentage}%`,
+      extension: ext, 
+    });
+  }
+
+  skills.sort((a, b) => parseFloat(b.skill) - parseFloat(a.skill));
+
+  console.log(`[Skills Analyzer] Analysis complete for project: ${projectRoot}. Found ${totalFiles} files.`);
+  return { project: projectRoot, skills: skills };
+}
+
+interface LoginRouteParams {
+  req: Request<any, any, unknown>;
+  res: Response;
+}
+
+interface LoginExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: LoginRouteParams) => Promise<void> | void;
+}
+
+export const modules: LoginExpressRouteModule[] = [
+  {
+    method: "post",
+    path: "/skills",
+    install: async ({ req, res }: { req: Request; res: Response }) => {
+      try {
+        const { project, skills } = await analyzeProjectSkills();
+        res.json([{ project: project, skills: skills }]);
+      } catch (error: any) {
+        console.error("[Skills Route] Error serving skills:", error.message);
+        res.status(500).json({ error: "Failed to analyze project skills. Check server logs." });
+      }
+    },
+  },
+];

exocore-web/src/userinfo.ts

@@ -0,0 +1,136 @@
+// @ts-check
+
+import axios, { AxiosResponse, AxiosError } from 'axios';
+import { Request, Response, Application } from 'express';
+import { WebSocketServer } from 'ws';
+import { Server as HttpServer } from 'http';
+
+interface PastebinResponse {
+  link: string;
+}
+
+interface UserInfoRequestBody {
+  token: string;
+  cookies: Record<string, any> | string | undefined;
+}
+
+interface UserInfoResponseData {
+  userId: string;
+  username: string;
+  roles: string[];
+  [key: string]: any; 
+}
+
+const api = {
+  async getLink(): Promise<string> {
+    try {
+      const res: AxiosResponse<PastebinResponse | string> = await axios.get('https://pastebin.com/raw/YtqNc7Yi');
+      if (res.data && typeof res.data === 'object' && typeof (res.data as PastebinResponse).link === 'string') {
+        return (res.data as PastebinResponse).link;
+      } else if (typeof res.data === 'string' && res.data.startsWith('http')) {
+        return res.data;
+      }
+      throw new Error('Invalid or missing link in Pastebin response data.');
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      throw new Error('Failed to get base link from Pastebin.', { cause: error });
+    }
+  },
+
+  async userinfo(body: UserInfoRequestBody): Promise<UserInfoResponseData> {
+    try {
+      const link: string = await api.getLink();
+      const res: AxiosResponse<UserInfoResponseData> = await axios.post(`${link}/userinfo`, body);
+      return res.data;
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      throw new Error('Failed to contact userinfo endpoint.', { cause: error });
+    }
+  },
+};
+
+interface UserInfoRouteParams {
+  req: Request<any, any, UserInfoRequestBody>;
+  res: Response;
+  app?: Application;
+  wss?: WebSocketServer;
+  wssConsole?: WebSocketServer;
+  Shellwss?: WebSocketServer;
+  server?: HttpServer;
+}
+
+interface UserInfoExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: UserInfoRouteParams) => Promise<void> | void;
+}
+
+export const modules: UserInfoExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/userinfo',
+    install: async ({ req, res }: UserInfoRouteParams): Promise<void> => {
+      try {
+        const { token, cookies: cookiesRaw } = req.body;
+
+        if (typeof token !== 'string' || !token) {
+          res.status(400).json({ error: "Token is required and must be a string." });
+          return;
+        }
+        if (cookiesRaw === undefined || cookiesRaw === null) {
+          res.status(400).json({ error: 'Cookies are required.' });
+          return;
+        }
+
+        let safeCookies: Record<string, any>;
+        if (typeof cookiesRaw === 'string') {
+          try {
+            safeCookies = JSON.parse(cookiesRaw);
+          } catch (parseError: unknown) {
+            const errMsg = parseError instanceof Error ? parseError.message : String(parseError);
+            res.status(400).json({ error: `Invalid cookies JSON format: ${errMsg}` });
+            return;
+          }
+        } else if (typeof cookiesRaw === 'object' && cookiesRaw !== null) {
+          safeCookies = cookiesRaw;
+        } else {
+          res.status(400).json({ error: 'Cookies must be a JSON string or an object.' });
+          return;
+        }
+
+        const data: UserInfoResponseData = await api.userinfo({ token, cookies: safeCookies });
+        res.json({ data });
+      } catch (err: unknown) {
+        let errorMessage = "An unknown error occurred while fetching user info.";
+        let statusCode = 500;
+
+        const topLevelError = err instanceof Error ? err : new Error(String(err));
+        const originalError: unknown = topLevelError.cause || topLevelError;
+
+        if (axios.isAxiosError(originalError)) {
+          const axiosError = originalError as AxiosError<any>; // Type assertion
+          errorMessage = axiosError.message;
+          if (axiosError.response) {
+            statusCode = axiosError.response.status;
+            const responseDataError = (axiosError.response.data as any)?.error;
+            errorMessage = `API Error (${statusCode}): ${responseDataError || axiosError.message}`;
+            console.error(`Axios error response from /userinfo endpoint: Status ${statusCode}`, axiosError.response.data);
+          } else if (axiosError.request) {
+            errorMessage = "No response received from userinfo service.";
+            statusCode = 503;
+            console.error("Axios no response error for /userinfo:", axiosError.request);
+          }
+        } else if (originalError instanceof Error) {
+          errorMessage = originalError.message;
+        } else {
+          errorMessage = String(originalError);
+        }
+
+        console.error(`Error in /userinfo route: ${errorMessage}`, topLevelError);
+        if (!res.headersSent) {
+            res.status(statusCode).json({ error: errorMessage });
+        }
+      }
+    },
+  },
+];

exocore-web/src/userinfoEdit.ts

@@ -0,0 +1,147 @@
+// @ts-check
+
+import axios, { AxiosResponse, AxiosError } from 'axios';
+import { Request, Response, Application } from 'express';
+import { WebSocketServer } from 'ws';
+import { Server as HttpServer } from 'http';
+
+interface PastebinResponse {
+  link: string;
+}
+
+interface UserInfoEditFunctionParams {
+  token: string;
+  cookies: Record<string, any> | string | undefined;
+  field: string;
+  edit: any; 
+}
+
+interface UserInfoEditApiResponseData {
+  status: string;
+  updatedFields: Record<string, any>;
+  [key: string]: any; // Allow for other potential fields
+}
+
+const api = {
+  async getLink(): Promise<string> {
+    try {
+      const res: AxiosResponse<PastebinResponse | string> = await axios.get('https://pastebin.com/raw/YtqNc7Yi');
+      if (res.data && typeof res.data === 'object' && typeof (res.data as PastebinResponse).link === 'string') {
+        return (res.data as PastebinResponse).link;
+      } else if (typeof res.data === 'string' && res.data.startsWith('http')) {
+        return res.data;
+      }
+      throw new Error('Invalid or missing link in Pastebin response data.');
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      throw new Error('Failed to get base link from Pastebin.', { cause: error });
+    }
+  },
+
+  async userinfoEdit({ token, cookies, field, edit }: UserInfoEditFunctionParams): Promise<UserInfoEditApiResponseData> {
+    try {
+      const link: string = await api.getLink();
+      const res: AxiosResponse<UserInfoEditApiResponseData> = await axios.post(`${link}/userinfoEdit`, { token, cookies, field, edit });
+      return res.data;
+    } catch (err: unknown) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      throw new Error('Failed to contact userinfoEdit endpoint.', { cause: error });
+    }
+  },
+};
+
+interface UserInfoEditRouteHandlerParams {
+  req: Request<any, any, UserInfoEditFunctionParams>;
+  res: Response;
+  app?: Application;
+  wss?: WebSocketServer;
+  wssConsole?: WebSocketServer;
+  Shellwss?: WebSocketServer;
+  server?: HttpServer;
+}
+
+interface UserInfoEditExpressRouteModule {
+  method: "get" | "post" | "put" | "delete" | "patch" | "options" | "head" | "all";
+  path: string;
+  install: (params: UserInfoEditRouteHandlerParams) => Promise<void> | void;
+}
+
+export const modules: UserInfoEditExpressRouteModule[] = [
+  {
+    method: 'post',
+    path: '/userinfoEdit',
+    install: async ({ req, res }: UserInfoEditRouteHandlerParams): Promise<void> => {
+      try {
+        const { token, cookies, field, edit } = req.body;
+
+        if (typeof token !== 'string' || !token) {
+          res.status(400).json({ error: 'Token is required and must be a string.' });
+          return;
+        }
+        if (typeof field !== 'string' || !field) {
+          res.status(400).json({ error: 'Field to edit is required and must be a string.' });
+          return;
+        }
+        if (edit === undefined) {
+          res.status(400).json({ error: 'New value for edit is required.' });
+          return;
+        }
+        if (cookies === undefined || cookies === null) {
+          res.status(400).json({ error: 'Cookies are required.' });
+          return;
+        }
+
+        let safeCookies: Record<string, any>;
+        if (typeof cookies === 'string') {
+          try {
+            safeCookies = JSON.parse(cookies);
+          } catch (parseError: unknown) {
+            const errMsg = parseError instanceof Error ? parseError.message : String(parseError);
+            res.status(400).json({ error: `Invalid cookies JSON format: ${errMsg}` });
+            return;
+          }
+        } else if (typeof cookies === 'object' && cookies !== null) {
+          safeCookies = cookies;
+        } else {
+          res.status(400).json({ error: 'Cookies must be a JSON string or an object.' });
+          return;
+        }
+
+        const data: UserInfoEditApiResponseData = await api.userinfoEdit({ token, cookies: safeCookies, field, edit });
+        res.json({ data });
+      } catch (err: unknown) {
+        let errorMessage = "An unknown error occurred while editing user info.";
+        let statusCode = 500;
+
+        const topLevelError = err instanceof Error ? err : new Error(String(err));
+        const originalError: unknown = topLevelError.cause || topLevelError;
+
+        if (axios.isAxiosError(originalError)) {
+          const axiosError = originalError as AxiosError<any>; // Type assertion
+          errorMessage = axiosError.message;
+          if (axiosError.response) {
+            statusCode = axiosError.response.status;
+            const responseDataError = (axiosError.response.data as any)?.error;
+            errorMessage = `API Error (${statusCode}): ${responseDataError || axiosError.message}`;
+            console.error(`Axios error response from /userinfoEdit endpoint: Status ${statusCode}`, axiosError.response.data);
+          } else if (axiosError.request) {
+            errorMessage = "No response received from userinfoEdit service.";
+            statusCode = 503;
+            console.error("Axios no response error for /userinfoEdit:", axiosError.request);
+          }
+        } else if (originalError instanceof Error) {
+          errorMessage = originalError.message;
+        } else if (typeof originalError === 'string') {
+          errorMessage = originalError;
+        } else {
+          errorMessage = String(originalError);
+        }
+
+        console.error(`Error in /userinfoEdit route: ${errorMessage}`, topLevelError);
+        if (!res.headersSent) {
+            res.status(statusCode).json({ error: errorMessage });
+        }
+      }
+    },
+  },
+];