implemented API_key and improved web view

Author: gcclinux

.env.example

@@ -4,16 +4,21 @@ DB_PORT=5432
 DB_USER=your_username
 DB_PASS=your_password
 DB_NAME=your_database
-TB_NAME=scmd
+TB_NAME=data
+ACCESS_TB=access
 
 # Gemini API Configuration (Primary - Recommended)
 GEMINIAPI=your_gemini_api_key_here
 GEMINIMODEL=gemini-2.5-flash-lite
 GEMINI_EMBEDDING_MODEL=gemini-embedding-001
 
+# Generate a 32-char API key for an email and store it in the access table
+# Usage:   scmd-windows-amd64.exe --create-api [email]
+API_ACCESS=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+
 # Ollama Configuration (Fallback - optional)
-OLLAMA=localhost          # Ollama server IP or hostname
-MODEL=llama2              # Ollama model name
+OLLAMA=localhost                      # Ollama server IP or hostname
+MODEL=qwen2.5-coder:1.5b              # Ollama model name
 
 # Embedding Configuration (for vector search)
 # For 384 dimensions: all-MiniLM-L6-v2

.gitignore

@@ -15,4 +15,6 @@
 *scmd-Linux-x86_64
 *.env
 .local
-.kiro/
+.kiro/
+build/
+*.exe

api_key_gen.go

@@ -0,0 +1,177 @@
+package main
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"fmt"
+	"log"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// aiAccessGranted is the package-level gate for AI and embedding features.
+// It is set once during startup by ValidateAPIAccess().
+var aiAccessGranted = false
+
+// CreateAPIKey generates a 32-character random API key, stores it in the
+// access table paired with the given email, and prints it to the screen.
+// Usage: scmd --create-api "user@example.com"
+func CreateAPIKey(email string) {
+	email = strings.TrimSpace(email)
+	if email == "" {
+		log.Fatal("Usage: scmd --create-api \"user@example.com\"")
+	}
+
+	// Ensure the database is initialised
+	if err := InitDB(); err != nil {
+		log.Fatalf("Database connection failed: %v", err)
+	}
+	defer CloseDB()
+
+	// Generate 16 random bytes → 32 hex characters
+	raw := make([]byte, 16)
+	if _, err := rand.Read(raw); err != nil {
+		log.Fatalf("Failed to generate random key: %v", err)
+	}
+	apiKey := strings.ToUpper(hex.EncodeToString(raw))
+
+	accessTbl := os.Getenv("ACCESS_TB")
+	if accessTbl == "" {
+		accessTbl = "access"
+	}
+
+	// Upsert: if the email already exists update the key, otherwise insert
+	query := fmt.Sprintf(`
+		INSERT INTO %s (email, api_key)
+		VALUES ($1, $2)
+		ON CONFLICT (email) DO UPDATE SET api_key = EXCLUDED.api_key`, accessTbl)
+
+	if _, err := db.Exec(query, email, apiKey); err != nil {
+		log.Fatalf("Failed to store API key: %v", err)
+	}
+
+	fmt.Println()
+	fmt.Println("======================================================")
+	fmt.Printf("  Email   : %s\n", email)
+	fmt.Printf("  API Key : %s\n", apiKey)
+	fmt.Println()
+
+	// Automatically write / update API_ACCESS in the .env file
+	if err := writeAPIAccessToEnv(apiKey); err != nil {
+		fmt.Printf("  ⚠ Could not update .env automatically: %v\n", err)
+		fmt.Println("  Add this line manually to your .env file:")
+		fmt.Printf("  API_ACCESS=%s\n", apiKey)
+	} else {
+		fmt.Println("  ✅ API_ACCESS has been written to your .env file.")
+	}
+	fmt.Println("======================================================")
+	fmt.Println()
+}
+
+// writeAPIAccessToEnv updates or appends API_ACCESS=<key> in the .env file
+// found in the current working directory.
+func writeAPIAccessToEnv(apiKey string) error {
+	// Locate the .env file
+	cwd, err := os.Getwd()
+	if err != nil {
+		return err
+	}
+	envPath := []string{cwd}
+
+	// Also check executable directory as fallback
+	if execPath, err2 := os.Executable(); err2 == nil {
+		envPath = append(envPath, filepath.Dir(execPath))
+	}
+
+	var filePath string
+	for _, dir := range envPath {
+		p := filepath.Join(dir, ".env")
+		if _, statErr := os.Stat(p); statErr == nil {
+			filePath = p
+			break
+		}
+	}
+	if filePath == "" {
+		return fmt.Errorf(".env file not found")
+	}
+
+	// Read existing content
+	raw, err := os.ReadFile(filePath)
+	if err != nil {
+		return err
+	}
+
+	lines := strings.Split(string(raw), "\n")
+	newLine := "API_ACCESS=" + apiKey
+	found := false
+
+	for i, line := range lines {
+		trimmed := strings.TrimSpace(line)
+		if strings.HasPrefix(trimmed, "API_ACCESS=") {
+			lines[i] = newLine
+			found = true
+			break
+		}
+	}
+
+	if !found {
+		lines = append(lines, newLine)
+	}
+
+	return os.WriteFile(filePath, []byte(strings.Join(lines, "\n")), 0644)
+}
+
+// ValidateAPIAccess checks whether the API_ACCESS key in the .env file
+// matches an entry in the access table. Sets aiAccessGranted accordingly.
+// Returns true if access is granted or if no access table / key is configured
+// (so existing installs without the access system still work).
+func ValidateAPIAccess() bool {
+	apiKey := strings.TrimSpace(os.Getenv("API_ACCESS"))
+
+	// If API_ACCESS is not set in .env, allow unrestricted access (backward-compatible)
+	if apiKey == "" {
+		aiAccessGranted = true
+		return true
+	}
+
+	if db == nil {
+		log.Println("⚠ API access validation skipped: database not connected")
+		aiAccessGranted = false
+		return false
+	}
+
+	accessTbl := os.Getenv("ACCESS_TB")
+	if accessTbl == "" {
+		accessTbl = "access"
+	}
+
+	var count int
+	query := fmt.Sprintf("SELECT COUNT(*) FROM %s WHERE api_key = $1", accessTbl)
+	err := db.QueryRow(query, apiKey).Scan(&count)
+	if err != nil {
+		log.Printf("⚠ API access check failed: %v", err)
+		aiAccessGranted = false
+		return false
+	}
+
+	if count > 0 {
+		aiAccessGranted = true
+		log.Println("✓ API access validated")
+		return true
+	}
+
+	log.Println("✗ API access denied: key not found in database")
+	aiAccessGranted = false
+	return false
+}
+
+// requireAIAccess returns true if AI features are unlocked.
+// Call this at the top of any AI/embedding function.
+func requireAIAccess() bool {
+	if !aiAccessGranted {
+		fmt.Println("⛔ AI features are locked. Add a valid API_ACCESS key to your .env")
+		fmt.Println("   Generate one with:  scmd --create-api \"your@email.com\"")
+	}
+	return aiAccessGranted
+}

build.ps1

@@ -0,0 +1,133 @@
+# Terminal Intelligence Build Script for Windows
+param(
+    [string]$Target = "build"
+)
+
+$BINARY_NAME = "scmd"
+$VERSION = "2.0.1"
+$BUILD_DIR = "build"
+
+# Get build number from git
+try {
+    $gitCount = git rev-list --count HEAD 2>$null
+    if ($LASTEXITCODE -eq 0) {
+        $BUILD_NUMBER = [int]$gitCount + 1
+    }
+    else {
+        $BUILD_NUMBER = 1
+    }
+}
+catch {
+    $BUILD_NUMBER = 1
+}
+
+$LDFLAGS = "-s -w -X main.version=$VERSION -X main.buildNumber=$BUILD_NUMBER"
+
+function Ensure-BuildDir {
+    if (!(Test-Path $BUILD_DIR)) {
+        New-Item -ItemType Directory -Path $BUILD_DIR | Out-Null
+    }
+}
+
+function Build-Current {
+    Write-Host "Building $BINARY_NAME for current platform..." -ForegroundColor Cyan
+    Ensure-BuildDir
+    go build -ldflags="$LDFLAGS" -o "$BUILD_DIR/$BINARY_NAME.exe" .
+    if ($LASTEXITCODE -eq 0) {
+        Write-Host "Build complete: $BUILD_DIR/$BINARY_NAME.exe" -ForegroundColor Green
+    }
+    else {
+        Write-Host "Build failed!" -ForegroundColor Red
+        exit 1
+    }
+}
+
+function Build-Windows {
+    Write-Host "Building $BINARY_NAME for Windows..." -ForegroundColor Cyan
+    Ensure-BuildDir
+    $env:GOOS = "windows"
+    $env:GOARCH = "amd64"
+    go build -ldflags="$LDFLAGS" -o "$BUILD_DIR/$BINARY_NAME-windows-amd64.exe" .
+    Write-Host "Build complete: $BUILD_DIR/$BINARY_NAME-windows-amd64.exe" -ForegroundColor Green
+}
+
+function Build-Linux {
+    Write-Host "Building $BINARY_NAME for Linux..." -ForegroundColor Cyan
+    Ensure-BuildDir
+    $env:GOOS = "linux"
+    $env:GOARCH = "amd64"
+    go build -ldflags="$LDFLAGS" -o "$BUILD_DIR/$BINARY_NAME-linux-amd64" .
+    $env:GOARCH = "arm64"
+    go build -ldflags="$LDFLAGS" -o "$BUILD_DIR/$BINARY_NAME-linux-aarch64" .
+    Write-Host "Build complete: $BUILD_DIR/$BINARY_NAME-linux-amd64 and $BUILD_DIR/$BINARY_NAME-linux-aarch64" -ForegroundColor Green
+}
+
+function Build-Darwin {
+    Write-Host "Building $BINARY_NAME for macOS..." -ForegroundColor Cyan
+    Ensure-BuildDir
+    $env:GOOS = "darwin"
+    $env:GOARCH = "amd64"
+    go build -ldflags="$LDFLAGS" -o "$BUILD_DIR/$BINARY_NAME-darwin-amd64" .
+    $env:GOARCH = "arm64"
+    go build -ldflags="$LDFLAGS" -o "$BUILD_DIR/$BINARY_NAME-darwin-arm64" .
+    Write-Host "Build complete: $BUILD_DIR/$BINARY_NAME-darwin-amd64 and $BUILD_DIR/$BINARY_NAME-darwin-arm64" -ForegroundColor Green
+}
+
+function Build-All {
+    Build-Windows
+    Build-Linux
+    Build-Darwin
+    Write-Host "All platform builds complete!" -ForegroundColor Green
+}
+
+function Run-Tests {
+    Write-Host "Running tests..." -ForegroundColor Cyan
+    go test ./... -v
+}
+
+function Run-Clean {
+    Write-Host "Cleaning build artifacts..." -ForegroundColor Cyan
+    if (Test-Path $BUILD_DIR) {
+        Remove-Item -Recurse -Force $BUILD_DIR
+    }
+    if (Test-Path "coverage.out") {
+        Remove-Item "coverage.out"
+    }
+    if (Test-Path "coverage.html") {
+        Remove-Item "coverage.html"
+    }
+    Write-Host "Clean complete" -ForegroundColor Green
+}
+
+function Show-Help {
+    Write-Host "Terminal Intelligence (TI) Build Script" -ForegroundColor Cyan
+    Write-Host ""
+    Write-Host "Usage: .\build.ps1 [target]" -ForegroundColor Yellow
+    Write-Host ""
+    Write-Host "Targets:" -ForegroundColor Yellow
+    Write-Host "  build            - Build for current platform (default)"
+    Write-Host "  windows          - Build for Windows (amd64)"
+    Write-Host "  linux            - Build for Linux (amd64 and arm64)"
+    Write-Host "  darwin           - Build for macOS (amd64 and arm64)"
+    Write-Host "  all              - Build for all platforms"
+    Write-Host "  test             - Run all tests"
+    Write-Host "  clean            - Remove build artifacts"
+    Write-Host "  help             - Show this help message"
+}
+
+# Execute target
+switch ($Target.ToLower()) {
+    "build" { Build-Current }
+    "windows" { Build-Windows }
+    "linux" { Build-Linux }
+    "darwin" { Build-Darwin }
+    "all" { Build-All }
+    "test" { Run-Tests }
+    "clean" { Run-Clean }
+    "help" { Show-Help }
+    default {
+        Write-Host "Unknown target: $Target" -ForegroundColor Red
+        Show-Help
+        exit 1
+    }
+}