From a7b93e5e832ec67755cfa77b00242c9f5bf14b81 Mon Sep 17 00:00:00 2001
From: jester <admin@zerolaghub.com>
Date: Mon, 16 Mar 2026 22:11:31 +0000
Subject: [PATCH] =?UTF-8?q?Update=20PROJECT=5FCONTEXT=20=E2=80=94=20IDE=20?=
 =?UTF-8?q?proxy=20+=20token=20system=20implemented,=20API=20routes=20docu?=
 =?UTF-8?q?mented?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 PROJECT_CONTEXT.md | 69 ++++++++++++++++++++--------------------------
 1 file changed, 30 insertions(+), 39 deletions(-)

diff --git a/PROJECT_CONTEXT.md b/PROJECT_CONTEXT.md
index e19a9e0..48e95cf 100644
--- a/PROJECT_CONTEXT.md
+++ b/PROJECT_CONTEXT.md
@@ -49,7 +49,7 @@ System posture: stable, controlled expansion phase.
 ## Stack
 
 **API (zpack-api, VM 1005):** Node.js ESM, Express 5, Prisma 6, MariaDB,
-Redis, BullMQ, JWT, Stripe, argon2, ssh2, WebSocket
+Redis, BullMQ, JWT, Stripe, argon2, ssh2, WebSocket, http-proxy-middleware
 
 **Portal (zpack-portal, VM 1100):** Next.js 15, TypeScript, TailwindCSS,
 Axios, WebSocket console. Sci-fi HUD aesthetic (steel textures, neon
@@ -94,69 +94,59 @@ Confirmed:
 - code-server process launches and binds to `0.0.0.0:6000`
 - frontend host/console state updates correctly via API status endpoint
 
+**Pending agent change:** code-server must be relaunched with `--auth none --base-path /api/dev/<vmid>/ide`
+
 ---
 
 ## Dev Container Access Model
 
-Dev containers provide two access methods.
-
-### Browser IDE (Primary)
+### Browser IDE (Implemented)
 
 ```
 Browser
   ↓
 Portal
   ↓
-API proxy
+API proxy (/api/dev/:id/ide)
   ↓
 container:6000
 ```
 
-URL format: `/dev/<vmid>/ide`
+Portal calls `POST /api/dev/:id/ide-token` first, then opens the returned URL in a new tab. Token is short-lived (300s), signed by API. Proxy accepts token via `Authorization: Bearer` or `?token=` query param. WebSocket upgrades validated with same token.
 
-Benefits:
+Containers are never publicly exposed.
 
-- no DNS automation
-- no Traefik routing
-- no TLS per container
-- portal JWT controls access
-- ownership validated by API before proxying
+### Local Developer Access (Future)
 
-### Local Developer Access (Advanced)
+Headscale/Tailscale for SSH, VS Code Remote, local tools.
+Headscale server: `zlh-ctl` (status to be confirmed).
+Constraints: no exit nodes, `magic_dns: false`.
 
-Advanced users connect via **Tailscale / Headscale**.
+### Removed
 
-Benefits:
+DNS-per-container + Traefik dynamic routing approach was abandoned.
+Code removed from API: `devRouting.js`, `devDePublisher.js`, Traefik file writes.
+`proxyClient.js` retained — still used by game edge publish path.
 
-- SSH
-- VS Code Remote
-- local tooling
+---
 
-Headscale server: `zlh-ctl` (status to be confirmed)
+## API Routes — Dev IDE
 
-Constraints:
-
-- no exit nodes
-- `magic_dns: false`
-- no DNS takeover on customer machine
-
-### Removed Approach
-
-The previous model used DNS record per container, Traefik dynamic routes,
-and subdomain IDE access. This was removed due to operational complexity,
-TLS issues, and per-container DNS automation overhead.
-
-Code paths to remove from API: `createDevRouting()`, proxy SSH writes,
-Traefik dynamic file creation.
+```
+POST /api/dev/:id/ide-token   — generate short-lived IDE token
+GET  /api/dev/:id/ide         — proxy to container:6000
+GET  /api/dev/:id/ide/*       — proxy to container:6000
+GET  /api/servers/:id/status  — expose polled agent state to frontend
+```
 
 ---
 
 ## API / Frontend Status
 
 - API polls agent `/status`
-- API exposes polled state back to frontend via server status endpoint
+- API exposes polled state back to frontend via `GET /api/servers/:id/status`
 - Portal no longer relies on stale DB-only state for console availability
-- Game publish flow remains untouched — dev routing changes are additive only
+- Game publish flow remains untouched
 
 ---
 
@@ -186,10 +176,10 @@ Revenue multiplier: 1 developer → ~10 players → $147.50/mo total.
 
 ## Open Threads
 
-1. Implement browser IDE proxy (`/dev/:id/ide`) in API
-2. Confirm Headscale `zlh-ctl` VM status
-3. Curated provenance — tracking install origin
-4. Optional future: config diff viewer, upload progress UI, log search
+1. Agent: update code-server launch args (`--auth none`, `--base-path /api/dev/<vmid>/ide`)
+2. Portal: "Open IDE" button calling `/api/dev/:id/ide-token`
+3. Confirm Headscale `zlh-ctl` VM status
+4. Curated provenance — tracking install origin
 
 ---
 
@@ -218,3 +208,4 @@ All at `git.zerolaghub.com/jester/<repo>`
 - VMs 100, 101, 103, 1000 are legacy/unused — not active production
 - Do not mark unimplemented work as complete
 - Game publish flow must never be modified by dev routing changes
+- `proxyClient.js` must not be deleted — used by game edge publish path