""".format(session_id=html.escape(session_id), ttyd_port=ttyd_port)
if debug_mode_enabled
else ""
)
# JavaScript blocks are built server-side so SESSION_ID/TOKEN can be JSON-encoded
debug_js = (
"" if not debug_mode_enabled else
" let debugVisible = false;\n\n"
" function toggleDebug(force) {\n"
" debugVisible = typeof force === 'boolean' ? force : !debugVisible;\n"
" const el = document.getElementById('terminalDebug');\n"
" if (el) el.style.display = debugVisible ? 'block' : 'none';\n"
" }\n\n"
" window.addEventListener('keydown', (e) => { if ((e.ctrlKey||e.metaKey)&&e.shiftKey&&(e.key==='D'||e.key==='d')) { e.preventDefault(); toggleDebug(); } });\n\n"
)
history_js = """
let historyPanelOpen = false, historySelectedIndex = -1, historySearchQuery = '', historyTimeFilter = 'all';
async function toggleHistory() {
const panel = document.getElementById('terminalHistoryPanel');
const btn = document.getElementById('btnHistory');
if (historyPanelOpen) { closeHistoryPanel(); }
else {
panel.style.display = 'flex'; panel.classList.add('open'); btn.classList.add('active');
historyPanelOpen = true; historySelectedIndex = -1;
const si = document.getElementById('terminalHistorySearch');
if (si) { si.focus(); si.select(); }
if (historyData.length === 0) loadHistory();
}
}
function closeHistoryPanel() {
const panel = document.getElementById('terminalHistoryPanel');
const btn = document.getElementById('btnHistory');
panel.classList.remove('open'); btn.classList.remove('active');
historyPanelOpen = false; historySelectedIndex = -1;
setTimeout(() => { try { panel.style.display = 'none'; } catch(e){} }, 200);
document.getElementById('terminalFrame').focus();
}
async function loadHistory() {
const list = document.getElementById('terminalHistoryList');
list.innerHTML = '
Chargement...
';
const allHosts = document.getElementById('terminalHistoryAllHosts')?.checked || false;
const query = historySearchQuery;
let ep = allHosts ? '/api/terminal/command-history?limit=100' : `/api/terminal/${HOST_ID}/shell-history?limit=100`;
if (query) ep += (ep.includes('?') ? '&' : '?') + 'query=' + encodeURIComponent(query);
try {
const res = await fetch(ep, { headers: { 'Authorization': 'Bearer ' + TOKEN } });
const data = await res.json();
let cmds = data.commands || [];
if (historyTimeFilter !== 'all') {
const now = new Date();
let cutoff;
if (historyTimeFilter === 'today') cutoff = new Date(now.getFullYear(), now.getMonth(), now.getDate());
else if (historyTimeFilter === 'week') cutoff = new Date(now.getTime() - 7*86400000);
else if (historyTimeFilter === 'month') cutoff = new Date(now.getTime() - 30*86400000);
if (cutoff) cmds = cmds.filter(c => new Date(c.last_used||c.created_at) >= cutoff);
}
historyData = cmds; historySelectedIndex = -1; renderHistory();
} catch(e) { list.innerHTML = '
Erreur
'; }
}
function escH(t){return (t||'').replace(/&/g,'&').replace(//g,'>').replace(/"/g,'"').replace(/'/g,''');}
function escRE(s){return s.replace(/[.*+?^${}()|[\\]\\\\]/g, '\\\\$&');}
function relTime(d){if(!d)return'';const dt=new Date(d),now=new Date(),ds=Math.floor((now-dt)/1000);if(ds<60)return'À l instant';const dm=Math.floor(ds/60),dh=Math.floor(dm/60),dd=Math.floor(dh/24);if(dm<60)return`Il y a ${dm}min`;if(dh<24)return`Il y a ${dh}h`;if(dd<7)return`Il y a ${dd}j`;return dt.toLocaleDateString('fr-FR',{day:'numeric',month:'short'});}
function renderHistory(){
const list=document.getElementById('terminalHistoryList'),q=historySearchQuery||'';
if(!historyData.length){list.innerHTML=`
${q?`Aucun résultat pour "${escH(q)}"`:'Aucune commande'}
`;return;}
list.innerHTML=historyData.map((cmd,i)=>{
const c=cmd.command||'',ta=relTime(cmd.last_used||cmd.created_at),ec=cmd.execution_count||1,sel=i===historySelectedIndex;
let dc=escH(c.length>60?c.substring(0,60)+'...':c);
if(q)dc=dc.replace(new RegExp(`(${escRE(q)})`,'gi'),'$1');
return `
${dc}
${ta}${ec>1?`×${ec}`:''}
`;
}).join('');
if(historySelectedIndex>=0){const s=list.querySelector('.selected');if(s)s.scrollIntoView({block:'nearest',behavior:'smooth'});}
}
function handleHistoryKeydown(e){const k=e.key,l=historyData.length;if(k==='ArrowDown'){e.preventDefault();if(l>0){historySelectedIndex=Math.min(historySelectedIndex+1,l-1);renderHistory();}}else if(k==='ArrowUp'){e.preventDefault();if(l>0){historySelectedIndex=Math.max(historySelectedIndex-1,0);renderHistory();}}else if(k==='Enter'){e.preventDefault();if(historySelectedIndex>=0)selectH(historySelectedIndex);else if(l>0)selectH(0);}else if(k==='Escape'){e.preventDefault();closeHistoryPanel();}}
let _st=null;
function searchHistory(q){historySearchQuery=q;historySelectedIndex=-1;if(_st)clearTimeout(_st);_st=setTimeout(()=>loadHistory(),250);}
function clearHistorySearch(){const i=document.getElementById('terminalHistorySearch');if(i){i.value='';i.focus();}historySearchQuery='';historySelectedIndex=-1;loadHistory();}
function setHistoryTimeFilter(v){historyTimeFilter=v;historySelectedIndex=-1;loadHistory();}
function toggleHistoryScope(){historySelectedIndex=-1;loadHistory();}
function selectH(i){historySelectedIndex=i;renderHistory();}
function execH(i){selectH(i);closeHistoryPanel();}
function copyH(i){const c=historyData[i];if(c)copyTextToClipboard(c.command).catch(()=>{});}
document.addEventListener('keydown',(e)=>{
if(e.key==='Escape'&&historyPanelOpen)closeHistoryPanel();
if((e.ctrlKey||e.metaKey)&&e.key==='r'){e.preventDefault();toggleHistory();}
});
"""
script_block = (
""
)
return _templates.TemplateResponse(
"terminal/connect.html",
{
"request": request,
"safe_title": html.escape(session.host_name or "Terminal"),
"safe_host_name": html.escape(session.host_name or ""),
"safe_host_ip": html.escape(session.host_ip or ""),
"session_id_short": session_id[:8],
"ttyd_port": ttyd_port,
"timer_display": f"{remaining_seconds // 60}:{remaining_seconds % 60:02d}",
"embed_mode": embed_mode,
"debug_panel_html": debug_panel_html,
"script_block": script_block,
},
headers={"Cache-Control": "no-store"},
)
@router.get("/popout/{session_id}")
async def get_terminal_popout_page(
session_id: str,
token: str,
request: Request,
db_session: AsyncSession = Depends(get_db),
):
"""
Serve the terminal popout page (fullscreen, minimal UI).
This is designed to be opened in a popup window or PWA.
"""
# Reuse the same connect page logic but with minimal header
return await get_terminal_connect_page(session_id, token, request, db_session)
# ============================================================================
# Command History Endpoints
# ============================================================================
@router.get("/{host_id}/command-history", response_model=CommandHistoryResponse)
async def get_host_command_history(
host_id: str,
query: Optional[str] = None,
limit: int = 50,
offset: int = 0,
current_user: dict = Depends(get_current_user),
db_session: AsyncSession = Depends(get_db),
debug_enabled: bool = Depends(require_debug_mode),
):
"""
Get command history for a specific host.
Args:
host_id: Host ID to get history for
query: Optional search query to filter commands
limit: Maximum number of results (default 50)
offset: Number of results to skip for pagination
Returns:
List of commands with timestamps and metadata
"""
# Verify host exists
host_repo = HostRepository(db_session)
host = await host_repo.get(host_id)
if not host:
host = await host_repo.get_by_name(host_id)
if not host:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=f"Host '{host_id}' not found"
)
# Get command history
cmd_repo = TerminalCommandLogRepository(db_session)
logs = await cmd_repo.list_for_host(
host_id=host.id,
query=query,
limit=min(limit, 100), # Cap at 100
offset=offset,
)
total = await cmd_repo.count_for_host(host.id)
commands = [
CommandHistoryItem(
id=log.id,
command=log.command,
created_at=log.created_at,
host_name=log.host_name,
username=log.username,
)
for log in logs
]
return CommandHistoryResponse(
commands=commands,
total=total,
host_id=host.id,
query=query,
)
@router.get("/{host_id}/shell-history")
async def get_host_shell_history(
host_id: str,
query: Optional[str] = None,
limit: int = 100,
current_user: dict = Depends(get_current_user),
db_session: AsyncSession = Depends(get_db),
debug_enabled: bool = Depends(require_debug_mode),
):
"""
Get shell history directly from the remote host via SSH.
This fetches the actual ~/.bash_history file from the host,
providing real-time command history.
Args:
host_id: Host ID to get history for
query: Optional search query to filter commands
limit: Maximum number of results (default 100)
Returns:
List of commands from the remote shell history
"""
# Verify host exists
host_repo = HostRepository(db_session)
host = await host_repo.get(host_id)
if not host:
host = await host_repo.get_by_name(host_id)
if not host:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=f"Host '{host_id}' not found"
)
try:
# Fetch history from the remote host via SSH
commands = await shell_history_service.fetch_combined_history(
host_ip=host.ip_address,
limit=min(limit, 200),
user="automation"
)
# Apply search filter if provided
if query:
q = query.lower()
commands = [c for c in commands if q in c.get("command", "").lower()]
return {
"commands": commands,
"total": len(commands),
"host_id": host.id,
"host_name": host.name,
"source": "remote_shell",
}
except ShellHistoryError as e:
logger.warning(f"Failed to fetch shell history from {host.name}: {e}")
# Fallback to database history
cmd_repo = TerminalCommandLogRepository(db_session)
unique_cmds = await cmd_repo.get_unique_commands_for_host(
host_id=host.id,
query=query,
limit=min(limit, 100),
)
return {
"commands": unique_cmds,
"total": len(unique_cmds),
"host_id": host.id,
"host_name": host.name,
"source": "database",
"error": str(e),
}
@router.get("/{host_id}/command-history/unique", response_model=UniqueCommandsResponse)
async def get_host_unique_commands(
host_id: str,
query: Optional[str] = None,
limit: int = 50,
current_user: dict = Depends(get_current_user),
db_session: AsyncSession = Depends(get_db),
debug_enabled: bool = Depends(require_debug_mode),
):
"""
Get unique commands for a host (deduplicated).
Returns each unique command once with execution count and last used time.
Useful for command suggestions/autocomplete.
"""
# Verify host exists
host_repo = HostRepository(db_session)
host = await host_repo.get(host_id)
if not host:
host = await host_repo.get_by_name(host_id)
if not host:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=f"Host '{host_id}' not found"
)
# Get unique commands
cmd_repo = TerminalCommandLogRepository(db_session)
unique_cmds = await cmd_repo.get_unique_commands_for_host(
host_id=host.id,
query=query,
limit=min(limit, 100),
)
commands = [
UniqueCommandItem(
command=cmd["command"],
command_hash=cmd["command_hash"],
last_used=cmd["last_used"],
execution_count=cmd["execution_count"],
)
for cmd in unique_cmds
]
return UniqueCommandsResponse(
commands=commands,
total=len(commands),
host_id=host.id,
)
@router.get("/command-history", response_model=CommandHistoryResponse)
async def get_global_command_history(
query: Optional[str] = None,
host_id: Optional[str] = None,
limit: int = 50,
offset: int = 0,
current_user: dict = Depends(get_current_user),
db_session: AsyncSession = Depends(get_db),
debug_enabled: bool = Depends(require_debug_mode),
):
"""
Get command history globally (across all hosts).
Args:
query: Optional search query to filter commands
host_id: Optional host ID to filter by
limit: Maximum number of results (default 50)
offset: Number of results to skip for pagination
Returns:
List of commands with timestamps and metadata
"""
user_id = current_user.get("user_id") or current_user.get("type", "api_key")
cmd_repo = TerminalCommandLogRepository(db_session)
logs = await cmd_repo.list_global(
query=query,
host_id=host_id,
user_id=str(user_id) if user_id else None,
limit=min(limit, 100),
offset=offset,
)
commands = [
CommandHistoryItem(
id=log.id,
command=log.command,
created_at=log.created_at,
host_name=log.host_name,
username=log.username,
)
for log in logs
]
return CommandHistoryResponse(
commands=commands,
total=len(commands),
host_id=host_id,
query=query,
)
@router.delete("/{host_id}/command-history")
async def clear_host_command_history(
host_id: str,
current_user: dict = Depends(get_current_user),
db_session: AsyncSession = Depends(get_db),
debug_enabled: bool = Depends(require_debug_mode),
):
"""
Clear command history for a specific host.
Requires admin role.
"""
# Check admin permission
if current_user.get("role") != "admin":
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Only admins can clear command history"
)
# Verify host exists
host_repo = HostRepository(db_session)
host = await host_repo.get(host_id)
if not host:
host = await host_repo.get_by_name(host_id)
if not host:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=f"Host '{host_id}' not found"
)
cmd_repo = TerminalCommandLogRepository(db_session)
deleted = await cmd_repo.delete_for_host(host.id)
await db_session.commit()
logger.info(f"Cleared {deleted} command logs for host {host.name}")
return {"message": f"Cleared {deleted} command logs", "host_id": host.id}
@router.post("/command-history/purge")
async def purge_old_command_history(
days: int = 30,
current_user: dict = Depends(get_current_user),
db_session: AsyncSession = Depends(get_db),
debug_enabled: bool = Depends(require_debug_mode),
):
"""
Purge command history older than specified days.
Requires admin role.
"""
# Check admin permission
if current_user.get("role") != "admin":
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Only admins can purge command history"
)
cmd_repo = TerminalCommandLogRepository(db_session)
deleted = await cmd_repo.purge_old_logs(days=days)
await db_session.commit()
logger.info(f"Purged {deleted} command logs older than {days} days")
return {"message": f"Purged {deleted} command logs", "retention_days": days}