azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
565b6458baeebff6fbfbf3f51bb02a52dbea0ab4
claudetools/projects/msp-tools/guru-connect/PHASE2_CORE_FEATURES.md
Mike Swanson cb6054317a Phase 1 Week 1 Day 1-2: Critical Security Fixes Complete 
SEC-1: JWT Secret Security [COMPLETE]
- Removed hardcoded JWT secret from source code
- Made JWT_SECRET environment variable mandatory
- Added minimum 32-character validation
- Generated strong random secret in .env.example

SEC-2: Rate Limiting [DEFERRED]
- Created rate limiting middleware
- Blocked by tower_governor type incompatibility with Axum 0.7
- Documented in SEC2_RATE_LIMITING_TODO.md

SEC-3: SQL Injection Audit [COMPLETE]
- Verified all queries use parameterized binding
- NO VULNERABILITIES FOUND
- Documented in SEC3_SQL_INJECTION_AUDIT.md

SEC-4: Agent Connection Validation [COMPLETE]
- Added IP address extraction and logging
- Implemented 5 failed connection event types
- Added API key strength validation (32+ chars)
- Complete security audit trail

SEC-5: Session Takeover Prevention [COMPLETE]
- Implemented token blacklist system
- Added JWT revocation check in authentication
- Created 5 logout/revocation endpoints
- Integrated blacklist middleware

Files Created: 14 (utils, auth, api, middleware, docs)
Files Modified: 15 (main.rs, auth/mod.rs, relay/mod.rs, etc.)
Security Improvements: 5 critical vulnerabilities fixed
Compilation: SUCCESS
Testing: Required before production deployment

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-17 18:48:22 -07:00

10 KiB
Raw Blame History

Phase 2: Core Features

Duration: 8 weeks Team: 1 Frontend Developer + 1 Agent Developer + 1 Backend Developer (part-time) Goal: Build missing launch blockers and essential features

Overview

Phase 2 focuses on implementing the core features needed for basic attended support sessions:

  • End-user portal for support code entry
  • One-time agent download mechanism
  • Complete input relay (mouse/keyboard)
  • Dashboard session management UI
  • Text clipboard synchronization
  • Remote PowerShell execution
  • Basic file download

Completion Criteria: MSP can generate support code, end user can connect, tech can view screen, control remotely, sync clipboard, run commands, and download files.

Week 5: Portal & Input Foundation

End-User Portal (Frontend Developer)

  • Create server/static/portal.html (support code entry page)
  • Design 6-segment code input (Apple-style auto-advance)
  • Add support code validation via API
  • Implement browser detection (Chrome, Firefox, Edge, Safari)
  • Add download button (triggers agent download)
  • Style with GuruConnect branding (match dashboard theme)
  • Test on all major browsers
  • Add error handling (invalid code, expired code, server error)
  • Add loading indicators during validation
  • Deploy to server/static/

Input Relay Completion (Agent Developer)

  • Review viewer input capture in viewer.html
  • Verify mouse events captured correctly
  • Verify keyboard events captured correctly
  • Test special keys (Ctrl, Alt, Shift, Windows key)
  • Wire input events to WebSocket send
  • Test viewer → server → agent relay
  • Add input latency logging
  • Test on LAN (target <50ms)
  • Test on WAN with throttling (target <200ms)
  • Fix any input lag issues

Week 6: Agent Download (Phase 1)

Support Code Embedding (Backend Developer)

  • Modify support code API to return download URL
  • Create /api/support-codes/:code/download endpoint
  • Generate one-time download token (expires in 5 minutes)
  • Link download token to support code
  • Test download URL generation
  • Add download tracking (log when agent downloaded)

One-Time Agent Build (Agent Developer)

  • Create agent/src/onetime_mode.rs
  • Add --support-code flag to agent CLI
  • Implement support code embedding in agent config
  • Make agent auto-connect with embedded code
  • Disable persistence (no registry, no service)
  • Add self-delete after session ends
  • Test one-time agent connects automatically
  • Test agent deletes itself on exit

Week 7: Agent Download (Phase 2)

Download Endpoint (Backend Developer)

  • Create server download handler
  • Stream agent binary from server/static/downloads/
  • Embed support code in download filename
  • Add Content-Disposition header
  • Test browser downloads file correctly
  • Add virus scanning (optional, ClamAV)
  • Log download events

Portal Integration (Frontend Developer)

  • Wire portal download button to API
  • Show download progress (if possible)
  • Add instructions: "Run the downloaded file"
  • Add timeout warning (code expires in 10 minutes)
  • Test end-to-end: code entry → download → run
  • Add troubleshooting section (firewall, antivirus)
  • Test on Windows 10/11 (no admin required)

Week 8: Agent Download (Phase 3) & Dashboard UI

Agent Polish (Agent Developer)

  • Add tray icon to one-time agent (optional)
  • Show "Connecting..." message
  • Show "Connected" message
  • Test agent launches without UAC prompt
  • Test on Windows 7 (if required)
  • Add error messages for connection failures
  • Test firewall scenarios

Dashboard Session List (Frontend Developer)

  • Create session list component in dashboard.html
  • Fetch active sessions from /api/sessions
  • Display: support code, machine name, status, duration
  • Add real-time updates via WebSocket
  • Add "Join" button for each session
  • Add "End" button (disconnect session)
  • Add auto-refresh (every 3 seconds as fallback)
  • Style session cards
  • Test with multiple concurrent sessions
  • Add empty state ("No active sessions")

Session Detail Panel (Frontend Developer)

  • Create session detail panel (right side of dashboard)
  • Add tabs: Info, Screen, Chat, Commands, Files
  • Info tab: machine details, OS, uptime, connection time
  • Test tab switching
  • Add close button to collapse panel
  • Style with consistent theme

Week 9: Clipboard Sync (Phase 1)

Agent-Side Clipboard (Agent Developer)

  • Add Windows clipboard API integration
  • Implement clipboard change detection
  • Read text from clipboard on change
  • Send ClipboardUpdate message to server
  • Receive ClipboardUpdate from server
  • Write text to clipboard
  • Test bidirectional sync
  • Add clipboard permission handling
  • Test with Unicode text
  • Add error handling (clipboard locked, etc.)

Viewer-Side Clipboard (Frontend Developer)

  • Add JavaScript Clipboard API integration
  • Detect clipboard changes in viewer
  • Send clipboard updates via WebSocket
  • Receive clipboard updates from agent
  • Write to local clipboard
  • Request clipboard permissions from user
  • Test bidirectional sync
  • Add UI indicator ("Clipboard synced")
  • Test on Chrome, Firefox, Edge

Week 10: Clipboard Sync (Phase 2) & PowerShell Foundation

Clipboard Protocol (Backend Developer)

  • Review ClipboardUpdate protobuf message
  • Implement relay handler for clipboard
  • Relay clipboard updates viewer ↔ agent
  • Add clipboard event logging
  • Test end-to-end clipboard sync
  • Add rate limiting (prevent clipboard spam)

Clipboard Testing (All)

  • Test: Copy text on local → appears on remote
  • Test: Copy text on remote → appears on local
  • Test: Long text (10KB+)
  • Test: Unicode characters (emoji, Chinese, etc.)
  • Test: Rapid clipboard changes
  • Document clipboard limitations (text-only for now)

PowerShell Backend (Backend Developer)

  • Create /api/sessions/:id/execute endpoint
  • Accept command, timeout parameters
  • Store command execution request in database
  • Send CommandExecute message to agent via WebSocket
  • Relay command output from agent to viewer
  • Add command history logging
  • Test with simple commands (hostname, ipconfig)

Week 11: PowerShell Execution

Agent PowerShell (Agent Developer)

  • Implement CommandExecute handler in agent
  • Spawn PowerShell.exe process
  • Capture stdout and stderr streams
  • Stream output back to server (chunked)
  • Handle command timeouts (kill process)
  • Send CommandComplete when done
  • Test with long-running commands
  • Test with commands requiring input (handle failure)
  • Add error handling (command not found, etc.)

Dashboard PowerShell UI (Frontend Developer)

  • Add "Commands" tab to session detail panel
  • Create command input textbox
  • Add timeout controls (checkboxes: 30s, 60s, 5min, custom)
  • Add "Execute" button
  • Display command output (terminal-style, monospace)
  • Add output scrolling
  • Show command status (Running, Completed, Failed, Timeout)
  • Add command history (previous commands)
  • Test with PowerShell commands (Get-Process, Get-Service)
  • Test with CMD commands (ipconfig, netstat)

Week 12: File Download

File Browse API (Backend Developer)

  • Create /api/sessions/:id/files/browse endpoint
  • Accept path parameter (default: C:)
  • Send FileBrowse message to agent
  • Relay file list from agent
  • Return JSON: files, directories, sizes, dates
  • Add path validation (prevent directory traversal)
  • Test with various paths

Agent File Browser (Agent Developer)

  • Implement FileBrowse handler
  • List files and directories at given path
  • Read file metadata (size, modified date, attributes)
  • Send FileList response
  • Handle permission errors (access denied)
  • Test on C:, D:, network shares
  • Add file type detection (extension-based)

File Download Implementation (Agent Developer)

  • Implement FileDownload handler in agent
  • Read file in chunks (64KB chunks)
  • Send FileChunk messages to server
  • Handle large files (stream, don't load into memory)
  • Send FileComplete when done
  • Add progress tracking (bytes sent / total bytes)
  • Handle file read errors
  • Test with small files (KB)
  • Test with large files (100MB+)

Dashboard File Browser (Frontend Developer)

  • Add "Files" tab to session detail panel
  • Create file browser UI (left pane: remote files)
  • Fetch file list from API
  • Display: name, size, type, modified date
  • Add breadcrumb navigation (C:\ > Users > Downloads)
  • Add "Download" button for selected file
  • Show download progress bar
  • Save file to local disk (browser download)
  • Test file browsing and download
  • Add file type icons

Phase 2 Completion Criteria

Functional Checklist

  • End-user portal functional (code entry, validation, download)
  • One-time agent downloads and connects automatically
  • Dashboard shows active sessions in real-time
  • "Join" button launches viewer
  • Input relay works (mouse + keyboard) with <200ms latency on WAN
  • Text clipboard syncs bidirectionally
  • Remote PowerShell executes with live output streaming
  • Files can be browsed and downloaded from remote machine

Quality Checklist

  • All features tested on Windows 10/11
  • Cross-browser testing (Chrome, Firefox, Edge)
  • Network testing (LAN + WAN with throttling)
  • Error handling for all failure scenarios
  • Loading indicators for async operations
  • User-friendly error messages

Performance Checklist

  • Portal loads in <2 seconds
  • Dashboard session list updates in <1 second
  • Clipboard sync latency <500ms
  • PowerShell output streams in real-time (<100ms chunks)
  • File download speed: 1MB/s+ on LAN

Documentation Checklist

  • End-user guide (how to use support portal)
  • Technician guide (how to manage sessions)
  • API documentation updated
  • Known limitations documented (text-only clipboard, etc.)

Phase Owner: Frontend Developer + Agent Developer + Backend Developer Prerequisites: Phase 1 complete (security + infrastructure) Target Completion: 8 weeks from start Next Phase: Phase 3 - Competitive Features

Reference in New Issue View Git Blame Copy Permalink