azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
565b6458baeebff6fbfbf3f51bb02a52dbea0ab4
claudetools/projects/msp-tools/guru-connect/TODO.md
Mike Swanson cb6054317a Phase 1 Week 1 Day 1-2: Critical Security Fixes Complete 
SEC-1: JWT Secret Security [COMPLETE]
- Removed hardcoded JWT secret from source code
- Made JWT_SECRET environment variable mandatory
- Added minimum 32-character validation
- Generated strong random secret in .env.example

SEC-2: Rate Limiting [DEFERRED]
- Created rate limiting middleware
- Blocked by tower_governor type incompatibility with Axum 0.7
- Documented in SEC2_RATE_LIMITING_TODO.md

SEC-3: SQL Injection Audit [COMPLETE]
- Verified all queries use parameterized binding
- NO VULNERABILITIES FOUND
- Documented in SEC3_SQL_INJECTION_AUDIT.md

SEC-4: Agent Connection Validation [COMPLETE]
- Added IP address extraction and logging
- Implemented 5 failed connection event types
- Added API key strength validation (32+ chars)
- Complete security audit trail

SEC-5: Session Takeover Prevention [COMPLETE]
- Implemented token blacklist system
- Added JWT revocation check in authentication
- Created 5 logout/revocation endpoints
- Integrated blacklist middleware

Files Created: 14 (utils, auth, api, middleware, docs)
Files Modified: 15 (main.rs, auth/mod.rs, relay/mod.rs, etc.)
Security Improvements: 5 critical vulnerabilities fixed
Compilation: SUCCESS
Testing: Required before production deployment

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-17 18:48:22 -07:00

4.6 KiB
Raw Blame History

GuruConnect Feature Tracking

Status Legend

  • Not started
  • [~] In progress
  • Complete

Phase 1: Core MVP

Infrastructure

  • WebSocket relay server (Axum)
  • Agent WebSocket client
  • Protobuf message protocol
  • Agent authentication (agent_id, api_key)
  • Session management (create, join, leave)
  • Systemd service deployment
  • NPM proxy (connect.azcomputerguru.com)

Support Codes

  • Generate 6-digit codes
  • Code validation API
  • Code status tracking (pending, connected, completed, cancelled)
  • [~] Link support codes to agent sessions
  • Code expiration (auto-expire after X minutes)
  • Support code in agent download URL

Dashboard

  • Technician login page
  • Support tab with code generation
  • Access tab with connected agents
  • Session detail panel with tabs
  • Screenshot thumbnails
  • Join/Connect button

Agent (Windows)

  • DXGI screen capture
  • GDI fallback capture
  • WebSocket connection
  • Config persistence (agent_id)
  • Support code parameter
  • Hostname/machine info reporting
  • Screenshot-only mode (for thumbnails)

Phase 2: Remote Control

Screen Viewing

  • Web-based viewer (canvas)
  • Raw frame decoding
  • Dirty rectangle optimization
  • Frame rate adaptation

Input Control

  • Mouse event handling (agent)
  • Keyboard event handling (agent)
  • Input relay through server
  • Multi-monitor support

Encoding

  • VP9 software encoding
  • H.264 hardware encoding (NVENC/QSV)
  • Adaptive quality based on bandwidth

Phase 3: Backstage Tools (like ScreenConnect)

Device Information

  • OS version, hostname, domain
  • Logged-in user
  • Public/private IP addresses
  • MAC address
  • CPU, RAM, disk info
  • Uptime

Toolbox APIs

  • Process list (name, PID, memory)
  • Installed software list
  • Windows services list
  • Event log viewer
  • Registry browser

Remote Commands

  • Run shell commands
  • PowerShell execution
  • Command output streaming
  • Command history per session

Chat/Messaging

  • Technician → Client messages
  • Client → Technician messages
  • Message history

File Transfer

  • Upload files to remote
  • Download files from remote
  • Progress tracking
  • Folder browsing

Phase 4: Session Management

Timeline/History

  • Connection events
  • Session duration tracking
  • Guest connection history
  • Activity log

Session Recording

  • Record session video
  • Playback interface
  • Storage management

Notes

  • Per-session notes
  • Session tagging

Phase 5: Access Mode (Unattended)

Persistent Agent

  • Windows service installation
  • Auto-start on boot
  • Silent/background mode
  • Automatic reconnection

Machine Groups

  • Company/client organization
  • Site/location grouping
  • Custom tags
  • Filtering/search

Installer Builder

  • Customized agent builds
  • Pre-configured company/site
  • Silent install options
  • MSI packaging

Phase 6: Security & Authentication

Technician Auth

  • User accounts
  • Password hashing
  • JWT tokens
  • Session management

MFA

  • TOTP (Google Authenticator)
  • Email verification

Audit Logging

  • Login attempts
  • Session access
  • Command execution
  • File transfers

Permissions

  • Role-based access
  • Per-client permissions
  • Feature restrictions

Phase 7: Integrations

PSA Integration

  • HaloPSA
  • Autotask
  • ConnectWise

GuruRMM Integration

  • Dashboard embedding
  • Single sign-on
  • Asset linking

Phase 8: Polish

Branding

  • White-label support
  • Custom logos
  • Custom colors

Mobile Support

  • Responsive viewer
  • Touch input handling

Annotations

  • Draw on screen
  • Pointer highlighting
  • Screenshot annotations

Current Sprint

In Progress

  1. Link support codes to agent sessions
  2. Show connected status in dashboard

Next Up

  1. Support code in agent download/config
  2. Device info reporting from agent
  3. Screenshot thumbnails

Notes

ScreenConnect Feature Reference (from screenshots)

  • Support session list with idle times and connection bars
  • Detail panel with tabbed interface:
    • Join/Screen (thumbnail, Join button)
    • Info (device details)
    • Timeline (connection history)
    • Chat (messaging)
    • Commands (shell execution)
    • Notes
    • Toolbox (processes, software, events, services)
    • File transfer
    • Logs
    • Settings
Reference in New Issue View Git Blame Copy Permalink