Revert "Feat/mcp for dashboard users (#2)"

This reverts commit ea08ba4.

Author: dadadadas111

docs/api/TOOLS.md

@@ -0,0 +1,77 @@
+import { Controller, Post, Body, UseGuards, HttpCode, Logger } from '@nestjs/common';
+import { ApiTags, ApiOperation, ApiResponse, ApiSecurity } from '@nestjs/swagger';
+
+import { AdminAuthGuard } from './guards/admin-auth.guard';
+import { UpdateConfigDto, UpdateConfigResponseDto } from './dto/update-config.dto';
+import { ApiClientService } from '../mcp/services/api-client.service';
+
+@ApiTags('Admin')
+@Controller('admin')
+@UseGuards(AdminAuthGuard)
+@ApiSecurity('x-admin-api-key')
+export class AdminController {
+  private readonly logger = new Logger(AdminController.name);
+
+  constructor(private readonly apiClientService: ApiClientService) {}
+
+  @Post('config')
+  @HttpCode(200)
+  @ApiOperation({
+    summary: 'Update runtime configuration',
+    description:
+      'Update IOT_API_BASE_URL and IOT_API_KEY without restarting the service. ' +
+      'Requires x-admin-api-key header for authentication.',
+  })
+  @ApiResponse({
+    status: 200,
+    description: 'Configuration updated successfully',
+    type: UpdateConfigResponseDto,
+  })
+  @ApiResponse({
+    status: 400,
+    description: 'Invalid request - at least one field must be provided',
+  })
+  @ApiResponse({
+    status: 401,
+    description: 'Unauthorized - missing or invalid admin API key',
+  })
+  updateConfig(@Body() dto: UpdateConfigDto): UpdateConfigResponseDto {
+    const { iotApiBaseUrl, iotApiKey } = dto;
+
+    // Validate that at least one field is provided
+    if (!iotApiBaseUrl && !iotApiKey) {
+      this.logger.warn('Config update attempted with no fields');
+      return {
+        success: false,
+        message: 'At least one configuration field must be provided',
+      };
+    }
+
+    // Update configuration
+    const updatedFields: string[] = [];
+
+    if (iotApiBaseUrl) {
+      this.apiClientService.updateBaseUrl(iotApiBaseUrl);
+      updatedFields.push('iotApiBaseUrl');
+      this.logger.log(`Updated IOT_API_BASE_URL to: ${iotApiBaseUrl}`);
+    }
+
+    if (iotApiKey) {
+      this.apiClientService.updateApiKey(iotApiKey);
+      updatedFields.push('iotApiKey');
+      this.logger.log('Updated IOT_API_KEY (value hidden for security)');
+    }
+
+    // Build response
+    const response: UpdateConfigResponseDto = {
+      success: true,
+      message: `Configuration updated successfully: ${updatedFields.join(', ')}`,
+      updatedConfig: {
+        ...(iotApiBaseUrl && { iotApiBaseUrl }),
+        ...(iotApiKey && { iotApiKeyUpdated: true }),
+      },
+    };
+
+    return response;
+  }
+}

src/admin/admin.controller.ts

@@ -0,0 +1,13 @@
+import { Module } from '@nestjs/common';
+import { ConfigModule } from '@nestjs/config';
+
+import { AdminController } from './admin.controller';
+import { AdminAuthGuard } from './guards/admin-auth.guard';
+import { McpModule } from '../mcp/mcp.module';
+
+@Module({
+  imports: [ConfigModule, McpModule],
+  controllers: [AdminController],
+  providers: [AdminAuthGuard],
+})
+export class AdminModule {}

src/admin/admin.module.ts

@@ -0,0 +1,48 @@
+import { IsString, IsOptional } from 'class-validator';
+import { ApiProperty } from '@nestjs/swagger';
+
+export class UpdateConfigDto {
+  @ApiProperty({
+    description: 'IoT API base URL (e.g., https://api.iot-cloud.com)',
+    required: false,
+    example: 'https://api.iot-cloud.com',
+  })
+  @IsString()
+  @IsOptional()
+  iotApiBaseUrl?: string;
+
+  @ApiProperty({
+    description: 'IoT API key for authentication',
+    required: false,
+    example: 'sk_live_1234567890abcdef',
+  })
+  @IsString()
+  @IsOptional()
+  iotApiKey?: string;
+}
+
+export class UpdateConfigResponseDto {
+  @ApiProperty({
+    description: 'Operation success status',
+    example: true,
+  })
+  success: boolean;
+
+  @ApiProperty({
+    description: 'Success or error message',
+    example: 'Configuration updated successfully',
+  })
+  message: string;
+
+  @ApiProperty({
+    description: 'Updated configuration values (without sensitive data)',
+    example: {
+      iotApiBaseUrl: 'https://api.iot-cloud.com',
+      iotApiKeyUpdated: true,
+    },
+  })
+  updatedConfig?: {
+    iotApiBaseUrl?: string;
+    iotApiKeyUpdated?: boolean;
+  };
+}

src/admin/dto/update-config.dto.ts

@@ -0,0 +1,40 @@
+import {
+  Injectable,
+  CanActivate,
+  ExecutionContext,
+  UnauthorizedException,
+  Logger,
+} from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { Request } from 'express';
+
+@Injectable()
+export class AdminAuthGuard implements CanActivate {
+  private readonly logger = new Logger(AdminAuthGuard.name);
+
+  constructor(private configService: ConfigService) {}
+
+  canActivate(context: ExecutionContext): boolean {
+    const request = context.switchToHttp().getRequest<Request>();
+    const adminKey = request.headers['x-admin-api-key'];
+    const expectedKey = this.configService.get<string>('ADMIN_API_KEY');
+
+    if (!expectedKey) {
+      this.logger.error('ADMIN_API_KEY is not configured in environment');
+      throw new UnauthorizedException('Admin API is not configured');
+    }
+
+    if (!adminKey) {
+      this.logger.warn('Admin request without x-admin-api-key header');
+      throw new UnauthorizedException('Missing admin API key');
+    }
+
+    if (adminKey !== expectedKey) {
+      this.logger.warn('Admin request with invalid API key');
+      throw new UnauthorizedException('Invalid admin API key');
+    }
+
+    this.logger.debug('Admin authentication successful');
+    return true;
+  }
+}

src/admin/guards/admin-auth.guard.ts

@@ -0,0 +1,13 @@
+import { Module } from '@nestjs/common';
+import { HttpModule } from '@nestjs/axios';
+import { AuthModule } from '../auth/auth.module';
+import { McpModule } from '../mcp/mcp.module';
+import { ApiClientService } from '../mcp/services/api-client.service';
+import { McpController } from './controllers/mcp.controller';
+
+@Module({
+  imports: [HttpModule, AuthModule, McpModule],
+  controllers: [McpController],
+  providers: [ApiClientService],
+})
+export class ApiModule {}

src/api/api.module.ts

@@ -0,0 +1,96 @@
+import { Controller, All, Req, Res } from '@nestjs/common';
+import { ApiTags, ApiOperation, ApiResponse, ApiExcludeEndpoint } from '@nestjs/swagger';
+import { Response, Request } from 'express';
+import { randomUUID } from 'node:crypto';
+import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
+import { McpService } from '../../mcp/services/mcp.service';
+
+@ApiTags('MCP Protocol')
+@Controller('mcp')
+export class McpController {
+  // Store transports by session ID (stateful mode)
+  private readonly transports = new Map<string, StreamableHTTPServerTransport>();
+
+  constructor(private mcpService: McpService) {}
+
+  /**
+   * Main MCP endpoint - handles all HTTP methods
+   * GET: Establishes SSE stream for server-to-client messages
+   * POST: Receives client-to-server JSON-RPC messages
+   * DELETE: Terminates session
+   *
+   * NO AUTHENTICATION - Clients connect here, then use login tool
+   */
+  @All()
+  @ApiOperation({
+    summary: 'MCP Streamable HTTP endpoint',
+    description:
+      'Main MCP endpoint using official SDK transport. No authentication required - use login tool to authenticate. ' +
+      'Supports GET (SSE stream), POST (JSON-RPC messages), DELETE (session termination).',
+  })
+  @ApiResponse({
+    status: 200,
+    description: 'Request handled successfully',
+  })
+  @ApiExcludeEndpoint() // Hide from Swagger since it's a special protocol endpoint
+  async handleMcpRequest(@Req() req: Request, @Res() res: Response): Promise<void> {
+    const sessionId = req.headers['mcp-session-id'] as string | undefined;
+
+    console.log(`[MCP] ${req.method} request`, {
+      sessionId,
+      hasBody: !!req.body,
+      url: req.url,
+    });
+
+    try {
+      let transport: StreamableHTTPServerTransport;
+
+      if (sessionId && this.transports.has(sessionId)) {
+        // Reuse existing transport for this session
+        transport = this.transports.get(sessionId)!;
+        console.log(`[MCP] Reusing transport for session: ${sessionId}`);
+      } else {
+        // Create new transport (stateful mode with session management)
+        transport = new StreamableHTTPServerTransport({
+          sessionIdGenerator: () => randomUUID(),
+          onsessioninitialized: (newSessionId) => {
+            // Store transport when session is initialized
+            console.log(`[MCP] Session initialized: ${newSessionId}`);
+            this.transports.set(newSessionId, transport);
+          },
+        });
+
+        // Set up cleanup handler
+        transport.onclose = () => {
+          const sid = transport.sessionId;
+          if (sid && this.transports.has(sid)) {
+            console.log(`[MCP] Transport closed for session: ${sid}`);
+            this.transports.delete(sid);
+          }
+        };
+
+        // CRITICAL FIX: Create NEW server instance per transport
+        // Each transport needs its own server connection
+        console.log('[MCP] Creating new server instance for transport');
+        const server = await this.mcpService.createServer();
+        await server.connect(transport);
+      }
+
+      // Handle the request using the SDK transport
+      // The transport handles SSE streaming, JSON-RPC parsing, session validation, etc.
+      await transport.handleRequest(req, res, req.body);
+    } catch (error) {
+      console.error('[MCP] Error handling request:', error);
+      if (!res.headersSent) {
+        res.status(500).json({
+          jsonrpc: '2.0',
+          error: {
+            code: -32603,
+            message: 'Internal server error',
+          },
+          id: null,
+        });
+      }
+    }
+  }
+}

src/api/controllers/mcp.controller.ts

@@ -2,8 +2,11 @@ import { Module } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
 import { ThrottlerModule } from '@nestjs/throttler';
 import { HttpModule } from '@nestjs/axios';
+
+import { AuthModule } from './auth/auth.module';
+import { ApiModule } from './api/api.module';
+import { AdminModule } from './admin/admin.module';
 import { HealthController } from './health.controller';
-import { McpV2Module } from '@/mcp_v2/mcp-v2.module';
 
 @Module({
   imports: [
@@ -26,7 +29,11 @@ import { McpV2Module } from '@/mcp_v2/mcp-v2.module';
       timeout: 30000,
       maxRedirects: 5,
     }),
-    McpV2Module
+
+    // Feature modules
+    AuthModule,
+    ApiModule,
+    AdminModule,
   ],
   controllers: [HealthController],
 })