feat: implement sessions request from grpc server

README.md

@@ -33,6 +33,10 @@ The following environment variables can be configured in the `.env` file:
 | `BUFFER_SIZE` | Buffer size for io.Copy operations in bytes (4096-1048576) | `32768` | No |
 | `PPROF_ENABLED` | Enable pprof profiling server | `false` | No |
 | `PPROF_PORT` | Port for pprof server | `6060` | No |
+| `MODE` | Runtime mode: `standalone` (default, no gRPC/auth) or `node` (enable gRPC + auth) | `standalone` | No |
+| `GRPC_ADDRESS` | gRPC server address/host used in `node` mode | `localhost` | No |
+| `GRPC_PORT` | gRPC server port used in `node` mode | `8080` | No |
+| `NODE_TOKEN` | Authentication token sent to controller in `node` mode | - (required in `node`) | Yes (node mode) |
 
 **Note:** All environment variables now use UPPERCASE naming. The application includes sensible defaults for all variables, so you can run it without a `.env` file for basic functionality.
 

go.mod

@@ -1,48 +1,55 @@
 module tunnel_pls
 
-go 1.24.4
+go 1.25.5
 
 require (
+	git.fossy.my.id/bagas/tunnel-please-grpc v1.2.0
 	github.com/caddyserver/certmagic v0.25.0
 	github.com/charmbracelet/bubbles v0.21.0
 	github.com/charmbracelet/bubbletea v1.3.10
+	github.com/charmbracelet/lipgloss v1.1.0
 	github.com/joho/godotenv v1.5.1
 	github.com/libdns/cloudflare v0.2.2
+	github.com/muesli/termenv v0.16.0
 	golang.org/x/crypto v0.46.0
+	google.golang.org/grpc v1.78.0
+	google.golang.org/protobuf v1.36.11
 )
 
 require (
 	github.com/atotto/clipboard v0.1.4 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/caddyserver/zerossl v0.1.3 // indirect
-	github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
-	github.com/charmbracelet/lipgloss v1.1.0 // indirect
-	github.com/charmbracelet/x/ansi v0.10.1 // indirect
-	github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd // indirect
-	github.com/charmbracelet/x/term v0.2.1 // indirect
+	github.com/charmbracelet/colorprofile v0.4.1 // indirect
+	github.com/charmbracelet/x/ansi v0.11.3 // indirect
+	github.com/charmbracelet/x/cellbuf v0.0.14 // indirect
+	github.com/charmbracelet/x/term v0.2.2 // indirect
+	github.com/clipperhouse/displaywidth v0.6.2 // indirect
+	github.com/clipperhouse/stringish v0.1.1 // indirect
+	github.com/clipperhouse/uax29/v2 v2.3.0 // indirect
 	github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/libdns/libdns v1.1.1 // indirect
-	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/lucasb-eyer/go-colorful v1.3.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-localereader v0.0.1 // indirect
-	github.com/mattn/go-runewidth v0.0.16 // indirect
-	github.com/mholt/acmez/v3 v3.1.3 // indirect
-	github.com/miekg/dns v1.1.68 // indirect
+	github.com/mattn/go-runewidth v0.0.19 // indirect
+	github.com/mholt/acmez/v3 v3.1.4 // indirect
+	github.com/miekg/dns v1.1.69 // indirect
 	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
 	github.com/muesli/cancelreader v0.2.2 // indirect
-	github.com/muesli/termenv v0.16.0 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/sahilm/fuzzy v0.1.1 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	github.com/zeebo/blake3 v0.2.4 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/zap v1.27.0 // indirect
+	go.uber.org/zap v1.27.1 // indirect
 	go.uber.org/zap/exp v0.3.0 // indirect
-	golang.org/x/mod v0.30.0 // indirect
-	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/mod v0.31.0 // indirect
+	golang.org/x/net v0.48.0 // indirect
 	golang.org/x/sync v0.19.0 // indirect
 	golang.org/x/sys v0.39.0 // indirect
 	golang.org/x/text v0.32.0 // indirect
-	golang.org/x/tools v0.39.0 // indirect
+	golang.org/x/tools v0.40.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b // indirect
 )

go.sum

@@ -1,3 +1,5 @@
+git.fossy.my.id/bagas/tunnel-please-grpc v1.2.0 h1:BS1dJU3wa2ILgTGwkV95Knle0il0OQtErGqyb6xV7SU=
+git.fossy.my.id/bagas/tunnel-please-grpc v1.2.0/go.mod h1:fG+VkArdkceGB0bNA7IFQus9GetLAwdF5Oi4jdMlXtY=
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
@@ -12,24 +14,38 @@ github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u
 github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg=
 github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw=
 github.com/charmbracelet/bubbletea v1.3.10/go.mod h1:ORQfo0fk8U+po9VaNvnV95UPWA1BitP1E0N6xJPlHr4=
-github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc h1:4pZI35227imm7yK2bGPcfpFEmuY1gc2YSTShr4iJBfs=
-github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc/go.mod h1:X4/0JoqgTIPSFcRA/P6INZzIuyqdFY5rm8tb41s9okk=
+github.com/charmbracelet/colorprofile v0.4.1 h1:a1lO03qTrSIRaK8c3JRxJDZOvhvIeSco3ej+ngLk1kk=
+github.com/charmbracelet/colorprofile v0.4.1/go.mod h1:U1d9Dljmdf9DLegaJ0nGZNJvoXAhayhmidOdcBwAvKk=
 github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY=
 github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30=
-github.com/charmbracelet/x/ansi v0.10.1 h1:rL3Koar5XvX0pHGfovN03f5cxLbCF2YvLeyz7D2jVDQ=
-github.com/charmbracelet/x/ansi v0.10.1/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE=
-github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd h1:vy0GVL4jeHEwG5YOXDmi86oYw2yuYUGqz6a8sLwg0X8=
-github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs=
+github.com/charmbracelet/x/ansi v0.11.3 h1:6DcVaqWI82BBVM/atTyq6yBoRLZFBsnoDoX9GCu2YOI=
+github.com/charmbracelet/x/ansi v0.11.3/go.mod h1:yI7Zslym9tCJcedxz5+WBq+eUGMJT0bM06Fqy1/Y4dI=
+github.com/charmbracelet/x/cellbuf v0.0.14 h1:iUEMryGyFTelKW3THW4+FfPgi4fkmKnnaLOXuc+/Kj4=
+github.com/charmbracelet/x/cellbuf v0.0.14/go.mod h1:P447lJl49ywBbil/KjCk2HexGh4tEY9LH0/1QrZZ9rA=
 github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91 h1:payRxjMjKgx2PaCWLZ4p3ro9y97+TVLZNaRZgJwSVDQ=
 github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91/go.mod h1:wDlXFlCrmJ8J+swcL/MnGUuYnqgQdW9rhSD61oNMb6U=
-github.com/charmbracelet/x/term v0.2.1 h1:AQeHeLZ1OqSXhrAWpYUtZyX1T3zVxfpZuEQMIQaGIAQ=
-github.com/charmbracelet/x/term v0.2.1/go.mod h1:oQ4enTYFV7QN4m0i9mzHrViD7TQKvNEEkHUMCmsxdUg=
+github.com/charmbracelet/x/term v0.2.2 h1:xVRT/S2ZcKdhhOuSP4t5cLi5o+JxklsoEObBSgfgZRk=
+github.com/charmbracelet/x/term v0.2.2/go.mod h1:kF8CY5RddLWrsgVwpw4kAa6TESp6EB5y3uxGLeCqzAI=
+github.com/clipperhouse/displaywidth v0.6.2 h1:ZDpTkFfpHOKte4RG5O/BOyf3ysnvFswpyYrV7z2uAKo=
+github.com/clipperhouse/displaywidth v0.6.2/go.mod h1:R+kHuzaYWFkTm7xoMmK1lFydbci4X2CicfbGstSGg0o=
+github.com/clipperhouse/stringish v0.1.1 h1:+NSqMOr3GR6k1FdRhhnXrLfztGzuG+VuFDfatpWHKCs=
+github.com/clipperhouse/stringish v0.1.1/go.mod h1:v/WhFtE1q0ovMta2+m+UbpZ+2/HEXNWYXQgCt4hdOzA=
+github.com/clipperhouse/uax29/v2 v2.3.0 h1:SNdx9DVUqMoBuBoW3iLOj4FQv3dN5mDtuqwuhIGpJy4=
+github.com/clipperhouse/uax29/v2 v2.3.0/go.mod h1:Wn1g7MK6OoeDT0vL+Q0SQLDz/KpfsVRgg6W7ihQeh4g=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4=
 github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
+github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
@@ -40,18 +56,18 @@ github.com/libdns/cloudflare v0.2.2 h1:XWHv+C1dDcApqazlh08Q6pjytYLgR2a+Y3xrXFu0v
 github.com/libdns/cloudflare v0.2.2/go.mod h1:w9uTmRCDlAoafAsTPnn2nJ0XHK/eaUMh86DUk8BWi60=
 github.com/libdns/libdns v1.1.1 h1:wPrHrXILoSHKWJKGd0EiAVmiJbFShguILTg9leS/P/U=
 github.com/libdns/libdns v1.1.1/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ=
-github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
-github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/lucasb-eyer/go-colorful v1.3.0 h1:2/yBRLdWBZKrf7gB40FoiKfAWYQ0lqNcbuQwVHXptag=
+github.com/lucasb-eyer/go-colorful v1.3.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4=
 github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88=
-github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
-github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
-github.com/mholt/acmez/v3 v3.1.3 h1:gUl789rjbJSuM5hYzOFnNaGgWPV1xVfnOs59o0dZEcc=
-github.com/mholt/acmez/v3 v3.1.3/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
-github.com/miekg/dns v1.1.68 h1:jsSRkNozw7G/mnmXULynzMNIsgY2dHC8LO6U6Ij2JEA=
-github.com/miekg/dns v1.1.68/go.mod h1:fujopn7TB3Pu3JM69XaawiU0wqjpL9/8xGop5UrTPps=
+github.com/mattn/go-runewidth v0.0.19 h1:v++JhqYnZuu5jSKrk9RbgF5v4CGUjqRfBm05byFGLdw=
+github.com/mattn/go-runewidth v0.0.19/go.mod h1:XBkDxAl56ILZc9knddidhrOlY5R/pDhgLpndooCuJAs=
+github.com/mholt/acmez/v3 v3.1.4 h1:DyzZe/RnAzT3rpZj/2Ii5xZpiEvvYk3cQEN/RmqxwFQ=
+github.com/mholt/acmez/v3 v3.1.4/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
+github.com/miekg/dns v1.1.69 h1:Kb7Y/1Jo+SG+a2GtfoFUfDkG//csdRPwRLkCsxDG9Sc=
+github.com/miekg/dns v1.1.69/go.mod h1:7OyjD9nEba5OkqQ/hB4fy3PIoxafSZJtducccIelz3g=
 github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI=
 github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo=
 github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
@@ -60,7 +76,6 @@ github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc
 github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
 github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/sahilm/fuzzy v0.1.1 h1:ceu5RHF8DGgoi+/dR5PsECjCDH1BE3Fnmpo7aVXOdRA=
@@ -75,22 +90,34 @@ github.com/zeebo/blake3 v0.2.4 h1:KYQPkhpRtcqh0ssGYcKLG1JYvddkEA8QwCM/yBqhaZI=
 github.com/zeebo/blake3 v0.2.4/go.mod h1:7eeQ6d2iXWRGF6npfaxl2CU+xy2Fjo2gxeyZGCRUjcE=
 github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo=
 github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4=
+go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
+go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
+go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8=
+go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM=
+go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA=
+go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI=
+go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E=
+go.opentelemetry.io/otel/sdk v1.38.0/go.mod h1:ghmNdGlVemJI3+ZB5iDEuk4bWA3GkTpW+DOoZMYBVVg=
+go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6qT5wthqPoM=
+go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA=
+go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE=
+go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
-go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
-go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
+go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 go.uber.org/zap/exp v0.3.0 h1:6JYzdifzYkGmTdRR59oYH+Ng7k49H9qVpWwNSsGJj3U=
 go.uber.org/zap/exp v0.3.0/go.mod h1:5I384qq7XGxYyByIhHm6jg5CHkGY0nsTfbDLgDDlgJQ=
 golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
 golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
-golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 h1:MDc5xs78ZrZr3HMQugiXOAkSZtfTpbJLDr/lwfgO53E=
-golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
-golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
-golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
+golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
+golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
+golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
+golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
+golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
 golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
 golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -101,7 +128,15 @@ golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
 golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
 golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
 golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
-golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
-golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
+golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
+golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
+gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
+gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b h1:Mv8VFug0MP9e5vUxfBcE3vUkV6CImK3cMNMIDFjmzxU=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
+google.golang.org/grpc v1.78.0 h1:K1XZG/yGDJnzMdd/uZHAkVqJE+xIDOcmdSFZkBUicNc=
+google.golang.org/grpc v1.78.0/go.mod h1:I47qjTo4OKbMkjA/aOOwxDIiPSBofUtQUI5EfpWvW7U=
+google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
+google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/grpc/client/client.go

@@ -0,0 +1,377 @@
+package client
+
+import (
+	"context"
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"io"
+	"log"
+	"time"
+	"tunnel_pls/internal/config"
+
+	"tunnel_pls/session"
+
+	proto "git.fossy.my.id/bagas/tunnel-please-grpc/gen"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/credentials/insecure"
+	"google.golang.org/grpc/health/grpc_health_v1"
+	"google.golang.org/grpc/keepalive"
+	"google.golang.org/grpc/status"
+	"google.golang.org/protobuf/types/known/timestamppb"
+)
+
+type GrpcConfig struct {
+	Address             string
+	UseTLS              bool
+	InsecureSkipVerify  bool
+	Timeout             time.Duration
+	KeepAlive           bool
+	MaxRetries          int
+	KeepAliveTime       time.Duration
+	KeepAliveTimeout    time.Duration
+	PermitWithoutStream bool
+}
+
+type Client struct {
+	conn                       *grpc.ClientConn
+	config                     *GrpcConfig
+	sessionRegistry            session.Registry
+	slugService                proto.SlugChangeClient
+	eventService               proto.EventServiceClient
+	authorizeConnectionService proto.UserServiceClient
+}
+
+func DefaultConfig() *GrpcConfig {
+	return &GrpcConfig{
+		Address:             "localhost:50051",
+		UseTLS:              false,
+		InsecureSkipVerify:  false,
+		Timeout:             10 * time.Second,
+		KeepAlive:           true,
+		MaxRetries:          3,
+		KeepAliveTime:       2 * time.Minute,
+		KeepAliveTimeout:    10 * time.Second,
+		PermitWithoutStream: false,
+	}
+}
+
+func New(config *GrpcConfig, sessionRegistry session.Registry) (*Client, error) {
+	if config == nil {
+		config = DefaultConfig()
+	} else {
+		defaults := DefaultConfig()
+		if config.Address == "" {
+			config.Address = defaults.Address
+		}
+		if config.Timeout == 0 {
+			config.Timeout = defaults.Timeout
+		}
+		if config.MaxRetries == 0 {
+			config.MaxRetries = defaults.MaxRetries
+		}
+		if config.KeepAliveTime == 0 {
+			config.KeepAliveTime = defaults.KeepAliveTime
+		}
+		if config.KeepAliveTimeout == 0 {
+			config.KeepAliveTimeout = defaults.KeepAliveTimeout
+		}
+	}
+
+	var opts []grpc.DialOption
+
+	if config.UseTLS {
+		tlsConfig := &tls.Config{
+			InsecureSkipVerify: config.InsecureSkipVerify,
+		}
+		creds := credentials.NewTLS(tlsConfig)
+		opts = append(opts, grpc.WithTransportCredentials(creds))
+	} else {
+		opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	}
+
+	if config.KeepAlive {
+		kaParams := keepalive.ClientParameters{
+			Time:                config.KeepAliveTime,
+			Timeout:             config.KeepAliveTimeout,
+			PermitWithoutStream: config.PermitWithoutStream,
+		}
+		opts = append(opts, grpc.WithKeepaliveParams(kaParams))
+	}
+
+	opts = append(opts,
+		grpc.WithDefaultCallOptions(
+			grpc.MaxCallRecvMsgSize(4*1024*1024),
+			grpc.MaxCallSendMsgSize(4*1024*1024),
+		),
+	)
+
+	conn, err := grpc.NewClient(config.Address, opts...)
+	if err != nil {
+		return nil, fmt.Errorf("failed to connect to gRPC server at %s: %w", config.Address, err)
+	}
+
+	slugService := proto.NewSlugChangeClient(conn)
+	eventService := proto.NewEventServiceClient(conn)
+	authorizeConnectionService := proto.NewUserServiceClient(conn)
+
+	return &Client{
+		conn:                       conn,
+		config:                     config,
+		slugService:                slugService,
+		sessionRegistry:            sessionRegistry,
+		eventService:               eventService,
+		authorizeConnectionService: authorizeConnectionService,
+	}, nil
+}
+
+func (c *Client) SubscribeEvents(ctx context.Context, identity, authToken string) error {
+	const (
+		baseBackoff = time.Second
+		maxBackoff  = 30 * time.Second
+	)
+
+	backoff := baseBackoff
+	wait := func() error {
+		if backoff <= 0 {
+			return nil
+		}
+		select {
+		case <-time.After(backoff):
+			return nil
+		case <-ctx.Done():
+			return ctx.Err()
+		}
+	}
+	growBackoff := func() {
+		backoff *= 2
+		if backoff > maxBackoff {
+			backoff = maxBackoff
+		}
+	}
+
+	for {
+		subscribe, err := c.eventService.Subscribe(ctx)
+		if err != nil {
+			if !isConnectionError(err) {
+				return err
+			}
+			if status.Code(err) == codes.Unauthenticated {
+				return err
+			}
+			if err := wait(); err != nil {
+				return err
+			}
+			growBackoff()
+			continue
+		}
+
+		err = subscribe.Send(&proto.Node{
+			Type: proto.EventType_AUTHENTICATION,
+			Payload: &proto.Node_AuthEvent{
+				AuthEvent: &proto.Authentication{
+					Identity:  identity,
+					AuthToken: authToken,
+				},
+			},
+		})
+
+		if err != nil {
+			log.Println("Authentication failed to send to gRPC server:", err)
+			if isConnectionError(err) {
+				if err := wait(); err != nil {
+					return err
+				}
+				growBackoff()
+				continue
+			}
+			return err
+		}
+		log.Println("Authentication Successfully sent to gRPC server")
+		backoff = baseBackoff
+
+		if err = c.processEventStream(subscribe); err != nil {
+			if isConnectionError(err) {
+				log.Printf("Reconnect to controller within %v sec", backoff.Seconds())
+				if err := wait(); err != nil {
+					return err
+				}
+				growBackoff()
+				continue
+			}
+			return err
+		}
+	}
+}
+
+func (c *Client) processEventStream(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events]) error {
+	for {
+		recv, err := subscribe.Recv()
+		if err != nil {
+			if isConnectionError(err) {
+				log.Printf("connection error receiving from gRPC server: %v", err)
+				return err
+			}
+			if status.Code(err) == codes.Unauthenticated {
+				log.Printf("Authentication failed: %v", err)
+				return err
+			}
+			log.Printf("non-connection receive error from gRPC server: %v", err)
+			continue
+		}
+		switch recv.GetType() {
+		case proto.EventType_SLUG_CHANGE:
+			oldSlug := recv.GetSlugEvent().GetOld()
+			newSlug := recv.GetSlugEvent().GetNew()
+			sess, err := c.sessionRegistry.Get(oldSlug)
+			if err != nil {
+				errSend := subscribe.Send(&proto.Node{
+					Type: proto.EventType_SLUG_CHANGE_RESPONSE,
+					Payload: &proto.Node_SlugEventResponse{
+						SlugEventResponse: &proto.SlugChangeEventResponse{
+							Success: false,
+							Message: err.Error(),
+						},
+					},
+				})
+				if errSend != nil {
+					if isConnectionError(errSend) {
+						log.Printf("connection error sending slug change failure: %v", errSend)
+						return errSend
+					}
+					log.Printf("non-connection send error for slug change failure: %v", errSend)
+				}
+				continue
+			}
+			err = c.sessionRegistry.Update(oldSlug, newSlug)
+			if err != nil {
+				errSend := subscribe.Send(&proto.Node{
+					Type: proto.EventType_SLUG_CHANGE_RESPONSE,
+					Payload: &proto.Node_SlugEventResponse{
+						SlugEventResponse: &proto.SlugChangeEventResponse{
+							Success: false,
+							Message: err.Error(),
+						},
+					},
+				})
+				if errSend != nil {
+					if isConnectionError(errSend) {
+						log.Printf("connection error sending slug change failure: %v", errSend)
+						return errSend
+					}
+					log.Printf("non-connection send error for slug change failure: %v", errSend)
+				}
+				continue
+			}
+			sess.GetInteraction().Redraw()
+			err = subscribe.Send(&proto.Node{
+				Type: proto.EventType_SLUG_CHANGE_RESPONSE,
+				Payload: &proto.Node_SlugEventResponse{
+					SlugEventResponse: &proto.SlugChangeEventResponse{
+						Success: true,
+						Message: "",
+					},
+				},
+			})
+			if err != nil {
+				if isConnectionError(err) {
+					log.Printf("connection error sending slug change success: %v", err)
+					return err
+				}
+				log.Printf("non-connection send error for slug change success: %v", err)
+				continue
+			}
+		case proto.EventType_GET_SESSIONS:
+			sessions := c.sessionRegistry.GetAllSessionFromUser(recv.GetGetSessionsEvent().GetIdentity())
+			var details []*proto.Detail
+			for _, ses := range sessions {
+				detail := ses.Detail()
+				details = append(details, &proto.Detail{
+					Node:           config.Getenv("domain", "localhost"),
+					ForwardingType: detail.ForwardingType,
+					Slug:           detail.Slug,
+					UserId:         detail.UserID,
+					Active:         detail.Active,
+					StartedAt:      timestamppb.New(detail.StartedAt),
+				})
+			}
+			err = subscribe.Send(&proto.Node{
+				Type: proto.EventType_GET_SESSIONS,
+				Payload: &proto.Node_GetSessionsEvent{
+					GetSessionsEvent: &proto.GetSessionsResponse{
+						Details: details,
+					},
+				},
+			})
+			if err != nil {
+				if isConnectionError(err) {
+					log.Printf("connection error sending sessions success: %v", err)
+					return err
+				}
+				log.Printf("non-connection send error for sessions success: %v", err)
+				continue
+			}
+		default:
+			log.Printf("Unknown event type received: %v", recv.GetType())
+		}
+	}
+}
+
+func (c *Client) GetConnection() *grpc.ClientConn {
+	return c.conn
+}
+
+func (c *Client) AuthorizeConn(ctx context.Context, token string) (authorized bool, user string, err error) {
+	check, err := c.authorizeConnectionService.Check(ctx, &proto.CheckRequest{AuthToken: token})
+	if err != nil {
+		return false, "UNAUTHORIZED", err
+	}
+
+	if check.GetResponse() == proto.AuthorizationResponse_MESSAGE_TYPE_UNAUTHORIZED {
+		return false, "UNAUTHORIZED", nil
+	}
+	return true, check.GetUser(), nil
+}
+
+func (c *Client) Close() error {
+	if c.conn != nil {
+		log.Printf("Closing gRPC connection to %s", c.config.Address)
+		return c.conn.Close()
+	}
+	return nil
+}
+
+func (c *Client) CheckServerHealth(ctx context.Context) error {
+	healthClient := grpc_health_v1.NewHealthClient(c.GetConnection())
+	resp, err := healthClient.Check(ctx, &grpc_health_v1.HealthCheckRequest{
+		Service: "",
+	})
+	if err != nil {
+		return fmt.Errorf("health check failed: %w", err)
+	}
+	if resp.Status != grpc_health_v1.HealthCheckResponse_SERVING {
+		return fmt.Errorf("server not serving: %v", resp.Status)
+	}
+	return nil
+}
+
+func (c *Client) GetConfig() *GrpcConfig {
+	return c.config
+}
+
+func isConnectionError(err error) bool {
+	if err == nil {
+		return false
+	}
+	if errors.Is(err, io.EOF) {
+		return true
+	}
+	switch status.Code(err) {
+	case codes.Unavailable, codes.Canceled, codes.DeadlineExceeded:
+		return true
+	default:
+		return false
+	}
+}

main.go

@@ -1,12 +1,16 @@
 package main
 
 import (
+	"context"
 	"fmt"
 	"log"
 	"net/http"
 	_ "net/http/pprof"
 	"os"
+	"strings"
+	"time"
 	"tunnel_pls/internal/config"
+	"tunnel_pls/internal/grpc/client"
 	"tunnel_pls/internal/key"
 	"tunnel_pls/server"
 	"tunnel_pls/session"
@@ -26,6 +30,9 @@ func main() {
 
 	log.Printf("Starting %s", version.GetVersion())
 
+	mode := strings.ToLower(config.Getenv("MODE", "standalone"))
+	isNodeMode := mode == "node"
+
 	pprofEnabled := config.Getenv("PPROF_ENABLED", "false")
 	if pprofEnabled == "true" {
 		pprofPort := config.Getenv("PPROF_PORT", "6060")
@@ -61,9 +68,60 @@ func main() {
 	sshConfig.AddHostKey(private)
 	sessionRegistry := session.NewRegistry()
 
-	app, err := server.NewServer(sshConfig, sessionRegistry)
+	var grpcClient *client.Client
+	var cancel context.CancelFunc = func() {}
+	var ctx context.Context = context.Background()
+
+	if isNodeMode {
+		grpcHost := config.Getenv("GRPC_ADDRESS", "localhost")
+		grpcPort := config.Getenv("GRPC_PORT", "8080")
+		grpcAddr := fmt.Sprintf("%s:%s", grpcHost, grpcPort)
+		nodeToken := config.Getenv("NODE_TOKEN", "")
+		if nodeToken == "" {
+			log.Fatalf("NODE_TOKEN is required in node mode")
+			return
+		}
+		
+		grpcClient, err = client.New(&client.GrpcConfig{
+			Address:            grpcAddr,
+			UseTLS:             false,
+			InsecureSkipVerify: false,
+			Timeout:            10 * time.Second,
+			KeepAlive:          true,
+			MaxRetries:         3,
+		}, sessionRegistry)
+		if err != nil {
+			return
+		}
+		defer func(grpcClient *client.Client) {
+			err := grpcClient.Close()
+			if err != nil {
+
+			}
+		}(grpcClient)
+
+		ctx, cancel = context.WithTimeout(context.Background(), time.Second*5)
+		err = grpcClient.CheckServerHealth(ctx)
+		if err != nil {
+			log.Fatalf("gRPC health check failed: %s", err)
+			return
+		}
+		cancel()
+
+		ctx, cancel = context.WithCancel(context.Background())
+		go func() {
+			identity := config.Getenv("DOMAIN", "localhost")
+			err = grpcClient.SubscribeEvents(ctx, identity, nodeToken)
+			if err != nil {
+				return
+			}
+		}()
+	}
+
+	app, err := server.NewServer(sshConfig, sessionRegistry, grpcClient)
 	if err != nil {
 		log.Fatalf("Failed to start server: %s", err)
 	}
 	app.Start()
+	cancel()
 }

server/http.go

@@ -313,8 +313,8 @@ func (hs *httpServer) handler(conn net.Conn) {
 		return
 	}
 
-	sshSession, exist := hs.sessionRegistry.Get(slug)
-	if !exist {
+	sshSession, err := hs.sessionRegistry.Get(slug)
+	if err != nil {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
 			fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
 			"Content-Length: 0\r\n" +

server/https.go

@@ -89,8 +89,8 @@ func (hs *httpServer) handlerTLS(conn net.Conn) {
 		return
 	}
 
-	sshSession, exist := hs.sessionRegistry.Get(slug)
-	if !exist {
+	sshSession, err := hs.sessionRegistry.Get(slug)
+	if err != nil {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
 			fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
 			"Content-Length: 0\r\n" +

server/server.go

@@ -1,10 +1,12 @@
 package server
 
 import (
+	"context"
 	"fmt"
 	"log"
 	"net"
 	"tunnel_pls/internal/config"
+	"tunnel_pls/internal/grpc/client"
 	"tunnel_pls/session"
 
 	"golang.org/x/crypto/ssh"
@@ -14,9 +16,10 @@ type Server struct {
 	conn            *net.Listener
 	config          *ssh.ServerConfig
 	sessionRegistry session.Registry
+	grpcClient      *client.Client
 }
 
-func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry) (*Server, error) {
+func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry, grpcClient *client.Client) (*Server, error) {
 	listener, err := net.Listen("tcp", fmt.Sprintf(":%s", config.Getenv("PORT", "2200")))
 	if err != nil {
 		log.Fatalf("failed to listen on port 2200: %v", err)
@@ -42,6 +45,7 @@ func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry) (*
 		conn:            &listener,
 		config:          sshConfig,
 		sessionRegistry: sessionRegistry,
+		grpcClient:      grpcClient,
 	}, nil
 }
 
@@ -60,6 +64,13 @@ func (s *Server) Start() {
 
 func (s *Server) handleConnection(conn net.Conn) {
 	sshConn, chans, forwardingReqs, err := ssh.NewServerConn(conn, s.config)
+	defer func(sshConn *ssh.ServerConn) {
+		err = sshConn.Close()
+		if err != nil {
+			log.Printf("failed to close SSH server: %v", err)
+		}
+	}(sshConn)
+
 	if err != nil {
 		log.Printf("failed to establish SSH connection: %v", err)
 		err := conn.Close()
@@ -69,10 +80,16 @@ func (s *Server) handleConnection(conn net.Conn) {
 		}
 		return
 	}
-
+	ctx := context.Background()
 	log.Println("SSH connection established:", sshConn.User())
 
-	sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry)
+	user := "UNAUTHORIZED"
+	if s.grpcClient != nil {
+		_, u, _ := s.grpcClient.AuthorizeConn(ctx, sshConn.User())
+		user = u
+	}
+
+	sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry, user)
 	err = sshSession.Start()
 	if err != nil {
 		log.Printf("SSH session ended with error: %v", err)

session/interaction/constants.go

@@ -1,152 +0,0 @@
-package interaction
-
-const (
-	backspaceChar    = 8
-	deleteChar       = 127
-	enterChar        = 13
-	escapeChar       = 27
-	ctrlC            = 3
-	forwardSlash     = '/'
-	minPrintableChar = 32
-	maxPrintableChar = 126
-
-	minSlugLength = 3
-	maxSlugLength = 20
-
-	clearScreen    = "\033[H\033[2J"
-	clearLine      = "\033[K"
-	clearToLineEnd = "\r\033[K"
-	backspaceSeq   = "\b \b"
-
-	minBoxWidth  = 50
-	paddingRight = 4
-)
-
-var forbiddenSlugs = map[string]struct{}{
-	"ping":          {},
-	"staging":       {},
-	"admin":         {},
-	"root":          {},
-	"api":           {},
-	"www":           {},
-	"support":       {},
-	"help":          {},
-	"status":        {},
-	"health":        {},
-	"login":         {},
-	"logout":        {},
-	"signup":        {},
-	"register":      {},
-	"settings":      {},
-	"config":        {},
-	"null":          {},
-	"undefined":     {},
-	"example":       {},
-	"test":          {},
-	"dev":           {},
-	"system":        {},
-	"administrator": {},
-	"dashboard":     {},
-	"account":       {},
-	"profile":       {},
-	"user":          {},
-	"users":         {},
-	"auth":          {},
-	"oauth":         {},
-	"callback":      {},
-	"webhook":       {},
-	"webhooks":      {},
-	"static":        {},
-	"assets":        {},
-	"cdn":           {},
-	"mail":          {},
-	"email":         {},
-	"ftp":           {},
-	"ssh":           {},
-	"git":           {},
-	"svn":           {},
-	"blog":          {},
-	"news":          {},
-	"about":         {},
-	"contact":       {},
-	"terms":         {},
-	"privacy":       {},
-	"legal":         {},
-	"billing":       {},
-	"payment":       {},
-	"checkout":      {},
-	"cart":          {},
-	"shop":          {},
-	"store":         {},
-	"download":      {},
-	"uploads":       {},
-	"images":        {},
-	"img":           {},
-	"css":           {},
-	"js":            {},
-	"fonts":         {},
-	"public":        {},
-	"private":       {},
-	"internal":      {},
-	"external":      {},
-	"proxy":         {},
-	"cache":         {},
-	"debug":         {},
-	"metrics":       {},
-	"monitoring":    {},
-	"graphql":       {},
-	"rest":          {},
-	"rpc":           {},
-	"socket":        {},
-	"ws":            {},
-	"wss":           {},
-	"app":           {},
-	"apps":          {},
-	"mobile":        {},
-	"desktop":       {},
-	"embed":         {},
-	"widget":        {},
-	"docs":          {},
-	"documentation": {},
-	"wiki":          {},
-	"forum":         {},
-	"community":     {},
-	"feedback":      {},
-	"report":        {},
-	"abuse":         {},
-	"spam":          {},
-	"security":      {},
-	"verify":        {},
-	"confirm":       {},
-	"reset":         {},
-	"password":      {},
-	"recovery":      {},
-	"unsubscribe":   {},
-	"subscribe":     {},
-	"notifications": {},
-	"alerts":        {},
-	"messages":      {},
-	"inbox":         {},
-	"outbox":        {},
-	"sent":          {},
-	"draft":         {},
-	"trash":         {},
-	"archive":       {},
-	"search":        {},
-	"explore":       {},
-	"discover":      {},
-	"trending":      {},
-	"popular":       {},
-	"featured":      {},
-	"new":           {},
-	"latest":        {},
-	"top":           {},
-	"best":          {},
-	"hot":           {},
-	"random":        {},
-	"all":           {},
-	"any":           {},
-	"none":          {},
-	"true":          {},
-	"false":         {},
-}

session/interaction/interaction.go

@@ -28,9 +28,10 @@ type Lifecycle interface {
 type Controller interface {
 	SetChannel(channel ssh.Channel)
 	SetLifecycle(lifecycle Lifecycle)
-	SetSlugModificator(func(oldSlug, newSlug string) bool)
+	SetSlugModificator(func(oldSlug, newSlug string) error)
 	Start()
 	SetWH(w, h int)
+	Redraw()
 }
 
 type Forwarder interface {
@@ -44,7 +45,7 @@ type Interaction struct {
 	slugManager      slug.Manager
 	forwarder        Forwarder
 	lifecycle        Lifecycle
-	updateClientSlug func(oldSlug, newSlug string) bool
+	updateClientSlug func(oldSlug, newSlug string) error
 	program          *tea.Program
 	ctx              context.Context
 	cancel           context.CancelFunc
@@ -65,7 +66,6 @@ type commandItem struct {
 }
 
 type model struct {
-	tunnelURL         string
 	domain            string
 	protocol          string
 	tunnelType        types.TunnelType
@@ -84,6 +84,13 @@ type model struct {
 	height            int
 }
 
+func (m *model) getTunnelURL() string {
+	if m.tunnelType == types.HTTP {
+		return buildURL(m.protocol, m.interaction.slugManager.Get(), m.domain)
+	}
+	return fmt.Sprintf("tcp://%s:%d", m.domain, m.port)
+}
+
 type keymap struct {
 	quit    key.Binding
 	command key.Binding
@@ -114,7 +121,7 @@ func (i *Interaction) SetChannel(channel ssh.Channel) {
 	i.channel = channel
 }
 
-func (i *Interaction) SetSlugModificator(modificator func(oldSlug, newSlug string) (success bool)) {
+func (i *Interaction) SetSlugModificator(modificator func(oldSlug, newSlug string) error) {
 	i.updateClientSlug = modificator
 }
 
@@ -163,11 +170,11 @@ func tickCmd(d time.Duration) tea.Cmd {
 	})
 }
 
-func (m model) Init() tea.Cmd {
+func (m *model) Init() tea.Cmd {
 	return tea.Batch(textinput.Blink, tea.WindowSize())
 }
 
-func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
+func (m *model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 	var cmd tea.Cmd
 
 	switch msg := msg.(type) {
@@ -211,21 +218,10 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
 			case "enter":
 				inputValue := m.slugInput.Value()
-
-				if isForbiddenSlug(inputValue) {
-					m.slugError = "This subdomain is reserved. Please choose a different one."
-					return m, nil
-				} else if !isValidSlug(inputValue) {
-					m.slugError = "Invalid subdomain. Follow the rules."
+				if err := m.interaction.updateClientSlug(m.interaction.slugManager.Get(), inputValue); err != nil {
+					m.slugError = err.Error()
 					return m, nil
 				}
-
-				if !m.interaction.updateClientSlug(m.interaction.slugManager.Get(), inputValue) {
-					m.slugError = "Someone already uses this subdomain."
-					return m, nil
-				}
-
-				m.tunnelURL = buildURL(m.protocol, inputValue, m.domain)
 				m.editingSlug = false
 				m.slugError = ""
 				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
@@ -291,14 +287,20 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 	return m, nil
 }
 
-func (m model) helpView() string {
+func (i *Interaction) Redraw() {
+	if i.program != nil {
+		i.program.Send(tea.ClearScreen())
+	}
+}
+
+func (m *model) helpView() string {
 	return "\n" + m.help.ShortHelpView([]key.Binding{
 		m.keymap.command,
 		m.keymap.quit,
 	})
 }
 
-func (m model) View() string {
+func (m *model) View() string {
 	if m.quitting {
 		return ""
 	}
@@ -659,11 +661,11 @@ func (m model) View() string {
 		MarginBottom(boxMargin).
 		Width(boxMaxWidth)
 
-	urlDisplay := m.tunnelURL
-	if shouldUseCompactLayout(m.width, 80) && len(m.tunnelURL) > m.width-20 {
+	urlDisplay := m.getTunnelURL()
+	if shouldUseCompactLayout(m.width, 80) && len(urlDisplay) > m.width-20 {
 		maxLen := m.width - 25
 		if maxLen > 10 {
-			urlDisplay = truncateString(m.tunnelURL, maxLen)
+			urlDisplay = truncateString(urlDisplay, maxLen)
 		}
 	}
 
@@ -737,13 +739,6 @@ func (i *Interaction) Start() {
 	tunnelType := i.forwarder.GetTunnelType()
 	port := i.forwarder.GetForwardedPort()
 
-	var tunnelURL string
-	if tunnelType == types.HTTP {
-		tunnelURL = buildURL(protocol, i.slugManager.Get(), domain)
-	} else {
-		tunnelURL = fmt.Sprintf("tcp://%s:%d", domain, port)
-	}
-
 	items := []list.Item{
 		commandItem{name: "slug", desc: "Set custom subdomain"},
 		commandItem{name: "tunnel-type", desc: "Change tunnel type (Coming Soon)"},
@@ -764,8 +759,7 @@ func (i *Interaction) Start() {
 	ti.CharLimit = 20
 	ti.Width = 50
 
-	m := model{
-		tunnelURL:   tunnelURL,
+	m := &model{
 		domain:      domain,
 		protocol:    protocol,
 		tunnelType:  tunnelType,
@@ -819,30 +813,3 @@ func buildURL(protocol, subdomain, domain string) string {
 func generateRandomSubdomain() string {
 	return random.GenerateRandomString(20)
 }
-
-func isValidSlug(slug string) bool {
-	if len(slug) < minSlugLength || len(slug) > maxSlugLength {
-		return false
-	}
-
-	if slug[0] == '-' || slug[len(slug)-1] == '-' {
-		return false
-	}
-
-	for _, c := range slug {
-		if !isValidSlugChar(byte(c)) {
-			return false
-		}
-	}
-
-	return true
-}
-
-func isValidSlugChar(c byte) bool {
-	return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
-}
-
-func isForbiddenSlug(slug string) bool {
-	_, ok := forbiddenSlugs[slug]
-	return ok
-}

session/lifecycle/lifecycle.go

@@ -4,6 +4,8 @@ import (
 	"errors"
 	"io"
 	"net"
+	"time"
+
 	portUtil "tunnel_pls/internal/port"
 	"tunnel_pls/session/slug"
 	"tunnel_pls/types"
@@ -24,16 +26,18 @@ type Lifecycle struct {
 	forwarder        Forwarder
 	slugManager      slug.Manager
 	unregisterClient func(slug string)
+	startedAt        time.Time
 }
 
 func NewLifecycle(conn ssh.Conn, forwarder Forwarder, slugManager slug.Manager) *Lifecycle {
 	return &Lifecycle{
-		status:           "",
+		status:           types.INITIALIZING,
 		conn:             conn,
 		channel:          nil,
 		forwarder:        forwarder,
 		slugManager:      slugManager,
 		unregisterClient: nil,
+		startedAt:        time.Now(),
 	}
 }
 
@@ -48,6 +52,8 @@ type SessionLifecycle interface {
 	GetChannel() ssh.Channel
 	SetChannel(channel ssh.Channel)
 	SetUnregisterClient(unregisterClient func(slug string))
+	IsActive() bool
+	StartedAt() time.Time
 }
 
 func (l *Lifecycle) GetChannel() ssh.Channel {
@@ -62,6 +68,9 @@ func (l *Lifecycle) GetConnection() ssh.Conn {
 }
 func (l *Lifecycle) SetStatus(status types.Status) {
 	l.status = status
+	if status == types.RUNNING && l.startedAt.IsZero() {
+		l.startedAt = time.Now()
+	}
 }
 
 func (l *Lifecycle) Close() error {
@@ -98,3 +107,11 @@ func (l *Lifecycle) Close() error {
 
 	return nil
 }
+
+func (l *Lifecycle) IsActive() bool {
+	return l.status == types.RUNNING
+}
+
+func (l *Lifecycle) StartedAt() time.Time {
+	return l.startedAt
+}

session/registry.go

@@ -1,66 +1,290 @@
 package session
 
-import "sync"
+import (
+	"fmt"
+	"sync"
+)
 
 type Registry interface {
-	Get(slug string) (session *SSHSession, exist bool)
-	Update(oldSlug, newSlug string) (success bool)
+	Get(slug string) (session *SSHSession, err error)
+	Update(oldSlug, newSlug string) error
 	Register(slug string, session *SSHSession) (success bool)
 	Remove(slug string)
+	GetAllSessionFromUser(user string) []*SSHSession
 }
 type registry struct {
 	mu        sync.RWMutex
-	clients map[string]*SSHSession
+	byUser    map[string]map[string]*SSHSession
+	slugIndex map[string]string
 }
 
 func NewRegistry() Registry {
 	return &registry{
-		clients: make(map[string]*SSHSession),
+		byUser:    make(map[string]map[string]*SSHSession),
+		slugIndex: make(map[string]string),
 	}
 }
 
-func (r *registry) Get(slug string) (session *SSHSession, exist bool) {
+func (r *registry) Get(slug string) (session *SSHSession, err error) {
 	r.mu.RLock()
 	defer r.mu.RUnlock()
 
-	session, exist = r.clients[slug]
-	return
+	userID, ok := r.slugIndex[slug]
+	if !ok {
+		return nil, fmt.Errorf("session not found")
+	}
+
+	client, ok := r.byUser[userID][slug]
+	if !ok {
+		return nil, fmt.Errorf("session not found")
+	}
+	return client, nil
 }
 
-func (r *registry) Update(oldSlug, newSlug string) (success bool) {
+func (r *registry) Update(oldSlug, newSlug string) error {
+	if isForbiddenSlug(newSlug) {
+		return fmt.Errorf("this subdomain is reserved. Please choose a different one")
+	} else if !isValidSlug(newSlug) {
+		return fmt.Errorf("invalid subdomain. Follow the rules")
+	}
+
 	r.mu.Lock()
 	defer r.mu.Unlock()
 
-	if _, exists := r.clients[newSlug]; exists && newSlug != oldSlug {
-		return false
-	}
-
-	client, ok := r.clients[oldSlug]
+	userID, ok := r.slugIndex[oldSlug]
 	if !ok {
-		return false
+		return fmt.Errorf("session not found")
 	}
 
-	delete(r.clients, oldSlug)
+	if _, exists := r.slugIndex[newSlug]; exists && newSlug != oldSlug {
+		return fmt.Errorf("someone already uses this subdomain")
+	}
+
+	client, ok := r.byUser[userID][oldSlug]
+	if !ok {
+		return fmt.Errorf("session not found")
+	}
+
+	delete(r.byUser[userID], oldSlug)
+	delete(r.slugIndex, oldSlug)
+
 	client.slugManager.Set(newSlug)
-	r.clients[newSlug] = client
-	return true
+	r.slugIndex[newSlug] = userID
+
+	if r.byUser[userID] == nil {
+		r.byUser[userID] = make(map[string]*SSHSession)
+	}
+	r.byUser[userID][newSlug] = client
+	return nil
 }
 
 func (r *registry) Register(slug string, session *SSHSession) (success bool) {
 	r.mu.Lock()
 	defer r.mu.Unlock()
 
-	if _, exists := r.clients[slug]; exists {
+	if _, exists := r.slugIndex[slug]; exists {
 		return false
 	}
 
-	r.clients[slug] = session
+	userID := session.userID
+	if r.byUser[userID] == nil {
+		r.byUser[userID] = make(map[string]*SSHSession)
+	}
+
+	r.byUser[userID][slug] = session
+	r.slugIndex[slug] = userID
 	return true
 }
 
+func (r *registry) GetAllSessionFromUser(user string) []*SSHSession {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	m := r.byUser[user]
+	if len(m) == 0 {
+		return []*SSHSession{}
+	}
+
+	sessions := make([]*SSHSession, 0, len(m))
+	for _, s := range m {
+		sessions = append(sessions, s)
+	}
+	return sessions
+}
+
 func (r *registry) Remove(slug string) {
 	r.mu.Lock()
 	defer r.mu.Unlock()
 
-	delete(r.clients, slug)
+	userID, ok := r.slugIndex[slug]
+	if !ok {
+		return
+	}
+
+	delete(r.byUser[userID], slug)
+	if len(r.byUser[userID]) == 0 {
+		delete(r.byUser, userID)
+	}
+	delete(r.slugIndex, slug)
 }
+
+func isValidSlug(slug string) bool {
+	if len(slug) < minSlugLength || len(slug) > maxSlugLength {
+		return false
+	}
+
+	if slug[0] == '-' || slug[len(slug)-1] == '-' {
+		return false
+	}
+
+	for _, c := range slug {
+		if !isValidSlugChar(byte(c)) {
+			return false
+		}
+	}
+
+	return true
+}
+
+func isValidSlugChar(c byte) bool {
+	return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
+}
+
+func isForbiddenSlug(slug string) bool {
+	_, ok := forbiddenSlugs[slug]
+	return ok
+}
+
+var forbiddenSlugs = map[string]struct{}{
+	"ping":          {},
+	"staging":       {},
+	"admin":         {},
+	"root":          {},
+	"api":           {},
+	"www":           {},
+	"support":       {},
+	"help":          {},
+	"status":        {},
+	"health":        {},
+	"login":         {},
+	"logout":        {},
+	"signup":        {},
+	"register":      {},
+	"settings":      {},
+	"config":        {},
+	"null":          {},
+	"undefined":     {},
+	"example":       {},
+	"test":          {},
+	"dev":           {},
+	"system":        {},
+	"administrator": {},
+	"dashboard":     {},
+	"account":       {},
+	"profile":       {},
+	"user":          {},
+	"users":         {},
+	"auth":          {},
+	"oauth":         {},
+	"callback":      {},
+	"webhook":       {},
+	"webhooks":      {},
+	"static":        {},
+	"assets":        {},
+	"cdn":           {},
+	"mail":          {},
+	"email":         {},
+	"ftp":           {},
+	"ssh":           {},
+	"git":           {},
+	"svn":           {},
+	"blog":          {},
+	"news":          {},
+	"about":         {},
+	"contact":       {},
+	"terms":         {},
+	"privacy":       {},
+	"legal":         {},
+	"billing":       {},
+	"payment":       {},
+	"checkout":      {},
+	"cart":          {},
+	"shop":          {},
+	"store":         {},
+	"download":      {},
+	"uploads":       {},
+	"images":        {},
+	"img":           {},
+	"css":           {},
+	"js":            {},
+	"fonts":         {},
+	"public":        {},
+	"private":       {},
+	"internal":      {},
+	"external":      {},
+	"proxy":         {},
+	"cache":         {},
+	"debug":         {},
+	"metrics":       {},
+	"monitoring":    {},
+	"graphql":       {},
+	"rest":          {},
+	"rpc":           {},
+	"socket":        {},
+	"ws":            {},
+	"wss":           {},
+	"app":           {},
+	"apps":          {},
+	"mobile":        {},
+	"desktop":       {},
+	"embed":         {},
+	"widget":        {},
+	"docs":          {},
+	"documentation": {},
+	"wiki":          {},
+	"forum":         {},
+	"community":     {},
+	"feedback":      {},
+	"report":        {},
+	"abuse":         {},
+	"spam":          {},
+	"security":      {},
+	"verify":        {},
+	"confirm":       {},
+	"reset":         {},
+	"password":      {},
+	"recovery":      {},
+	"unsubscribe":   {},
+	"subscribe":     {},
+	"notifications": {},
+	"alerts":        {},
+	"messages":      {},
+	"inbox":         {},
+	"outbox":        {},
+	"sent":          {},
+	"draft":         {},
+	"trash":         {},
+	"archive":       {},
+	"search":        {},
+	"explore":       {},
+	"discover":      {},
+	"trending":      {},
+	"popular":       {},
+	"featured":      {},
+	"new":           {},
+	"latest":        {},
+	"top":           {},
+	"best":          {},
+	"hot":           {},
+	"random":        {},
+	"all":           {},
+	"any":           {},
+	"none":          {},
+	"true":          {},
+	"false":         {},
+}
+
+var (
+	minSlugLength = 3
+	maxSlugLength = 20
+)

session/session.go

@@ -28,6 +28,7 @@ type SSHSession struct {
 	forwarder     forwarder.ForwardingController
 	slugManager   slug.Manager
 	registry      Registry
+	userID        string
 }
 
 func (s *SSHSession) GetLifecycle() lifecycle.SessionLifecycle {
@@ -46,7 +47,7 @@ func (s *SSHSession) GetSlugManager() slug.Manager {
 	return s.slugManager
 }
 
-func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry) *SSHSession {
+func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry, userID string) *SSHSession {
 	slugManager := slug.NewManager()
 	forwarderManager := forwarder.NewForwarder(slugManager)
 	interactionManager := interaction.NewInteraction(slugManager, forwarderManager)
@@ -65,6 +66,25 @@ func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan
 		forwarder:     forwarderManager,
 		slugManager:   slugManager,
 		registry:      sessionRegistry,
+		userID:        userID,
+	}
+}
+
+type Detail struct {
+	ForwardingType string    `json:"forwarding_type,omitempty"`
+	Slug           string    `json:"slug,omitempty"`
+	UserID         string    `json:"user_id,omitempty"`
+	Active         bool      `json:"active,omitempty"`
+	StartedAt      time.Time `json:"started_at,omitempty"`
+}
+
+func (s *SSHSession) Detail() Detail {
+	return Detail{
+		ForwardingType: string(s.forwarder.GetTunnelType()),
+		Slug:           s.slugManager.Get(),
+		UserID:         s.userID,
+		Active:         s.lifecycle.IsActive(),
+		StartedAt:      s.lifecycle.StartedAt(),
 	}
 }
 
@@ -86,7 +106,7 @@ func (s *SSHSession) Start() error {
 		if err := s.lifecycle.Close(); err != nil {
 			log.Printf("failed to close session: %v", err)
 		}
-		return fmt.Errorf("No forwarding Request")
+		return fmt.Errorf("no forwarding Request")
 	}
 
 	s.lifecycle.SetChannel(ch)