feat: add token usage tracking, context display, and dynamic context length (#132)

* fix: specify TS_NODE_PROJECT for dev:server script

ts-node/register resolves tsconfig from the entry file upward,
finding the root solution-style tsconfig.json (no compilerOptions).
This causes target to default to ES3, breaking MapIterator spread
syntax (TS2802). Set TS_NODE_PROJECT env var to point to the server
tsconfig which targets ES2024.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* feat: add token usage tracking, context display, and dynamic context length

- Intercept SSE proxy to capture run.completed events and persist token
  usage (input_tokens, output_tokens) per session to SQLite/JSON store
- Display context usage bar in ChatInput showing used/total/remaining tokens
- Resolve actual context length from Hermes models_dev_cache.json based
  on the active profile's default model (fallback 200K), with 5min in-memory cache
- Move sessions-db.ts to db/hermes/ for unified database layer
- Add usage store with SQLite + JSON fallback (auto-migration via ensureTable)
- Fix proxy SSE path regex to match rewritten upstream path
- Fix route ordering: /sessions/usage before /sessions/:id to avoid 404
- Fetch per-session usage on session enter instead of batch
- Add unit tests for usage-store, db index, and proxy SSE interception

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

packages/server/src/db/hermes/sessions-db.ts

@@ -0,0 +1,352 @@
+import { getActiveProfileDir } from '../../services/hermes/hermes-profile'
+
+const SQLITE_AVAILABLE = (() => {
+  const [major, minor] = process.versions.node.split('.').map(Number)
+  return major > 22 || (major === 22 && minor >= 5)
+})()
+
+export interface HermesSessionRow {
+  id: string
+  source: string
+  user_id: string | null
+  model: string
+  title: string | null
+  started_at: number
+  ended_at: number | null
+  end_reason: string | null
+  message_count: number
+  tool_call_count: number
+  input_tokens: number
+  output_tokens: number
+  cache_read_tokens: number
+  cache_write_tokens: number
+  reasoning_tokens: number
+  billing_provider: string | null
+  estimated_cost_usd: number
+  actual_cost_usd: number | null
+  cost_status: string
+  preview: string
+  last_active: number
+}
+
+export interface HermesSessionSearchRow extends HermesSessionRow {
+  matched_message_id: number | null
+  snippet: string
+  rank: number
+}
+
+function sessionDbPath(): string {
+  return `${getActiveProfileDir()}/state.db`
+}
+
+function normalizeNumber(value: unknown, fallback = 0): number {
+  if (value == null || value === '') return fallback
+  const num = Number(value)
+  return Number.isFinite(num) ? num : fallback
+}
+
+function normalizeNullableNumber(value: unknown): number | null {
+  if (value == null || value === '') return null
+  const num = Number(value)
+  return Number.isFinite(num) ? num : null
+}
+
+function normalizeNullableString(value: unknown): string | null {
+  if (value == null || value === '') return null
+  return String(value)
+}
+
+function mapRow(row: Record<string, unknown>): HermesSessionRow {
+  const startedAt = normalizeNumber(row.started_at)
+  const rawTitle = normalizeNullableString(row.title)
+  const preview = String(row.preview || '')
+  // Fallback: when no explicit title, use first user message as title (same as CLI path)
+  const title = rawTitle || (preview ? (preview.length > 40 ? preview.slice(0, 40) + '...' : preview) : null)
+  return {
+    id: String(row.id || ''),
+    source: String(row.source || ''),
+    user_id: normalizeNullableString(row.user_id),
+    model: String(row.model || ''),
+    title,
+    started_at: startedAt,
+    ended_at: normalizeNullableNumber(row.ended_at),
+    end_reason: normalizeNullableString(row.end_reason),
+    message_count: normalizeNumber(row.message_count),
+    tool_call_count: normalizeNumber(row.tool_call_count),
+    input_tokens: normalizeNumber(row.input_tokens),
+    output_tokens: normalizeNumber(row.output_tokens),
+    cache_read_tokens: normalizeNumber(row.cache_read_tokens),
+    cache_write_tokens: normalizeNumber(row.cache_write_tokens),
+    reasoning_tokens: normalizeNumber(row.reasoning_tokens),
+    billing_provider: normalizeNullableString(row.billing_provider),
+    estimated_cost_usd: normalizeNumber(row.estimated_cost_usd),
+    actual_cost_usd: normalizeNullableNumber(row.actual_cost_usd),
+    cost_status: String(row.cost_status || ''),
+    preview: String(row.preview || ''),
+    last_active: normalizeNumber(row.last_active, startedAt),
+  }
+}
+
+const SESSION_SELECT = `
+  s.id,
+  s.source,
+  COALESCE(s.user_id, '') AS user_id,
+  COALESCE(s.model, '') AS model,
+  COALESCE(s.title, '') AS title,
+  COALESCE(s.started_at, 0) AS started_at,
+  s.ended_at AS ended_at,
+  COALESCE(s.end_reason, '') AS end_reason,
+  COALESCE(s.message_count, 0) AS message_count,
+  COALESCE(s.tool_call_count, 0) AS tool_call_count,
+  COALESCE(s.input_tokens, 0) AS input_tokens,
+  COALESCE(s.output_tokens, 0) AS output_tokens,
+  COALESCE(s.cache_read_tokens, 0) AS cache_read_tokens,
+  COALESCE(s.cache_write_tokens, 0) AS cache_write_tokens,
+  COALESCE(s.reasoning_tokens, 0) AS reasoning_tokens,
+  COALESCE(s.billing_provider, '') AS billing_provider,
+  COALESCE(s.estimated_cost_usd, 0) AS estimated_cost_usd,
+  s.actual_cost_usd AS actual_cost_usd,
+  COALESCE(s.cost_status, '') AS cost_status,
+  COALESCE(
+    (
+      SELECT SUBSTR(REPLACE(REPLACE(m.content, CHAR(10), ' '), CHAR(13), ' '), 1, 63)
+      FROM messages m
+      WHERE m.session_id = s.id AND m.role = 'user' AND m.content IS NOT NULL
+      ORDER BY m.timestamp, m.id
+      LIMIT 1
+    ),
+    ''
+  ) AS preview,
+  COALESCE((SELECT MAX(m2.timestamp) FROM messages m2 WHERE m2.session_id = s.id), s.started_at) AS last_active
+`
+
+const SESSION_FROM = `
+  FROM sessions s
+  WHERE s.parent_session_id IS NULL
+    AND s.source != 'tool'
+`
+
+function buildBaseSessionSql(source?: string): { sql: string, params: any[] } {
+  const sql = source
+    ? `SELECT ${SESSION_SELECT}${SESSION_FROM}\n    AND s.source = ?`
+    : `SELECT ${SESSION_SELECT}${SESSION_FROM}`
+  return { sql, params: source ? [source] : [] }
+}
+
+function buildListSessionSql(source?: string, limit = 2000): { sql: string, params: any[] } {
+  const base = buildBaseSessionSql(source)
+  return {
+    sql: `${base.sql}\n  ORDER BY s.started_at DESC\n  LIMIT ?`,
+    params: [...base.params, limit],
+  }
+}
+
+function containsCjk(text: string): boolean {
+  for (const ch of text) {
+    const cp = ch.codePointAt(0) ?? 0
+    if (
+      (cp >= 0x4E00 && cp <= 0x9FFF) ||
+      (cp >= 0x3400 && cp <= 0x4DBF) ||
+      (cp >= 0x20000 && cp <= 0x2A6DF) ||
+      (cp >= 0x3000 && cp <= 0x303F) ||
+      (cp >= 0x3040 && cp <= 0x309F) ||
+      (cp >= 0x30A0 && cp <= 0x30FF) ||
+      (cp >= 0xAC00 && cp <= 0xD7AF)
+    ) {
+      return true
+    }
+  }
+  return false
+}
+
+function sanitizeFtsQuery(query: string): string {
+  const quotedParts: string[] = []
+
+  const preserved = query.replace(/"[^"]*"/g, (match) => {
+    quotedParts.push(match)
+    return `\u0000Q${quotedParts.length - 1}\u0000`
+  })
+
+  let sanitized = preserved.replace(/[+{}()"^]/g, ' ')
+  sanitized = sanitized.replace(/\*+/g, '*')
+  sanitized = sanitized.replace(/(^|\s)\*/g, '$1')
+  sanitized = sanitized.trim().replace(/^(AND|OR|NOT)\b\s*/i, '')
+  sanitized = sanitized.trim().replace(/\s+(AND|OR|NOT)\s*$/i, '')
+  sanitized = sanitized.replace(/\b(\w+(?:[.-]\w+)+)\b/g, '"$1"')
+
+  for (let i = 0; i < quotedParts.length; i += 1) {
+    sanitized = sanitized.replace(`\u0000Q${i}\u0000`, quotedParts[i])
+  }
+
+  return sanitized.trim()
+}
+
+function toPrefixQuery(query: string): string {
+  const tokens = query.match(/"[^"]*"|\S+/g)
+  if (!tokens) return ''
+  return tokens
+    .map((token) => {
+      if (token === 'AND' || token === 'OR' || token === 'NOT') return token
+      if (token.startsWith('"') && token.endsWith('"')) return token
+      if (token.endsWith('*')) return token
+      return `${token}*`
+    })
+    .join(' ')
+}
+
+function mapSearchRow(row: Record<string, unknown>): HermesSessionSearchRow {
+  return {
+    ...mapRow(row),
+    matched_message_id: normalizeNullableNumber(row.matched_message_id),
+    snippet: String(row.snippet || row.preview || ''),
+    rank: Number.isFinite(Number(row.rank)) ? Number(row.rank) : 0,
+  }
+}
+
+export async function listSessionSummaries(source?: string, limit = 2000): Promise<HermesSessionRow[]> {
+  if (!SQLITE_AVAILABLE) {
+    throw new Error(`node:sqlite requires Node >= 22.5, current: ${process.versions.node}`)
+  }
+
+  const { DatabaseSync } = await import('node:sqlite')
+  const db = new DatabaseSync(sessionDbPath(), { open: true, readOnly: true })
+
+  try {
+    const { sql, params } = buildListSessionSql(source, limit)
+    const statement = db.prepare(sql)
+    const rows = statement.all(...params) as Record<string, unknown>[]
+
+    return rows.map(mapRow)
+  } finally {
+    db.close()
+  }
+}
+
+export async function searchSessionSummaries(
+  query: string,
+  source?: string,
+  limit = 20,
+): Promise<HermesSessionSearchRow[]> {
+  if (!SQLITE_AVAILABLE) {
+    throw new Error(`node:sqlite requires Node >= 22.5, current: ${process.versions.node}`)
+  }
+
+  const trimmed = query.trim()
+  if (!trimmed) {
+    const recent = await listSessionSummaries(source, limit)
+    return recent.map(row => ({
+      ...row,
+      matched_message_id: null,
+      snippet: row.preview,
+      rank: 0,
+    }))
+  }
+
+  const { DatabaseSync } = await import('node:sqlite')
+  const db = new DatabaseSync(sessionDbPath(), { open: true, readOnly: true })
+  const normalized = sanitizeFtsQuery(trimmed)
+  const prefixQuery = toPrefixQuery(normalized)
+
+  try {
+    const titleBase = buildBaseSessionSql(source)
+    const contentBase = buildBaseSessionSql(source)
+
+    const titleSql = `
+      WITH base AS (
+        ${titleBase.sql}
+      )
+      SELECT
+        base.*,
+        NULL AS matched_message_id,
+        CASE
+          WHEN base.title IS NOT NULL AND base.title != '' THEN base.title
+          ELSE base.preview
+        END AS snippet,
+        0 AS rank
+      FROM base
+      WHERE LOWER(COALESCE(base.title, '')) LIKE ?
+      ORDER BY base.last_active DESC
+      LIMIT ?
+    `
+
+    const titleStatement = db.prepare(titleSql)
+    const titleRows = titleStatement.all(...titleBase.params, `%${trimmed.toLowerCase()}%`, limit) as Record<string, unknown>[]
+
+    const contentSql = `
+      WITH base AS (
+        ${contentBase.sql}
+      )
+      SELECT
+        base.*,
+        m.id AS matched_message_id,
+        snippet(messages_fts, 0, '>>>', '<<<', '...', 40) AS snippet,
+        bm25(messages_fts) AS rank
+      FROM messages_fts
+      JOIN messages m ON m.id = messages_fts.rowid
+      JOIN base ON base.id = m.session_id
+      WHERE messages_fts MATCH ?
+      ORDER BY rank, base.last_active DESC
+      LIMIT ?
+    `
+
+    const contentRows = prefixQuery
+      ? (db.prepare(contentSql).all(...contentBase.params, prefixQuery, limit * 4) as Record<string, unknown>[])
+      : []
+
+    const merged = new Map<string, HermesSessionSearchRow>()
+    for (const row of titleRows) {
+      const mapped = mapSearchRow(row)
+      merged.set(mapped.id, mapped)
+    }
+    for (const row of contentRows) {
+      const mapped = mapSearchRow(row)
+      if (!merged.has(mapped.id)) {
+        merged.set(mapped.id, mapped)
+      }
+    }
+
+    const items = [...merged.values()]
+    items.sort((a, b) => {
+      if (a.rank !== b.rank) return a.rank - b.rank
+      return b.last_active - a.last_active
+    })
+    return items.slice(0, limit)
+  } catch (err) {
+    if (containsCjk(normalized)) {
+      const likeBase = buildBaseSessionSql(source)
+      const likeSql = `
+        WITH base AS (
+          ${likeBase.sql}
+        )
+        SELECT
+          base.*,
+          m.id AS matched_message_id,
+          substr(
+            m.content,
+            max(1, instr(m.content, ?) - 40),
+            120
+          ) AS snippet,
+          0 AS rank
+        FROM base
+        JOIN messages m ON m.session_id = base.id
+        WHERE m.content LIKE ?
+        ORDER BY base.last_active DESC, m.timestamp DESC
+      `
+      const likeStatement = db.prepare(likeSql)
+      const likeRows = likeStatement.all(...likeBase.params, trimmed, `%${trimmed}%`) as Record<string, unknown>[]
+      const merged = new Map<string, HermesSessionSearchRow>()
+      for (const row of likeRows) {
+        const mapped = mapSearchRow(row)
+        if (!merged.has(mapped.id)) {
+          merged.set(mapped.id, mapped)
+        }
+      }
+      return [...merged.values()].slice(0, limit)
+    }
+
+    const message = err instanceof Error ? err.message : String(err)
+    throw new Error(`Failed to search sessions: ${message}`)
+  } finally {
+    db.close()
+  }
+}

packages/server/src/db/hermes/usage-store.ts

@@ -0,0 +1,75 @@
+import { isSqliteAvailable, ensureTable, getDb, jsonSet, jsonGet, jsonGetAll, jsonDelete } from '../index'
+
+const TABLE = 'session_usage'
+
+const SCHEMA = {
+  session_id: 'TEXT PRIMARY KEY',
+  input_tokens: 'INTEGER NOT NULL DEFAULT 0',
+  output_tokens: 'INTEGER NOT NULL DEFAULT 0',
+  updated_at: 'INTEGER NOT NULL',
+}
+
+export function initUsageStore(): void {
+  if (isSqliteAvailable()) {
+    ensureTable(TABLE, SCHEMA)
+  }
+}
+
+export function updateUsage(sessionId: string, inputTokens: number, outputTokens: number): void {
+  const record = { input_tokens: inputTokens, output_tokens: outputTokens, updated_at: Date.now() }
+  if (isSqliteAvailable()) {
+    const db = getDb()!
+    db.prepare(
+      `INSERT INTO ${TABLE} (session_id, input_tokens, output_tokens, updated_at)
+       VALUES (?, ?, ?, ?)
+       ON CONFLICT(session_id) DO UPDATE SET
+         input_tokens = excluded.input_tokens,
+         output_tokens = excluded.output_tokens,
+         updated_at = excluded.updated_at`,
+    ).run(sessionId, inputTokens, outputTokens, record.updated_at)
+  } else {
+    jsonSet(TABLE, sessionId, record)
+  }
+}
+
+export function getUsage(sessionId: string): { input_tokens: number; output_tokens: number } | undefined {
+  if (isSqliteAvailable()) {
+    return getDb()!.prepare(
+      `SELECT input_tokens, output_tokens FROM ${TABLE} WHERE session_id = ?`,
+    ).get(sessionId) as { input_tokens: number; output_tokens: number } | undefined
+  }
+  const row = jsonGet(TABLE, sessionId)
+  if (!row) return undefined
+  return { input_tokens: row.input_tokens ?? 0, output_tokens: row.output_tokens ?? 0 }
+}
+
+export function getUsageBatch(
+  sessionIds: string[],
+): Record<string, { input_tokens: number; output_tokens: number }> {
+  if (sessionIds.length === 0) return {}
+  if (isSqliteAvailable()) {
+    const db = getDb()!
+    const placeholders = sessionIds.map(() => '?').join(',')
+    const rows = db.prepare(
+      `SELECT session_id, input_tokens, output_tokens FROM ${TABLE} WHERE session_id IN (${placeholders})`,
+    ).all(...sessionIds) as Array<{ session_id: string; input_tokens: number; output_tokens: number }>
+    const map: Record<string, { input_tokens: number; output_tokens: number }> = {}
+    for (const r of rows) map[r.session_id] = { input_tokens: r.input_tokens, output_tokens: r.output_tokens }
+    return map
+  }
+  const all = jsonGetAll(TABLE)
+  const map: Record<string, { input_tokens: number; output_tokens: number }> = {}
+  for (const id of sessionIds) {
+    const row = all[id]
+    if (row) map[id] = { input_tokens: row.input_tokens ?? 0, output_tokens: row.output_tokens ?? 0 }
+  }
+  return map
+}
+
+export function deleteUsage(sessionId: string): void {
+  if (isSqliteAvailable()) {
+    getDb()!.prepare(`DELETE FROM ${TABLE} WHERE session_id = ?`).run(sessionId)
+  } else {
+    jsonDelete(TABLE, sessionId)
+  }
+}

packages/server/src/db/index.ts

@@ -0,0 +1,136 @@
+import { DatabaseSync } from 'node:sqlite'
+import { mkdirSync, readFileSync, writeFileSync, existsSync } from 'fs'
+import { resolve } from 'path'
+import { homedir } from 'os'
+
+const DB_DIR = resolve(homedir(), '.hermes-web-ui')
+const DB_PATH = resolve(DB_DIR, 'hermes-web-ui.db')
+const JSON_PATH = resolve(DB_DIR, 'hermes-web-ui.json')
+
+// --- SQLite availability check ---
+
+const SQLITE_AVAILABLE = (() => {
+  const [major, minor] = process.versions.node.split('.').map(Number)
+  return major > 22 || (major === 22 && minor >= 5)
+})()
+
+export function isSqliteAvailable(): boolean {
+  return SQLITE_AVAILABLE
+}
+
+// --- SQLite backend ---
+
+let _db: DatabaseSync | null = null
+
+export function getDb(): DatabaseSync | null {
+  if (!SQLITE_AVAILABLE) return null
+  if (!_db) {
+    mkdirSync(DB_DIR, { recursive: true })
+    _db = new DatabaseSync(DB_PATH)
+    _db.exec('PRAGMA journal_mode=WAL')
+    _db.exec('PRAGMA foreign_keys=ON')
+  }
+  return _db
+}
+
+/**
+ * Ensure a table's schema matches the expected definition.
+ * - Creates the table if it does not exist
+ * - Adds missing columns (ALTER TABLE ADD COLUMN)
+ * - Drops extra columns (ALTER TABLE DROP COLUMN, SQLite 3.35+)
+ *
+ * No-op when SQLite is not available.
+ */
+export function ensureTable(tableName: string, schema: Record<string, string>): void {
+  const db = getDb()
+  if (!db) return
+
+  const colDefs = Object.entries(schema)
+    .map(([col, def]) => `"${col}" ${def}`)
+    .join(', ')
+
+  db.exec(`CREATE TABLE IF NOT EXISTS "${tableName}" (${colDefs})`)
+
+  const rows = db.prepare(`PRAGMA table_info("${tableName}")`).all() as Array<{ name: string }>
+  const existingCols = new Set(rows.map(r => r.name))
+  const expectedCols = new Set(Object.keys(schema))
+
+  for (const col of expectedCols) {
+    if (!existingCols.has(col)) {
+      db.exec(`ALTER TABLE "${tableName}" ADD COLUMN "${col}" ${schema[col]}`)
+    }
+  }
+
+  for (const col of existingCols) {
+    if (!expectedCols.has(col)) {
+      db.exec(`ALTER TABLE "${tableName}" DROP COLUMN "${col}"`)
+    }
+  }
+}
+
+// --- JSON fallback backend ---
+
+type JsonData = Record<string, Record<string, Record<string, any>>>
+
+function readJsonStore(): JsonData {
+  if (!existsSync(JSON_PATH)) return {}
+  try {
+    return JSON.parse(readFileSync(JSON_PATH, 'utf-8'))
+  } catch {
+    return {}
+  }
+}
+
+function writeJsonStore(data: JsonData): void {
+  mkdirSync(DB_DIR, { recursive: true })
+  writeFileSync(JSON_PATH, JSON.stringify(data, null, 2), 'utf-8')
+}
+
+/**
+ * Get a record from the JSON store.
+ * @param table  Table name (namespace)
+ * @param key    Primary key
+ */
+export function jsonGet(table: string, key: string): Record<string, any> | undefined {
+  const data = readJsonStore()
+  return data[table]?.[key]
+}
+
+/**
+ * Set a record in the JSON store.
+ * @param table  Table name (namespace)
+ * @param key    Primary key
+ * @param value  Record data
+ */
+export function jsonSet(table: string, key: string, value: Record<string, any>): void {
+  const data = readJsonStore()
+  if (!data[table]) data[table] = {}
+  data[table][key] = value
+  writeJsonStore(data)
+}
+
+/**
+ * Get all records from a table in the JSON store.
+ */
+export function jsonGetAll(table: string): Record<string, Record<string, any>> {
+  const data = readJsonStore()
+  return data[table] || {}
+}
+
+/**
+ * Delete a record from the JSON store.
+ */
+export function jsonDelete(table: string, key: string): void {
+  const data = readJsonStore()
+  if (data[table]) {
+    delete data[table][key]
+    writeJsonStore(data)
+  }
+}
+
+/**
+ * Get the storage path for debugging.
+ */
+export function getStoragePath(): string {
+  return SQLITE_AVAILABLE ? DB_PATH : JSON_PATH
+}