Store data in bucket

server/index.js

@@ -220,6 +220,7 @@ app.use(express.json({ limit: '10mb' }));
 // --- API Turnstile Protection ---
 app.use('/api', (req, res, next) => {
   const exempt = ['/turnstile', '/health'];
+  if (req.path === '/db' || req.path.startsWith('/db/')) return next();
   if (exempt.includes(req.path)) return next();
   const cookieHeader = req.headers.cookie || '';
   if (cookieHeader.includes('turnstile=1')) return next();
@@ -259,6 +260,114 @@ async function requireRequestOwner(req, res) {
   return resolved;
 }
 
+function getBearerToken(req) {
+  const authHeader = String(req.headers.authorization || '').trim();
+  if (!authHeader.toLowerCase().startsWith('bearer ')) return '';
+  return authHeader.slice(7).trim();
+}
+
+async function requireJwtUser(req, res) {
+  const accessToken = getBearerToken(req);
+  if (!accessToken) {
+    res.status(401).json({
+      error: 'auth:required',
+      message: 'Provide Authorization: Bearer <supabase_jwt>.',
+    });
+    return null;
+  }
+  const user = await verifySupabaseToken(accessToken);
+  if (!user?.id) {
+    res.status(401).json({
+      error: 'auth:invalid_token',
+      message: 'Supabase JWT is invalid or expired.',
+    });
+    return null;
+  }
+  return { user, owner: { type: 'user', id: user.id }, accessToken };
+}
+
+function queryBool(value, defaultValue = false) {
+  if (value === undefined || value === null || value === '') return defaultValue;
+  const normalized = String(value).trim().toLowerCase();
+  return normalized === '1' || normalized === 'true' || normalized === 'yes' || normalized === 'on';
+}
+
+function ensureStringArray(value) {
+  if (!Array.isArray(value)) return [];
+  return value.map((v) => String(v || '').trim()).filter(Boolean);
+}
+
+function buildDatabaseApiDocs() {
+  return {
+    name: 'InferencePort Local Database API',
+    version: '1.0',
+    auth: {
+      type: 'Bearer Supabase JWT',
+      header: 'Authorization: Bearer <supabase_access_token>',
+      authorizationRule: 'Every request is scoped to the JWT user id. Request payloads cannot override owner/user id.',
+      errors: {
+        unauthenticated: { status: 401, error: 'auth:required' },
+        invalidToken: { status: 401, error: 'auth:invalid_token' },
+      },
+    },
+    storage: {
+      chats: {
+        root: '/data/chat',
+        encryption: 'AES-256-GCM via DATA_ENCRYPTION_KEY',
+        layout: {
+          userIndex: '/data/chat/users/<userId>/index.json (encrypted metadata only)',
+          sessionBlob: '/data/chat/users/<userId>/sessions/<sessionId>.json (encrypted full chat)',
+        },
+        startupBehavior: 'No global chat database decrypt at startup. User data decrypt is lazy and per-user/per-session.',
+      },
+      media: {
+        root: '/data/media',
+        encryption: 'AES-256-GCM for blob and index data',
+      },
+    },
+    models: {
+      chatSession: {
+        id: 'string',
+        name: 'string',
+        created: 'epoch milliseconds',
+        model: 'string|null',
+        history: 'array',
+      },
+      mediaEntry: {
+        id: 'string',
+        type: 'folder|file',
+        name: 'string',
+        parentId: 'string|null',
+        mimeType: 'string|null',
+        kind: 'image|video|audio|text|rich_text|file|null',
+        size: 'number',
+        sessionIds: 'string[]',
+        trashedAt: 'ISO string|null',
+      },
+    },
+    endpoints: [
+      { method: 'GET', path: '/api/db/docs', description: 'This documentation payload.' },
+      { method: 'GET', path: '/api/db/chats', description: 'List chats. Query: includeHistory=0|1 (default 0).' },
+      { method: 'POST', path: '/api/db/chats', description: 'Create a chat. Body: {name?, model?, history?, created?}.' },
+      { method: 'GET', path: '/api/db/chats/:sessionId', description: 'Get one full chat session.' },
+      { method: 'PATCH', path: '/api/db/chats/:sessionId', description: 'Update chat fields: {name?, model?, history?}.' },
+      { method: 'DELETE', path: '/api/db/chats/:sessionId', description: 'Delete a chat.' },
+      { method: 'DELETE', path: '/api/db/chats', description: 'Delete all chats. Body: {confirm:true} required.' },
+      { method: 'GET', path: '/api/db/media', description: 'List all media. Query: view=all|active|trash (default all).' },
+      { method: 'GET', path: '/api/db/media/:id', description: 'Get media metadata by id.' },
+      { method: 'GET', path: '/api/db/media/:id/content', description: 'Get file content. Query: format=base64|text (default base64 for binary).' },
+      { method: 'POST', path: '/api/db/media/files', description: 'Create file from text/base64. Body supports {name,mimeType,parentId,sessionId,kind,text|base64}.' },
+      { method: 'POST', path: '/api/db/media/folders', description: 'Create folder. Body: {name,parentId?}.' },
+      { method: 'PATCH', path: '/api/db/media/:id', description: 'Rename/move media. Body: {name?, parentId?}.' },
+      { method: 'PUT', path: '/api/db/media/:id/content', description: 'Replace file content. Body supports {text|base64,mimeType?,name?,kind?}.' },
+      { method: 'POST', path: '/api/db/media/trash', description: 'Move media to trash. Body: {ids:string[]}.' },
+      { method: 'POST', path: '/api/db/media/restore', description: 'Restore trashed media. Body: {ids:string[]}.' },
+      { method: 'DELETE', path: '/api/db/media', description: 'Delete forever. Body: {ids:string[]}.' },
+      { method: 'GET', path: '/api/db/export', description: 'Export chat + media database for current user. Query includeMediaContent=0|1.' },
+    ],
+  };
+}
+
 function requireSignedInMediaOwner(resolved, res, message = 'Sign in to upload files.') {
   if (resolved?.owner?.type === 'user') return true;
   res.status(403).json({ error: 'media:auth_required', message });
@@ -282,6 +391,376 @@ app.get('/api/share/:token', async (req,res) => {
   } catch { res.status(500).json({error:'Server error'}); }
 });
 
+app.get('/api/db/docs', (_req, res) => {
+  res.json(buildDatabaseApiDocs());
+});
+
+app.get('/api/db/chats', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const includeHistory = queryBool(req.query.includeHistory, false);
+    const listed = await sessionStore.loadUserSessions(resolved.user.id, resolved.accessToken);
+    if (!includeHistory) {
+      return res.json({
+        items: listed.map((session) => ({
+          id: session.id,
+          name: session.name,
+          created: session.created,
+          model: session.model || null,
+        })),
+      });
+    }
+    const items = [];
+    for (const listedSession of listed) {
+      const full = await sessionStore.getUserSessionResolved(resolved.user.id, listedSession.id);
+      if (full) items.push(full);
+    }
+    res.json({ items });
+  } catch (err) {
+    console.error('db chats list error', err);
+    res.status(500).json({ error: 'db:chats_list_failed' });
+  }
+});
+
+app.post('/api/db/chats', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    let created = await sessionStore.createUserSession(resolved.user.id, resolved.accessToken);
+    const patch = {};
+    if (typeof req.body?.name === 'string' && req.body.name.trim()) patch.name = req.body.name.trim();
+    if (typeof req.body?.model === 'string' && req.body.model.trim()) patch.model = req.body.model.trim();
+    if (Array.isArray(req.body?.history)) patch.history = req.body.history;
+    if (Number.isFinite(req.body?.created)) patch.created = req.body.created;
+    if (Object.keys(patch).length) {
+      created = await sessionStore.updateUserSession(resolved.user.id, resolved.accessToken, created.id, patch);
+    }
+    res.status(201).json({ item: created });
+  } catch (err) {
+    console.error('db chat create error', err);
+    res.status(500).json({ error: 'db:chat_create_failed' });
+  }
+});
+
+app.get('/api/db/chats/:sessionId', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const session = await sessionStore.getUserSessionResolved(resolved.user.id, req.params.sessionId);
+    if (!session) return res.status(404).json({ error: 'db:chat_not_found' });
+    res.json({ item: session });
+  } catch (err) {
+    console.error('db chat get error', err);
+    res.status(500).json({ error: 'db:chat_get_failed' });
+  }
+});
+
+app.patch('/api/db/chats/:sessionId', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const patch = {};
+    if (typeof req.body?.name === 'string') patch.name = req.body.name.trim() || 'New Chat';
+    if (typeof req.body?.model === 'string') patch.model = req.body.model.trim() || null;
+    if (req.body?.model === null) patch.model = null;
+    if (Array.isArray(req.body?.history)) patch.history = req.body.history;
+    if (Number.isFinite(req.body?.created)) patch.created = req.body.created;
+    const updated = await sessionStore.updateUserSession(
+      resolved.user.id,
+      resolved.accessToken,
+      req.params.sessionId,
+      patch
+    );
+    if (!updated) return res.status(404).json({ error: 'db:chat_not_found' });
+    res.json({ item: updated });
+  } catch (err) {
+    console.error('db chat patch error', err);
+    res.status(500).json({ error: 'db:chat_update_failed' });
+  }
+});
+
+app.delete('/api/db/chats/:sessionId', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const existing = await sessionStore.getUserSessionResolved(resolved.user.id, req.params.sessionId);
+    if (!existing) return res.status(404).json({ error: 'db:chat_not_found' });
+    await sessionStore.deleteUserSession(resolved.user.id, resolved.accessToken, req.params.sessionId);
+    res.json({ ok: true, id: req.params.sessionId });
+  } catch (err) {
+    console.error('db chat delete error', err);
+    res.status(500).json({ error: 'db:chat_delete_failed' });
+  }
+});
+
+app.delete('/api/db/chats', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  if (req.body?.confirm !== true) {
+    return res.status(400).json({
+      error: 'db:confirm_required',
+      message: 'Send {\"confirm\":true} to delete all chats.',
+    });
+  }
+  try {
+    await sessionStore.deleteAllUserSessions(resolved.user.id, resolved.accessToken);
+    res.json({ ok: true });
+  } catch (err) {
+    console.error('db chats delete-all error', err);
+    res.status(500).json({ error: 'db:chats_delete_all_failed' });
+  }
+});
+
+app.get('/api/db/media', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const requestedView = String(req.query.view || 'all').toLowerCase();
+    const view = ['all', 'active', 'trash'].includes(requestedView) ? requestedView : 'all';
+    const result = await mediaStore.listAll(resolved.owner, { view });
+    res.json(result);
+  } catch (err) {
+    console.error('db media list error', err);
+    res.status(500).json({ error: 'db:media_list_failed' });
+  }
+});
+
+app.get('/api/db/media/:id', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const item = await mediaStore.get(resolved.owner, req.params.id);
+    if (!item) return res.status(404).json({ error: 'db:media_not_found' });
+    res.json({ item });
+  } catch (err) {
+    console.error('db media get error', err);
+    res.status(500).json({ error: 'db:media_get_failed' });
+  }
+});
+
+app.get('/api/db/media/:id/content', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const loaded = await mediaStore.readBuffer(resolved.owner, req.params.id);
+    if (!loaded) return res.status(404).json({ error: 'db:media_not_found' });
+    const format = String(req.query.format || '').toLowerCase();
+    if (format === 'text' || (loaded.entry.mimeType || '').startsWith('text/')) {
+      return res.json({
+        item: loaded.entry,
+        encoding: 'utf8',
+        content: loaded.buffer.toString('utf8'),
+      });
+    }
+    res.json({
+      item: loaded.entry,
+      encoding: 'base64',
+      content: loaded.buffer.toString('base64'),
+    });
+  } catch (err) {
+    console.error('db media content error', err);
+    res.status(500).json({ error: 'db:media_content_failed' });
+  }
+});
+
+app.post('/api/db/media/files', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const text = typeof req.body?.text === 'string' ? req.body.text : null;
+    const base64 = typeof req.body?.base64 === 'string' ? req.body.base64 : null;
+    if (text === null && base64 === null) {
+      return res.status(400).json({
+        error: 'db:content_required',
+        message: 'Provide either text or base64 in request body.',
+      });
+    }
+    const buffer = text !== null ? Buffer.from(text, 'utf8') : Buffer.from(base64, 'base64');
+    const item = await mediaStore.storeBuffer(resolved.owner, {
+      name: req.body?.name || 'upload.bin',
+      mimeType: req.body?.mimeType || 'application/octet-stream',
+      buffer,
+      parentId: req.body?.parentId || null,
+      sessionId: req.body?.sessionId || null,
+      source: req.body?.source || 'api_db',
+      kind: req.body?.kind || null,
+    });
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.status(201).json({ item, usage });
+  } catch (err) {
+    console.error('db media create file error', err);
+    res.status(err.status || 500).json({
+      error: err.code || 'db:media_create_file_failed',
+      message: err.message || 'Failed to create file.',
+      usage: err.usage || null,
+    });
+  }
+});
+
+app.post('/api/db/media/folders', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const item = await mediaStore.createFolder(resolved.owner, {
+      name: req.body?.name || 'New Folder',
+      parentId: req.body?.parentId || null,
+    });
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.status(201).json({ item, usage });
+  } catch (err) {
+    console.error('db media create folder error', err);
+    res.status(500).json({ error: 'db:media_create_folder_failed' });
+  }
+});
+
+app.patch('/api/db/media/:id', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const updates = [];
+    if (typeof req.body?.parentId !== 'undefined') {
+      const moved = await mediaStore.move(
+        resolved.owner,
+        [req.params.id],
+        req.body?.parentId || null
+      );
+      if (!moved.length) return res.status(404).json({ error: 'db:media_not_found_or_move_failed' });
+      updates.push(...moved);
+    }
+    if (typeof req.body?.name === 'string') {
+      const renamed = await mediaStore.rename(resolved.owner, req.params.id, req.body.name);
+      if (!renamed) return res.status(404).json({ error: 'db:media_not_found' });
+      updates.push(renamed);
+    }
+    const item = await mediaStore.get(resolved.owner, req.params.id);
+    if (!item) return res.status(404).json({ error: 'db:media_not_found' });
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.json({ item, updates, usage });
+  } catch (err) {
+    console.error('db media patch error', err);
+    res.status(500).json({ error: 'db:media_update_failed', message: err.message || 'Update failed' });
+  }
+});
+
+app.put('/api/db/media/:id/content', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const text = typeof req.body?.text === 'string' ? req.body.text : null;
+    const base64 = typeof req.body?.base64 === 'string' ? req.body.base64 : null;
+    if (text === null && base64 === null) {
+      return res.status(400).json({
+        error: 'db:content_required',
+        message: 'Provide either text or base64 in request body.',
+      });
+    }
+    const buffer = text !== null ? Buffer.from(text, 'utf8') : Buffer.from(base64, 'base64');
+    const item = await mediaStore.updateContent(resolved.owner, req.params.id, {
+      buffer,
+      name: typeof req.body?.name === 'string' ? req.body.name : null,
+      mimeType: typeof req.body?.mimeType === 'string' ? req.body.mimeType : null,
+      kind: typeof req.body?.kind === 'string' ? req.body.kind : null,
+    });
+    if (!item) return res.status(404).json({ error: 'db:media_not_found' });
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.json({ item, usage });
+  } catch (err) {
+    console.error('db media content update error', err);
+    res.status(err.status || 500).json({
+      error: err.code || 'db:media_content_update_failed',
+      message: err.message || 'Update failed',
+      usage: err.usage || null,
+    });
+  }
+});
+
+app.post('/api/db/media/trash', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const ids = ensureStringArray(req.body?.ids);
+    const items = await mediaStore.moveToTrash(resolved.owner, ids);
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.json({ items, usage });
+  } catch (err) {
+    console.error('db media trash error', err);
+    res.status(500).json({ error: 'db:media_trash_failed' });
+  }
+});
+
+app.post('/api/db/media/restore', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const ids = ensureStringArray(req.body?.ids);
+    const items = await mediaStore.restore(resolved.owner, ids);
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.json({ items, usage });
+  } catch (err) {
+    console.error('db media restore error', err);
+    res.status(500).json({ error: 'db:media_restore_failed' });
+  }
+});
+
+app.delete('/api/db/media', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const ids = ensureStringArray(req.body?.ids);
+    const removedIds = await mediaStore.deleteForever(resolved.owner, ids);
+    const usage = await mediaStore.getUsage(resolved.owner);
+    res.json({ ids: removedIds, usage });
+  } catch (err) {
+    console.error('db media delete error', err);
+    res.status(500).json({ error: 'db:media_delete_failed' });
+  }
+});
+
+app.get('/api/db/export', async (req, res) => {
+  const resolved = await requireJwtUser(req, res);
+  if (!resolved) return;
+  try {
+    const includeMediaContent = queryBool(req.query.includeMediaContent, false);
+    const listed = await sessionStore.loadUserSessions(resolved.user.id, resolved.accessToken);
+    const chats = [];
+    for (const listedSession of listed) {
+      const full = await sessionStore.getUserSessionResolved(resolved.user.id, listedSession.id);
+      if (full) chats.push(full);
+    }
+
+    const mediaResult = await mediaStore.listAll(resolved.owner, { view: 'all' });
+    let media = mediaResult.items;
+    if (includeMediaContent) {
+      const withContent = [];
+      for (const item of mediaResult.items) {
+        if (item.type !== 'file') {
+          withContent.push(item);
+          continue;
+        }
+        const loaded = await mediaStore.readBuffer(resolved.owner, item.id);
+        withContent.push({
+          ...item,
+          contentEncoding: 'base64',
+          content: loaded?.buffer ? loaded.buffer.toString('base64') : null,
+        });
+      }
+      media = withContent;
+    }
+
+    res.json({
+      userId: resolved.user.id,
+      exportedAt: new Date().toISOString(),
+      chats,
+      media,
+      usage: mediaResult.usage,
+    });
+  } catch (err) {
+    console.error('db export error', err);
+    res.status(500).json({ error: 'db:export_failed' });
+  }
+});
+
 app.get('/api/media', async (req, res) => {
   const resolved = await requireRequestOwner(req, res);
   if (!resolved) return;

server/mediaStore.js

@@ -270,6 +270,21 @@ export const mediaStore = {
     return sanitizeEntry(entry);
   },
 
+  async listAll(owner, { view = 'all' } = {}) {
+    ensureOwner(owner);
+    await ensureLoaded();
+    const items = Object.values(state.index.entries)
+      .filter((entry) => canAccess(entry, owner))
+      .filter((entry) => {
+        if (view === 'active') return !entry.trashedAt;
+        if (view === 'trash') return !!entry.trashedAt;
+        return true;
+      })
+      .sort((a, b) => new Date(b.updatedAt || b.createdAt).getTime() - new Date(a.updatedAt || a.createdAt).getTime())
+      .map(sanitizeEntry);
+    return { items, usage: computeUsage(owner) };
+  },
+
   async storeBuffer(owner, {
     name,
     mimeType,

server/sessionStore.js

@@ -1,34 +1,208 @@
-// sessionStore.js — access_token + Supabase RLS, no service role key needed.
-// Device sessions live in memory only (restart clears them).
-import { createClient } from '@supabase/supabase-js';
 import crypto from 'crypto';
-import { saveEncryptedJson, loadEncryptedJson } from './cryptoUtils.js';
+import fs from 'fs/promises';
 import path from 'path';
+import { loadEncryptedJson, saveEncryptedJson } from './cryptoUtils.js';
 
-let _SUPABASE_URL, _SUPABASE_ANON_KEY;
-export function initStoreConfig(url, key) { _SUPABASE_URL = url; _SUPABASE_ANON_KEY = key; }
+// Local encrypted chat storage.
+// Chats are stored per user in /data/chat/users/<userId>/sessions/<sessionId>.json (encrypted),
+// with a lightweight encrypted index for fast listing.
 
-const TEMP_TTL_MS     = 24 * 60 * 60 * 1000;
+let _SUPABASE_URL;
+let _SUPABASE_ANON_KEY;
+export function initStoreConfig(url, key) {
+  _SUPABASE_URL = url;
+  _SUPABASE_ANON_KEY = key;
+}
+
+const TEMP_TTL_MS = 24 * 60 * 60 * 1000;
 const TEMP_INACTIVITY = 12 * 60 * 60 * 1000;
-const TEMP_MSG_LIMIT  = 10;
+const TEMP_MSG_LIMIT = 10;
+
+const DATA_ROOT = '/data/chat';
+const USERS_ROOT = path.join(DATA_ROOT, 'users');
+const SHARES_FILE = path.join(DATA_ROOT, 'shares', 'index.json');
+const TEMP_STORE_FILE = path.join(DATA_ROOT, 'temp_sessions.json');
+
+const userCache = new Map(); // userId -> UserState
+const tempStore = new Map(); // tempId -> TempData
+const devSessions = new Map(); // token -> DeviceSession
+const userWriteLocks = new Map(); // userId -> Promise
+
+const shareState = {
+  loaded: false,
+  index: {
+    shares: {},
+  },
+};
+
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function safeFileId(value, fallback = 'unknown') {
+  const normalized = String(value || '').trim();
+  if (!normalized) return fallback;
+  return normalized.replace(/[^a-zA-Z0-9_.-]+/g, '_').slice(0, 160) || fallback;
+}
+
+function ensureSessionShape(raw, fallbackId = null) {
+  const created = Number.isFinite(raw?.created) ? raw.created : Date.now();
+  return {
+    id: raw?.id || fallbackId || crypto.randomUUID(),
+    name: String(raw?.name || 'New Chat'),
+    created,
+    history: Array.isArray(raw?.history) ? raw.history : [],
+    model: raw?.model || null,
+  };
+}
+
+function buildSessionMeta(session, existingMeta = null) {
+  const created = Number.isFinite(session?.created)
+    ? session.created
+    : (Number.isFinite(existingMeta?.created) ? existingMeta.created : Date.now());
+  return {
+    id: session.id,
+    name: String(session.name || existingMeta?.name || 'New Chat'),
+    created,
+    model: session.model || existingMeta?.model || null,
+    updatedAt: nowIso(),
+  };
+}
+
+function ensureUserState(userId) {
+  if (!userCache.has(userId)) {
+    userCache.set(userId, {
+      indexLoaded: false,
+      sessionsMeta: new Map(),
+      loadedSessions: new Map(),
+      online: new Set(),
+    });
+  }
+  return userCache.get(userId);
+}
+
+function userDir(userId) {
+  return path.join(USERS_ROOT, safeFileId(userId));
+}
+
+function userIndexFile(userId) {
+  return path.join(userDir(userId), 'index.json');
+}
+
+function userSessionFile(userId, sessionId) {
+  return path.join(userDir(userId), 'sessions', `${safeFileId(sessionId)}.json`);
+}
+
+function userIndexAad(userId) {
+  return `chat:user:${userId}:index`;
+}
+
+function userSessionAad(userId, sessionId) {
+  return `chat:user:${userId}:session:${sessionId}`;
+}
+
+function toSerializableSessionMetaMap(map) {
+  const sessions = {};
+  for (const [id, meta] of map.entries()) {
+    sessions[id] = {
+      id,
+      name: String(meta?.name || 'New Chat'),
+      created: Number.isFinite(meta?.created) ? meta.created : Date.now(),
+      model: meta?.model || null,
+      updatedAt: meta?.updatedAt || nowIso(),
+    };
+  }
+  return sessions;
+}
 
-const userCache   = new Map(); // userId -> { sessions: Map, online: Set }
-const tempStore   = new Map(); // tempId -> TempData
-const devSessions = new Map(); // token  -> DeviceSession
+async function ensureUserIndexLoaded(userId) {
+  const state = ensureUserState(userId);
+  if (state.indexLoaded) return state;
 
-const TEMP_STORE_FILE = '/data/temp_sessions.json';
+  const stored = await loadEncryptedJson(userIndexFile(userId), userIndexAad(userId));
+  state.sessionsMeta.clear();
+
+  const sessions = stored?.sessions || {};
+  for (const [id, meta] of Object.entries(sessions)) {
+    state.sessionsMeta.set(id, {
+      id,
+      name: String(meta?.name || 'New Chat'),
+      created: Number.isFinite(meta?.created) ? meta.created : Date.now(),
+      model: meta?.model || null,
+      updatedAt: meta?.updatedAt || nowIso(),
+    });
+  }
+
+  state.indexLoaded = true;
+  return state;
+}
+
+async function saveUserIndex(userId) {
+  const state = ensureUserState(userId);
+  const payload = {
+    sessions: toSerializableSessionMetaMap(state.sessionsMeta),
+  };
+  await saveEncryptedJson(userIndexFile(userId), payload, userIndexAad(userId));
+}
+
+async function loadUserSessionFromDisk(userId, sessionId) {
+  const raw = await loadEncryptedJson(userSessionFile(userId, sessionId), userSessionAad(userId, sessionId));
+  if (!raw) return null;
+  return ensureSessionShape(raw, sessionId);
+}
+
+async function saveUserSessionToDisk(userId, session) {
+  const shaped = ensureSessionShape(session);
+  await saveEncryptedJson(userSessionFile(userId, shaped.id), shaped, userSessionAad(userId, shaped.id));
+}
+
+async function deleteUserSessionFromDisk(userId, sessionId) {
+  await fs.rm(userSessionFile(userId, sessionId), { force: true }).catch(() => {});
+}
+
+async function withUserWriteLock(userId, fn) {
+  const prior = userWriteLocks.get(userId) || Promise.resolve();
+  const next = prior.catch(() => {}).then(fn);
+  userWriteLocks.set(userId, next.finally(() => {
+    if (userWriteLocks.get(userId) === next) userWriteLocks.delete(userId);
+  }));
+  return next;
+}
+
+function sessionForList(meta, loaded) {
+  const source = loaded || meta;
+  return {
+    id: source.id,
+    name: source.name || 'New Chat',
+    created: Number.isFinite(source.created) ? source.created : Date.now(),
+    history: loaded?.history || [],
+    model: source.model || null,
+  };
+}
+
+async function ensureShareIndexLoaded() {
+  if (shareState.loaded) return;
+  const stored = await loadEncryptedJson(SHARES_FILE, 'chat:shares:index');
+  shareState.index = {
+    shares: stored?.shares || {},
+  };
+  shareState.loaded = true;
+}
+
+async function saveShareIndex() {
+  await saveEncryptedJson(SHARES_FILE, shareState.index, 'chat:shares:index');
+}
 
 async function loadTempStore() {
-  const data = await loadEncryptedJson(TEMP_STORE_FILE);
-  if (data) {
-    for (const [id, d] of Object.entries(data)) {
-      tempStore.set(id, {
-        sessions: new Map(Object.entries(d.sessions || {})),
-        msgCount: d.msgCount || 0,
-        created: d.created || Date.now(),
-        lastActive: d.lastActive || Date.now(),
-      });
-    }
+  const data = await loadEncryptedJson(TEMP_STORE_FILE, 'chat:temp:index');
+  if (!data) return;
+  for (const [id, d] of Object.entries(data)) {
+    tempStore.set(id, {
+      sessions: new Map(Object.entries(d.sessions || {})),
+      msgCount: d.msgCount || 0,
+      created: d.created || Date.now(),
+      lastActive: d.lastActive || Date.now(),
+    });
   }
 }
 
@@ -42,51 +216,67 @@ async function saveTempStore() {
       lastActive: d.lastActive,
     };
   }
-  await saveEncryptedJson(TEMP_STORE_FILE, data);
+  await saveEncryptedJson(TEMP_STORE_FILE, data, 'chat:temp:index');
 }
 
-// Load temp store on init
-loadTempStore().catch(err => console.error('Failed to load temp store:', err));
+loadTempStore().catch((err) => console.error('Failed to load temp store:', err));
 
 setInterval(async () => {
   const now = Date.now();
-  for (const [id, d] of tempStore)
-    if (now - d.created > TEMP_TTL_MS || now - d.lastActive > TEMP_INACTIVITY)
+  for (const [id, d] of tempStore) {
+    if (now - d.created > TEMP_TTL_MS || now - d.lastActive > TEMP_INACTIVITY) {
       tempStore.delete(id);
-  // Save after cleanup
-  await saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    }
+  }
+  await saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
 }, 30 * 60 * 1000);
 
-function userClient(accessToken) {
-  return createClient(_SUPABASE_URL, _SUPABASE_ANON_KEY, {
-    global: { headers: { Authorization: `Bearer ${accessToken}` } },
-    auth: { persistSession: false },
-  });
-}
-
 export const sessionStore = {
-  // ── TEMP ────────────────────────────────────────────────────────────────
+  // TEMP
   initTemp(t) {
-    if (!tempStore.has(t))
-      tempStore.set(t, { sessions: new Map(), msgCount: 0, created: Date.now(), lastActive: Date.now() });
+    if (!tempStore.has(t)) {
+      tempStore.set(t, {
+        sessions: new Map(),
+        msgCount: 0,
+        created: Date.now(),
+        lastActive: Date.now(),
+      });
+    }
     return tempStore.get(t);
   },
-  tempCanSend(t)  { const d = tempStore.get(t); return d ? d.msgCount < TEMP_MSG_LIMIT : false; },
-  tempBump(t)     { const d = tempStore.get(t); if (d) { d.msgCount++; d.lastActive = Date.now(); } },
-  getTempSessions(t) { return [...(tempStore.get(t)?.sessions.values() || [])]; },
-  getTempSession(t, id) { return tempStore.get(t)?.sessions.get(id) || null; },
+  tempCanSend(t) {
+    const d = tempStore.get(t);
+    return d ? d.msgCount < TEMP_MSG_LIMIT : false;
+  },
+  tempBump(t) {
+    const d = tempStore.get(t);
+    if (d) {
+      d.msgCount++;
+      d.lastActive = Date.now();
+    }
+  },
+  getTempSessions(t) {
+    return [...(tempStore.get(t)?.sessions.values() || [])];
+  },
+  getTempSession(t, id) {
+    return tempStore.get(t)?.sessions.get(id) || null;
+  },
   createTempSession(t) {
     const d = this.initTemp(t);
     const s = { id: crypto.randomUUID(), name: 'New Chat', created: Date.now(), history: [] };
-    d.sessions.set(s.id, s); d.lastActive = Date.now();
-    saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    d.sessions.set(s.id, s);
+    d.lastActive = Date.now();
+    saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
     return s;
   },
   updateTempSession(t, id, patch) {
-    const d = tempStore.get(t); if (!d) return null;
-    const s = d.sessions.get(id); if (!s) return null;
-    Object.assign(s, patch); d.lastActive = Date.now();
-    saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    const d = tempStore.get(t);
+    if (!d) return null;
+    const s = d.sessions.get(id);
+    if (!s) return null;
+    Object.assign(s, patch);
+    d.lastActive = Date.now();
+    saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
     return s;
   },
   restoreTempSession(t, session) {
@@ -94,151 +284,211 @@ export const sessionStore = {
     const restored = JSON.parse(JSON.stringify(session));
     d.sessions.set(restored.id, restored);
     d.lastActive = Date.now();
-    saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
     return restored;
   },
-  deleteTempSession(t, id) { tempStore.get(t)?.sessions.delete(id); saveTempStore().catch(err => console.error('Failed to save temp store:', err)); },
-  deleteTempAll(t)         { tempStore.get(t)?.sessions.clear(); saveTempStore().catch(err => console.error('Failed to save temp store:', err)); },
+  deleteTempSession(t, id) {
+    tempStore.get(t)?.sessions.delete(id);
+    saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
+  },
+  deleteTempAll(t) {
+    tempStore.get(t)?.sessions.clear();
+    saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
+  },
   deleteTempSessionEverywhere(id) {
     let changed = false;
     for (const temp of tempStore.values()) {
       if (temp.sessions.delete(id)) changed = true;
     }
-    if (changed) saveTempStore().catch(err => console.error('Failed to save temp store:', err));
+    if (changed) saveTempStore().catch((err) => console.error('Failed to save temp store:', err));
     return changed;
   },
 
-  /**
-   * Copy temp sessions into the user's account on login.
-   * We intentionally do NOT delete from tempStore so the guest session
-   * remains usable if the user logs out again (and so the WS client's
-   * tempId still resolves while the tab is open).
-   * Sessions that already exist in the user account (same id) are skipped
-   * to avoid overwriting newer server data.
-   */
-  async transferTempToUser(tempId, userId, accessToken) {
+  async transferTempToUser(tempId, userId, _accessToken) {
     const d = tempStore.get(tempId);
     if (!d || !d.sessions.size) return;
 
-    const uc   = userClient(accessToken);
-    const user = this._ensureUser(userId);
+    await ensureUserIndexLoaded(userId);
 
     for (const s of d.sessions.values()) {
-      // Skip sessions that are empty (never actually used)
       if (!s.history || s.history.length === 0) continue;
-
-      // Skip if the user already has a session with the same id
-      if (user.sessions.has(s.id)) continue;
-
-      // Deep-clone so mutations to the user copy don't affect temp copy
-      const copy = JSON.parse(JSON.stringify(s));
-      user.sessions.set(copy.id, copy);
-      await this._persist(uc, userId, copy).catch(err =>
-        console.error('transferTempToUser persist error:', err.message));
+      if (ensureUserState(userId).sessionsMeta.has(s.id)) continue;
+      const copy = ensureSessionShape(JSON.parse(JSON.stringify(s)));
+      await withUserWriteLock(userId, async () => {
+        const state = ensureUserState(userId);
+        state.loadedSessions.set(copy.id, copy);
+        state.sessionsMeta.set(copy.id, buildSessionMeta(copy));
+        await saveUserSessionToDisk(userId, copy);
+        await saveUserIndex(userId);
+      });
     }
   },
 
-  // ── USERS ────────────────────────────────────────────────────────────────
+  // USERS
   _ensureUser(uid) {
-    if (!userCache.has(uid)) userCache.set(uid, { sessions: new Map(), online: new Set() });
-    return userCache.get(uid);
-  },
-  async loadUserSessions(userId, accessToken) {
-    const uc = userClient(accessToken);
-    const { data, error } = await uc.from('web_sessions').select('*')
-      .eq('user_id', userId).order('updated_at', { ascending: false });
-    if (error) { console.error('loadUserSessions', error.message); return []; }
-    const user = this._ensureUser(userId);
-    for (const row of data || [])
-      user.sessions.set(row.id, { id: row.id, name: row.name,
-        created: new Date(row.created_at).getTime(), history: row.history || [], model: row.model });
-    return [...user.sessions.values()];
-  },
-  getUserSessions(uid)    { return [...(userCache.get(uid)?.sessions.values() || [])]; },
-  getUserSession(uid, id) { return userCache.get(uid)?.sessions.get(id) || null; },
-  async createUserSession(userId, accessToken) {
-    const s = { id: crypto.randomUUID(), name: 'New Chat', created: Date.now(), history: [] };
-    this._ensureUser(userId).sessions.set(s.id, s);
-    await this._persist(userClient(accessToken), userId, s).catch(() => {});
-    return s;
+    return ensureUserState(uid);
   },
-  async restoreUserSession(userId, accessToken, session) {
-    const restored = JSON.parse(JSON.stringify(session));
-    this._ensureUser(userId).sessions.set(restored.id, restored);
-    await this._persist(userClient(accessToken), userId, restored).catch(() => {});
-    return restored;
+
+  async loadUserSessions(userId, _accessToken) {
+    const state = await ensureUserIndexLoaded(userId);
+    return [...state.sessionsMeta.values()]
+      .sort((a, b) => new Date(b.updatedAt || 0).getTime() - new Date(a.updatedAt || 0).getTime())
+      .map((meta) => sessionForList(meta, state.loadedSessions.get(meta.id)));
   },
-  async updateUserSession(userId, accessToken, sessionId, patch) {
-    const user = userCache.get(userId); if (!user) { console.error("No user for " + userId); return null; }
-    const s = user.sessions.get(sessionId); if (!s) { console.error ("No session found for " + sessionId); return null; }
-    Object.assign(s, patch);
-    await this._persist(userClient(accessToken), userId, s).catch(() => {});
+
+  getUserSessions(uid) {
+    const state = userCache.get(uid);
+    if (!state) return [];
+    return [...state.sessionsMeta.values()].map((meta) => sessionForList(meta, state.loadedSessions.get(meta.id)));
+  },
+
+  getUserSession(uid, id) {
+    return userCache.get(uid)?.loadedSessions.get(id) || null;
+  },
+
+  async getUserSessionResolved(uid, id) {
+    const state = await ensureUserIndexLoaded(uid);
+    if (state.loadedSessions.has(id)) return state.loadedSessions.get(id);
+    const meta = state.sessionsMeta.get(id);
+    if (!meta) return null;
+
+    const loaded = await loadUserSessionFromDisk(uid, id);
+    if (!loaded) return null;
+
+    const merged = ensureSessionShape({
+      ...loaded,
+      id,
+      name: loaded.name || meta.name,
+      created: Number.isFinite(loaded.created) ? loaded.created : meta.created,
+      model: loaded.model || meta.model,
+    }, id);
+
+    state.loadedSessions.set(id, merged);
+    return merged;
+  },
+
+  async createUserSession(userId, _accessToken) {
+    const s = ensureSessionShape({
+      id: crypto.randomUUID(),
+      name: 'New Chat',
+      created: Date.now(),
+      history: [],
+      model: null,
+    });
+
+    await ensureUserIndexLoaded(userId);
+    await withUserWriteLock(userId, async () => {
+      const state = ensureUserState(userId);
+      state.loadedSessions.set(s.id, s);
+      state.sessionsMeta.set(s.id, buildSessionMeta(s));
+      await saveUserSessionToDisk(userId, s);
+      await saveUserIndex(userId);
+    });
     return s;
   },
-  async deleteUserSession(userId, accessToken, id) {
-    try {
-      userCache.get(userId)?.sessions.delete(id);
-      const { error } = await userClient(accessToken)
-        .from('web_sessions')
-        .delete()
-        .eq('id', id)
-        .eq('user_id', userId);
-      if (error) console.error('Supabase delete error:', error.message);
-    } catch (ex) {
-      console.error('Unexpected deleteUserSession error:', ex);
-    }
+
+  async restoreUserSession(userId, _accessToken, session) {
+    const restored = ensureSessionShape(JSON.parse(JSON.stringify(session)));
+    await ensureUserIndexLoaded(userId);
+
+    await withUserWriteLock(userId, async () => {
+      const state = ensureUserState(userId);
+      state.loadedSessions.set(restored.id, restored);
+      state.sessionsMeta.set(restored.id, buildSessionMeta(restored, state.sessionsMeta.get(restored.id)));
+      await saveUserSessionToDisk(userId, restored);
+      await saveUserIndex(userId);
+    });
+    return restored;
   },
-  async deleteAllUserSessions(userId, accessToken) {
-    const u = userCache.get(userId);
-    if (u) {
-      u.sessions.clear();
-    } else {
-      console.error('No user for ' + userId);
-      return null;
-    }
-    try {
-      const { error } = await userClient(accessToken)
-        .from('web_sessions')
-        .delete()
-        .eq('user_id', userId);
-      if (error) console.error('Supabase bulk delete error:', error.message);
-    } catch (ex) {
-      console.error('Unexpected deleteAllUserSessions error:', ex);
-    }
+
+  async updateUserSession(userId, _accessToken, sessionId, patch) {
+    await ensureUserIndexLoaded(userId);
+    const current = await this.getUserSessionResolved(userId, sessionId);
+    if (!current) return null;
+
+    Object.assign(current, patch || {});
+    const updated = ensureSessionShape(current, sessionId);
+
+    await withUserWriteLock(userId, async () => {
+      const state = ensureUserState(userId);
+      state.loadedSessions.set(sessionId, updated);
+      state.sessionsMeta.set(sessionId, buildSessionMeta(updated, state.sessionsMeta.get(sessionId)));
+      await saveUserSessionToDisk(userId, updated);
+      await saveUserIndex(userId);
+    });
+
+    return updated;
   },
-  async _persist(uc, userId, s) {
-    await uc.from('web_sessions').upsert({
-      id: s.id, user_id: userId, name: s.name, history: s.history || [],
-      model: s.model || null, updated_at: new Date().toISOString(),
-      created_at: new Date(s.created).toISOString(),
+
+  async deleteUserSession(userId, _accessToken, id) {
+    await ensureUserIndexLoaded(userId);
+    await withUserWriteLock(userId, async () => {
+      const state = ensureUserState(userId);
+      state.loadedSessions.delete(id);
+      state.sessionsMeta.delete(id);
+      await deleteUserSessionFromDisk(userId, id);
+      await saveUserIndex(userId);
     });
   },
-  markOnline(uid, ws)  { this._ensureUser(uid).online.add(ws); },
-  markOffline(uid, ws) { userCache.get(uid)?.online.delete(ws); },
-  // ── SHARE ────────────────────────────────────────────────────────────────
-  async createShareToken(userId, accessToken, sessionId) {
-    const s = this.getUserSession(userId, sessionId); if (!s) return null;
-    const token = crypto.randomBytes(24).toString('base64url');
-    const uc = userClient(accessToken);
-    const { error } = await uc.from('shared_sessions').insert({
-      token, owner_id: userId, session_snapshot: s, created_at: new Date().toISOString(),
+
+  async deleteAllUserSessions(userId, _accessToken) {
+    await ensureUserIndexLoaded(userId);
+    const state = ensureUserState(userId);
+    const ids = [...state.sessionsMeta.keys()];
+
+    await withUserWriteLock(userId, async () => {
+      for (const id of ids) {
+        await deleteUserSessionFromDisk(userId, id);
+      }
+      state.loadedSessions.clear();
+      state.sessionsMeta.clear();
+      await saveUserIndex(userId);
     });
-    return error ? null : token;
+
+    return true;
+  },
+
+  markOnline(uid, ws) {
+    ensureUserState(uid).online.add(ws);
   },
+
+  markOffline(uid, ws) {
+    userCache.get(uid)?.online.delete(ws);
+  },
+
+  // SHARE
+  async createShareToken(userId, _accessToken, sessionId) {
+    const s = await this.getUserSessionResolved(userId, sessionId);
+    if (!s) return null;
+
+    const token = crypto.randomBytes(24).toString('base64url');
+    await ensureShareIndexLoaded();
+    shareState.index.shares[token] = {
+      token,
+      owner_id: userId,
+      session_snapshot: JSON.parse(JSON.stringify(s)),
+      created_at: nowIso(),
+    };
+    await saveShareIndex();
+    return token;
+  },
+
   async resolveShareToken(token) {
-    // shared_sessions SELECT is public via RLS
-    const uc = createClient(_SUPABASE_URL, _SUPABASE_ANON_KEY, { auth: { persistSession: false } });
-    const { data } = await uc.from('shared_sessions').select('*').eq('token', token).single();
-    return data || null;
+    await ensureShareIndexLoaded();
+    return shareState.index.shares[String(token || '')] || null;
   },
+
   async importSharedSession(userId, accessToken, token) {
-    const shared = await this.resolveShareToken(token); if (!shared) return null;
-    const snap = shared.session_snapshot;
-    const newSession = { ...snap, id: crypto.randomUUID(),
-      name: `${snap.name} (shared)`, created: Date.now() };
-    const uc = userClient(accessToken);
-    this._ensureUser(userId).sessions.set(newSession.id, newSession);
-    await this._persist(uc, userId, newSession).catch(() => {});
+    const shared = await this.resolveShareToken(token);
+    if (!shared) return null;
+    const snap = ensureSessionShape(shared.session_snapshot);
+    const newSession = {
+      ...snap,
+      id: crypto.randomUUID(),
+      name: `${snap.name} (shared)`,
+      created: Date.now(),
+    };
+    await this.restoreUserSession(userId, accessToken, newSession);
     return newSession;
   },
 };
@@ -246,17 +496,37 @@ export const sessionStore = {
 export const deviceSessionStore = {
   create(userId, ip, userAgent) {
     const token = crypto.randomBytes(32).toString('hex');
-    devSessions.set(token, { token, userId, ip, userAgent,
-      createdAt: new Date().toISOString(), lastSeen: new Date().toISOString(), active: true });
+    devSessions.set(token, {
+      token,
+      userId,
+      ip,
+      userAgent,
+      createdAt: nowIso(),
+      lastSeen: nowIso(),
+      active: true,
+    });
     return token;
   },
-  getForUser(uid)  { return [...devSessions.values()].filter(s => s.userId === uid && s.active); },
-  revoke(token)    { const s = devSessions.get(token); if (s) { s.active = false; return s; } return null; },
+  getForUser(uid) {
+    return [...devSessions.values()].filter((s) => s.userId === uid && s.active);
+  },
+  revoke(token) {
+    const s = devSessions.get(token);
+    if (s) {
+      s.active = false;
+      return s;
+    }
+    return null;
+  },
   revokeAllExcept(uid, except) {
-    for (const [t, s] of devSessions) if (s.userId === uid && t !== except) s.active = false;
+    for (const [t, s] of devSessions) {
+      if (s.userId === uid && t !== except) s.active = false;
+    }
   },
-  validate(token)  {
-    const s = devSessions.get(token); if (!s || !s.active) return null;
-    s.lastSeen = new Date().toISOString(); return s;
+  validate(token) {
+    const s = devSessions.get(token);
+    if (!s || !s.active) return null;
+    s.lastSeen = nowIso();
+    return s;
   },
 };

server/wsHandler.js

@@ -230,7 +230,7 @@ const handlers = {
   'sessions:delete': async (ws, msg, client) => {
     const owner = getClientOwner(client);
     const session = client.userId
-      ? sessionStore.getUserSession(client.userId, msg.sessionId)
+      ? await sessionStore.getUserSessionResolved(client.userId, msg.sessionId)
       : sessionStore.getTempSession(client.tempId, msg.sessionId);
     if (!session) return safeSend(ws, { type: 'error', message: 'Session not found' });
 
@@ -250,7 +250,11 @@ const handlers = {
     const sessions = client.userId
       ? sessionStore.getUserSessions(client.userId)
       : sessionStore.getTempSessions(client.tempId);
-    for (const session of sessions) {
+    for (const listedSession of sessions) {
+      const session = client.userId
+        ? await sessionStore.getUserSessionResolved(client.userId, listedSession.id)
+        : listedSession;
+      if (!session) continue;
       await chatTrashStore.add(owner, JSON.parse(JSON.stringify(session)));
       if (client.userId) sessionStore.deleteTempSessionEverywhere(session.id);
     }
@@ -268,9 +272,9 @@ const handlers = {
     safeSend(ws, { type: 'sessions:renamed', sessionId: msg.sessionId, name });
   },
 
-  'sessions:get': (ws, msg, client) => {
+  'sessions:get': async (ws, msg, client) => {
     const s = client.userId
-      ? sessionStore.getUserSession(client.userId, msg.sessionId)
+      ? await sessionStore.getUserSessionResolved(client.userId, msg.sessionId)
       : sessionStore.getTempSession(client.tempId, msg.sessionId);
     if (!s) return safeSend(ws, { type: 'error', message: 'Session not found' });
     safeSend(ws, { type: 'sessions:data', session: ser(s) });
@@ -325,7 +329,7 @@ const handlers = {
       sessionStore.tempBump(client.tempId);
     }
     const session = client.userId
-      ? sessionStore.getUserSession(client.userId, sessionId)
+      ? await sessionStore.getUserSessionResolved(client.userId, sessionId)
       : sessionStore.getTempSession(client.tempId, sessionId);
     if (!session) return safeSend(ws, { type: 'error', message: 'Session not found' });
 
@@ -466,7 +470,7 @@ const handlers = {
   'chat:editMessage': async (ws, msg, client) => {
     const { sessionId, messageIndex, newContent } = msg;
     const session = client.userId
-      ? sessionStore.getUserSession(client.userId, sessionId)
+      ? await sessionStore.getUserSessionResolved(client.userId, sessionId)
       : sessionStore.getTempSession(client.tempId, sessionId);
     if (!session) return safeSend(ws, { type: 'error', message: 'Session not found' });
     
@@ -527,7 +531,7 @@ const handlers = {
   'chat:selectVersion': async (ws, msg, client) => {
     const { sessionId, messageIndex, versionIdx } = msg;
     const session = client.userId
-      ? sessionStore.getUserSession(client.userId, sessionId)
+      ? await sessionStore.getUserSessionResolved(client.userId, sessionId)
       : sessionStore.getTempSession(client.tempId, sessionId);
     if (!session) return;
     
@@ -563,7 +567,7 @@ const handlers = {
     const { sessionId, messageIndex } = msg;
     const action = msg.action === 'continue' ? 'continue' : 'regenerate';
     const session = client.userId
-      ? sessionStore.getUserSession(client.userId, sessionId)
+      ? await sessionStore.getUserSessionResolved(client.userId, sessionId)
       : sessionStore.getTempSession(client.tempId, sessionId);
     if (!session) return safeSend(ws, { type: 'error', message: 'Session not found' });
 
@@ -861,7 +865,7 @@ async function restoreDeletedSession(client, snapshot) {
   if (!snapshot) return null;
   const restored = JSON.parse(JSON.stringify(snapshot));
   const existing = client.userId
-    ? sessionStore.getUserSession(client.userId, restored.id)
+    ? await sessionStore.getUserSessionResolved(client.userId, restored.id)
     : sessionStore.getTempSession(client.tempId, restored.id);
   if (existing) restored.id = crypto.randomUUID();
   restored.created = restored.created || Date.now();