ATCP + Agilang + Node.js
The frontend uses .ags templates. The backend is pure Node.js and does not require an Agilang backend runtime.
Install
npm install npm run dev # open http://127.0.0.1:8890
Users, developers and business owners
Every registration begins with Basic dashboard, profile and client capabilities. Developer and Business applications are marked pending until an administrator verifies the organization, chooses a plan and grants exact capabilities. System owners receive gateway credentials from an administrator; the gateway secret is displayed once and belongs in a server-side secret manager.
Reactive Agilang templates
@page title="ATCP Dashboard" <strong data-ags-bind="dashboard.ai_usage"> </strong>
The Node renderer converts @live into a live scope. The browser runtime polls the endpoint and updates elements carrying data-ags-bind.
Node.js endpoint
if (pathname === "/api/dashboard") {
return json(response, getDashboardState());
}Real-time event data
The Node.js backend uses Server-Sent Events for immediate updates and the Agilang @live interval as a recovery fallback. Authenticated dashboard data remains protected by the session boundary.
Cloudflare Workers AI CLI
The Node backend maps the stable modes chat, think and code to administrator-controlled Workers AI models. Terminal clients authenticate with a scoped ATCP token; Cloudflare account and API tokens never leave the server.
npm link atcp-ai login --endpoint https://atcp.sibaq.us atcp-ai chat atcp-ai think "Analyze this protocol" atcp-ai code "Review this Node.js function"
Administrator control plane
The protected /admin page manages users, roles, capability grants, plan prices, AI quotas, gateways and provider integrations. Cloudflare, SMTP, Stripe and PayPal secrets are AES-256-GCM encrypted and are never returned after saving. Only the data-encryption master key and one-time bootstrap settings belong in the protected server environment.
Gmail SMTP and password reset
For Gmail, use smtp.gmail.com, port 587, STARTTLS, the full Gmail address and a dedicated Google App Password created after enabling two-step verification. Never use the normal Google password. Password reset links are single-use, expire after 30 minutes and invalidate existing browser and CLI sessions.
Billing and subscriptions
The admin vault and plan catalog prepare Stripe and PayPal integration, but credentials alone never activate a subscription. Production billing must use server-created checkout, provider-native signed webhooks, atomic event idempotency, amount/currency/plan reconciliation and audited entitlement changes. Browser-controlled activation remains locked.