SORCERER

Multi-session workbench for agentic coding tools.

Run parallel Claude Code, Gemini CLI, Codex CLI, and OpenCode sessions in isolated git worktrees. Sessions can't interfere with each other, survive crashes, and persist across restarts.

Electron · React · TypeScript · node-pty · xterm.js

Download ↓ View source Star

New Session

Search sessions... Ctrl K

AGENTS 2

PROJECTS 2 · 6 sessions

sorcerer / auth-system sorcerer/auth-system

auth-system

❯ Setting up JWT auth with refresh tokens.

Creating src/auth/jwt.ts

Creating src/auth/middleware.ts

Creating src/auth/refresh.ts

src/auth/jwt.ts

+ import jwt from 'jsonwebtoken'

+ import { config } from '../config'

+ export function signToken(payload) {

+ return jwt.sign(payload, SECRET)

+ }

src/auth/middleware.ts

+ export function authGuard(req, res) {

+ const token = getBearer(req)

+ if (!token) return res.status(401)

Running tests...

✓ JWT signs and verifies

✓ Rejects expired tokens

✓ Refresh rotation works

✓ Concurrent refresh safe

All 4 tests passed.

❯

api-endpoints

❯ Refactoring user routes to add validation.

Editing src/routes/users.ts

- app.post('/users', async (req, res) => {

- const user = await db.insert(req.body)

+ app.post('/users', validate(schema), async (req, res) => {

+ const user = await db.insert(req.validated)

- app.put('/users/:id', async (req, res) => {

+ app.put('/users/:id', validate(schema), async (req, res) => {

Running tests...

✓ POST /users validates required fields

✓ PUT /users/:id rejects invalid payload

✓ GET /users returns paginated list

All 3 tests passed.

Notes: auth-system

Auth system notes

---

JWT uses HS256 with 15min expiry

Refresh tokens stored in DB, rotated on use

bcrypt cost factor: 12

TODO: rate limiting on /auth endpoints

TODO: add OAuth2 provider support

What it does

Features

Parallel sessions

Run multiple agent sessions side-by-side. Launch Claude Code, Gemini CLI, Codex CLI, or OpenCode in a native PTY via node-pty with full terminal emulation through xterm.js.

Worktree isolation

Each session gets its own git worktree — a real filesystem copy, not just a branch switch. Sessions can't interfere with each other's changes.

Team detection

Watches ~/.claude/teams/ via chokidar for Claude Code team formation. Displays hierarchies, task assignments, and status without modifying Claude Code's internal state.

Crash recovery

Detects orphaned worktrees on startup. Uncommitted changes from crashed sessions are auto-committed before cleanup. Nothing gets silently lost.

Cross-platform

Electron + node-pty on Windows, macOS, and Linux. Handles Windows-specific edge cases like reserved filenames and PTY encoding.

Persistent sessions

SQLite-backed session storage via sql.js. Resume any session after restart, archive old ones, or land completed work back on your main branch.

Remote access

Built-in HTTP + WebSocket server with token authentication. Access your sessions from a browser on any device on your network.

Get started

Download

Also available for · All releases

Supports Claude Code, Gemini CLI, Codex CLI, and OpenCode. Install the CLIs you plan to use and make sure they are available on PATH.

Unattended workflow flags are provider-specific. For Claude Code, Sorcerer can run sessions with --dangerously-skip-permissions. This is configurable per session. See Anthropic's docs for details.

Installer is not yet code-signed

On Windows, SmartScreen may prompt you — click More info → Run anyway. On macOS, right-click → Open on first launch.

About

Sorcerer started as a personal workflow tool and grew into something worth sharing. Built by one developer who needed a better way to manage parallel coding-agent sessions.

It's open source under AetherCI. If you work across Claude Code, Gemini CLI, Codex CLI, or OpenCode sessions, give it a spin.

AetherCI also builds AI-powered CI/CD failure analysis — the other half of the AI development workflow.