lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
07748bf076adc564c51a98e360be6303efba6ba4
picoclaw/web
T
History
zeed zhao 6ea364e67d feat(web): protect launcher dashboard with token and SPA login (#1953) 
Add token-based authentication for the Launcher's embedded Web Dashboard.

- Ephemeral token generated in-memory each run (or via PICOCLAW_LAUNCHER_TOKEN env var)
- HMAC-SHA256 session cookie (HttpOnly, SameSite=Lax, Secure when HTTPS)
- Bearer token support for API/script access
- Rate limiting on login (10 attempts/IP/min)
- Referrer-Policy: no-referrer on all responses
- POST-only logout with JSON content-type (CSRF-safe)
- System tray "Copy dashboard token" action
- Login page shows contextual help (console/tray/log file path)
- Path traversal protection via path.Clean
- X-Forwarded-Host/Port/Proto support for reverse proxy deployments
- Full i18n support (English, Chinese)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-29 13:11:43 +08:00
..
backend
feat(web): protect launcher dashboard with token and SPA login (#1953)
2026-03-29 13:11:43 +08:00
frontend
feat(web): protect launcher dashboard with token and SPA login (#1953)
2026-03-29 13:11:43 +08:00
Makefile
fix for feat(web): implement macOS app feature and file logger (#1735)
2026-03-18 18:00:14 +08:00
picoclaw-launcher.desktop
feat(web): migrate launcher to modular web frontend/backend and improve management UX (#1275)
2026-03-09 19:42:03 +08:00
picoclaw-launcher.png
feat(web): migrate launcher to modular web frontend/backend and improve management UX (#1275)
2026-03-09 19:42:03 +08:00
README.md
feat(web): migrate launcher to modular web frontend/backend and improve management UX (#1275)
2026-03-09 19:42:03 +08:00

README.md

Picoclaw Web

This directory contains the standalone web service for picoclaw. It provides a complete unified web interface, acting as a dashboard, configuration center, and interactive console (channel client) for the core picoclaw engine.

Architecture

The service is structured as a monorepo containing both the backend and frontend code to ensure high cohesion and simplify deployment.

  • backend/: The Go-based web server. It provides RESTful APIs, manages WebSocket connections for chat, and handles the lifecycle of the picoclaw process. It eventually embeds the compiled frontend assets into a single executable.
  • frontend/: The Vite + React + TanStack Router single-page application (SPA). It provides the interactive user interface.

Getting Started

Prerequisites

  • Go 1.25+
  • Node.js 20+ with pnpm

Development

Run both the frontend dev server and the Go backend simultaneously:

make dev

Or run them separately:

make dev-frontend   # Vite dev server
make dev-backend    # Go backend

Build

Build the frontend and embed it into a single Go binary:

make build

The output binary is backend/picoclaw-web.

Other Commands

make test    # Run backend tests and frontend lint
make lint    # Run go vet and prettier/eslint
make clean   # Remove all build artifacts
Reference in New Issue View Git Blame Copy Permalink