mirror of
https://github.com/sipeed/picoclaw.git
synced 2026-06-12 18:08:54 +00:00
zeed zhao
6ea364e67d
Add token-based authentication for the Launcher's embedded Web Dashboard. - Ephemeral token generated in-memory each run (or via PICOCLAW_LAUNCHER_TOKEN env var) - HMAC-SHA256 session cookie (HttpOnly, SameSite=Lax, Secure when HTTPS) - Bearer token support for API/script access - Rate limiting on login (10 attempts/IP/min) - Referrer-Policy: no-referrer on all responses - POST-only logout with JSON content-type (CSRF-safe) - System tray "Copy dashboard token" action - Login page shows contextual help (console/tray/log file path) - Path traversal protection via path.Clean - X-Forwarded-Host/Port/Proto support for reverse proxy deployments - Full i18n support (English, Chinese) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
87 lines
2.3 KiB
TypeScript
87 lines
2.3 KiB
TypeScript
import { launcherFetch } from "@/api/http"
|
|
|
|
// API client for gateway process management.
|
|
|
|
interface GatewayStatusResponse {
|
|
gateway_status: "running" | "starting" | "restarting" | "stopped" | "error"
|
|
gateway_start_allowed?: boolean
|
|
gateway_start_reason?: string
|
|
gateway_restart_required?: boolean
|
|
pid?: number
|
|
boot_default_model?: string
|
|
config_default_model?: string
|
|
[key: string]: unknown
|
|
}
|
|
|
|
interface GatewayLogsResponse {
|
|
logs?: string[]
|
|
log_total?: number
|
|
log_run_id?: number
|
|
}
|
|
|
|
interface GatewayActionResponse {
|
|
status: string
|
|
pid?: number
|
|
log_total?: number
|
|
log_run_id?: number
|
|
}
|
|
|
|
const BASE_URL = ""
|
|
|
|
async function request<T>(path: string, options?: RequestInit): Promise<T> {
|
|
const res = await launcherFetch(`${BASE_URL}${path}`, options)
|
|
if (!res.ok) {
|
|
throw new Error(`API error: ${res.status} ${res.statusText}`)
|
|
}
|
|
return res.json() as Promise<T>
|
|
}
|
|
|
|
export async function getGatewayStatus(): Promise<GatewayStatusResponse> {
|
|
return request<GatewayStatusResponse>("/api/gateway/status")
|
|
}
|
|
|
|
export async function getGatewayLogs(options?: {
|
|
log_offset?: number
|
|
log_run_id?: number
|
|
}): Promise<GatewayLogsResponse> {
|
|
const params = new URLSearchParams()
|
|
if (options?.log_offset !== undefined) {
|
|
params.set("log_offset", options.log_offset.toString())
|
|
}
|
|
if (options?.log_run_id !== undefined) {
|
|
params.set("log_run_id", options.log_run_id.toString())
|
|
}
|
|
const queryString = params.toString() ? `?${params.toString()}` : ""
|
|
return request<GatewayLogsResponse>(`/api/gateway/logs${queryString}`)
|
|
}
|
|
|
|
export async function startGateway(): Promise<GatewayActionResponse> {
|
|
return request<GatewayActionResponse>("/api/gateway/start", {
|
|
method: "POST",
|
|
})
|
|
}
|
|
|
|
export async function stopGateway(): Promise<GatewayActionResponse> {
|
|
return request<GatewayActionResponse>("/api/gateway/stop", {
|
|
method: "POST",
|
|
})
|
|
}
|
|
|
|
export async function restartGateway(): Promise<GatewayActionResponse> {
|
|
return request<GatewayActionResponse>("/api/gateway/restart", {
|
|
method: "POST",
|
|
})
|
|
}
|
|
|
|
export async function clearGatewayLogs(): Promise<GatewayActionResponse> {
|
|
return request<GatewayActionResponse>("/api/gateway/logs/clear", {
|
|
method: "POST",
|
|
})
|
|
}
|
|
|
|
export type {
|
|
GatewayStatusResponse,
|
|
GatewayLogsResponse,
|
|
GatewayActionResponse,
|
|
}
|