ROOH/MATTERMOST_OPENCLAW_LIVESTATUS
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 3 Wiki Activity
Files
backup/working-2026-03-09
MATTERMOST_OPENCLAW_LIVESTATUS/plugin/server/api.go
sol 2d493d5c34 feat: add Mattermost session auth for browser requests 
- Add dual auth path in ServeHTTP: shared secret (daemon) OR Mattermost session (browser)
- Read-only endpoints (GET /sessions, GET /health) accept either auth method
- Write endpoints (POST, PUT, DELETE) still require shared secret
- Browser requests authenticated via Mattermost-User-Id header (auto-injected by MM server)
- Unauthenticated requests now properly rejected with 401

Fixes: Issue #5 Phase 1 - RHS Panel auth fix
2026-03-09 14:19:39 +00:00

12 KiB
Raw Permalink Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink