MATTERMOST_OPENCLAW_LIVESTATUS

Files

sol 2d493d5c34 feat: add Mattermost session auth for browser requests

- Add dual auth path in ServeHTTP: shared secret (daemon) OR Mattermost session (browser)
- Read-only endpoints (GET /sessions, GET /health) accept either auth method
- Write endpoints (POST, PUT, DELETE) still require shared secret
- Browser requests authenticated via Mattermost-User-Id header (auto-injected by MM server)
- Unauthenticated requests now properly rejected with 401

Fixes: Issue #5 Phase 1 - RHS Panel auth fix

2026-03-09 14:19:39 +00:00

public

feat: RHS panel + channel header button + public icon

2026-03-08 20:13:08 +00:00

api.go

feat: add Mattermost session auth for browser requests

2026-03-09 14:19:39 +00:00

configuration.go

fix: remove dead delete+recreate and pin code, add poll fallback test

2026-03-07 20:31:32 +00:00

go.mod

fix: remove dead delete+recreate and pin code, add poll fallback test