fix: harden dashboard auth and terminal flows
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 3m29s

Tighten terminal websocket auth and proxy trust handling while making file-backed auth/RBAC writes atomic to reduce high-impact security and persistence risks.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Gan, Jimmy
2026-03-06 23:53:58 +08:00
parent c9f06fbbbb
commit 44f0ed5d04
9 changed files with 337 additions and 175 deletions
+6 -7
View File
@@ -5,6 +5,7 @@ import platform
import time
import httpx
from fastapi import APIRouter, Query, Request, HTTPException
import config
from config import TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, VOLUME_ROOT, OPENCLAW_GATEWAY_TOKEN
router = APIRouter()
@@ -116,13 +117,11 @@ def _classify(method, path, status, user):
@router.get("/openclaw-token")
def openclaw_token(request: Request):
ip = request.client.host
import config
if config.is_trusted_proxy(ip):
forwarded = request.headers.get("x-forwarded-for", "").split(",")[0].strip()
if forwarded:
ip = forwarded
import config
user = request.state.user
if user.role != "admin":
raise HTTPException(status_code=403, detail="Admin only")
ip = config.get_client_ip(request)
if not config.is_lan_ip(ip):
raise HTTPException(status_code=403, detail="Access denied")
return {"token": OPENCLAW_GATEWAY_TOKEN}