Skip to content

Phase2 electron onboarding spec #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ZengLiangYi merged 13 commits into from
May 23, 2026
Merged

Phase2 electron onboarding spec #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
a239c96
docs: design phase 2 electron onboarding
ZengLiangYi May 23, 2026
23d7041
docs: address phase 2 onboarding review
ZengLiangYi May 23, 2026
7dcf3ec
docs: tighten phase 2 onboarding boundaries
ZengLiangYi May 23, 2026
8103059
docs: align phase 2 onboarding product decisions
ZengLiangYi May 23, 2026
e88bce0
docs: resolve phase 2 onboarding review gaps
ZengLiangYi May 23, 2026
8f4f293
docs: clarify electron http auth allowance
ZengLiangYi May 23, 2026
226adcf
docs: plan phase 2 electron onboarding
ZengLiangYi May 23, 2026
908ae73
feat: add server watcher startup policy
ZengLiangYi May 23, 2026
9ff2f67
feat: allow electron cloud http auth session
ZengLiangYi May 23, 2026
762bb93
feat: add electron state and mcp snippets
ZengLiangYi May 23, 2026
c37e9cb
feat: split electron preload boundaries
ZengLiangYi May 23, 2026
14c6374
feat: add structured import contracts
ZengLiangYi May 23, 2026
ad664a3
feat: add electron onboarding modes
ZengLiangYi May 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions client/src/components/AuthGate.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import {
api,
assertSafeWebAuthTransport,
getStoredToken,
isElectronCloudHttpAuthAllowed,
isInsecureRemoteHttpLocation,
setStoredToken,
} from "@/lib/api.ts";
Expand All @@ -26,7 +27,7 @@ export function AuthGate({ children }: { children: ReactNode }) {
const refresh = useCallback(async () => {
setError(null);
setState((current) => ({ status: "loading", providerWarnings: current.providerWarnings }));
if (getStoredToken() && isInsecureRemoteHttpLocation()) {
if (getStoredToken() && isInsecureRemoteHttpLocation() && !isElectronCloudHttpAuthAllowed()) {
setError(t("auth.insecure_http"));
setState({ status: "token", providerWarnings: [] });
return;
Expand Down Expand Up @@ -63,7 +64,7 @@ export function AuthGate({ children }: { children: ReactNode }) {
setSubmitting(true);
setError(null);
try {
if (isInsecureRemoteHttpLocation()) {
if (isInsecureRemoteHttpLocation() && !isElectronCloudHttpAuthAllowed()) {
setError(t("auth.insecure_http"));
return;
}
Expand Down
1 change: 1 addition & 0 deletions client/src/hooks/use-import-stream.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ export function useImportStream() {
}

fetch(`${API_BASE}/api/import/scan/stream`, {
method: 'POST',
headers,
})
.then(async (res) => {
Expand Down
7 changes: 7 additions & 0 deletions client/src/lib/api.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,15 @@ export function isInsecureRemoteHttpLocation(location = window.location): boolea
return location.protocol === "http:" && !LOCAL_HOSTS.has(location.hostname);
}

export function isElectronCloudHttpAuthAllowed(location = window.location): boolean {
const marker = window.chatcrystalElectronCloud;
if (!marker?.allowInsecureHttpAuth) return false;
return marker.origin === location.origin;
}

export function assertSafeWebAuthTransport(): void {
if (!isInsecureRemoteHttpLocation()) return;
if (isElectronCloudHttpAuthAllowed()) return;
throw new Error(
"Refusing to send ChatCrystal access tokens over public HTTP. Use HTTPS or a local tunnel.",
);
Expand Down
10 changes: 10 additions & 0 deletions client/src/types/electron.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
export {};

declare global {
interface Window {
chatcrystalElectronCloud?: {
allowInsecureHttpAuth: boolean;
origin: string;
};
}
}
Loading
Loading