fix: detect Anthropic auth token from process environment

[michaeledi]

Summary

• treat process.env.ANTHROPIC_AUTH_TOKEN as a valid Claude auth source in /api/cli/claude/status
• keep the existing ANTHROPIC_API_KEY, ~/.claude/settings.json, and OAuth credential checks unchanged
• update the auth priority comment to include Anthropic auth tokens from the process environment

Why PR #527 did not fully fix this

PR #527 added support for ANTHROPIC_API_KEY and ANTHROPIC_AUTH_TOKEN when they are stored under ~/.claude/settings.json env values. That helps setups where Claude Code reads proxy/auth values from settings.json, but it does not cover local service managers such as systemd, pm2, Docker, or shell-launched processes that inject ANTHROPIC_AUTH_TOKEN directly into the CloudCLI server process environment.

In those deployments, Claude/SDK execution can receive ANTHROPIC_AUTH_TOKEN from process.env and work correctly, while the CloudCLI status endpoint still reports disconnected because it only checked process.env.ANTHROPIC_API_KEY before falling back to settings.json and OAuth credentials.

Validation

• node --check server/routes/cli-auth.js
• Before the fix, a local Express route check with only HOME set to an empty temp dir and ANTHROPIC_AUTH_TOKEN in process.env returned {"authenticated":false,"email":null,"method":null,"error":"Not authenticated"}
• After the fix, the same check returns {"authenticated":true,"email":"Configured via environment","method":"api_key"}

Summary by CodeRabbit

• New Features
  • Added support for authenticating with Claude using the ANTHROPIC_AUTH_TOKEN environment variable, providing an additional authentication option for users.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: f38e870a-24b4-47da-ab62-0f80ffcbccd6

📥 Commits

Reviewing files that changed from the base of the PR and between 7765808 and e5a66f0.

📒 Files selected for processing (1)

• server/providers/claude/status.js

---

📝 Walkthrough

Walkthrough

This PR enhances Claude provider authentication by adding support for the ANTHROPIC_AUTH_TOKEN environment variable as a high-priority credential source. The credential checking logic now recognizes this token alongside the existing ANTHROPIC_API_KEY environment variable and other authentication methods.

Changes

Cohort / File(s)	Summary
Claude Authentication Detection server/providers/claude/status.js	Added environment variable check for ANTHROPIC_AUTH_TOKEN to recognize it as a valid API-key-based authentication method, returning authenticated status when present and non-empty.

Possibly related PRs

• PR #527: Extends Claude authentication detection to recognize ANTHROPIC_AUTH_TOKEN from ~/.claude/settings.json configuration file, complementing this PR's environment variable approach.

Suggested reviewers

• blackmammoth
• viper151

Poem

🐰 A token hops into the fold,
Another path for auth to hold,
Claude now checks with broader sight,
One more way to get it right! 🔐

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: detecting Anthropic auth token from the process environment variable, which is the primary objective of the PR.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}