let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: honor gateway env token for doctor/security

Browse Source 
Co-authored-by: azade-c <azade-c@users.noreply.github.com>
This commit is contained in:
Peter Steinberger
2026-01-23 03:13:44 +00:00
parent f1deffa681
commit ec2c69c230
6 changed files with 77 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/commands/doctor.ts
View File

@@ -13,6 +13,7 @@ import { formatCliCommand } from "../cli/command-format.js";
import type { ClawdbotConfig } from "../config/config.js";
import { CONFIG_PATH_CLAWDBOT, readConfigFileSnapshot, writeConfigFile } from "../config/config.js";
import { resolveGatewayService } from "../daemon/service.js";
import { resolveGatewayAuth } from "../gateway/auth.js";
import { buildGatewayConnectionDetails } from "../gateway/call.js";
import { resolveClawdbotPackageRoot } from "../infra/clawdbot-root.js";
import type { RuntimeEnv } from "../runtime.js";
@@ -111,10 +112,11 @@ export async function doctorCommand(
note(gatewayDetails.remoteFallbackNote, "Gateway");
}
if (resolveMode(cfg) === "local") {
const authMode = cfg.gateway?.auth?.mode;
const token =
typeof cfg.gateway?.auth?.token === "string" ? cfg.gateway?.auth?.token.trim() : "";
const needsToken = authMode !== "password" && (authMode !== "token" || !token);
const auth = resolveGatewayAuth({
authConfig: cfg.gateway?.auth,
tailscaleMode: cfg.gateway?.tailscale?.mode ?? "off",
});
const needsToken = auth.mode !== "password" && (auth.mode !== "token" || !auth.token);
if (needsToken) {
note(
"Gateway auth is off or missing a token. Token auth is now the recommended default (including loopback).",