Hugging Face's logo

Spaces:
devratharaisaar
/
HuggingClaw
Runtime error

App Files Community
tao-shen Claude Opus 4.6 commited on
Commit
ac5bf04
·
1 Parent(s): 760b46b

feat: switch auth from password to token for browser persistence

Browse files

Token auth is persisted in the browser's localStorage by OpenClaw's
Control UI, so users only need to enter it once. Password auth
required re-entry on every page refresh.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Files changed (2) hide show
  1. openclaw.json +1 -1
  2. scripts/sync_hf.py +7 -7
openclaw.json CHANGED
@@ -3,7 +3,7 @@
3
  "mode": "local",
4
  "bind": "lan",
5
  "port": 7860,
6
- "auth": { "password": "__OPENCLAW_PASSWORD__" },
7
  "trustedProxies": [
8
  "0.0.0.0/0"
9
  ],
 
3
  "mode": "local",
4
  "bind": "lan",
5
  "port": 7860,
6
+ "auth": { "token": "__OPENCLAW_PASSWORD__" },
7
  "trustedProxies": [
8
  "0.0.0.0/0"
9
  ],
scripts/sync_hf.py CHANGED
@@ -290,10 +290,10 @@ class OpenClawFullSync:
290
  try:
291
  with open(config_path, "r") as f:
292
  cfg = json.load(f)
293
- # Replace password placeholder
294
  if "gateway" in cfg and "auth" in cfg["gateway"]:
295
- if cfg["gateway"]["auth"].get("password") == "__OPENCLAW_PASSWORD__":
296
- cfg["gateway"]["auth"]["password"] = OPENCLAW_PASSWORD
297
  if OPENAI_API_KEY and "models" in cfg and "providers" in cfg["models"] and "openai" in cfg["models"]["providers"]:
298
  cfg["models"]["providers"]["openai"]["apiKey"] = OPENAI_API_KEY
299
  if OPENAI_BASE_URL:
@@ -364,10 +364,10 @@ class OpenClawFullSync:
364
  data["plugins"]["locations"] = [l for l in locs if l != "/dev/null"]
365
 
366
  # Force full gateway config for HF Spaces
367
- # Password auth: user must enter password in Control UI settings
368
  if not OPENCLAW_PASSWORD:
369
- print("[SYNC] WARNING: OPENCLAW_PASSWORD not set! Gateway will auto-generate a random token.")
370
- auth = {"password": OPENCLAW_PASSWORD} if OPENCLAW_PASSWORD else {}
371
  # Dynamic allowedOrigins from SPACE_HOST (auto-set by HF runtime)
372
  allowed_origins = [
373
  "https://huggingface.co",
@@ -388,7 +388,7 @@ class OpenClawFullSync:
388
  "allowedOrigins": allowed_origins
389
  }
390
  }
391
- print(f"[SYNC] Set gateway config (auth={'password' if OPENCLAW_PASSWORD else 'auto-generated'}, origins={len(allowed_origins)})")
392
 
393
  # Ensure agents defaults
394
  data.setdefault("agents", {}).setdefault("defaults", {}).setdefault("model", {})
 
290
  try:
291
  with open(config_path, "r") as f:
292
  cfg = json.load(f)
293
+ # Replace token placeholder
294
  if "gateway" in cfg and "auth" in cfg["gateway"]:
295
+ if cfg["gateway"]["auth"].get("token") == "__OPENCLAW_PASSWORD__":
296
+ cfg["gateway"]["auth"]["token"] = OPENCLAW_PASSWORD
297
  if OPENAI_API_KEY and "models" in cfg and "providers" in cfg["models"] and "openai" in cfg["models"]["providers"]:
298
  cfg["models"]["providers"]["openai"]["apiKey"] = OPENAI_API_KEY
299
  if OPENAI_BASE_URL:
 
364
  data["plugins"]["locations"] = [l for l in locs if l != "/dev/null"]
365
 
366
  # Force full gateway config for HF Spaces
367
+ # Token auth: persisted in browser localStorage after first entry
368
  if not OPENCLAW_PASSWORD:
369
+ print("[SYNC] WARNING: OPENCLAW_PASSWORD not set! Gateway will have no auth.")
370
+ auth = {"token": OPENCLAW_PASSWORD} if OPENCLAW_PASSWORD else {}
371
  # Dynamic allowedOrigins from SPACE_HOST (auto-set by HF runtime)
372
  allowed_origins = [
373
  "https://huggingface.co",
 
388
  "allowedOrigins": allowed_origins
389
  }
390
  }
391
+ print(f"[SYNC] Set gateway config (auth={'token' if OPENCLAW_PASSWORD else 'none'}, origins={len(allowed_origins)})")
392
 
393
  # Ensure agents defaults
394
  data.setdefault("agents", {}).setdefault("defaults", {}).setdefault("model", {})