npm - @eclaw/openclaw-channel - Versions diffs - 1.1.4 → 1.1.6 - Mend

@eclaw/openclaw-channel 1.1.4 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/client.d.ts CHANGED Viewed

@@ -11,7 +11,7 @@ export declare class EClawClient {
     private entityId;
     constructor(config: EClawAccountConfig);
     /** Register callback URL with E-Claw backend */
-    registerCallback(callbackUrl: string, callbackToken: string): Promise<RegisterResponse>;
+    registerCallback(callbackUrl: string, callbackToken: string, callbackUsername?: string, callbackPassword?: string): Promise<RegisterResponse>;
     /** Bind an entity via channel API (bypasses 6-digit code).
      *  If entityId is omitted, the backend auto-selects the first free slot.
      */

package/dist/client.js CHANGED Viewed

@@ -14,15 +14,21 @@ export class EClawClient {
         this.entityId = config.entityId; // undefined until assigned by bindEntity
     }
     /** Register callback URL with E-Claw backend */
-    async registerCallback(callbackUrl, callbackToken) {
+    async registerCallback(callbackUrl, callbackToken, callbackUsername, callbackPassword) {
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const body = {
+            channel_api_key: this.apiKey,
+            callback_url: callbackUrl,
+            callback_token: callbackToken,
+        };
+        if (callbackUsername && callbackPassword) {
+            body.callback_username = callbackUsername;
+            body.callback_password = callbackPassword;
+        }
         const res = await fetch(`${this.apiBase}/api/channel/register`, {
             method: 'POST',
             headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                channel_api_key: this.apiKey,
-                callback_url: callbackUrl,
-                callback_token: callbackToken,
-            }),
+            body: JSON.stringify(body),
         });
         const data = await res.json();
         if (!data.success) {

package/dist/gateway.js CHANGED Viewed

@@ -77,8 +77,12 @@ export async function startAccount(ctx) {
     registerWebhookToken(callbackToken, accountId, handler);
     console.log(`[E-Claw] Webhook registered at: ${callbackUrl}`);
     try {
+        // Detect WEB_PASSWORD / SETUP_PASSWORD for Railway Basic Auth
+        const webPassword = process.env.WEB_PASSWORD || process.env.SETUP_PASSWORD;
+        const callbackUsername = webPassword ? 'admin' : undefined;
+        const callbackPassword = webPassword || undefined;
         // Register callback with E-Claw backend
-        const regData = await client.registerCallback(callbackUrl, callbackToken);
+        const regData = await client.registerCallback(callbackUrl, callbackToken, callbackUsername, callbackPassword);
         console.log(`[E-Claw] Registered with E-Claw. Device: ${regData.deviceId}, Entities: ${regData.entities.length}`);
         // Bind entity via channel API.
         // /api/channel/bind is idempotent for the same channel account:

package/dist/webhook-registry.js CHANGED Viewed

@@ -21,13 +21,17 @@ export function unregisterWebhookToken(callbackToken) {
  */
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 export async function dispatchWebhook(req, res) {
+    // Support two auth modes:
+    // 1. Standard: Authorization: Bearer <token>
+    // 2. Basic Auth gateway (Railway WEB_PASSWORD): X-Callback-Token header
     const authHeader = req.headers?.authorization;
-    if (!authHeader?.startsWith('Bearer ')) {
+    const customToken = req.headers?.['x-callback-token'];
+    const token = authHeader?.startsWith('Bearer ') ? authHeader.slice(7) : customToken;
+    if (!token) {
         res.writeHead(401, { 'Content-Type': 'application/json' });
-        res.end(JSON.stringify({ error: 'Unauthorized' }));
+        res.end(JSON.stringify({ error: 'Auth required' }));
         return;
     }
-    const token = authHeader.slice(7);
     const entry = registry.get(token);
     if (!entry) {
         // Unknown token — likely a stale push after a server restart

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@eclaw/openclaw-channel",
-  "version": "1.1.4",
+  "version": "1.1.6",
   "description": "E-Claw channel plugin for OpenClaw — AI chat platform for live wallpaper entities",
   "type": "module",
   "main": "./dist/index.js",