@rnbsolucoes/axion-code 0.1.86 → 0.1.87
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md
CHANGED
|
@@ -117,6 +117,16 @@ The relay exposes `GET /remote-control/sessions`, `POST /remote-control/pair`,
|
|
|
117
117
|
It is loopback-only, keeps provider/tool execution in the CLI and accepts mobile
|
|
118
118
|
intents only after SAS pairing.
|
|
119
119
|
|
|
120
|
+
Remote-control is bound to the authenticated Google email from Axion Desktop.
|
|
121
|
+
The CLI refuses to expose a remote URL without an active Desktop Google login.
|
|
122
|
+
Mobile discovery must send the same account email (`X-Axion-Auth-Email` or
|
|
123
|
+
`auth_email`) and pairing must include the same `auth_email`; mismatched emails
|
|
124
|
+
receive no session or are rejected. After a successful same-email pairing, the
|
|
125
|
+
host returns an `access_token` JWT signed with the derived pairing secret.
|
|
126
|
+
Mobile must use `Authorization: Bearer <access_token>` for the relay WebSocket
|
|
127
|
+
and attachment upload APIs. The token is never included in the public QR/status
|
|
128
|
+
payload.
|
|
129
|
+
|
|
120
130
|
Remote-control leases expire after `24h` by default. Override one run with
|
|
121
131
|
`/remote-control --ttl 2h` or `axion-code remote-control start --ttl 2h`. Set
|
|
122
132
|
the local default in the TUI with `/settings remote-control-ttl 24h`; use
|
|
Binary file
|
|
Binary file
|