npm - @sanctuary-framework/mcp-server - Versions diffs - 0.10.1 → 0.10.2 - Mend

@sanctuary-framework/mcp-server 0.10.1 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/index.cjs CHANGED Viewed

@@ -8703,6 +8703,24 @@ var DashboardApprovalChannel = class {
   rateLimits = /* @__PURE__ */ new Map();
   /** Whether the dashboard is running in standalone mode (no MCP server) */
   _standaloneMode = false;
+  /**
+   * v0.10.2: when set, requests from loopback addresses (127.0.0.1 / ::1)
+   * are treated as authenticated without requiring a Bearer token or
+   * dashboard session cookie. Only the `startStandaloneDashboard` boot
+   * path enables this, and ONLY after the supplied passphrase successfully
+   * decrypts at least one stored identity — proving the caller already
+   * holds the primary secret that protects every piece of Sanctuary state.
+   *
+   * Rationale: the dashboard auth token is a dashboard-access credential
+   * layered on top of the master-key unlock. Once the operator has already
+   * presented the passphrase on the command line (terminal-side auth), a
+   * second login prompt in the auto-opened browser just trains users to
+   * paste secrets into web forms — the exact habit Sanctuary exists to
+   * discourage. Remote (non-loopback) callers still require the bearer
+   * token, so this is a localhost-only ergonomics unlock, not a network
+   * policy change.
+   */
+  _autoAuthLocalhost = false;
   constructor(config) {
     this.config = config;
     this.authToken = config.auth_token;
@@ -8738,6 +8756,26 @@ var DashboardApprovalChannel = class {
   setStandaloneMode(standalone) {
     this._standaloneMode = standalone;
   }
+  /**
+   * v0.10.2: enable (or disable) the loopback auto-auth fast path. See
+   * {@link _autoAuthLocalhost} for the rationale and threat model. Callers
+   * should gate this on both (a) the dashboard host being a loopback
+   * interface and (b) the master-key unlock having succeeded against
+   * on-disk state.
+   */
+  setAutoAuthLocalhost(enabled) {
+    this._autoAuthLocalhost = enabled;
+  }
+  /**
+   * v0.10.2: is this request from a loopback interface? We treat the
+   * standard IPv4/IPv6 loopback addresses plus the IPv4-mapped IPv6 form
+   * as loopback so LAN clients never accidentally hit the unauthenticated
+   * fast path even on hosts where the HTTP server binds 0.0.0.0.
+   */
+  isLoopbackRequest(req) {
+    const addr = this.getRemoteAddr(req);
+    return addr === "127.0.0.1" || addr === "::1" || addr === "localhost";
+  }
   /**
    * Start the HTTP(S) server for the dashboard.
    */
@@ -8887,6 +8925,9 @@ var DashboardApprovalChannel = class {
    */
   checkAuth(req, url, res) {
     if (!this.authToken) return true;
+    if (this._autoAuthLocalhost && this.isLoopbackRequest(req)) {
+      return true;
+    }
     const authHeader = req.headers.authorization;
     if (authHeader) {
       const parts = authHeader.split(" ");
@@ -8912,6 +8953,9 @@ var DashboardApprovalChannel = class {
    */
   isAuthenticated(req, url) {
     if (!this.authToken) return true;
+    if (this._autoAuthLocalhost && this.isLoopbackRequest(req)) {
+      return true;
+    }
     const authHeader = req.headers.authorization;
     if (authHeader) {
       const parts = authHeader.split(" ");