@syengup/friday-channel-next 0.1.4 → 0.1.6

package/dist/src/http/handlers/device-approve.js

@@ -45,6 +45,20 @@ export async function handleDeviceApprove(req, res) {
     }
     const match = pairing.pending.find((entry) => entry.deviceId.trim().toUpperCase() === normalizedDeviceId);
     if (!match) {
+        // Gateway may have already auto-approved the device (e.g. mode="local").
+        // Check the paired list before returning 404.
+        const pairedDevice = (pairing.paired ?? []).find((entry) => entry.deviceId.trim().toUpperCase() === normalizedDeviceId);
+        if (pairedDevice) {
+            res.statusCode = 200;
+            res.setHeader("Content-Type", "application/json");
+            res.end(JSON.stringify({
+                ok: true,
+                deviceId: normalizedDeviceId,
+                alreadyApproved: true,
+                approvedAtMs: pairedDevice.approvedAtMs,
+            }));
+            return true;
+        }
         res.statusCode = 404;
         res.setHeader("Content-Type", "application/json");
         res.end(JSON.stringify({

package/dist/src/http/middleware/cors.js

@@ -7,5 +7,5 @@ export function applyCorsHeaders(res) {
         return;
     res.setHeader("Access-Control-Allow-Origin", cfg.corsAllowOrigin || "*");
     res.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Last-Event-ID");
-    res.setHeader("Access-Control-Allow-Methods", "GET,POST,DELETE,OPTIONS");
+    res.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS");
 }

package/dist/src/http/server.js

@@ -11,7 +11,6 @@ import { handleFilesDownload } from "./handlers/files-download.js";
 import { handleCancel } from "./handlers/cancel.js";
 import { handleDeviceApprove } from "./handlers/device-approve.js";
 import { handleNodesApprove } from "./handlers/nodes-approve.js";
-import { handleSessionsDelete } from "./handlers/sessions-delete.js";
 import { handleSessionsSettings } from "./handlers/sessions-settings.js";
 import { handleModelsList } from "./handlers/models-list.js";
 import { handleStatus } from "./handlers/status.js";
@@ -56,9 +55,6 @@ async function handleFridayNextRoute(req, res) {
     if (req.method === "POST" && pathname === "/friday-next/nodes-approve") {
         return await handleNodesApprove(req, res);
     }
-    if (req.method === "DELETE" && pathname === "/friday-next/sessions") {
-        return await handleSessionsDelete(req, res);
-    }
     if ((req.method === "PUT" || req.method === "GET") && pathname === "/friday-next/sessions/settings") {
         return await handleSessionsSettings(req, res);
     }

package/dist/src/session/session-manager.d.ts

@@ -4,13 +4,6 @@ export declare function splitModelRef(modelRef: string): {
 };
 export declare function toSessionStoreKey(rawSessionKey: string): string;
 export declare function ensureSessionLevels(sessionKey: string, reasoningLevel: string, thinkingLevel: string, historyDir?: string): void;
-export declare function resolveSessionsDir(historyDir?: string): string;
-export interface DeleteSessionResult {
-    sessionKey: string;
-    sessionId?: string;
-    transcriptDeleted?: boolean;
-}
-export declare function deleteFridaySession(sessionKey: string, historyDir?: string): DeleteSessionResult;
 export interface FridaySessionSettings {
     reasoningLevel?: string;
     thinkingLevel?: string;

package/dist/src/session/session-manager.js

@@ -1,6 +1,6 @@
 import { join } from "node:path";
 import os from "node:os";
-import { readFileSync, writeFileSync, unlinkSync } from "node:fs";
+import { readFileSync, writeFileSync } from "node:fs";
 const FRIDAY_AGENT_ID = "main";
 const SESSION_ID_RE = /^[a-z0-9][a-z0-9._-]{0,127}$/i;
 function deriveOpenClawBaseDir(historyDir) {
@@ -96,43 +96,6 @@ function upsertSessionEntry(data, fileKey, sessionKey) {
 export function ensureSessionLevels(sessionKey, reasoningLevel, thinkingLevel, historyDir) {
     setSessionSettings(sessionKey, { reasoningLevel, thinkingLevel }, historyDir);
 }
-export function resolveSessionsDir(historyDir) {
-    const base = deriveOpenClawBaseDir(historyDir);
-    return join(base, "agents/main/sessions");
-}
-export function deleteFridaySession(sessionKey, historyDir) {
-    const result = { sessionKey };
-    const sessionsFile = resolveSessionsFilePath(historyDir);
-    const data = readSessionsData(sessionsFile);
-    if (!data)
-        return result;
-    const fileKey = toSessionStoreKey(sessionKey);
-    const entry = data[fileKey];
-    if (!entry)
-        return result;
-    const sessionId = typeof entry["sessionId"] === "string" ? entry["sessionId"] : undefined;
-    const sessionFilePath = typeof entry["sessionFile"] === "string" ? entry["sessionFile"] : undefined;
-    result.sessionId = sessionId;
-    if (sessionFilePath) {
-        try {
-            unlinkSync(sessionFilePath);
-            result.transcriptDeleted = true;
-        }
-        catch { /* gone already */ }
-    }
-    if (sessionId) {
-        const dir = resolveSessionsDir(historyDir);
-        for (const suffix of [".trajectory.jsonl", ".trajectory-path.json"]) {
-            try {
-                unlinkSync(join(dir, `${sessionId}${suffix}`));
-            }
-            catch { /* optional */ }
-        }
-    }
-    delete data[fileKey];
-    writeSessionsData(sessionsFile, data);
-    return result;
-}
 export function setSessionSettings(sessionKey, settings, historyDir) {
     try {
         const sessionsFile = resolveSessionsFilePath(historyDir);

package/install.js

@@ -96,7 +96,7 @@ let installed = false;
 
 try {
   const out = execSync(
-    `${openclawCmd} plugins install @syengup/friday-channel-next@latest`,
+    `${openclawCmd} plugins install @syengup/friday-channel-next@latest --force`,
     { encoding: "utf8", stdio: "pipe", timeout: 120000 }
   );
   if (out.trim()) console.log(out.trim());
@@ -124,7 +124,7 @@ if (!installed) {
     process.exit(1);
   }
   warn("Manual install complete, but auto-upgrade is NOT available.");
-  warn("To enable auto-upgrade later, run: openclaw plugins install @syengup/friday-channel-next");
+  warn("To enable auto-upgrade later, run: openclaw plugins install @syengup/friday-channel-next --force");
   // Clean up legacy dir even in fallback to avoid duplicate warnings
   if (existsSync(join(USER_HOME, ".openclaw", "extensions", "friday-channel-next"))) {
     warn("Legacy install detected. Remove it to avoid duplicate warnings:");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@syengup/friday-channel-next",
-  "version": "0.1.4",
+  "version": "0.1.6",
   "description": "OpenClaw Friday Next Apple channel plugin",
   "license": "MIT",
   "type": "module",

package/src/e2e/auto-approve.integration.test.ts

@@ -0,0 +1,415 @@
+/**
+ * E2E test: 模拟 iOS 两步自动批准流程 (device-approve → nodes-approve)
+ *
+ * iOS 端 connect 成功后会调用 performPostConnectHealthCheckIfNeeded()：
+ *   1. GET /friday-next/health?deviceId=...&nodeDeviceId=... (selfHeal 默认 true)
+ *   2. 如果 devicePairing.status == "pending" → POST /friday-next/device-approve
+ *   3. 如果 nodePairing.status == "pending" → POST /friday-next/nodes-approve
+ */
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+import { createAppSimulator } from "../test-support/app-simulator.js";
+import { createTempHistoryDir, removeTempHistoryDir, setMockRuntime } from "../test-support/mock-runtime.js";
+import { __setMockNodePairingForTests } from "../agent/node-pairing-bridge.js";
+
+const FAKE_DEVICE_ID = "a80b8c4b305fb02c5772c409c6dfcbacde691b61557f7779511ad1a5be8fdf06";
+const DEVICE_REQUEST_ID = "12f150e8-b1bc-4688-be23-e3a7fa8b9e51";
+const NODE_REQUEST_ID = "a1b2c3d4-e5f6-7890-abcd-ef1234567890";
+
+const { mockListDevices, mockApproveDevice } = vi.hoisted(() => ({
+  mockListDevices: vi.fn(),
+  mockApproveDevice: vi.fn(),
+}));
+
+vi.mock("openclaw/plugin-sdk/device-bootstrap", () => ({
+  listDevicePairing: mockListDevices,
+  approveDevicePairing: mockApproveDevice,
+}));
+
+describe("e2e two-step auto-approval", () => {
+  let historyDir = "";
+
+  beforeEach(() => {
+    historyDir = createTempHistoryDir();
+    setMockRuntime({ historyDir, authToken: "test-token" });
+    vi.clearAllMocks();
+    // 默认：设备和节点都不在 pending/paired 中
+    mockListDevices.mockResolvedValue({ pending: [], paired: [] });
+    mockApproveDevice.mockResolvedValue({ status: "approved", requestId: DEVICE_REQUEST_ID });
+  });
+
+  afterEach(() => {
+    removeTempHistoryDir(historyDir);
+  });
+
+  // ── Step 1: Device Approve ───────────────────────────────────────
+
+  it("Step 1: POST /friday-next/device-approve 成功批准设备", async () => {
+    mockListDevices.mockResolvedValueOnce({
+      pending: [{ requestId: DEVICE_REQUEST_ID, deviceId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    mockApproveDevice.mockResolvedValueOnce({
+      status: "approved",
+      requestId: DEVICE_REQUEST_ID,
+      device: { deviceId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 },
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/device-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceId: FAKE_DEVICE_ID }),
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.ok).toBe(true);
+    expect(body.deviceId).toBe(FAKE_DEVICE_ID.toUpperCase());
+    expect(body.requestId).toBe(DEVICE_REQUEST_ID);
+    expect(mockApproveDevice).toHaveBeenCalledWith(DEVICE_REQUEST_ID);
+  });
+
+  it("Step 1: device 已在 paired 列表中时返回 alreadyApproved", async () => {
+    mockListDevices.mockResolvedValueOnce({
+      pending: [],
+      paired: [{ deviceId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 }],
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/device-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceId: FAKE_DEVICE_ID }),
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.ok).toBe(true);
+    expect(body.alreadyApproved).toBe(true);
+    expect(mockApproveDevice).not.toHaveBeenCalled();
+  });
+
+  it("Step 1: device 不在 pending/paired 中时返回 404", async () => {
+    mockListDevices.mockResolvedValueOnce({ pending: [], paired: [] });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/device-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceId: FAKE_DEVICE_ID }),
+    });
+
+    expect(res.status).toBe(404);
+    const body = JSON.parse(res.body);
+    expect(body.error).toContain("No pending device found");
+    expect(body.deviceId).toBe(FAKE_DEVICE_ID.toUpperCase());
+  });
+
+  // ── Step 2: Node Approve ─────────────────────────────────────────
+
+  it("Step 2: POST /friday-next/nodes-approve 成功批准节点", async () => {
+    const mockListNodePairing = vi.fn().mockResolvedValueOnce({
+      pending: [{ requestId: NODE_REQUEST_ID, nodeId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    const mockApproveNodePairing = vi.fn().mockResolvedValueOnce({
+      requestId: NODE_REQUEST_ID,
+      node: { nodeId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 },
+    });
+
+    __setMockNodePairingForTests({
+      listNodePairing: mockListNodePairing,
+      approveNodePairing: mockApproveNodePairing,
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/nodes-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nodeId: FAKE_DEVICE_ID }),
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.ok).toBe(true);
+    expect(body.nodeId).toBe(FAKE_DEVICE_ID.toUpperCase());
+    expect(body.requestId).toBe(NODE_REQUEST_ID);
+    expect(mockApproveNodePairing).toHaveBeenCalledWith(NODE_REQUEST_ID, {
+      callerScopes: ["operator.admin", "operator.pairing", "operator.read", "operator.write"],
+    });
+  });
+
+  it("Step 2: node 已在 paired 中且有 caps 时返回 alreadyApproved", async () => {
+    const mockListNodePairing = vi.fn().mockResolvedValueOnce({
+      pending: [],
+      paired: [{
+        nodeId: FAKE_DEVICE_ID,
+        approvedAtMs: 1700000000000,
+        caps: ["location", "canvas"],
+        commands: ["canvas.present"],
+      }],
+    });
+    const mockApproveNodePairing = vi.fn();
+
+    __setMockNodePairingForTests({
+      listNodePairing: mockListNodePairing,
+      approveNodePairing: mockApproveNodePairing,
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/nodes-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nodeId: FAKE_DEVICE_ID }),
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.ok).toBe(true);
+    expect(body.alreadyApproved).toBe(true);
+    expect(body.caps).toEqual(["location", "canvas"]);
+    expect(mockApproveNodePairing).not.toHaveBeenCalled();
+  });
+
+  it("Step 2: node 不在 pending/paired 中时返回 404", async () => {
+    const mockListNodePairing = vi.fn().mockResolvedValueOnce({
+      pending: [],
+      paired: [],
+    });
+    const mockApproveNodePairing = vi.fn();
+
+    __setMockNodePairingForTests({
+      listNodePairing: mockListNodePairing,
+      approveNodePairing: mockApproveNodePairing,
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/nodes-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nodeId: FAKE_DEVICE_ID }),
+    });
+
+    expect(res.status).toBe(404);
+    const body = JSON.parse(res.body);
+    expect(body.error).toContain("No pending node found");
+  });
+
+  // ── Combined: full iOS flow simulation ───────────────────────────
+
+  it("完整两步流程: device-approve → nodes-approve 串行成功", async () => {
+    // Step 1 mock: 设备在 pending 中
+    mockListDevices.mockResolvedValueOnce({
+      pending: [{ requestId: DEVICE_REQUEST_ID, deviceId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    mockApproveDevice.mockResolvedValueOnce({
+      status: "approved",
+      requestId: DEVICE_REQUEST_ID,
+      device: { deviceId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 },
+    });
+
+    // Step 2 mock: 节点在 pending 中
+    const mockListNodePairing = vi.fn().mockResolvedValueOnce({
+      pending: [{ requestId: NODE_REQUEST_ID, nodeId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    const mockApproveNodePairing = vi.fn().mockResolvedValueOnce({
+      requestId: NODE_REQUEST_ID,
+      node: { nodeId: FAKE_DEVICE_ID, approvedAtMs: 1700000000001 },
+    });
+    __setMockNodePairingForTests({
+      listNodePairing: mockListNodePairing,
+      approveNodePairing: mockApproveNodePairing,
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+
+    // Step 1: 批准设备
+    const step1 = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/device-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceId: FAKE_DEVICE_ID }),
+    });
+    expect(step1.status).toBe(200);
+    expect(JSON.parse(step1.body).ok).toBe(true);
+    expect(mockApproveDevice).toHaveBeenCalledTimes(1);
+
+    // Step 2: 批准节点
+    const step2 = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/nodes-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ nodeId: FAKE_DEVICE_ID }),
+    });
+    expect(step2.status).toBe(200);
+    expect(JSON.parse(step2.body).ok).toBe(true);
+    expect(mockApproveNodePairing).toHaveBeenCalledTimes(1);
+  });
+
+  // ── Auth tests ───────────────────────────────────────────────────
+
+  it("device-approve: 正确 token 正常批准", async () => {
+    mockListDevices.mockResolvedValueOnce({
+      pending: [{ requestId: DEVICE_REQUEST_ID, deviceId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    mockApproveDevice.mockResolvedValueOnce({
+      status: "approved",
+      requestId: DEVICE_REQUEST_ID,
+      device: { deviceId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 },
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/device-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceId: FAKE_DEVICE_ID }),
+    });
+    expect(res.status).toBe(200);
+    expect(JSON.parse(res.body).ok).toBe(true);
+  });
+
+  it("device-approve: 错误 token 返回 401", async () => {
+    const app = createAppSimulator({ token: "wrong-token" });
+    const res = await app.rawRequest({
+      method: "POST",
+      path: "/friday-next/device-approve",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({ deviceId: FAKE_DEVICE_ID }),
+    });
+    expect(res.status).toBe(401);
+  });
+
+  // ── Health endpoint with selfHeal ────────────────────────────────
+
+  it("GET /friday-next/health?selfHeal=true 自动批准 pending device", async () => {
+    mockListDevices.mockResolvedValueOnce({
+      pending: [{ requestId: DEVICE_REQUEST_ID, deviceId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    mockApproveDevice.mockResolvedValueOnce({
+      status: "approved",
+      requestId: DEVICE_REQUEST_ID,
+      device: { deviceId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 },
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "GET",
+      path: `/friday-next/health?deviceId=${FAKE_DEVICE_ID}&selfHeal=true`,
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.ok).toBe(true);
+    expect(body.devicePairing.status).toBe("ok");
+    expect(body.devicePairing.detail).toContain("auto-approved");
+    expect(body.repairActions).toHaveLength(1);
+    expect(body.repairActions[0].component).toBe("devicePairing");
+    expect(body.repairActions[0].result).toBe("ok");
+    expect(mockApproveDevice).toHaveBeenCalledWith(DEVICE_REQUEST_ID);
+  });
+
+  it("GET /friday-next/health 不带 selfHeal 时不自动批准 (只返回 pending)", async () => {
+    mockListDevices.mockResolvedValueOnce({
+      pending: [{ requestId: DEVICE_REQUEST_ID, deviceId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "GET",
+      path: `/friday-next/health?deviceId=${FAKE_DEVICE_ID}`,
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.devicePairing.status).toBe("pending");
+    expect(body.devicePairing.detail).toContain("pending approval");
+    expect(mockApproveDevice).not.toHaveBeenCalled();
+    // ok 仍为 true，因为 pending 也视为 ok
+    expect(body.ok).toBe(true);
+  });
+
+  it("GET /friday-next/health?selfHeal=true 自动批准 pending node", async () => {
+    mockListDevices.mockResolvedValue({ pending: [], paired: [] }); // device 不相关
+
+    const mockListNodePairing = vi.fn().mockResolvedValueOnce({
+      pending: [{ requestId: NODE_REQUEST_ID, nodeId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    const mockApproveNodePairing = vi.fn().mockResolvedValueOnce({
+      requestId: NODE_REQUEST_ID,
+      node: { nodeId: FAKE_DEVICE_ID },
+    });
+    __setMockNodePairingForTests({
+      listNodePairing: mockListNodePairing,
+      approveNodePairing: mockApproveNodePairing,
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "GET",
+      path: `/friday-next/health?nodeDeviceId=${FAKE_DEVICE_ID}&selfHeal=true`,
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.nodePairing.status).toBe("ok");
+    expect(body.nodePairing.detail).toContain("auto-approved");
+    expect(body.repairActions).toHaveLength(1);
+    expect(body.repairActions[0].component).toBe("nodePairing");
+    expect(body.repairActions[0].result).toBe("ok");
+  });
+
+  it("GET /friday-next/health?selfHeal=true 同时自动批准 device 和 node", async () => {
+    // Device is pending
+    mockListDevices.mockResolvedValueOnce({
+      pending: [{ requestId: DEVICE_REQUEST_ID, deviceId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    mockApproveDevice.mockResolvedValueOnce({
+      status: "approved",
+      requestId: DEVICE_REQUEST_ID,
+      device: { deviceId: FAKE_DEVICE_ID, approvedAtMs: 1700000000000 },
+    });
+
+    // Node is pending
+    const mockListNodePairing = vi.fn().mockResolvedValueOnce({
+      pending: [{ requestId: NODE_REQUEST_ID, nodeId: FAKE_DEVICE_ID }],
+      paired: [],
+    });
+    const mockApproveNodePairing = vi.fn().mockResolvedValueOnce({
+      requestId: NODE_REQUEST_ID,
+      node: { nodeId: FAKE_DEVICE_ID },
+    });
+    __setMockNodePairingForTests({
+      listNodePairing: mockListNodePairing,
+      approveNodePairing: mockApproveNodePairing,
+    });
+
+    const app = createAppSimulator({ token: "test-token" });
+    const res = await app.rawRequest({
+      method: "GET",
+      path: `/friday-next/health?deviceId=${FAKE_DEVICE_ID}&nodeDeviceId=${FAKE_DEVICE_ID}&selfHeal=true`,
+    });
+
+    expect(res.status).toBe(200);
+    const body = JSON.parse(res.body);
+    expect(body.ok).toBe(true);
+    expect(body.devicePairing.status).toBe("ok");
+    expect(body.nodePairing.status).toBe("ok");
+    expect(body.repairActions).toHaveLength(2);
+    expect(body.repairActions[0].component).toBe("devicePairing");
+    expect(body.repairActions[1].component).toBe("nodePairing");
+  });
+});

package/src/http/handlers/device-approve.ts

@@ -59,6 +59,23 @@ export async function handleDeviceApprove(
   );
 
   if (!match) {
+    // Gateway may have already auto-approved the device (e.g. mode="local").
+    // Check the paired list before returning 404.
+    const pairedDevice = (pairing.paired ?? []).find(
+      (entry) => entry.deviceId.trim().toUpperCase() === normalizedDeviceId,
+    );
+    if (pairedDevice) {
+      res.statusCode = 200;
+      res.setHeader("Content-Type", "application/json");
+      res.end(JSON.stringify({
+        ok: true,
+        deviceId: normalizedDeviceId,
+        alreadyApproved: true,
+        approvedAtMs: (pairedDevice as any).approvedAtMs,
+      }));
+      return true;
+    }
+
     res.statusCode = 404;
     res.setHeader("Content-Type", "application/json");
     res.end(JSON.stringify({

package/src/http/middleware/cors.ts

@@ -8,5 +8,5 @@ export function applyCorsHeaders(res: ServerResponse): void {
   if (!cfg.corsEnabled) return;
   res.setHeader("Access-Control-Allow-Origin", cfg.corsAllowOrigin || "*");
   res.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Last-Event-ID");
-  res.setHeader("Access-Control-Allow-Methods", "GET,POST,DELETE,OPTIONS");
+  res.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS");
 }

package/src/http/server.ts

@@ -13,7 +13,6 @@ import { handleFilesDownload } from "./handlers/files-download.js";
 import { handleCancel } from "./handlers/cancel.js";
 import { handleDeviceApprove } from "./handlers/device-approve.js";
 import { handleNodesApprove } from "./handlers/nodes-approve.js";
-import { handleSessionsDelete } from "./handlers/sessions-delete.js";
 import { handleSessionsSettings } from "./handlers/sessions-settings.js";
 import { handleModelsList } from "./handlers/models-list.js";
 import { handleStatus } from "./handlers/status.js";
@@ -70,10 +69,6 @@ async function handleFridayNextRoute(
     return await handleNodesApprove(req, res);
   }
 
-  if (req.method === "DELETE" && pathname === "/friday-next/sessions") {
-    return await handleSessionsDelete(req, res);
-  }
-
   if ((req.method === "PUT" || req.method === "GET") && pathname === "/friday-next/sessions/settings") {
     return await handleSessionsSettings(req, res);
   }

package/src/session/session-manager.ts

@@ -1,6 +1,6 @@
 import { join } from "node:path";
 import os from "node:os";
-import { readFileSync, writeFileSync, unlinkSync } from "node:fs";
+import { readFileSync, writeFileSync } from "node:fs";
 
 const FRIDAY_AGENT_ID = "main";
 const SESSION_ID_RE = /^[a-z0-9][a-z0-9._-]{0,127}$/i;
@@ -111,50 +111,6 @@ export function ensureSessionLevels(
   setSessionSettings(sessionKey, { reasoningLevel, thinkingLevel }, historyDir);
 }
 
-export function resolveSessionsDir(historyDir?: string): string {
-  const base = deriveOpenClawBaseDir(historyDir);
-  return join(base, "agents/main/sessions");
-}
-
-export interface DeleteSessionResult {
-  sessionKey: string;
-  sessionId?: string;
-  transcriptDeleted?: boolean;
-}
-
-export function deleteFridaySession(
-  sessionKey: string,
-  historyDir?: string,
-): DeleteSessionResult {
-  const result: DeleteSessionResult = { sessionKey };
-  const sessionsFile = resolveSessionsFilePath(historyDir);
-  const data = readSessionsData(sessionsFile);
-  if (!data) return result;
-
-  const fileKey = toSessionStoreKey(sessionKey);
-  const entry = data[fileKey];
-  if (!entry) return result;
-
-  const sessionId = typeof entry["sessionId"] === "string" ? entry["sessionId"] : undefined;
-  const sessionFilePath = typeof entry["sessionFile"] === "string" ? entry["sessionFile"] : undefined;
-  result.sessionId = sessionId;
-
-  if (sessionFilePath) {
-    try { unlinkSync(sessionFilePath); result.transcriptDeleted = true; } catch { /* gone already */ }
-  }
-
-  if (sessionId) {
-    const dir = resolveSessionsDir(historyDir);
-    for (const suffix of [".trajectory.jsonl", ".trajectory-path.json"]) {
-      try { unlinkSync(join(dir, `${sessionId}${suffix}`)); } catch { /* optional */ }
-    }
-  }
-
-  delete data[fileKey];
-  writeSessionsData(sessionsFile, data);
-  return result;
-}
-
 export interface FridaySessionSettings {
   reasoningLevel?: string;
   thinkingLevel?: string;

package/src/http/handlers/sessions-delete.ts

@@ -1,59 +0,0 @@
-import type { IncomingMessage, ServerResponse } from "node:http";
-import { deleteFridaySession, toSessionStoreKey } from "../../session/session-manager.js";
-import { getActiveRunIds } from "../../agent/active-runs.js";
-import { abortRun } from "../../agent/abort-run.js";
-import { getRunRoute } from "../../run-metadata.js";
-import { sseEmitter } from "../../sse/emitter.js";
-import { readJsonBody } from "../middleware/body.js";
-import { extractBearerToken } from "../middleware/auth.js";
-
-async function cancelActiveRunsForSession(sessionKey: string): Promise<string[]> {
-  const storeKey = toSessionStoreKey(sessionKey);
-  const cancelled: string[] = [];
-  for (const runId of getActiveRunIds()) {
-    const route = getRunRoute(runId);
-    if (route?.sessionKey === storeKey) {
-      await abortRun(runId);
-      sseEmitter.untrackRun(runId);
-      cancelled.push(runId);
-    }
-  }
-  return cancelled;
-}
-
-export async function handleSessionsDelete(
-  req: IncomingMessage,
-  res: ServerResponse,
-): Promise<boolean> {
-  if (req.method !== "DELETE") {
-    res.statusCode = 405;
-    res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({ error: "Method Not Allowed" }));
-    return true;
-  }
-
-  const token = extractBearerToken(req);
-  if (!token) {
-    res.statusCode = 401;
-    res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({ error: "Unauthorized: bearer token mismatch" }));
-    return true;
-  }
-
-  const body = await readJsonBody(req);
-  const sessionKey = typeof body?.sessionKey === "string" ? body.sessionKey.trim() : "";
-  if (!sessionKey) {
-    res.statusCode = 400;
-    res.setHeader("Content-Type", "application/json");
-    res.end(JSON.stringify({ error: "Missing required field: sessionKey" }));
-    return true;
-  }
-
-  const cancelledRuns = await cancelActiveRunsForSession(sessionKey);
-  const result = deleteFridaySession(sessionKey);
-
-  res.statusCode = 200;
-  res.setHeader("Content-Type", "application/json");
-  res.end(JSON.stringify({ ok: true, ...result, cancelledRuns }));
-  return true;
-}