codexpanel 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +4 -4
  2. package/README.zh.md +2 -2
  3. package/bin/codexpanel.cjs +1 -1
  4. package/docs/desktop-npx-install-flow.md +1 -1
  5. package/package.json +1 -1
package/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # codexpanel
2
2
 
3
- [中文版本](README.zh.md)
3
+ [涓枃鐗堟湰](README.zh.md)
4
4
 
5
5
  codexpanel is a mobile control plane for managing local Codex work from a phone. It provides a Next.js web console, relay service, desktop agent, PostgreSQL-backed durable storage, shared protocol package, and reusable UI package in one monorepo.
6
6
 
@@ -59,7 +59,7 @@ Web/admin login uses a session cookie. Configure at least one of these before ex
59
59
  ```env
60
60
  CODEXPANEL_ADMIN_USERNAME=admin
61
61
  CODEXPANEL_ADMIN_USER_ID=admin
62
- CODEXPANEL_ADMIN_PASSWORD=ChangeRoot9361A
62
+ CODEXPANEL_ADMIN_PASSWORD=Admin778899
63
63
  CODEXPANEL_SESSION_SECRET=long_random_secret
64
64
  CODEXPANEL_LOGIN_MAX_ATTEMPTS=8
65
65
  CODEXPANEL_LOGIN_IP_MAX_ATTEMPTS=24
@@ -79,7 +79,7 @@ CODEXPANEL_REGISTRATION_ENABLED=false
79
79
 
80
80
  Desktop setup uses browser login binding or a one-time terminal token. `CODEXPANEL_ADMIN_*` only bootstraps the first admin; additional users must be created through registration or admin operations.
81
81
 
82
- `CODEXPANEL_REGISTRATION_ENABLED=true` opens self-service web registration. If the variable is omitted, development defaults to open and production defaults to closed; production onboarding must opt in explicitly. New users are stored in the existing relay users table with PBKDF2 password hashes and receive `CODEXPANEL_REGISTRATION_DEFAULT_ROLE` (`operator` or `viewer`, default `operator`).
82
+ `CODEXPANEL_REGISTRATION_ENABLED=true` opens self-service web registration. If the variable is omitted, development defaults to open and production defaults to closed; production onboarding must opt in explicitly. New users are stored in the existing relay users table with PBKDF2 password hashes. Permissions are assigned through IAM permission groups, not account roles.
83
83
 
84
84
  Desktop setup start requests are also rate-limited by source IP and capped by pending flow count. Tune `CODEXPANEL_DESKTOP_SETUP_*` only if installer traffic legitimately exceeds the defaults.
85
85
 
@@ -87,7 +87,7 @@ Desktop setup start requests are also rate-limited by source IP and capped by pe
87
87
 
88
88
  Use `/admin/` with an admin session for first-batch testing:
89
89
 
90
- - Enable/disable users, change roles, and reset passwords. These actions invalidate existing local-user sessions.
90
+ - Enable/disable users, assign permission groups, and reset passwords. These actions invalidate existing local-user sessions.
91
91
  - Recharge, gift, or deduct balance through the wallet adjustment action. Every change requires an idempotency key and is recorded in the user wallet ledger; do not edit `balance` directly.
92
92
  - Grant, renew, or revoke monthly cards. Device quota is derived server-side from the user entitlement.
93
93
  - Bind devices to users or disable devices from the admin device table. Ordinary users cannot operate another user's device, and disabled devices are blocked for non-admin operation.
package/README.zh.md CHANGED
@@ -59,7 +59,7 @@ Web/admin 登录使用 session cookie。公网暴露 relay 前至少配置以下
59
59
  ```env
60
60
  CODEXPANEL_ADMIN_USERNAME=admin
61
61
  CODEXPANEL_ADMIN_USER_ID=admin
62
- CODEXPANEL_ADMIN_PASSWORD=ChangeRoot9361A
62
+ CODEXPANEL_ADMIN_PASSWORD=Admin778899
63
63
  CODEXPANEL_SESSION_SECRET=long_random_secret
64
64
  CODEXPANEL_LOGIN_MAX_ATTEMPTS=8
65
65
  CODEXPANEL_LOGIN_IP_MAX_ATTEMPTS=24
@@ -79,7 +79,7 @@ CODEXPANEL_REGISTRATION_ENABLED=false
79
79
 
80
80
  电脑端 setup 支持浏览器登录绑定和终端一次性 token 登录。`CODEXPANEL_ADMIN_*` 只用于启动首个管理员;其他用户必须通过注册或后台运营创建。
81
81
 
82
- `CODEXPANEL_REGISTRATION_ENABLED=true` 会打开自助注册。未配置该变量时,开发环境默认开放、生产环境默认关闭;生产环境如需开放注册必须显式设置为 `true`。新用户写入 relay 的 users 表,密码使用 PBKDF2 hash,角色来自 `CODEXPANEL_REGISTRATION_DEFAULT_ROLE`,默认 `operator`。
82
+ `CODEXPANEL_REGISTRATION_ENABLED=true` 会打开自助注册。未配置该变量时,开发环境默认开放、生产环境默认关闭;生产环境如需开放注册必须显式设置为 `true`。新用户写入 relay 的 users 表,密码使用 PBKDF2 hash;后台权限只通过 IAM 权限组和 permission scopes 分配,不再使用账号角色。
83
83
 
84
84
  电脑端 setup 启动请求会按来源 IP 限流,并受 pending flow 总量限制。只有安装流量确实超过默认值时,才需要调整 `CODEXPANEL_DESKTOP_SETUP_*`。
85
85
 
package/bin/codexpanel.cjs CHANGED
@@ -11,7 +11,7 @@ const crypto = require("crypto");
11
11
  const readline = require("readline");
12
12
  const { spawn, spawnSync } = require("child_process");
13
13
 
14
- const VERSION = "0.1.8";
14
+ const VERSION = "0.1.9";
15
15
  const PROD_URL = "https://codexpanel.com";
16
16
  const TEST_URL = "https://jd.6a.gs";
17
17
  const LOCAL_HOST = "127.0.0.1";
package/docs/desktop-npx-install-flow.md CHANGED
@@ -263,7 +263,7 @@ relay 会校验:
263
263
  - `deviceToken`:给安装后的 agent 使用的长期设备 token 明文,只在这个 flow 内短暂存在。
264
264
  - `deviceToken.hash`:后续会写入设备记录,服务端长期保存 hash,不保存明文。
265
265
  - `approvedByUserId`
266
- - `approvedByRole`
266
+ - `approvedByPermissionGroupId`
267
267
  - `userId`
268
268
 
269
269
  浏览器显示:
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "codexpanel",
3
- "version": "0.1.8",
3
+ "version": "0.1.9",
4
4
  "description": "CodexPanel mobile control plane monorepo.",
5
5
  "license": "UNLICENSED",
6
6
  "private": false,