remote-opencode 1.1.1 → 1.2.0

package/README.md

@@ -2,8 +2,7 @@
 
 > Control your AI coding assistant from anywhere — your phone, tablet, or another computer.
 
-![npm](https://img.shields.io/npm/dt/remote-opencode) 📦 Used by developers worldwide — **800+ weekly downloads** on npm 
-
+![npm](https://img.shields.io/npm/dt/remote-opencode) 📦 Used by developers worldwide — **1000+ weekly downloads** on npm
 
 <div align="center">
 <img width="1024" alt="Gemini_Generated_Image_47d5gq47d5gq47d5" src="https://github.com/user-attachments/assets/1defa11d-6195-4a9c-956b-4f87470f6393" />
@@ -19,7 +18,6 @@
 
 ## How It Works
 
-
 ```
 ┌─────────────────┐    Discord API    ┌─────────────────┐
 │  Your Phone /   │ ◄──────────────► │  Discord Bot    │
@@ -50,6 +48,7 @@ The bot runs on your development machine alongside OpenCode. When you send a com
 - [CLI Commands](#cli-commands)
 - [Discord Slash Commands](#discord-slash-commands)
 - [Usage Workflow](#usage-workflow)
+- [Access Control](#access-control)
 - [Configuration](#configuration)
 - [Troubleshooting](#troubleshooting)
 - [Development](#development)
@@ -133,13 +132,17 @@ If you prefer manual setup or need to troubleshoot:
 
 ## CLI Commands
 
-| Command | Description |
-|---------|-------------|
-| `remote-opencode` | Start the bot (shows setup guide if not configured) |
-| `remote-opencode setup` | Interactive setup wizard — configures bot token, IDs |
-| `remote-opencode start` | Start the Discord bot |
-| `remote-opencode deploy` | Deploy/update slash commands to Discord |
-| `remote-opencode config` | Display current configuration info |
+| Command                                    | Description                                          |
+| ------------------------------------------ | ---------------------------------------------------- |
+| `remote-opencode`                          | Start the bot (shows setup guide if not configured)  |
+| `remote-opencode setup`                    | Interactive setup wizard — configures bot token, IDs |
+| `remote-opencode start`                    | Start the Discord bot                                |
+| `remote-opencode deploy`                   | Deploy/update slash commands to Discord              |
+| `remote-opencode config`                   | Display current configuration info                   |
+| `remote-opencode allow add <userId>`       | Add a Discord user ID to the allowlist               |
+| `remote-opencode allow remove <userId>`    | Remove a Discord user ID from the allowlist          |
+| `remote-opencode allow list`               | List all user IDs in the allowlist                   |
+| `remote-opencode allow reset`              | Clear the entire allowlist (removes access control)  |
 
 ---
 
@@ -155,10 +158,10 @@ Register a local project path with an alias for easy reference.
 /setpath alias:myapp path:/Users/you/projects/my-app
 ```
 
-| Parameter | Description |
-|-----------|-------------|
-| `alias` | Short name for the project (e.g., `myapp`, `backend`) |
-| `path` | Absolute path to the project on your machine |
+| Parameter | Description                                           |
+| --------- | ----------------------------------------------------- |
+| `alias`   | Short name for the project (e.g., `myapp`, `backend`) |
+| `path`    | Absolute path to the project on your machine          |
 
 ### `/projects` — List Registered Projects
 
@@ -187,6 +190,7 @@ The main command — sends a prompt to OpenCode and streams the response.
 ```
 
 **Features:**
+
 - 🧵 **Auto-creates a thread** for each conversation
 - ⚡ **Real-time streaming** — see output as it's generated (1-second updates)
 - ⏸️ **Interrupt button** — stop the current task if needed
@@ -200,12 +204,13 @@ Start isolated work on a new branch with its own worktree.
 /work branch:feature/dark-mode description:Implement dark mode toggle
 ```
 
-| Parameter | Description |
-|-----------|-------------|
-| `branch` | Git branch name (will be sanitized) |
-| `description` | Brief description of the work |
+| Parameter     | Description                         |
+| ------------- | ----------------------------------- |
+| `branch`      | Git branch name (will be sanitized) |
+| `description` | Brief description of the work       |
 
 **Features:**
+
 - 🌳 Creates a new git worktree for isolated work
 - 🧵 Opens a dedicated thread for the task
 - 🗑️ **Delete button** — removes worktree and archives thread
@@ -222,11 +227,13 @@ Enable passthrough mode in a thread to send messages directly to OpenCode withou
 ```
 
 **How it works:**
+
 1. Run `/code` in any thread to enable passthrough mode
 2. Type messages naturally — they're sent directly to OpenCode
 3. Run `/code` again to disable
 
 **Example:**
+
 ```
 You: /code
 Bot: ✅ Passthrough mode enabled for this thread.
@@ -245,6 +252,7 @@ Bot: ❌ Passthrough mode disabled.
 ```
 
 **Features:**
+
 - 📱 **Mobile-friendly** — no more typing slash commands on phone
 - 🧵 **Thread-scoped** — only affects the specific thread, not the whole channel
 - ⏳ **Busy indicator** — shows ⏳ reaction if previous task is still running
@@ -259,11 +267,13 @@ Enable automatic worktree creation for a project. When enabled, new `/opencode`
 ```
 
 **How it works:**
+
 1. Run `/autowork` in a channel bound to a project
 2. The setting toggles on/off for that project
 3. When enabled, new sessions automatically create worktrees with branch names like `auto/abc12345-1738600000000`
 
 **Features:**
+
 - 🌳 **Automatic isolation** — each session gets its own branch and worktree
 - 📱 **Mobile-friendly** — no need to type `/work` with branch names
 - 🗑️ **Delete button** — removes worktree when done
@@ -283,32 +293,57 @@ Control the automated job queue for the current thread.
 ```
 
 **How it works:**
+
 1. Send multiple messages to a thread (or use `/opencode` multiple times)
 2. If the bot is busy, it reacts with `📥` and adds the task to the queue
 3. Once the current job is done, the bot automatically picks up the next one
 
 **Settings:**
+
 - `continue_on_failure`: If `True`, the bot moves to the next task even if the current one fails.
 - `fresh_context`: If `True` (default), the AI forgets previous chat history for each new queued task to improve performance, while maintaining the same code state.
 
----
+### `/allow` — Manage Allowlist
+
+Manage the user allowlist directly from Discord. This command is only available when the allowlist has already been initialized (at least one user exists).
+
+```
+/allow action:add user:@username
+/allow action:remove user:@username
+/allow action:list
+```
+
+| Parameter | Description                                  |
+| --------- | -------------------------------------------- |
+| `action`  | `add`, `remove`, or `list`                   |
+| `user`    | Target user (required for `add` and `remove`) |
 
+**Behavior:**
+
+- **Requires authorization** — only users already on the allowlist can use this command
+- **Cannot remove last user** — prevents accidental lockout
+- **Disabled when allowlist is empty** — initial setup must be done via CLI or setup wizard (see [Access Control](#access-control))
+
+---
 
 ## Usage Workflow
 
 ### Basic Workflow
 
 1. **Register your project:**
+
    ```
    /setpath alias:webapp path:/home/user/my-webapp
    ```
 
 2. **Bind to a channel:**
+
    ```
    /use alias:webapp
    ```
 
 3. **Start coding remotely:**
+
    ```
    /opencode prompt:Refactor the authentication module to use JWT
    ```
@@ -344,6 +379,7 @@ Share AI coding sessions with your team:
 Perfect for "setting and forgetting" several tasks:
 
 1. **Send multiple instructions:**
+
    ```
    You: Refactor the API
    Bot: [Starts working]
@@ -359,15 +395,73 @@ Perfect for "setting and forgetting" several tasks:
 
 ---
 
+## Access Control
+
+remote-opencode supports an optional **user allowlist** to restrict who can interact with the bot. This is essential when your bot runs in a shared Discord server where untrusted users could otherwise execute commands on your machine.
+
+### How It Works
+
+- **No allowlist configured (default):** All Discord users in the server can use the bot. This preserves backward compatibility for existing installations.
+- **Allowlist configured (1+ user IDs):** Only users whose Discord IDs are in the allowlist can use slash commands, buttons, and passthrough messages. Unauthorized users receive a rejection message.
+
+### Setting Up Access Control
+
+> **⚠️ SECURITY WARNING: If your bot operates in a Discord channel accessible to untrusted users, you MUST configure the allowlist before starting the bot. The initial allowlist setup can ONLY be done via the CLI or the setup wizard — NOT from Discord. This prevents unauthorized users from adding themselves to an empty allowlist.**
+
+#### Option 1: Setup Wizard (Recommended for first-time setup)
+
+```bash
+remote-opencode setup
+```
+
+Step 5 of the wizard prompts you to enter your Discord user ID. This becomes the first entry in the allowlist.
+
+#### Option 2: CLI
+
+```bash
+# Add your Discord user ID
+remote-opencode allow add 123456789012345678
+
+# Verify
+remote-opencode allow list
+```
+
+### Managing the Allowlist
+
+Once at least one user is on the allowlist, authorized users can manage it from Discord:
+
+```
+/allow action:add user:@teammate
+/allow action:remove user:@teammate
+/allow action:list
+```
+
+Or via CLI at any time:
+
+```bash
+remote-opencode allow add <userId>
+remote-opencode allow remove <userId>
+remote-opencode allow list
+remote-opencode allow reset    # Clears entire allowlist (disables access control)
+```
+
+### Safety Guardrails
+
+- **Cannot remove the last user** via Discord `/allow` or CLI `allow remove` — prevents accidental lockout
+- **`allow reset`** is the only way to fully clear the allowlist (intentional action to disable access control)
+- **Discord `/allow` is disabled when allowlist is empty** — prevents bootstrap attacks
+- **Config file permissions** are set to `0o600` (owner-read/write only)
+
+---
 
 ## Configuration
 
 All configuration is stored in `~/.remote-opencode/`:
 
-| File | Purpose |
-|------|---------|
-| `config.json` | Bot credentials (token, client ID, guild ID) |
-| `data.json` | Project paths, channel bindings, session data |
+| File          | Purpose                                       |
+| ------------- | --------------------------------------------- |
+| `config.json` | Bot credentials (token, client ID, guild ID)  |
+| `data.json`   | Project paths, channel bindings, session data |
 
 ### config.json Structure
 
@@ -375,10 +469,13 @@ All configuration is stored in `~/.remote-opencode/`:
 {
   "discordToken": "your-bot-token",
   "clientId": "your-application-id",
-  "guildId": "your-server-id"
+  "guildId": "your-server-id",
+  "allowedUserIds": ["123456789012345678"]
 }
 ```
 
+> `allowedUserIds` is optional. When omitted or empty, access control is disabled and all users can use the bot.
+
 ### data.json Structure
 
 ```json
@@ -394,8 +491,8 @@ All configuration is stored in `~/.remote-opencode/`:
 }
 ```
 
-| Field | Description |
-|-------|-------------|
+| Field                     | Description                                               |
+| ------------------------- | --------------------------------------------------------- |
 | `projects[].autoWorktree` | Optional. When `true`, new sessions auto-create worktrees |
 
 ---
@@ -419,6 +516,7 @@ All configuration is stored in `~/.remote-opencode/`:
 ### "No project set for this channel"
 
 You need to bind a project to the channel:
+
 ```
 /setpath alias:myproject path:/path/to/project
 /use alias:myproject
@@ -427,6 +525,7 @@ You need to bind a project to the channel:
 ### Commands not appearing in Discord
 
 Slash commands can take up to an hour to propagate globally. For faster updates:
+
 1. Kick the bot from your server
 2. Re-invite it
 3. Run `remote-opencode deploy`
@@ -443,6 +542,7 @@ Slash commands can take up to an hour to propagate globally. For faster updates:
 ### Session connection issues
 
 The bot maintains persistent sessions. If you encounter issues:
+
 1. Start a new thread with `/opencode` instead of continuing in an old one
 2. Restart the bot: `remote-opencode start`
 
@@ -497,6 +597,7 @@ src/
 │   ├── opencode.ts        # Main AI interaction command
 │   ├── code.ts            # Passthrough mode toggle
 │   ├── work.ts            # Worktree management
+│   ├── allow.ts           # Allowlist management
 │   ├── setpath.ts         # Project registration
 │   ├── projects.ts        # List projects
 │   └── use.ts             # Channel binding
@@ -528,18 +629,37 @@ src/
 
 See [CHANGELOG.md](CHANGELOG.md) for a full history of changes.
 
+### [1.2.0] - 2026-02-15
+
+#### Added
+
+- **Owner/Admin Authentication**: User allowlist system to restrict bot access to authorized Discord users only.
+- **`/allow` Slash Command**: Manage the allowlist directly from Discord (add, remove, list users).
+- **CLI Allowlist Management**: `remote-opencode allow add|remove|list|reset` commands for managing access control from the terminal.
+- **Setup Wizard Integration**: Step 5 prompts for owner Discord user ID during initial setup.
+
+#### Security
+
+- Initial allowlist setup is restricted to CLI and setup wizard only — prevents bootstrap attacks from Discord.
+- Config file permissions hardened to `0o600` (owner-read/write only).
+- Discord user ID validation enforces snowflake format (`/^\d{17,20}$/`).
+- Cannot remove the last authorized user via Discord or CLI `remove` — prevents lockout.
+
 ### [1.1.0] - 2026-02-05
 
 #### Added
+
 - **Automated Message Queuing**: Added a new system to queue multiple prompts in a thread. If the bot is busy, new messages are automatically queued and processed sequentially.
 - **Queue Management**: New `/queue` slash command suite to list, clear, pause, resume, and configure queue settings.
 
 ### [1.0.10] - 2026-02-04
 
 #### Added
+
 - New `/setports` slash command to configure the port range for OpenCode server instances.
 
 #### Fixed
+
 - Fixed Windows-specific spawning issue (targeting `opencode.cmd`).
 - Resolved `spawn EINVAL` errors on Windows.
 - Improved server reliability and suppressed `DEP0190` security warnings.
@@ -547,10 +667,12 @@ See [CHANGELOG.md](CHANGELOG.md) for a full history of changes.
 ### [1.0.9] - 2026-02-04
 
 #### Added
+
 - New `/model` slash command to set AI models per channel.
 - Support for `--model` flag in OpenCode server instances.
 
 #### Fixed
+
 - Fixed connection timeout issues.
 - Standardized internal communication to use `127.0.0.1`.
 

package/dist/src/__tests__/auth.test.js

@@ -0,0 +1,114 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { readFileSync, writeFileSync, existsSync } from 'node:fs';
+vi.mock('node:fs', () => ({
+    readFileSync: vi.fn(),
+    writeFileSync: vi.fn(),
+    existsSync: vi.fn(),
+    mkdirSync: vi.fn(),
+}));
+vi.mock('node:os', () => ({
+    homedir: vi.fn(() => '/mock/home'),
+}));
+import { getAllowedUserIds, setAllowedUserIds, addAllowedUserId, removeAllowedUserId, isAuthorized, } from '../services/configStore.js';
+function mockConfigFile(config) {
+    vi.mocked(existsSync).mockReturnValue(true);
+    vi.mocked(readFileSync).mockReturnValue(JSON.stringify(config));
+}
+describe('auth allowlist', () => {
+    beforeEach(() => {
+        vi.resetAllMocks();
+    });
+    afterEach(() => {
+        vi.restoreAllMocks();
+    });
+    describe('getAllowedUserIds', () => {
+        it('should return empty array when no allowedUserIds configured', () => {
+            mockConfigFile({ bot: { discordToken: 't', clientId: 'c', guildId: 'g' } });
+            expect(getAllowedUserIds()).toEqual([]);
+        });
+        it('should return configured user IDs', () => {
+            mockConfigFile({ allowedUserIds: ['111', '222'] });
+            expect(getAllowedUserIds()).toEqual(['111', '222']);
+        });
+    });
+    describe('isAuthorized', () => {
+        it('should allow everyone when allowlist is empty', () => {
+            mockConfigFile({});
+            expect(isAuthorized('anyUserId')).toBe(true);
+            expect(isAuthorized('anotherUser')).toBe(true);
+        });
+        it('should allow only listed users when allowlist is non-empty', () => {
+            mockConfigFile({ allowedUserIds: ['111', '222'] });
+            expect(isAuthorized('111')).toBe(true);
+            expect(isAuthorized('222')).toBe(true);
+            expect(isAuthorized('333')).toBe(false);
+        });
+    });
+    describe('addAllowedUserId', () => {
+        it('should add a user to the allowlist', () => {
+            mockConfigFile({ allowedUserIds: ['111'] });
+            addAllowedUserId('222');
+            expect(writeFileSync).toHaveBeenCalledWith(expect.any(String), expect.stringContaining('"222"'), expect.objectContaining({ encoding: 'utf-8', mode: 0o600 }));
+        });
+        it('should not duplicate an existing user', () => {
+            mockConfigFile({ allowedUserIds: ['111'] });
+            addAllowedUserId('111');
+            expect(writeFileSync).not.toHaveBeenCalled();
+        });
+        it('should create the array when adding first user', () => {
+            mockConfigFile({});
+            addAllowedUserId('111');
+            const writtenData = JSON.parse(vi.mocked(writeFileSync).mock.calls[0][1]);
+            expect(writtenData.allowedUserIds).toEqual(['111']);
+        });
+    });
+    describe('removeAllowedUserId', () => {
+        it('should remove a user from the allowlist', () => {
+            mockConfigFile({ allowedUserIds: ['111', '222'] });
+            const result = removeAllowedUserId('111');
+            expect(result).toBe(true);
+            const writtenData = JSON.parse(vi.mocked(writeFileSync).mock.calls[0][1]);
+            expect(writtenData.allowedUserIds).toEqual(['222']);
+        });
+        it('should return false when user is not on the allowlist', () => {
+            mockConfigFile({ allowedUserIds: ['111'] });
+            expect(removeAllowedUserId('999')).toBe(false);
+        });
+        it('should not remove the last remaining user', () => {
+            mockConfigFile({ allowedUserIds: ['111'] });
+            const result = removeAllowedUserId('111');
+            expect(result).toBe(false);
+            expect(writeFileSync).not.toHaveBeenCalled();
+        });
+    });
+    describe('setAllowedUserIds', () => {
+        it('should replace the entire allowlist', () => {
+            mockConfigFile({ allowedUserIds: ['111'] });
+            setAllowedUserIds(['333', '444']);
+            const writtenData = JSON.parse(vi.mocked(writeFileSync).mock.calls[0][1]);
+            expect(writtenData.allowedUserIds).toEqual(['333', '444']);
+        });
+        it('should clear the allowlist with empty array', () => {
+            mockConfigFile({ allowedUserIds: ['111'] });
+            setAllowedUserIds([]);
+            const writtenData = JSON.parse(vi.mocked(writeFileSync).mock.calls[0][1]);
+            expect(writtenData.allowedUserIds).toEqual([]);
+        });
+    });
+    describe('config persistence', () => {
+        it('should preserve existing config when modifying allowlist', () => {
+            mockConfigFile({
+                bot: { discordToken: 'tok', clientId: 'cid', guildId: 'gid' },
+                allowedUserIds: ['111'],
+            });
+            addAllowedUserId('222');
+            const writtenData = JSON.parse(vi.mocked(writeFileSync).mock.calls[0][1]);
+            expect(writtenData.bot).toEqual({
+                discordToken: 'tok',
+                clientId: 'cid',
+                guildId: 'gid',
+            });
+            expect(writtenData.allowedUserIds).toEqual(['111', '222']);
+        });
+    });
+});

package/dist/src/cli.js

@@ -7,7 +7,7 @@ import updateNotifier from 'update-notifier';
 import { runSetupWizard } from './setup/wizard.js';
 import { deployCommands } from './setup/deploy.js';
 import { startBot } from './bot.js';
-import { hasBotConfig, getConfigDir } from './services/configStore.js';
+import { hasBotConfig, getConfigDir, getAllowedUserIds, addAllowedUserId, removeAllowedUserId, setAllowedUserIds } from './services/configStore.js';
 const require = createRequire(import.meta.url);
 // In dev mode (src/cli.ts), package.json is one level up
 // In production (dist/src/cli.js), package.json is two levels up
@@ -68,6 +68,56 @@ program
     console.log(`  Bot configured: ${hasBotConfig() ? pc.green('Yes') : pc.red('No')}`);
     console.log();
 });
+const allowCmd = program.command('allow').description('Manage the bot access allowlist');
+allowCmd
+    .command('add <userId>')
+    .description('Add a user to the allowlist')
+    .action((userId) => {
+    if (!/^\d{17,20}$/.test(userId)) {
+        console.log(pc.red('❌ Invalid user ID. Must be a Discord snowflake (17-20 digits).'));
+        process.exit(1);
+    }
+    addAllowedUserId(userId);
+    console.log(pc.green(`✅ User ${userId} added to allowlist.`));
+});
+allowCmd
+    .command('remove <userId>')
+    .description('Remove a user from the allowlist')
+    .action((userId) => {
+    const result = removeAllowedUserId(userId);
+    if (result) {
+        console.log(pc.green(`✅ User ${userId} removed from allowlist.`));
+    }
+    else {
+        const ids = getAllowedUserIds();
+        if (ids.length <= 1) {
+            console.log(pc.red('❌ Cannot remove the last allowed user. Use "allow reset" to disable restrictions.'));
+        }
+        else {
+            console.log(pc.red(`❌ User ${userId} is not on the allowlist.`));
+        }
+    }
+});
+allowCmd
+    .command('list')
+    .description('Show all allowed users')
+    .action(() => {
+    const ids = getAllowedUserIds();
+    if (ids.length === 0) {
+        console.log(pc.yellow('🔓 No restrictions — all server members can use this bot.'));
+    }
+    else {
+        console.log(pc.bold(`🔒 Allowed Users (${ids.length}):`));
+        ids.forEach(id => console.log(`  • ${id}`));
+    }
+});
+allowCmd
+    .command('reset')
+    .description('Clear the allowlist (unrestricted mode)')
+    .action(() => {
+    setAllowedUserIds([]);
+    console.log(pc.green('✅ Allowlist cleared. All server members can now use the bot.'));
+});
 program
     .action(async () => {
     if (!hasBotConfig()) {

package/dist/src/commands/allow.js

@@ -0,0 +1,70 @@
+import { SlashCommandBuilder, MessageFlags } from 'discord.js';
+import { getAllowedUserIds, addAllowedUserId, removeAllowedUserId, isAuthorized } from '../services/configStore.js';
+export const allow = {
+    data: new SlashCommandBuilder()
+        .setName('allow')
+        .setDescription('Manage the bot access allowlist')
+        .addSubcommand(sub => sub.setName('add')
+        .setDescription('Add a user to the allowlist')
+        .addUserOption(opt => opt.setName('user')
+        .setDescription('The user to allow')
+        .setRequired(true)))
+        .addSubcommand(sub => sub.setName('remove')
+        .setDescription('Remove a user from the allowlist')
+        .addUserOption(opt => opt.setName('user')
+        .setDescription('The user to remove')
+        .setRequired(true)))
+        .addSubcommand(sub => sub.setName('list')
+        .setDescription('Show all allowed users')),
+    async execute(interaction) {
+        const currentList = getAllowedUserIds();
+        if (currentList.length === 0) {
+            await interaction.reply({
+                content: '⚠️ No allowlist configured. Use `remote-opencode allow add <userId>` or `remote-opencode setup` to set up access control first.',
+                flags: MessageFlags.Ephemeral
+            });
+            return;
+        }
+        if (!isAuthorized(interaction.user.id)) {
+            await interaction.reply({
+                content: '🚫 You are not authorized to manage the allowlist.',
+                flags: MessageFlags.Ephemeral
+            });
+            return;
+        }
+        const subcommand = interaction.options.getSubcommand();
+        if (subcommand === 'add') {
+            const user = interaction.options.getUser('user', true);
+            addAllowedUserId(user.id);
+            await interaction.reply({
+                content: `✅ <@${user.id}> has been added to the allowlist.`,
+                flags: MessageFlags.Ephemeral
+            });
+        }
+        else if (subcommand === 'remove') {
+            const user = interaction.options.getUser('user', true);
+            const removed = removeAllowedUserId(user.id);
+            if (!removed) {
+                const reason = currentList.length <= 1
+                    ? 'Cannot remove the last allowed user. Use CLI `remote-opencode allow reset` to disable restrictions.'
+                    : `<@${user.id}> is not on the allowlist.`;
+                await interaction.reply({
+                    content: `❌ ${reason}`,
+                    flags: MessageFlags.Ephemeral
+                });
+                return;
+            }
+            await interaction.reply({
+                content: `✅ <@${user.id}> has been removed from the allowlist.`,
+                flags: MessageFlags.Ephemeral
+            });
+        }
+        else if (subcommand === 'list') {
+            const userMentions = currentList.map(id => `• <@${id}>`).join('\n');
+            await interaction.reply({
+                content: `🔒 **Allowed Users** (${currentList.length}):\n${userMentions}`,
+                flags: MessageFlags.Ephemeral
+            });
+        }
+    }
+};

package/dist/src/commands/index.js

@@ -9,6 +9,7 @@ import { autowork } from './autowork.js';
 import { model } from './model.js';
 import { setports } from './setports.js';
 import { queue } from './queue.js';
+import { allow } from './allow.js';
 export const commands = new Collection();
 commands.set(setpath.data.name, setpath);
 commands.set(projects.data.name, projects);
@@ -20,3 +21,4 @@ commands.set(autowork.data.name, autowork);
 commands.set(model.data.name, model);
 commands.set(setports.data.name, setports);
 commands.set(queue.data.name, queue);
+commands.set(allow.data.name, allow);

package/dist/src/handlers/interactionHandler.js

@@ -1,8 +1,16 @@
 import { MessageFlags } from 'discord.js';
 import { commands } from '../commands/index.js';
 import { handleButton } from './buttonHandler.js';
+import { isAuthorized } from '../services/configStore.js';
 export async function handleInteraction(interaction) {
     if (interaction.isButton()) {
+        if (!isAuthorized(interaction.user.id)) {
+            await interaction.reply({
+                content: '🚫 You are not authorized to use this bot.',
+                flags: MessageFlags.Ephemeral
+            });
+            return;
+        }
         try {
             await handleButton(interaction);
         }
@@ -13,6 +21,13 @@ export async function handleInteraction(interaction) {
     }
     if (!interaction.isChatInputCommand())
         return;
+    if (!isAuthorized(interaction.user.id)) {
+        await interaction.reply({
+            content: '🚫 You are not authorized to use this bot.',
+            flags: MessageFlags.Ephemeral
+        });
+        return;
+    }
     const command = commands.get(interaction.commandName);
     if (!command) {
         return;

package/dist/src/handlers/messageHandler.js

@@ -1,6 +1,7 @@
 import * as dataStore from '../services/dataStore.js';
 import { runPrompt } from '../services/executionService.js';
 import { isBusy } from '../services/queueManager.js';
+import { isAuthorized } from '../services/configStore.js';
 export async function handleMessageCreate(message) {
     if (message.author.bot)
         return;
@@ -12,6 +13,8 @@ export async function handleMessageCreate(message) {
     const threadId = channel.id;
     if (!dataStore.isPassthroughEnabled(threadId))
         return;
+    if (!isAuthorized(message.author.id))
+        return;
     const parentChannelId = channel.parentId;
     if (!parentChannelId)
         return;

package/dist/src/services/configStore.js

@@ -5,7 +5,7 @@ const CONFIG_DIR = join(homedir(), '.remote-opencode');
 const CONFIG_FILE = join(CONFIG_DIR, 'config.json');
 function ensureConfigDir() {
     if (!existsSync(CONFIG_DIR)) {
-        mkdirSync(CONFIG_DIR, { recursive: true });
+        mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
     }
 }
 export function getConfigDir() {
@@ -26,7 +26,7 @@ export function loadConfig() {
 }
 export function saveConfig(config) {
     ensureConfigDir();
-    writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), 'utf-8');
+    writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), { encoding: 'utf-8', mode: 0o600 });
 }
 export function getBotConfig() {
     return loadConfig().bot;
@@ -53,3 +53,36 @@ export function clearBotConfig() {
     delete config.bot;
     saveConfig(config);
 }
+export function getAllowedUserIds() {
+    return loadConfig().allowedUserIds ?? [];
+}
+export function setAllowedUserIds(ids) {
+    const config = loadConfig();
+    config.allowedUserIds = ids;
+    saveConfig(config);
+}
+export function addAllowedUserId(id) {
+    const config = loadConfig();
+    const current = config.allowedUserIds ?? [];
+    if (!current.includes(id)) {
+        config.allowedUserIds = [...current, id];
+        saveConfig(config);
+    }
+}
+export function removeAllowedUserId(id) {
+    const config = loadConfig();
+    const current = config.allowedUserIds ?? [];
+    if (!current.includes(id))
+        return false;
+    if (current.length <= 1)
+        return false; // prevent removing last user
+    config.allowedUserIds = current.filter(uid => uid !== id);
+    saveConfig(config);
+    return true;
+}
+export function isAuthorized(userId) {
+    const ids = getAllowedUserIds();
+    if (ids.length === 0)
+        return true; // no restriction
+    return ids.includes(userId);
+}

package/dist/src/setup/wizard.js

@@ -1,7 +1,7 @@
 import * as p from '@clack/prompts';
 import pc from 'picocolors';
 import open from 'open';
-import { setBotConfig, getBotConfig, hasBotConfig } from '../services/configStore.js';
+import { setBotConfig, getBotConfig, hasBotConfig, addAllowedUserId } from '../services/configStore.js';
 import { deployCommands } from './deploy.js';
 const DISCORD_DEV_URL = 'https://discord.com/developers/applications';
 const BOT_PERMISSIONS = '2147534848';
@@ -27,6 +27,13 @@ function validateGuildId(value) {
         return 'Invalid format (should be 17-20 digits)';
     return undefined;
 }
+function validateUserId(value) {
+    if (!value)
+        return undefined;
+    if (!/^\d{17,20}$/.test(value))
+        return 'Invalid format (should be 17-20 digits)';
+    return undefined;
+}
 function generateInviteUrl(clientId) {
     const url = new URL('https://discord.com/api/oauth2/authorize');
     url.searchParams.set('client_id', clientId);
@@ -123,6 +130,22 @@ export async function runSetupWizard() {
         p.cancel('Setup cancelled.');
         process.exit(0);
     }
+    // Step 5: Set Bot Owner
+    p.note(`Restrict who can use this bot by setting an owner.\n\n` +
+        `1. In Discord, right-click ${pc.bold('YOUR profile')}\n` +
+        `2. Click ${pc.bold('"Copy User ID"')}\n\n` +
+        `${pc.dim('(Requires Developer Mode — same setting as Step 4)')}\n` +
+        `${pc.dim('Leave blank to allow everyone)')}`, 'Step 5: Set Bot Owner (Optional)');
+    const ownerId = await p.text({
+        message: 'Enter your Discord User ID (leave blank to allow everyone):',
+        placeholder: 'e.g., 1234567890123456789',
+        defaultValue: '',
+        validate: validateUserId,
+    });
+    if (p.isCancel(ownerId)) {
+        p.cancel('Setup cancelled.');
+        process.exit(0);
+    }
     // Save configuration
     const s = p.spinner();
     s.start('Saving configuration...');
@@ -132,12 +155,15 @@ export async function runSetupWizard() {
         guildId: guildId,
     });
     s.stop('Configuration saved!');
-    // Step 5: Invite Bot to Server
+    if (ownerId && ownerId.length > 0) {
+        addAllowedUserId(ownerId);
+    }
+    // Step 6: Invite Bot to Server
     const inviteUrl = generateInviteUrl(clientId);
     p.note(`We'll open the bot invite page in your browser.\n\n` +
         `1. Select your server\n` +
         `2. Click ${pc.bold('"Authorize"')}\n\n` +
-        `${pc.dim('URL: ' + inviteUrl)}`, 'Step 5: Invite Bot to Server');
+        `${pc.dim('URL: ' + inviteUrl)}`, 'Step 6: Invite Bot to Server');
     const openInvite = await p.text({
         message: `Press ${pc.cyan('Enter')} to open the invite page...`,
         placeholder: 'Press Enter',
@@ -156,7 +182,7 @@ export async function runSetupWizard() {
         p.cancel('Setup cancelled.');
         process.exit(0);
     }
-    // Step 6: Deploy Commands
+    // Step 7: Deploy Commands
     const shouldDeploy = await p.confirm({
         message: 'Deploy slash commands now?',
         initialValue: true,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "remote-opencode",
-  "version": "1.1.1",
+  "version": "1.2.0",
   "description": "Discord bot for remote OpenCode CLI access",
   "main": "dist/src/index.js",
   "bin": {