github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 16:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(browser): share common server middleware

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-15 04:46:05 +00:00
parent 909b5411bb
commit 28014de974
3 changed files with 49 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/browser/bridge-server.ts
View File

@@ -5,14 +5,16 @@ import type { ResolvedBrowserConfig } from "./config.js";
import type { BrowserRouteRegistrar } from "./routes/types.js";
import { isLoopbackHost } from "../gateway/net.js";
import { deleteBridgeAuthForPort, setBridgeAuthForPort } from "./bridge-auth-registry.js";
import { browserMutationGuardMiddleware } from "./csrf.js";
import { isAuthorizedBrowserRequest } from "./http-auth.js";
import { registerBrowserRoutes } from "./routes/index.js";
import {
type BrowserServerState,
createBrowserRouteContext,
type ProfileContext,
} from "./server-context.js";
import {
installBrowserAuthMiddleware,
installBrowserCommonMiddleware,
} from "./server-middleware.js";
export type BrowserBridge = {
server: Server;
@@ -36,35 +38,14 @@ export async function startBrowserBridgeServer(params: {
const port = params.port ?? 0;
const app = express();
app.use((req, res, next) => {
const ctrl = new AbortController();
const abort = () => ctrl.abort(new Error("request aborted"));
req.once("aborted", abort);
res.once("close", () => {
if (!res.writableEnded) {
abort();
}
});
// Make the signal available to browser route handlers (best-effort).
(req as unknown as { signal?: AbortSignal }).signal = ctrl.signal;
next();
});
app.use(express.json({ limit: "1mb" }));
app.use(browserMutationGuardMiddleware());
installBrowserCommonMiddleware(app);
const authToken = params.authToken?.trim() || undefined;
const authPassword = params.authPassword?.trim() || undefined;
if (!authToken && !authPassword) {
throw new Error("bridge server requires auth (authToken/authPassword missing)");
}
if (authToken || authPassword) {
app.use((req, res, next) => {
if (isAuthorizedBrowserRequest(req, { token: authToken, password: authPassword })) {
return next();
}
res.status(401).send("Unauthorized");
});
}
installBrowserAuthMiddleware(app, { token: authToken, password: authPassword });
const state: BrowserServerState = {
server: null as unknown as Server,