- Enhanced AGENTS.md with clearer project structure and development commands. - Updated CHANGELOG.md to reflect recent fixes and additions. - Improved formatting in CONTRIBUTING.md for better readability. - Adjusted package.json and configuration files for consistent command structure. - Refined README.md and VISION.md for clarity and organization. - Standardized code formatting in various TypeScript files for consistency. These changes aim to enhance documentation clarity and maintainability across the repository.
1.3 KiB
1.3 KiB
| summary | read_when | ||
|---|---|---|---|
| Auth overview: GitHub OAuth (web) + API tokens (CLI). |
|
Auth
Web auth (GitHub OAuth)
- Convex Auth + GitHub OAuth App.
- GitHub is the only supported login provider.
- Env vars:
AUTH_GITHUB_IDAUTH_GITHUB_SECRETCONVEX_SITE_URL(used by auth config)
Local setup steps are in the repo root README.md.
API tokens (CLI)
The CLI uses a long-lived API token (Bearer token) for publish/sync/delete.
Browser flow (default)
clawhub login does:
- Starts a loopback HTTP server on
127.0.0.1(random port). - Opens
<site>/cli/auth?redirect_uri=http://127.0.0.1:<port>/callback&state=.... - Web UI requires GitHub login, then creates a token and redirects back to the loopback server.
- CLI stores the token in the global config file.
Headless flow
Create a token in the web UI (Settings → API tokens) and paste it:
clawhub login --token clh_...
Token storage
Default global config path:
- macOS:
~/Library/Application Support/clawhub/config.json
Override:
CLAWHUB_CONFIG_PATH=/path/to/config.json(legacyCLAWDHUB_CONFIG_PATH)
Revocation
- Tokens can be revoked in the web UI.
- Revoked tokens return
401 Unauthorizedon CLI endpoints.