feat(settings): hub bearer-token panel + auto-attach on every RPC
Some checks failed
Security / Security check (push) Failing after 1s
Some checks failed
Security / Security check (push) Failing after 1s
Studio gains a new "HUB AUTHENTICATION" panel in Settings
mirroring the existing registry-credentials panel:
- `lib/data/hub_auth_token.dart` — `~/.fai/hub-auth-token`
helper (read / write / clear, mode 0600 on Unix). Sister
of `RegistryToken` with the same on-disk hygiene.
- `HubService.loadPersistedEndpoint` now reads the token at
startup and reconnects with it. `reconnect()` grew an
`authToken:` parameter with a sentinel that distinguishes
"keep current" from "drop". `reloadAuthToken()` is the
one-liner Settings calls after save / clear.
- `_HubAuthTokenPanel` in `fai_settings_dialog.dart` — paste
with show/hide toggle, save button, clear button, status
pill ("Configured (40 chars)" / "Not set (anonymous)"),
storage-location hint. Trimmed token length only — the
secret never round-trips back into the UI after save.
- EN + DE ARB entries (`hubAuthToken*`) + regenerated
`app_localizations.dart` keep the bilingual surface
consistent.
The hub side (auth.tokens config + tower middleware) shipped
on the platform side 2026-05-28 (43a54a2). Until now an
operator had no GUI path to consume it: they had to find the
file in their home dir, paste the token by hand, and bounce
Studio. This panel closes that loop.
Bumped pubspec to 0.47.0. dart analyze clean (No issues
found!); flutter test green (11 tests pass).
Block E item 1 of 4 done. Capability-picker badges,
default_scope editor, multi-version uninstall picker follow.
Signed-off-by: flemming-it <stefan.a.flemming@googlemail.com>
This commit is contained in:
parent
3237c4415a
commit
c5a96bc8d4
9 changed files with 538 additions and 12 deletions
|
|
@ -750,6 +750,32 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"hubAuthTokenHeader": "HUB-AUTHENTIFIZIERUNG",
|
||||
"hubAuthTokenBlurb": "Bearer-Token für die Studio-Anbindung an einen Hub mit aktivierter auth.tokens-Konfiguration (RBAC Level 2). Gespeichert in ~/.fai/hub-auth-token, Modus 0600. Studio sendet ihn als Authorization: Bearer bei jedem gRPC-Aufruf.",
|
||||
"hubAuthTokenStatusConfigured": "Eingerichtet ({chars} Zeichen)",
|
||||
"@hubAuthTokenStatusConfigured": {
|
||||
"placeholders": {
|
||||
"chars": {
|
||||
"type": "int"
|
||||
}
|
||||
}
|
||||
},
|
||||
"hubAuthTokenStatusNotSet": "Nicht gesetzt (anonym)",
|
||||
"hubAuthTokenFieldLabel": "Token",
|
||||
"hubAuthTokenFieldHint": "Token aus dem auth.tokens-Eintrag des Hub-Operators einfügen",
|
||||
"hubAuthTokenSaveButton": "Speichern",
|
||||
"hubAuthTokenClearButton": "Entfernen",
|
||||
"hubAuthTokenStorageHint": "Lokal gespeichert in ~/.fai/hub-auth-token. Studio verbindet nach dem Speichern automatisch neu, der Token wirkt sofort.",
|
||||
"hubAuthTokenSavedToast": "Hub-Token gespeichert.",
|
||||
"hubAuthTokenClearedToast": "Hub-Token entfernt.",
|
||||
"hubAuthTokenSaveFailedToast": "Speichern fehlgeschlagen: {error}",
|
||||
"@hubAuthTokenSaveFailedToast": {
|
||||
"placeholders": {
|
||||
"error": {
|
||||
"type": "String"
|
||||
}
|
||||
}
|
||||
},
|
||||
"maintenanceHeader": "HUB-WARTUNG",
|
||||
"maintenanceResetBlurb": "Operator-Zustand zurücksetzen und mit einem sauberen Hub neu starten. Stoppt jeden laufenden Daemon, sichert ~/.fai/ atomar in ein Backup, legt es dann neu an — Binary, Channel-Pointer, MCP-/n8n-/System-AI-Konfiguration und Registry-Token bleiben erhalten. Wiederherstellen durch Zurückverschieben des Backup-Ordners.",
|
||||
"maintenanceKeepModulesTitle": "Installierte Module behalten",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue