From 6a6e2fcd7715522ef53184ca38f330a5f0edc8b3 Mon Sep 17 00:00:00 2001 From: decolua Date: Tue, 14 Apr 2026 10:14:50 +0700 Subject: [PATCH] Fix : noAuth support for providers and adjusted MITM restart settings. --- CHANGELOG.md | 5 +++++ open-sse/config/providers.js | 3 ++- open-sse/executors/base.js | 1 + open-sse/handlers/chatCore.js | 4 ++-- open-sse/handlers/embeddingsCore.js | 9 +++++---- src/app/(dashboard)/dashboard/providers/[id]/page.js | 4 ++-- src/app/api/settings/require-login/route.js | 2 +- src/dashboardGuard.js | 2 +- src/mitm/manager.js | 7 ++++--- 9 files changed, 23 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d5fbd7e..772e0bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +# v0.3.89 (2026-04-13) + +## Improvements +- Improved dashboard access control by blocking tunnel/Tailscale access when disabled + # v0.3.87 (2026-04-13) ## Fixes diff --git a/open-sse/config/providers.js b/open-sse/config/providers.js index 5a14905..664ab03 100644 --- a/open-sse/config/providers.js +++ b/open-sse/config/providers.js @@ -335,6 +335,7 @@ export const PROVIDERS = { opencode: { baseUrl: "https://opencode.ai", format: "openai", - headers: { "x-opencode-client": "desktop" } + headers: { "x-opencode-client": "desktop" }, + noAuth: true }, }; diff --git a/open-sse/executors/base.js b/open-sse/executors/base.js index 589dc9b..a42828e 100644 --- a/open-sse/executors/base.js +++ b/open-sse/executors/base.js @@ -8,6 +8,7 @@ export class BaseExecutor { constructor(provider, config) { this.provider = provider; this.config = config; + this.noAuth = config?.noAuth || false; } getProvider() { diff --git a/open-sse/handlers/chatCore.js b/open-sse/handlers/chatCore.js index 780a4fe..4bbe9a1 100644 --- a/open-sse/handlers/chatCore.js +++ b/open-sse/handlers/chatCore.js @@ -172,8 +172,8 @@ export async function handleChatCore({ body, modelInfo, credentials, log, onCred return createErrorResult(HTTP_STATUS.BAD_GATEWAY, errMsg); } - // Handle 401/403 - try token refresh - if (providerResponse.status === HTTP_STATUS.UNAUTHORIZED || providerResponse.status === HTTP_STATUS.FORBIDDEN) { + // Handle 401/403 - try token refresh (skip for noAuth providers) + if (!executor.noAuth && (providerResponse.status === HTTP_STATUS.UNAUTHORIZED || providerResponse.status === HTTP_STATUS.FORBIDDEN)) { try { const newCredentials = await refreshWithRetry(() => executor.refreshCredentials(credentials, log), 3, log); if (newCredentials?.accessToken || newCredentials?.copilotToken) { diff --git a/open-sse/handlers/embeddingsCore.js b/open-sse/handlers/embeddingsCore.js index b9eb636..8e724fb 100644 --- a/open-sse/handlers/embeddingsCore.js +++ b/open-sse/handlers/embeddingsCore.js @@ -228,12 +228,13 @@ export async function handleEmbeddingsCore({ return createErrorResult(HTTP_STATUS.BAD_GATEWAY, errMsg); } - // Handle 401/403 — try token refresh + // Handle 401/403 — try token refresh (skip for noAuth providers) + const executor = getExecutor(provider); if ( - providerResponse.status === HTTP_STATUS.UNAUTHORIZED || - providerResponse.status === HTTP_STATUS.FORBIDDEN + !executor.noAuth && + (providerResponse.status === HTTP_STATUS.UNAUTHORIZED || + providerResponse.status === HTTP_STATUS.FORBIDDEN) ) { - const executor = getExecutor(provider); const newCredentials = await refreshWithRetry( () => executor.refreshCredentials(credentials, log), 3, diff --git a/src/app/(dashboard)/dashboard/providers/[id]/page.js b/src/app/(dashboard)/dashboard/providers/[id]/page.js index 19b970e..616068e 100644 --- a/src/app/(dashboard)/dashboard/providers/[id]/page.js +++ b/src/app/(dashboard)/dashboard/providers/[id]/page.js @@ -865,7 +865,7 @@ export default function ProviderDetailPage() {

Connections

{/* Thinking config */} - {/* {thinkingConfig && ( + {thinkingConfig && (
Thinking