mmc/lingma-proxy-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add API key authentication for proxy endpoints.

Browse Source 
Support multiple API keys from config, env, and CLI, enforce auth on non-public endpoints, and pass keys through remote deploy verification.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
GitHub Actions
2026-05-08 13:08:27 +08:00
parent c1a0fe2949
commit 450faefaf9
8 changed files with 229 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/lingma-ipc-proxy/main.go
View File

@@ -31,6 +31,7 @@ type fileConfig struct {
RemoteBaseURL string `json:"remote_base_url"`
RemoteAuthFile string `json:"remote_auth_file"`
RemoteVersion string `json:"remote_version"`
APIKeys []string `json:"api_keys"`
Cwd string `json:"cwd"`
CurrentFilePath string `json:"current_file_path"`
Mode string `json:"mode"`
@@ -144,6 +145,7 @@ func loadConfig() (service.Config, string) {
remoteBaseURL := flag.String("remote-base-url", cfg.RemoteBaseURL, "Remote Lingma API base URL")
remoteAuthFile := flag.String("remote-auth-file", cfg.RemoteAuthFile, "Remote Lingma credentials.json path; empty reads ~/.lingma cache")
remoteVersion := flag.String("remote-version", cfg.RemoteVersion, "Remote Lingma cosy version")
apiKeys := flag.String("api-keys", strings.Join(cfg.APIKeys, ","), "Comma-separated API keys accepted via Authorization Bearer or x-api-key")
cwd := flag.String("cwd", cfg.Cwd, "Working directory used when creating Lingma sessions")
currentFilePath := flag.String("current-file-path", cfg.CurrentFilePath, "Current file path sent through ACP meta")
mode := flag.String("mode", cfg.Mode, "Lingma ACP mode value")
@@ -181,6 +183,7 @@ func loadConfig() (service.Config, string) {
cfg.RemoteBaseURL = strings.TrimSpace(*remoteBaseURL)
cfg.RemoteAuthFile = strings.TrimSpace(*remoteAuthFile)
cfg.RemoteVersion = strings.TrimSpace(*remoteVersion)
cfg.APIKeys = splitCSV(*apiKeys)
cfg.Cwd = strings.TrimSpace(*cwd)
cfg.CurrentFilePath = strings.TrimSpace(*currentFilePath)
cfg.Mode = strings.TrimSpace(*mode)
@@ -268,6 +271,9 @@ func overlayFileConfig(dst *service.Config, src fileConfig) {
if strings.TrimSpace(src.RemoteVersion) != "" {
dst.RemoteVersion = strings.TrimSpace(src.RemoteVersion)
}
if len(src.APIKeys) > 0 {
dst.APIKeys = cleanStringSlice(src.APIKeys)
}
if strings.TrimSpace(src.Cwd) != "" {
dst.Cwd = strings.TrimSpace(src.Cwd)
}
@@ -361,6 +367,9 @@ func overlayEnvConfig(dst *service.Config) {
if value := strings.TrimSpace(os.Getenv("LINGMA_REMOTE_VERSION")); value != "" {
dst.RemoteVersion = value
}
if value := strings.TrimSpace(os.Getenv("LINGMA_PROXY_API_KEYS")); value != "" {
dst.APIKeys = splitCSV(value)
}
if value := strings.TrimSpace(os.Getenv("LINGMA_PROXY_CWD")); value != "" {
dst.Cwd = value
}