Add API key authentication for proxy endpoints.

Support multiple API keys from config, env, and CLI, enforce auth on non-public endpoints, and pass keys through remote deploy verification. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-08 13:08:27 +08:00
parent c1a0fe2949
commit 450faefaf9
8 changed files with 229 additions and 2 deletions
--- a/config.example.json
+++ b/config.example.json
@@ -22,6 +22,10 @@
  "pipe": "",
  "websocket_url": "",
  "remote_auth_file": "/secrets/credentials.json",
+  "api_keys": [
+    "replace-with-long-random-key-1",
+    "replace-with-long-random-key-2"
+  ],
  "lingma_bootstrap_enabled": true,
  "lingma_source_type": "marketplace",
  "lingma_vsix_url": "",