mikael-lovqvists-claude-agent/claude-code-conduit
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0d1e25019eaa8ee65ed323252f30b7dfff2d3b2a
claude-code-conduit/server/queue.mjs
mikael-lovqvists-claude-agent 67c1c3f9a4 Add HMAC auth, user permissions, snake_case rename 
Each request is signed with HMAC-SHA256 over timestamp+body using a
per-user secret loaded from a --secrets file (never env vars or git).
Users have a canApprove list controlling who may approve queued actions.
Queue entries track submitted_by for permission checks on approve/deny.

Also renames all identifiers to snake_case throughout the codebase.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-07 20:18:41 +00:00

42 lines
1021 B
JavaScript
Raw Blame History

import { randomUUID } from "crypto";
const pending = new Map();
export function enqueue(action, params, submitted_by) {
const id = randomUUID();
const entry = {
id,
action,
params,
submitted_by,
status: "pending",
created_at: new Date().toISOString(),
};
pending.set(id, entry);
console.log(`\n[QUEUE] New request #${id.slice(0, 8)}`);
console.log(` Action: ${action}`);
console.log(` Params: ${JSON.stringify(params)}`);
console.log(` Submitted by: ${submitted_by}`);
console.log(` Approve: POST /queue/${id}/approve`);
console.log(` Deny: POST /queue/${id}/deny\n`);
return id;
}
export function get_entry(id) {
return pending.get(id) ?? null;
}
export function list_pending() {
return [...pending.values()].filter((e) => e.status === "pending");
}
export function resolve(id, decision) {
const entry = pending.get(id);
if (!entry) {
return null;
}
entry.status = decision; // "approved" | "denied"
entry.resolved_at = new Date().toISOString();
return entry;
}
Reference in New Issue View Git Blame Copy Permalink