mikael-lovqvists-claude-agent/claude-code-conduit
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
19e57f4e3eeb24c5ed7729f9c333f8cd102fb88a
claude-code-conduit/client/auth.mjs
mikael-lovqvists-claude-agent 67c1c3f9a4 Add HMAC auth, user permissions, snake_case rename 
Each request is signed with HMAC-SHA256 over timestamp+body using a
per-user secret loaded from a --secrets file (never env vars or git).
Users have a canApprove list controlling who may approve queued actions.
Queue entries track submitted_by for permission checks on approve/deny.

Also renames all identifiers to snake_case throughout the codebase.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-07 20:18:41 +00:00

14 lines
369 B
JavaScript
Raw Blame History

import { createHmac } from "crypto";
export function sign_request(secret, username, body_string) {
const timestamp = String(Date.now());
const signature = createHmac("sha256", secret)
.update(timestamp + "." + body_string)
.digest("hex");
return {
"X-Conduit-User": username,
"X-Conduit-Timestamp": timestamp,
"X-Conduit-Signature": signature,
};
}
Reference in New Issue View Git Blame Copy Permalink