fix(TUI): make tui work when OPENCODE_SERVER_PASSWORD is set (#8179)

1 files changed, 16 insertions, 1 deletions

diff --git a/packages/opencode/src/cli/cmd/tui/worker.ts b/packages/opencode/src/cli/cmd/tui/worker.ts
index 343a5a310..e63f10ba8 100644
--- a/packages/opencode/src/cli/cmd/tui/worker.ts
+++ b/packages/opencode/src/cli/cmd/tui/worker.ts
@@ -9,6 +9,7 @@ import { Config } from "@/config/config"
 import { GlobalBus } from "@/bus/global"
 import { createOpencodeClient, type Event } from "@opencode-ai/sdk/v2"
 import type { BunWebSocketData } from "hono/bun"
+import { Flag } from "@/flag/flag"
 
 await Log.init({
   print: process.argv.includes("--print-logs"),
@@ -50,6 +51,8 @@ const startEventStream = (directory: string) => {
 
   const fetchFn = (async (input: RequestInfo | URL, init?: RequestInit) => {
     const request = new Request(input, init)
+    const auth = getAuthorizationHeader()
+    if (auth) request.headers.set("Authorization", auth)
     return Server.App().fetch(request)
   }) as typeof globalThis.fetch
 
@@ -95,9 +98,14 @@ startEventStream(process.cwd())
 
 export const rpc = {
   async fetch(input: { url: string; method: string; headers: Record<string, string>; body?: string }) {
+    const headers = { ...input.headers }
+    const auth = getAuthorizationHeader()
+    if (auth && !headers["authorization"] && !headers["Authorization"]) {
+      headers["Authorization"] = auth
+    }
     const request = new Request(input.url, {
       method: input.method,
-      headers: input.headers,
+      headers,
       body: input.body,
     })
     const response = await Server.App().fetch(request)
@@ -135,3 +143,10 @@ export const rpc = {
 }
 
 Rpc.listen(rpc)
+
+function getAuthorizationHeader(): string | undefined {
+  const password = Flag.OPENCODE_SERVER_PASSWORD
+  if (!password) return undefined
+  const username = Flag.OPENCODE_SERVER_USERNAME ?? "opencode"
+  return `Basic ${btoa(`${username}:${password}`)}`
+}