diff options
| author | Kit Langton <[email protected]> | 2026-05-03 22:56:14 -0400 |
|---|---|---|
| committer | GitHub <[email protected]> | 2026-05-03 22:56:14 -0400 |
| commit | 7bc26dafae09d326a0f66d2b69b379bc19b3b26e (patch) | |
| tree | 1684c2f53ff22edd05039bfb3a08bb2eb3daf652 /packages/app/src/components | |
| parent | ce89bcb8e238401ea8fee000dc54539057d47dc4 (diff) | |
| download | opencode-7bc26dafae09d326a0f66d2b69b379bc19b3b26e.tar.gz opencode-7bc26dafae09d326a0f66d2b69b379bc19b3b26e.zip | |
feat(server): pty websocket auth tickets (#25660)
Diffstat (limited to 'packages/app/src/components')
| -rw-r--r-- | packages/app/src/components/terminal.tsx | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/packages/app/src/components/terminal.tsx b/packages/app/src/components/terminal.tsx index d4212e32e..7bcc02d62 100644 --- a/packages/app/src/components/terminal.tsx +++ b/packages/app/src/components/terminal.tsx @@ -479,6 +479,21 @@ export const Terminal = (props: TerminalProps) => { return false }) + const connectToken = async () => { + const result = await client.pty.connectToken( + { ptyID: id }, + { + throwOnError: false, + headers: { "x-opencode-ticket": "1" }, + }, + ) + if (result.response.status === 200 && result.data?.ticket) return result.data.ticket + if ((result.response.status === 404 || result.response.status === 405) && password) return + if (result.response.status === 403) + throw new Error("PTY connect ticket rejected by origin or CSRF checks. Check the server CORS config.") + throw new Error(`PTY connect ticket failed with ${result.response.status}`) + } + const retry = (err: unknown) => { if (disposed) return if (reconn !== undefined) return @@ -498,16 +513,24 @@ export const Terminal = (props: TerminalProps) => { }, ms) } - const open = () => { + const open = async () => { if (disposed) return drop?.() + const ticket = await connectToken().catch((err) => { + fail(err) + return undefined + }) + if (once.value) return + if (disposed) return + const socket = new WebSocket( terminalWebSocketURL({ url, id, directory, cursor: seek, + ticket, sameOrigin, username, password, |
