From 7ca767de55c50f47bbace107619d79586c1c53d7 Mon Sep 17 00:00:00 2001 From: Dax Raad Date: Mon, 12 Jan 2026 15:43:48 -0500 Subject: core: fix HTTP exception handling order to prevent NamedError from masking HTTP exceptions docs: add OPENCODE_PASSWORD environment variable documentation for basic auth --- packages/web/src/content/docs/server.mdx | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'packages/web/src/content/docs/server.mdx') diff --git a/packages/web/src/content/docs/server.mdx b/packages/web/src/content/docs/server.mdx index a61d7bae1..a123acb15 100644 --- a/packages/web/src/content/docs/server.mdx +++ b/packages/web/src/content/docs/server.mdx @@ -33,6 +33,16 @@ opencode serve --cors http://localhost:5173 --cors https://app.example.com --- +### Authentication + +Set `OPENCODE_PASSWORD` to protect the server with HTTP basic auth. The username is always `opencode`, and the password is the value of `OPENCODE_PASSWORD`. This applies to both `opencode serve` and `opencode web`. + +```bash +OPENCODE_PASSWORD=your-password opencode serve +``` + +--- + ### How it works When you run `opencode` it starts a TUI and a server. Where the TUI is the -- cgit v1.2.3