yunxiafei/openclaw-mission-control
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: improve session key validation and add lead session key requirement in agent.py

Browse Source
This commit is contained in:
Abhimanyu Saharan
2026-02-09 02:58:46 +05:30
parent e2af067c85
commit 099415cca3
1 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
backend/app/api/agent.py
View File

@@ -70,13 +70,15 @@ from app.services.task_dependencies import (
router = APIRouter(prefix="/agent", tags=["agent"]) router = APIRouter(prefix="/agent", tags=["agent"])
_AGENT_SESSION_PREFIX = "agent:" _AGENT_SESSION_PREFIX = "agent:"
_SESSION_KEY_PARTS_MIN = 2
_LEAD_SESSION_KEY_MISSING = "Lead agent has no session key"
def _gateway_agent_id(agent: Agent) -> str: def _gateway_agent_id(agent: Agent) -> str:
session_key = agent.openclaw_session_id or "" session_key = agent.openclaw_session_id or ""
if session_key.startswith(_AGENT_SESSION_PREFIX): if session_key.startswith(_AGENT_SESSION_PREFIX):
parts = session_key.split(":") parts = session_key.split(":")
if len(parts) >= 2 and parts[1]: if len(parts) >= _SESSION_KEY_PARTS_MIN and parts[1]:
return parts[1] return parts[1]
# Fall back to a stable slug derived from name (matches provisioning behavior). # Fall back to a stable slug derived from name (matches provisioning behavior).
value = agent.name.lower().strip() value = agent.name.lower().strip()
@@ -94,6 +96,13 @@ def _actor(agent_ctx: AgentAuthContext) -> ActorContext:
return ActorContext(actor_type="agent", agent=agent_ctx.agent) return ActorContext(actor_type="agent", agent=agent_ctx.agent)
def _require_lead_session_key(lead: Agent) -> str:
session_key = lead.openclaw_session_id
if not session_key:
raise ValueError(_LEAD_SESSION_KEY_MISSING)
return session_key
def _guard_board_access(agent_ctx: AgentAuthContext, board: Board) -> None: def _guard_board_access(agent_ctx: AgentAuthContext, board: Board) -> None:
if agent_ctx.agent.board_id and agent_ctx.agent.board_id != board.id: if agent_ctx.agent.board_id and agent_ctx.agent.board_id != board.id:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN) raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
@@ -820,8 +829,7 @@ async def broadcast_gateway_lead_message(
user=None, user=None,
action="provision", action="provision",
) )
if not lead.openclaw_session_id: lead_session_key = _require_lead_session_key(lead)
raise ValueError("Lead agent has no session key")
message = ( message = (
f"{header}\n" f"{header}\n"
f"Board: {board.name}\n" f"Board: {board.name}\n"
@@ -834,8 +842,8 @@ async def broadcast_gateway_lead_message(
f'Body: {{"content":"...","tags":{tags_json},"source":"{reply_source}"}}\n' f'Body: {{"content":"...","tags":{tags_json},"source":"{reply_source}"}}\n'
"Do NOT reply in OpenClaw chat." "Do NOT reply in OpenClaw chat."
) )
await ensure_session(lead.openclaw_session_id, config=config, label=lead.name) await ensure_session(lead_session_key, config=config, label=lead.name)
await send_message(message, session_key=lead.openclaw_session_id, config=config) await send_message(message, session_key=lead_session_key, config=config)
results.append( results.append(
GatewayLeadBroadcastBoardResult( GatewayLeadBroadcastBoardResult(
board_id=board.id, board_id=board.id,