openclaw-mission-control

yunxiafei/openclaw-mission-control

Fork 0

Commit Graph

Author	SHA1	Message	Date
Abhimanyu Saharan	fb8a932923	fix(security): Close review follow-up gaps Rate-limit the optional agent bearer path after user auth resolution so mixed user/agent routes no longer leave an unthrottled PBKDF2 path. Stop logging token prefixes on agent auth failures and require a locally supplied token for backend/.env.test instead of committing one. Update tests and docs to cover agent bearer fallback, configurable webhook signature headers, and the operator-facing security settings added by the hardening work. Co-Authored-By: Claude <noreply@anthropic.com>	2026-03-07 23:40:50 +05:30
Abhimanyu Saharan	532fbf1dc5	feat(config): make BASE_URL a required field and update related documentation	2026-03-05 01:36:07 +05:30
Abhimanyu Saharan	571b4844d9	feat: update local authentication mode to require a non-placeholder token of at least 50 characters	2026-02-11 19:40:33 +05:30

Author

SHA1

Message

Date

Abhimanyu Saharan

fb8a932923

fix(security): Close review follow-up gaps

Rate-limit the optional agent bearer path after user auth resolution so mixed user/agent routes no longer leave an unthrottled PBKDF2 path. Stop logging token prefixes on agent auth failures and require a locally supplied token for backend/.env.test instead of committing one.

Update tests and docs to cover agent bearer fallback, configurable webhook signature headers, and the operator-facing security settings added by the hardening work.

Co-Authored-By: Claude <noreply@anthropic.com>

2026-03-07 23:40:50 +05:30

Abhimanyu Saharan

532fbf1dc5

feat(config): make BASE_URL a required field and update related documentation

2026-03-05 01:36:07 +05:30

Abhimanyu Saharan

571b4844d9

feat: update local authentication mode to require a non-placeholder token of at least 50 characters

2026-02-11 19:40:33 +05:30

3 Commits