local-mcp

cabbage/local-mcp

Fork 0

Commit Graph

Author	SHA1	Message	Date
Brandon Zhang	93bce1521b	feat(ui): add quick shortcuts panel with add/edit/delete support Adds a compact shortcuts row inside the composer panel for one-click instruction queuing, with full lifecycle management stored in localStorage. Features -------- - Six built-in defaults (Stop, Summarize, Explain error, Undo, Continue, etc.) - Click any chip → instantly POSTs to /api/instructions, no typing required - Cyan border pulse on fire; green glow flash on success - Edit mode (toggle button in header): - Per-chip edit (✏) button → replaces chip with inline input, Enter to save - Per-chip delete (✕) button → removes with vanish animation - '+ Add' chip → inline form appended below rail - All changes persisted to localStorage key 'local-mcp-shortcuts' - Accessible: button elements, aria-labels, keyboard support (Enter/Escape) Files ----- - static/js/shortcuts.js new module (loadShortcuts, renderShortcuts, startInlineEdit, showAddPrompt, initShortcuts) - static/index.html #shortcuts-container inside composer .panel-body - static/js/app.js import + initShortcuts() in bootstrap() - static/css/components.css .shortcuts-container, .shortcut-chip variants, .shortcut-inline-edit, keyframes chip-fire/sent/vanish	2026-03-27 13:55:22 +08:00
cabbage	009fd039a2	feat: optional Bearer-token authentication via API_TOKEN env var Disabled by default (empty API_TOKEN). When set: - All /api/* and /mcp requests require: Authorization: Bearer <token> - Public exemptions: /, /healthz, /static/*, /auth-check - Web UI: pre-flight /auth-check on load; shows token modal if required - Token stored in sessionStorage, sent on every API request - Mid-session 401s re-trigger the token modal - MCP clients must pass the header: Authorization: Bearer <token> Files changed: - app/config.py: api_token field + API_TOKEN env var - app/api/auth.py: Starlette BaseHTTPMiddleware for token enforcement - main.py: register middleware + /auth-check public endpoint - static/js/api.js: token storage, auth header, 401 handler hook - static/js/app.js: auth pre-flight, showTokenModal(), bootstrap() - static/css/components.css: .auth-overlay / .auth-card styles - README.md: API_TOKEN env var docs + MCP client header example	2026-03-27 04:28:12 +08:00
cabbage	86eba27a24	init	2026-03-27 03:58:57 +08:00

Author

SHA1

Message

Date

Brandon Zhang

93bce1521b

feat(ui): add quick shortcuts panel with add/edit/delete support

Adds a compact shortcuts row inside the composer panel for one-click
instruction queuing, with full lifecycle management stored in localStorage.
Features
--------
- Six built-in defaults (Stop, Summarize, Explain error, Undo, Continue, etc.)
- Click any chip → instantly POSTs to /api/instructions, no typing required
  - Cyan border pulse on fire; green glow flash on success
- Edit mode (toggle button in header):
  - Per-chip edit (✏) button → replaces chip with inline input, Enter to save
  - Per-chip delete (✕) button → removes with vanish animation
  - '+ Add' chip → inline form appended below rail
- All changes persisted to localStorage key 'local-mcp-shortcuts'
- Accessible: button elements, aria-labels, keyboard support (Enter/Escape)
Files
-----
- static/js/shortcuts.js   new module (loadShortcuts, renderShortcuts,
                           startInlineEdit, showAddPrompt, initShortcuts)
- static/index.html        #shortcuts-container inside composer .panel-body
- static/js/app.js         import + initShortcuts() in bootstrap()
- static/css/components.css .shortcuts-container, .shortcut-chip variants,
                           .shortcut-inline-edit, keyframes chip-fire/sent/vanish

2026-03-27 13:55:22 +08:00

cabbage

009fd039a2

feat: optional Bearer-token authentication via API_TOKEN env var

Disabled by default (empty API_TOKEN). When set:
- All /api/* and /mcp requests require: Authorization: Bearer <token>
- Public exemptions: /, /healthz, /static/*, /auth-check
- Web UI: pre-flight /auth-check on load; shows token modal if required
- Token stored in sessionStorage, sent on every API request
- Mid-session 401s re-trigger the token modal
- MCP clients must pass the header: Authorization: Bearer <token>
Files changed:
- app/config.py: api_token field + API_TOKEN env var
- app/api/auth.py: Starlette BaseHTTPMiddleware for token enforcement
- main.py: register middleware + /auth-check public endpoint
- static/js/api.js: token storage, auth header, 401 handler hook
- static/js/app.js: auth pre-flight, showTokenModal(), bootstrap()
- static/css/components.css: .auth-overlay / .auth-card styles
- README.md: API_TOKEN env var docs + MCP client header example

2026-03-27 04:28:12 +08:00

cabbage

86eba27a24

init

2026-03-27 03:58:57 +08:00

3 Commits