hook

package
v0.2.4-dev Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 8, 2026 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Overview

Package hook serves the Web-modal "Allow" path for shell-hook rc wiring.

Per 20260507-web-hook-rc-modal-自动注入.md: when the user clicks "Allow" in the <HookReadinessBanner>'s confirmation modal, the SPA POSTs to /api/user/hook/install. We forward the request to the CLI bridge (`aikey _internal hook-op wire-rc`), which actually writes the marker block into ~/.zshrc / ~/.bashrc.

**Edition guard**: this handler is only mounted on local-user / trial-full editions — see userapi.Handlers.RegisterHook. Production multi-tenant deployments don't expose this route at all because the cli bridge would be writing the *server's* dotfiles, not the user's terminal.

Auth: route is mounted behind the same authMW as vault CRUD; vault unlock is NOT required because the wire-rc op only touches files under the user's $HOME and never derives a vault key.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Handlers

type Handlers struct {
	Bridge *cli.Bridge
	Logger *slog.Logger
}

Handlers exposes the HTTP surface for hook-op actions.

Currently the only action is wire-rc (POST /api/user/hook/install). Future additions (uninstall-rc, status-rc) plug in here.

func NewHandlers

func NewHandlers(bridge *cli.Bridge, logger *slog.Logger) *Handlers

NewHandlers constructs a hook Handlers bundle. Logger may be nil.

func (*Handlers) InstallHandler

func (h *Handlers) InstallHandler(w http.ResponseWriter, r *http.Request)

InstallHandler implements POST /api/user/hook/install.

Forwards to `aikey _internal hook-op` action=`wire-rc`. The cli always returns status=ok with a data envelope of three fields:

hook_file_installed: bool
hook_rc_wired:       bool
hook_failure_reason: string|null

— symmetric with the vault-op envelope's hook fields, so the SPA's existing setReadiness handler covers it without a separate adapter.

Failure modes (each surfaced via hook_failure_reason in the body, with HTTP still 200):

  • "aikey_no_hook" — env var AIKEY_NO_HOOK=1 (user opted out)
  • "shell_undetectable" — $SHELL is neither zsh nor bash
  • "home_unset" — $HOME / $USERPROFILE both missing (rare)
  • "io_error" — fs error during file write

HTTP-level errors (cli not found, timeout, malformed reply, unparseable envelope) flow through cli.WriteInvokeError / WriteCliError and get proper 4xx/5xx codes — those are infrastructure failures, not the "operation completed but rc could not be wired" semantic.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL