add gateway token-based node registration over host:port and shared nodes manager

pkg/agent/loop.go

@@ -77,7 +77,7 @@ func NewAgentLoop(cfg *config.Config, msgBus *bus.MessageBus, provider providers
 	toolsRegistry.Register(tools.NewAliasTool("edit", "Edit file content (OpenClaw-compatible alias of edit_file)", tools.NewEditFileTool(workspace), map[string]string{"file_path": "path", "old_string": "oldText", "new_string": "newText"}))
 	toolsRegistry.Register(tools.NewExecTool(cfg.Tools.Shell, workspace, processManager))
 	toolsRegistry.Register(tools.NewProcessTool(processManager))
-	nodesManager := nodes.NewManager()
+	nodesManager := nodes.DefaultManager()
 	nodesManager.Upsert(nodes.NodeInfo{ID: "local", Name: "local", Capabilities: nodes.Capabilities{Run: true, Invoke: true, Camera: true, Screen: true, Location: true, Canvas: true}, Online: true})
 	nodesManager.RegisterHandler("local", func(req nodes.Request) nodes.Response {
 		switch req.Action {

pkg/config/config.go

@@ -194,8 +194,9 @@ type ProviderConfig struct {
 }
 
 type GatewayConfig struct {
-	Host string `json:"host" env:"CLAWGO_GATEWAY_HOST"`
-	Port int    `json:"port" env:"CLAWGO_GATEWAY_PORT"`
+	Host  string `json:"host" env:"CLAWGO_GATEWAY_HOST"`
+	Port  int    `json:"port" env:"CLAWGO_GATEWAY_PORT"`
+	Token string `json:"token" env:"CLAWGO_GATEWAY_TOKEN"`
 }
 
 type CronConfig struct {
@@ -423,8 +424,9 @@ func DefaultConfig() *Config {
 			Proxies: map[string]ProviderConfig{},
 		},
 		Gateway: GatewayConfig{
-			Host: "0.0.0.0",
-			Port: 18790,
+			Host:  "0.0.0.0",
+			Port:  18790,
+			Token: "",
 		},
 		Cron: CronConfig{
 			MinSleepSec:                  1,

pkg/nodes/manager.go

@@ -16,6 +16,10 @@ type Manager struct {
 	handlers map[string]Handler
 }
 
+var defaultManager = NewManager()
+
+func DefaultManager() *Manager { return defaultManager }
+
 func NewManager() *Manager {
 	return &Manager{nodes: map[string]NodeInfo{}, handlers: map[string]Handler{}}
 }

pkg/nodes/registry_server.go

@@ -0,0 +1,75 @@
+package nodes
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+)
+
+type RegistryServer struct {
+	addr   string
+	token  string
+	mgr    *Manager
+	server *http.Server
+}
+
+func NewRegistryServer(host string, port int, token string, mgr *Manager) *RegistryServer {
+	addr := strings.TrimSpace(host)
+	if addr == "" {
+		addr = "0.0.0.0"
+	}
+	if port <= 0 {
+		port = 7788
+	}
+	return &RegistryServer{addr: fmt.Sprintf("%s:%d", addr, port), token: strings.TrimSpace(token), mgr: mgr}
+}
+
+func (s *RegistryServer) Start(ctx context.Context) error {
+	if s.mgr == nil {
+		return nil
+	}
+	mux := http.NewServeMux()
+	mux.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusOK)
+		_, _ = w.Write([]byte("ok"))
+	})
+	mux.HandleFunc("/nodes/register", s.handleRegister)
+	s.server = &http.Server{Addr: s.addr, Handler: mux}
+	go func() {
+		<-ctx.Done()
+		shutdownCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+		_ = s.server.Shutdown(shutdownCtx)
+	}()
+	go func() { _ = s.server.ListenAndServe() }()
+	return nil
+}
+
+func (s *RegistryServer) handleRegister(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+	if s.token != "" {
+		auth := strings.TrimSpace(r.Header.Get("Authorization"))
+		if auth != "Bearer "+s.token {
+			http.Error(w, "unauthorized", http.StatusUnauthorized)
+			return
+		}
+	}
+	var n NodeInfo
+	if err := json.NewDecoder(r.Body).Decode(&n); err != nil {
+		http.Error(w, "invalid json", http.StatusBadRequest)
+		return
+	}
+	if strings.TrimSpace(n.ID) == "" {
+		http.Error(w, "id required", http.StatusBadRequest)
+		return
+	}
+	s.mgr.Upsert(n)
+	w.Header().Set("Content-Type", "application/json")
+	_ = json.NewEncoder(w).Encode(map[string]interface{}{"ok": true, "id": n.ID})
+}