Generate gateway token during onboard

2026-04-14 20:47:30 +08:00 · 2026-03-06 17:53:01 +08:00
parent ad7316c9b6
commit 61c46fd710
4 changed files with 54 additions and 1 deletions
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -2,6 +2,8 @@ package config

 import (
 	"bytes"
+	"crypto/rand"
+	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -510,7 +512,7 @@ func DefaultConfig() *Config {
 		Gateway: GatewayConfig{
 			Host:  "0.0.0.0",
 			Port:  18790,
-			Token: "",
+			Token: generateGatewayToken(),
 		},
 		Cron: CronConfig{
 			MinSleepSec:                  1,
@@ -568,6 +570,14 @@ func DefaultConfig() *Config {
 	}
 }

+func generateGatewayToken() string {
+	var buf [16]byte
+	if _, err := rand.Read(buf[:]); err != nil {
+		return ""
+	}
+	return "cg_" + hex.EncodeToString(buf[:])
+}
+
 func LoadConfig(path string) (*Config, error) {
 	cfg := DefaultConfig()

--- a/pkg/config/validate_test.go
+++ b/pkg/config/validate_test.go
@@ -2,6 +2,15 @@ package config

 import "testing"

+func TestDefaultConfigGeneratesGatewayToken(t *testing.T) {
+	t.Parallel()
+
+	cfg := DefaultConfig()
+	if cfg.Gateway.Token == "" {
+		t.Fatalf("expected default gateway token")
+	}
+}
+
 func TestValidateSubagentsAllowsKnownPeers(t *testing.T) {
 	t.Parallel()