mars-nanobot/nanobot-channel-web/README.md

# nanobot-channel-web

A WebChannel plugin for nanobot that exposes chat APIs and validates tokens via an external auth service.

## Features

- `POST /message` to send user text into nanobot
- `GET /events/{chat_id}` Server-Sent Events stream for assistant replies
- `GET /history/{chat_id}` quick history for page refresh
- `GET /health` health check
- Optional external auth (`authEnabled=true` + `authServiceUrl`)
- Optional `apiToken` fallback (`Bearer` header; SSE also supports `?token=`)

## Install

Install in the same Python environment as nanobot:

```bash
cd nanobot-channel-web
pip install -e .
```

Confirm plugin discovery:

```bash
nanobot plugins list
```

You should see `web` from `plugin` source.

## Config

Run `nanobot onboard` once after plugin installation to inject defaults, then edit `~/.nanobot/config.json`:

```json
{
  "channels": {
    "web": {
      "enabled": true,
      "host": "127.0.0.1",
      "port": 9000,
      "allowFrom": ["*"],
      "apiToken": "change-this-token",
      "authEnabled": true,
      "authServiceUrl": "http://127.0.0.1:9100",
      "authServiceTimeoutS": 8,
      "corsOrigin": "*",
      "historySize": 200,
      "pingIntervalS": 15
    }
  }
}
```

If `authEnabled` is true, WebChannel validates bearer tokens by calling:

- `GET {authServiceUrl}/auth/me`

Expected response shape:

```json
{
  "ok": true,
  "user": {"id": 1, "phone": "13800000000"}
}
```

`apiToken` is used only when `authEnabled` is false.

Protected chat endpoints:

- `POST /message`
- `GET /history/{chat_id}`
- `GET /events/{chat_id}`

Use header for normal requests:

```http
Authorization: Bearer change-this-token
```

For native browser `EventSource`, use query param:

```text
/events/web-user?token=change-this-token
```

## Run

```bash
nanobot gateway
```

Then point your frontend to `http://127.0.0.1:9000`.
first commit 2026-03-27 16:10:45 +08:00			`# nanobot-channel-web`

			`A WebChannel plugin for nanobot that exposes chat APIs and validates tokens via an external auth service.`

			`## Features`

			- `POST /message` to send user text into nanobot
			- `GET /events/{chat_id}` Server-Sent Events stream for assistant replies
			- `GET /history/{chat_id}` quick history for page refresh
			- `GET /health` health check
			- Optional external auth (`authEnabled=true` + `authServiceUrl`)
			- Optional `apiToken` fallback (`Bearer` header; SSE also supports `?token=`)

			`## Install`

			`Install in the same Python environment as nanobot:`

			```bash
			`cd nanobot-channel-web`
			`pip install -e .`
			```

			`Confirm plugin discovery:`

			```bash
			`nanobot plugins list`
			```

			You should see `web` from `plugin` source.

			`## Config`

			Run `nanobot onboard` once after plugin installation to inject defaults, then edit `~/.nanobot/config.json`:

			```json
			`{`
			`"channels": {`
			`"web": {`
			`"enabled": true,`
			`"host": "127.0.0.1",`
			`"port": 9000,`
			`"allowFrom": ["*"],`
			`"apiToken": "change-this-token",`
			`"authEnabled": true,`
			`"authServiceUrl": "http://127.0.0.1:9100",`
			`"authServiceTimeoutS": 8,`
			`"corsOrigin": "*",`
			`"historySize": 200,`
			`"pingIntervalS": 15`
			`}`
			`}`
			`}`
			```

			If `authEnabled` is true, WebChannel validates bearer tokens by calling:

			- `GET {authServiceUrl}/auth/me`

			`Expected response shape:`

			```json
			`{`
			`"ok": true,`
			`"user": {"id": 1, "phone": "13800000000"}`
			`}`
			```

			`apiToken` is used only when `authEnabled` is false.

			`Protected chat endpoints:`

			- `POST /message`
			- `GET /history/{chat_id}`
			- `GET /events/{chat_id}`

			`Use header for normal requests:`

			```http
			`Authorization: Bearer change-this-token`
			```

			For native browser `EventSource`, use query param:

			```text
			`/events/web-user?token=change-this-token`
			```

			`## Run`

			```bash
			`nanobot gateway`
			```

			Then point your frontend to `http://127.0.0.1:9000`.