# nanobot-channel-web

A WebChannel plugin for nanobot that exposes chat APIs and validates tokens via an external auth service.

## Features

- `POST /message` to send user text into nanobot
- `GET /events/{chat_id}` Server-Sent Events stream for assistant replies
- `GET /history/{chat_id}` quick history for page refresh
- `GET /health` health check
- Optional external auth (`authEnabled=true` + `authServiceUrl`)
- Optional `apiToken` fallback (`Bearer` header; SSE also supports `?token=`)

## Install

Install in the same Python environment as nanobot:

```bash
cd nanobot-channel-web
pip install -e .
```

Confirm plugin discovery:

```bash
nanobot plugins list
```

You should see `web` from `plugin` source.

## Config

Run `nanobot onboard` once after plugin installation to inject defaults, then edit `~/.nanobot/config.json`:

```json
{
  "channels": {
    "web": {
      "enabled": true,
      "host": "127.0.0.1",
      "port": 9000,
      "allowFrom": ["*"],
      "apiToken": "change-this-token",
      "authEnabled": true,
      "authServiceUrl": "http://127.0.0.1:9100",
      "authServiceTimeoutS": 8,
      "corsOrigin": "*",
      "historySize": 200,
      "pingIntervalS": 15
    }
  }
}
```

If `authEnabled` is true, WebChannel validates bearer tokens by calling:

- `GET {authServiceUrl}/auth/me`

Expected response shape:

```json
{
  "ok": true,
  "user": {"id": 1, "phone": "13800000000"}
}
```

`apiToken` is used only when `authEnabled` is false.

Protected chat endpoints:

- `POST /message`
- `GET /history/{chat_id}`
- `GET /events/{chat_id}`

Use header for normal requests:

```http
Authorization: Bearer change-this-token
```

For native browser `EventSource`, use query param:

```text
/events/web-user?token=change-this-token
```

## Run

```bash
nanobot gateway
```

Then point your frontend to `http://127.0.0.1:9000`.