mirror of
https://github.com/AutoMaker-Org/automaker.git
synced 2026-01-30 22:32:04 +00:00
92195340c6
- Added optional API keys for OpenAI and Cursor to the .env.example file. - Implemented API key validation in CursorProvider to ensure valid keys are used. - Introduced rate limiting in Claude and Codex authentication routes to prevent abuse. - Created secure environment handling for authentication without modifying process.env. - Improved error handling and logging for authentication processes, enhancing user feedback. These changes improve the security and reliability of the authentication mechanisms across the application.
77 lines
2.4 KiB
Plaintext
77 lines
2.4 KiB
Plaintext
# Automaker Server Configuration
|
|
# Copy this file to .env and configure your settings
|
|
|
|
# ============================================
|
|
# REQUIRED
|
|
# ============================================
|
|
|
|
# Your Anthropic API key for Claude models
|
|
ANTHROPIC_API_KEY=sk-ant-...
|
|
|
|
# ============================================
|
|
# OPTIONAL - Additional API Keys
|
|
# ============================================
|
|
|
|
# OpenAI API key for Codex/GPT models
|
|
OPENAI_API_KEY=sk-...
|
|
|
|
# Cursor API key for Cursor models
|
|
CURSOR_API_KEY=...
|
|
|
|
# OAuth credentials for CLI authentication (extracted automatically)
|
|
CLAUDE_OAUTH_CREDENTIALS=
|
|
CURSOR_AUTH_TOKEN=
|
|
|
|
# ============================================
|
|
# OPTIONAL - Security
|
|
# ============================================
|
|
|
|
# API key for authenticating requests (leave empty to disable auth)
|
|
# If set, all API requests must include X-API-Key header
|
|
AUTOMAKER_API_KEY=
|
|
|
|
# Root directory for projects and file operations
|
|
# If set, users can only create/open projects and files within this directory
|
|
# Recommended for sandboxed deployments (Docker, restricted environments)
|
|
# Example: ALLOWED_ROOT_DIRECTORY=/projects
|
|
ALLOWED_ROOT_DIRECTORY=
|
|
|
|
# CORS origin - which domains can access the API
|
|
# Use "*" for development, set specific origin for production
|
|
CORS_ORIGIN=http://localhost:3007
|
|
|
|
# ============================================
|
|
# OPTIONAL - Server
|
|
# ============================================
|
|
|
|
# Port to run the server on
|
|
PORT=3008
|
|
|
|
# Data directory for sessions and metadata
|
|
DATA_DIR=./data
|
|
|
|
# ============================================
|
|
# OPTIONAL - Terminal Access
|
|
# ============================================
|
|
|
|
# Enable/disable terminal access (default: true)
|
|
TERMINAL_ENABLED=true
|
|
|
|
# Password to protect terminal access (leave empty for no password)
|
|
# If set, users must enter this password before accessing terminal
|
|
TERMINAL_PASSWORD=
|
|
|
|
ENABLE_REQUEST_LOGGING=false
|
|
|
|
# ============================================
|
|
# OPTIONAL - Debugging
|
|
# ============================================
|
|
|
|
# Enable raw output logging for agent streams (default: false)
|
|
# When enabled, saves unprocessed stream events to raw-output.jsonl
|
|
# in each feature's directory (.automaker/features/{id}/raw-output.jsonl)
|
|
# Useful for debugging provider streaming issues, improving log parsing,
|
|
# or analyzing how different providers (Claude, Cursor) stream responses
|
|
# Note: This adds disk I/O overhead, only enable when debugging
|
|
AUTOMAKER_DEBUG_RAW_OUTPUT=false
|