@pimzino/claude-code-spec-workflow/dist/dashboard/tunnel/access-controller.d.ts

Automated workflows for Claude Code. Includes spec-driven development (Requirements → Design → Tasks → Implementation) with intelligent task execution, optional steering documents and streamlined bug fix workflow (Report → Analyze → Fix → Verify). We have

import { FastifyRequest, FastifyReply } from 'fastify';
import { WebSocket } from 'ws';
export interface AccessControlOptions {
    readOnlyMode: boolean;
    password?: string;
    rateLimitAttempts?: number;
    rateLimitWindow?: number;
}
export declare class AccessController {
    private _options;
    private passwords;
    private rateLimits;
    private readOnlySessions;
    private sessions;
    private readonly MAX_ATTEMPTS;
    private readonly RATE_LIMIT_WINDOW;
    private readonly SESSION_DURATION;
    constructor(_options?: AccessControlOptions);
    /**
     * Set password for a tunnel
     */
    setPassword(tunnelId: string, password: string): void;
    /**
     * Validate password for a tunnel
     */
    validatePassword(tunnelId: string, password: string, clientIp?: string): boolean;
    /**
     * Middleware to enforce read-only access
     */
    enforceReadOnly: (req: FastifyRequest, reply: FastifyReply) => Promise<void>;
    /**
     * Create a read-only WebSocket wrapper
     */
    wrapWebSocketForReadOnly(socket: WebSocket, sessionId: string): void;
    /**
     * Check if a session is read-only
     */
    isReadOnlySession(sessionId: string): boolean;
    /**
     * Filter WebSocket messages for read-only mode
     */
    private filterWebSocketMessage;
    /**
     * Hash password using SHA-256
     */
    private hashPassword;
    /**
     * Check rate limit for an IP
     */
    private checkRateLimit;
    /**
     * Increment rate limit counter
     */
    private incrementRateLimit;
    /**
     * Clean up expired rate limit entries
     */
    cleanupRateLimits(): void;
    /**
     * Create a new session after successful authentication
     */
    createSession(tunnelId: string): string;
    /**
     * Validate a session token
     */
    validateSession(sessionToken: string, tunnelId: string): boolean;
    /**
     * Clean up expired sessions
     */
    private cleanupSessions;
    /**
     * Get access statistics
     */
    getStats(): {
        activeSessions: number;
        authenticatedSessions: number;
        protectedTunnels: number;
        rateLimitedIps: number;
    };
}
//# sourceMappingURL=access-controller.d.ts.map