mirror of
https://github.com/NanmiCoder/cc-haha
synced 2026-07-16 13:03:31 +08:00
Persist H5 access state in cc-haha managed settings, expose a narrow server API for enable/disable/regenerate/verify flows, and keep token responses sanitized so the raw secret is only returned at generation time. Constraint: H5 config must live in ~/.claude/cc-haha/settings.json and preserve unknown fields Rejected: Store raw token for later display | violates hash-only persistence requirement Confidence: high Scope-risk: narrow Directive: Do not move H5 settings into ~/.claude/settings.json or expose tokenHash through the API Tested: bun test src/server/__tests__/h5-access-service.test.ts src/server/__tests__/h5-access-api.test.ts Not-tested: Full repo typecheck via tsc is blocked locally by missing bun-types and a TS 6 baseUrl deprecation in the current config