feat: add credential server for secure API key storage

Lembotrequested to merge
feature/credential-server into main

Summary

Implements a credential server that stores API keys server-side, eliminating the need to store credentials in the browser. This addresses the security concern that service worker separation is not enough to protect API keys from XSS attacks.

Architecture

Main Thread              Web Worker              Credential Server        AI Provider
     │                       │                          │                      │
     ├─ postMessage ────────>│                          │                      │
     │                       ├─ fetch (+ cookie) ──────>│                      │
     │                       │                          ├─ decrypt creds       │
     │                       │                          ├─ fetch ─────────────>│
     │                       │                          │<─ response ──────────┤
     │                       │<─ response ──────────────┤                      │
     │<─ postMessage ────────┤                          │                      │

Key Changes

  • New credential server (src/credential-server/)

    • SQLite storage with encrypted credentials (AES-256-GCM)
    • Setup page for API key entry (/setup)
    • Proxy endpoint for API requests (/proxy)
    • HTTP-only cookies for session management

  • ProxiedAnthropicProvider (src/providers/ProxiedAnthropicProvider.ts)

    • Routes requests through credential server instead of directly to Anthropic
    • Handles session authentication via cookies

  • Worker initialization

    • Added INIT command to configure credential server URL
    • Worker uses ProxiedAnthropicProvider when URL is configured

  • Docker support (docker/credential-server/)

    • New Dockerfile and server.js entry point
    • Volume mount for persistent SQLite database

Usage

  1. Deploy credential server with CREDENTIAL_ENCRYPTION_SECRET env var
  2. Initialize ai-delegate with credentialServerUrl option: 
    await AiDelegate.init({
  endpoint: '/ai-delegate',
  credentialServerUrl: 'https://creds.example.com'
});
  3. Users visit /setup on the credential server to enter their API key
  4. Subsequent requests use session cookies automatically

Test Plan

  • Build passes
  • Credential server starts successfully
  • Setup page accepts and stores API key
  • Proxy endpoint forwards requests correctly
  • Session cookies work across requests

Closes #2 (closed)

🤖 Generated with Claude Code

Merge request reports