Skip to content

feat(store): share cookies across clients on same provider+key#2

Merged
millaguie merged 1 commit into
mainfrom
feat/cookie-sharing
May 30, 2026
Merged

feat(store): share cookies across clients on same provider+key#2
millaguie merged 1 commit into
mainfrom
feat/cookie-sharing

Conversation

@millaguie

Copy link
Copy Markdown
Owner

Summary

  • Cookie-bearing providers (xiaomi, crofai, opencode_go) gain a merge_credentials_from(other) hook
  • Store.register_instance calls it on every re-registration, so an empty-cookie client now inherits the cookie from a peer sharing the same (provider, api_key) fingerprint instead of clobbering it
  • Also fixes the ruff format failure on tests/test_xiaomi.py that blocked CI on the previous merge to main

Motivation

A programmatic client (CI worker) keeps a session cookie fresh; a desktop client (Stream Deck plugin) re-registers without one — its browser auto-extract came up empty because the user logged out of that browser — and now keeps using the cookie the CI worker injected, instead of going "unauthenticated" until somebody hands it a fresh one.

The fingerprint already dedupes both clients into a single ProviderEntry. The dedup branch in Store.register_instance already does the "newer wins" swap; we just teach it to merge credentials first, so empty fields on the newcomer borrow from the existing holder.

Test plan

  • ruff check . clean
  • ruff format --check . clean
  • pytest — 240 tests pass locally
  • New tests cover both directions: empty inherits, present keeps own value
  • Existing test_re_register_same_key_refreshes_provider_config still passes — the "new provider wins after merge" contract is preserved

When two sentinel clients register against the same (provider_name,
api_key) fingerprint, the second registration now inherits any cookie
the first one provided instead of clobbering it with an empty value.

Use case: a programmatic client (CI worker) keeps the cookie fresh; a
desktop client (Stream Deck plugin) re-registers without one — e.g. its
browser auto-extract came up empty because the user logged out — and
now keeps using the cookie the CI worker injected, instead of going
"unauthenticated" until it gets a fresh one.

Implementation:
  - ``UsageProvider.merge_credentials_from(other)`` no-op base method.
  - Override in xiaomi / crofai / opencode_go to copy non-empty
    session_cookie / auth_cookie / workspace_id from the previous
    pool holder when the new instance left those fields empty.
  - ``Store.register_instance`` calls it on every re-registration
    before swapping the provider object in.

Also fixes the lint failure that blocked CI for the xiaomi commit
(tests/test_xiaomi.py: ``ruff format``).
@millaguie millaguie merged commit 08605eb into main May 30, 2026
3 checks passed
@millaguie millaguie deleted the feat/cookie-sharing branch May 30, 2026 17:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant