Fix auth

Author: hcastc00

entrypoint.sh

@@ -13,15 +13,18 @@ mkdir -p "$OPENCLAW_DIR/canvas" "$OPENCLAW_DIR/cron" "$OPENCLAW_DIR/workspace" "
 CONFIG_FILE="$OPENCLAW_DIR/openclaw.json"
 if [ ! -f "$CONFIG_FILE" ]; then
     echo "Creating default OpenClaw config..."
-    cat > "$CONFIG_FILE" << 'EOF'
+    cat > "$CONFIG_FILE" << EOF
 {
   "gateway": {
-    "bind": "lan",
     "port": 18789,
+    "bind": "lan",
     "controlUi": {
       "dangerouslyAllowHostHeaderOriginFallback": true,
       "allowInsecureAuth": true,
       "dangerouslyDisableDeviceAuth": true
+    },
+    "auth": {
+      "token": "${OPENCLAW_GATEWAY_TOKEN:-openclaw}"
     }
   }
 }
@@ -31,25 +34,22 @@ else
 const fs = require('fs');
 const JSON5 = require('json5');
 const configPath = '$CONFIG_FILE';
+const envToken = process.env.OPENCLAW_GATEWAY_TOKEN || 'openclaw';
 try {
   const config = JSON5.parse(fs.readFileSync(configPath, 'utf8'));
-  const cui = ((config.gateway = config.gateway || {}).controlUi = config.gateway.controlUi || {});
-  const gw = config.gateway;
+  const gw = (config.gateway = config.gateway || {});
+  const cui = (gw.controlUi = gw.controlUi || {});
+  const auth = (gw.auth = gw.auth || {});
   let changed = false;
-  if (!('bind' in gw)) { gw.bind = 'lan'; changed = true; }
-  if (!('port' in gw)) { gw.port = 18789; changed = true; }
+  if (gw.port !== 18789) { gw.port = 18789; changed = true; }
+  if (gw.bind !== 'lan') { gw.bind = 'lan'; changed = true; }
   if (!('dangerouslyAllowHostHeaderOriginFallback' in cui) && !('allowedOrigins' in cui)) {
     cui.dangerouslyAllowHostHeaderOriginFallback = true;
     changed = true;
   }
-  if (!('allowInsecureAuth' in cui)) {
-    cui.allowInsecureAuth = true;
-    changed = true;
-  }
-  if (!('dangerouslyDisableDeviceAuth' in cui)) {
-    cui.dangerouslyDisableDeviceAuth = true;
-    changed = true;
-  }
+  if (!('allowInsecureAuth' in cui)) { cui.allowInsecureAuth = true; changed = true; }
+  if (!('dangerouslyDisableDeviceAuth' in cui)) { cui.dangerouslyDisableDeviceAuth = true; changed = true; }
+  if (auth.token !== envToken) { auth.token = envToken; changed = true; }
   if (changed) {
     fs.writeFileSync(configPath, JSON.stringify(config, null, 2));
     console.log('Updated OpenClaw config for DAppNode HTTP deployment');