fix: base64-encode Patchmon Basic auth credentials server-side

Patchmon's API uses standard RFC 7617 Basic auth — `Basic base64(token_key:token_secret)`. The handler was sending the api_token field verbatim, so it only worked if the user had manually base64-encoded the credential. After a Patchmon upgrade, the sync started returning HTML (the SPA, served when auth is rejected) and failing with "Unexpected token '<'" on JSON.parse. Now: if the token contains ':' (raw key:secret), encode it server-side; otherwise pass through unchanged for backward compatibility. UI gets a placeholder hint showing the expected format. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-30 18:33:41 -04:00
parent 64eacb28d2
commit efa1750cac
2 changed files with 9 additions and 1 deletions
@@ -539,6 +539,7 @@ function _renderJobConfigFields(key, cfg) {
    </div>`;
  if (key === 'patchmon_sync' || key === 'semaphore_sync') {
    const label = key === 'semaphore_sync' ? 'API Token (Bearer)' : 'API Token (Basic)';
+    const tokenPlaceholder = key === 'patchmon_sync' ? 'token_key:token_secret' : '';
    return `
    <div class="form-group">
      <label class="form-label" for="job-cfg-api-url">API URL</label>
@@ -548,6 +549,7 @@ function _renderJobConfigFields(key, cfg) {
    <div class="form-group">
      <label class="form-label" for="job-cfg-api-token">${label}</label>
      <input class="form-input" id="job-cfg-api-token" type="password"
+        placeholder="${tokenPlaceholder}"
        value="${esc(cfg.api_token ?? '')}">
    </div>`;
  }