API Authentication (v4.2.1):
- API key auth via X-API-Key header
- Keys hashed (SHA-256) and stored in ~/.stegasoo/api_keys.json
- Auth disabled when no keys configured
- Protected endpoints: encode, decode, generate, channel/*, compare, etc.
- Public endpoints: /, /docs, /modes, /auth/status, /channel/status
TLS Support:
- Auto-generates self-signed certs on first run
- Certs include localhost, local IPs, hostname.local
- Stored in ~/.stegasoo/certs/
CLI Commands:
- stegasoo api keys list/create/delete
- stegasoo api tls generate/info
- stegasoo api serve (starts with TLS by default)
Updated systemd service to use TLS.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
CLI generate command:
- --qr <file.png|jpg> to save RSA key as QR image
- --qr-ascii to print ASCII QR code to terminal
API endpoints:
- POST /generate-key-qr - generate QR from key_pem
- Supports png, jpg, and ascii output formats
- Uses zstd compression by default
- Added has_qrcode_write to /capabilities
Core:
- generate_qr_code() now supports jpg/jpeg output format
- New generate_qr_ascii() for terminal display
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Added run_in_thread() helper using asyncio.to_thread()
- /encode, /encode/file, /decode use thread pool for CPU-bound ops
- /encode/multipart, /decode/multipart also updated
- Server can now handle concurrent requests without blocking
- Updated version header to v4.2.0
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
