Skip to content

kenken64/newsclaw

Repository files navigation

NewsClaw

NewsClaw is a Next.js 16 web application for passkey-secured news monitoring. A user signs in with WebAuthn passkeys, completes a first-login OpenClaw agent setup, and then lands on a professional dashboard to choose the news categories that should drive their workspace.

Overview

NewsClaw is designed for teams that want a lightweight operator UI around an OpenClaw-style news workflow. The app handles user authentication, first-run agent setup, workspace restore, messaging-channel pairing, and category-driven dashboard personalization in one flow.

What It Does

  • Registers and signs in users with WebAuthn passkeys
  • Guides first-time users through agent setup before dashboard access
  • Restores a pinned AWS Lightsail snapshot through the local clawmacdo CLI
  • Supports per-user WhatsApp or Telegram pairing after restore
  • Stores local workspace state in SQLite
  • Lets users shape the dashboard around the news categories they actually track

Stack

  • Next.js 16 with App Router and TypeScript
  • Tailwind CSS v4 and shadcn/ui
  • SQLite with better-sqlite3
  • Native WebAuthn passkeys with @simplewebauthn/server and @simplewebauthn/browser
  • Local session persistence with HTTP-only cookies and SQLite-backed session records

Features

  • Passkey-first authentication with account creation and sign-in flows
  • First-login gate that requires OpenClaw agent setup before dashboard access
  • AWS Lightsail snapshot restore orchestrated through the local clawmacdo CLI
  • Per-user messaging channel choice for WhatsApp QR pairing or Telegram bot challenge pairing
  • SQLite persistence for users, passkeys, sessions, agent configuration, and category preferences
  • Dashboard experience for selecting preferred news categories
  • Tailwind + shadcn styling with a polished editorial UI

Quick Start

  1. Install dependencies.
  2. Create .env from .env.example and fill in the AWS and encryption settings.
  3. Run the development server.
  4. Open http://localhost:3000 and create a passkey-backed account.
  5. Complete setup, restore, pairing, and dashboard selection.

Environment

Create a .env file from .env.example.

SQLITE_DATA_DIR=./data
WEBAUTHN_RP_ID=localhost
WEBAUTHN_ORIGIN=http://localhost:3000
WEBAUTHN_REQUIRE_USER_VERIFICATION=false
SESSION_COOKIE_NAME=newsclaw_session
NEWSCLAW_KEY_ENCRYPTION_SECRET=change-this-to-a-long-random-secret
CLAWMACDO_SNAPSHOT_NAME=openclaw-6ce6169b-10007-prod
CLAWMACDO_INSTANCE_SIZE=s-2vcpu-4gb
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_REGION=ap-southeast-1

Set WEBAUTHN_REQUIRE_USER_VERIFICATION=true only if you want to force biometric/PIN verification on every authenticator and your test devices support it consistently.

Local Development

Install dependencies:

npm install

Start the development server:

npm run dev

Open http://localhost:3000.

Requirements

  • Node.js 20+
  • npm
  • AWS credentials with access to the target Lightsail snapshot
  • A local environment capable of WebAuthn testing
  • clawmacdo installed through npm dependencies

Authentication Flow

  1. New users create an account with name, email, and a passkey.
  2. After the passkey is registered, NewsClaw checks whether an OpenClaw agent exists.
  3. If no agent exists, the user is redirected to /setup-agent.
  4. Setup now captures the user-specific channel choice: WhatsApp or Telegram.
  5. NewsClaw restores the pinned Lightsail snapshot through clawmacdo ls-restore.
  6. After restore, the user completes WhatsApp QR pairing or Telegram challenge pairing.
  7. Once pairing is complete, the user lands on /dashboard.

SQLite Storage

The app creates newsclaw.db inside the directory configured by SQLITE_DATA_DIR.

Examples:

  • SQLITE_DATA_DIR=./data
  • SQLITE_DATA_DIR=./storage/sqlite

If SQLITE_DATA_DIR is not set, the app falls back to ./data.

Stored entities:

  • users
  • passkeys
  • sessions
  • openclaw_agents
  • category_preferences
  • restore_jobs
  • user_channel_configs
  • messaging_pairings

Passkey Testing Notes

  • Use a browser with WebAuthn support.
  • Chrome DevTools includes a WebAuthn emulator if you want to test passkeys without a physical authenticator.
  • For local development, the relying party ID defaults to localhost.

Build Validation

Production build validation succeeds with:

npm run build

Railway Deployment

This repository now includes a Dockerfile for Railway.

Runtime behavior inside Railway:

  • If WEBAUTHN_ORIGIN is not set, the container derives it from RAILWAY_PUBLIC_DOMAIN.
  • If WEBAUTHN_RP_ID is not set, the container derives it from RAILWAY_PUBLIC_DOMAIN.
  • If SQLITE_DATA_DIR is not set and a Railway volume is mounted, the container uses RAILWAY_VOLUME_MOUNT_PATH.

Recommended Railway environment variables:

  • WEBAUTHN_RP_ID
  • WEBAUTHN_ORIGIN
  • WEBAUTHN_REQUIRE_USER_VERIFICATION
  • SESSION_COOKIE_NAME
  • NEWSCLAW_KEY_ENCRYPTION_SECRET
  • CLAWMACDO_SNAPSHOT_NAME
  • CLAWMACDO_INSTANCE_SIZE
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_REGION

Container notes:

  • The container listens on Railway's PORT value and binds to 0.0.0.0.
  • SQLite defaults to /app/data inside the container.
  • For persistent SQLite storage on Railway, mount a volume and point SQLITE_DATA_DIR at that mounted path.
  • The WebAuthn values can be set explicitly, but Railway domain fallbacks are now handled automatically at container startup.

Decrypt an encrypted restore-job private key for manual inspection:

npm run decrypt-restore-key -- --job <restore-job-id>

Notes

  • The OpenClaw step currently captures the agent configuration required for the news-search workflow and stores it locally in SQLite.
  • Category choices are saved immediately and reloaded on the dashboard.

Security Notes

  • .env is ignored and intended for local secrets only.
  • The local SQLite data directory is ignored and should not be committed.
  • Telegram bot tokens and restored private keys are encrypted before storage.

About

NewsClaw is an OpenClaw skill that acts as a personal AI news editor. When invoked, it uses web search to fetch live headlines, filters and summarises them by the user's preferred categories, and delivers a structured digest — either on-demand or as a scheduled briefing.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors