Skip to content

Unified Gateway

Repo: savvydealer-adam/unified-gateway · Path: C:/Users/adam/openclaw/unified-gateway (not cloned to ~/) · Owner: Adam Status: Active dev · % Done: 30 · Last commit: 2026-02-28 Deployed: not deployed (local FastAPI on port 8090)

What it is

Single API surface that fronts Core Data API (:8091) and Knowledge API (:8092) so client apps hit one base URL while the backend services evolve independently.

Why it exists

Decouple client apps from internal service boundaries. Adding/splitting internal services shouldn't break every downstream consumer — the gateway absorbs the churn and centralizes auth, logging, and rate limiting.

How it works

FastAPI reverse-proxy style middleware. - Request logging middleware (method, path, status, duration, client IP) - Rotating file log at logs/gateway.log - Audit trail JSONL at logs/audit.jsonl - Optional API-key auth (single key or multi-key with scopes read/write) - Optional rate limiting on /v1/* with Retry-After on 429 - Burst alert logging for repeated 401/429 events - Chat hardening: allowed origins, signed session tokens, optional Turnstile, prompt-injection guardrails

What's done

  • Proxy routes to core + knowledge APIs
  • Env-driven auth (UNIFIED_GATEWAY_API_KEY or multi-key JSON)
  • Rate limit + audit trail + structured logs
  • Chat session signing + origin enforcement

What's next

  • Deploy to Cloud Run (currently local-only)
  • Additional scopes beyond read/write
  • Metrics endpoint / Prometheus exporter

Where the code lives

  • C:/Users/adam/openclaw/unified-gateway/
  • Entry: app/main.py, run with uvicorn app.main:app --port 8090
  • Part of savvy-platform-suite umbrella

Integrations

  • Fronts core-data-api (:8091)
  • Fronts Knowledge API (:8092) — not yet in portfolio
  • Entry point for future dealer-facing chat and internal app clients

Don't rebuild this — extend it

Any new internal API should be mounted behind this gateway, not exposed directly. Client apps should only ever hit :8090.