v2026.2.14 设备令牌鉴权回归:通过版本回退与令牌优先级核对恢复 LAN 访问
问题/场景:升级到 v2026.2.14 后,非 localhost 客户端出现 `unauthorized: device token mismatch`。前置条件:你使用 LAN 绑定并已配对设备。实施步骤:先确认报错与版本,再临时回退到 2026.2.13,随后按 issue 提到的令牌优先级变化排查配置冲突。关键命令:`openclaw gateway status`、`npm i -g openclaw@2026.2.13`。验证:已配对设备可再次稳定连接。风险:回退可能错过其他安全修复,需后续升级复测。
GITHUBDiscovered 2026-02-16Author milosm
Prerequisites
- Gateway is bound for LAN access and at least one external device (node/browser/CLI) is already paired.
- You can run global npm upgrades/downgrades on the host.
Steps
- Reproduce the failure on v2026.2.14 and record exact error (`device token mismatch`) from logs/UI.
- Check gateway health and version, then temporarily downgrade to v2026.2.13 as confirmed in community report.
- Restart gateway and retry the same non-localhost client/device flow.
- Audit token sources (stored device token vs explicit config/env token) to avoid priority conflict on future upgrades.
Commands
openclaw gateway statusnpm i -g openclaw@2026.2.13openclaw gateway restartVerify
Previously paired LAN clients authenticate successfully again and Web UI/device actions no longer return token-mismatch errors.
Caveats
- The root fix is tied to token priority behavior in code; treat downgrade as temporary mitigation and track upstream patch.
- If your environment has custom auth wrappers, re-test with staged rollout before re-upgrading(需验证).
Source attribution
This tip is aggregated from community/public sources and preserved with attribution.
Open original source ↗