feat: add agent user nodes with access token authentication

refactor: simplify config into a single load/save with defaults resolved at load time
feat: harden HTTP server with rate limiting, request timeouts, and sanitized error messages
2026-06-12 01:54:08 +02:00 · 2026-06-12 01:21:04 +02:00 · 2026-06-12 00:55:09 +02:00 · 2026-04-14 13:03:13 +02:00 · 2026-04-14 11:24:37 +02:00 · 2026-04-14 00:59:31 +02:00
28 changed files with 1006 additions and 736 deletions
@@ -1,68 +0,0 @@
-name: Build and Publish APK Package
-on:
-  push:
-    tags:
-      - 'v*'
-
-jobs:
-  build-apk:
-    runs-on:
-      - ubuntu-24.04
-    container:
-      image: alpine:latest
-    strategy:
-      matrix:
-        include:
-          - goarch: amd64
-            pkgarch: x86_64
-          - goarch: arm64
-            pkgarch: aarch64
-    steps:
-      - name: Install build dependencies
-        run: |
-          apk update
-          apk add --no-cache git nodejs go abuild curl sudo build-base
-
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Create build user
-        run: |
-          adduser -D -G abuild build
-          echo "build ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
-          chown -R build:abuild .
-
-      - name: Configure git safe directory
-        run: git config --global --add safe.directory "$PWD"
-
-      - name: Setup abuild for package signing
-        run: |
-          su build -c "abuild-keygen -a -n"
-          cp /home/build/.abuild/*.pub /etc/apk/keys/
-
-      - name: Prepare source
-        run: |
-          pkgver=$(echo "${{ github.ref_name }}" | sed 's/^v//')
-          pkgname="axolotl"
-
-          sed -i "s/pkgver=.*/pkgver=$pkgver/" packaging/alpine/APKBUILD
-          sed -i "s/^arch=.*/arch=\"${{ matrix.pkgarch }}\"/" packaging/alpine/APKBUILD
-
-          git archive --format=tar.gz --prefix="$pkgname-$pkgver/" -o "packaging/alpine/$pkgname-$pkgver.tar.gz" HEAD
-
-          sed -i "s|source=.*|source=\"\$pkgname-\$pkgver.tar.gz\"|" packaging/alpine/APKBUILD
-          chown -R build:abuild .
-
-      - name: Generate checksums
-        run: su build -c "cd $PWD/packaging/alpine && abuild checksum"
-
-      - name: Build package
-        run: su build -c "cd $PWD/packaging/alpine && GOARCH=${{ matrix.goarch }} CARCH=${{ matrix.pkgarch }} abuild -r"
-
-      - name: Publish to Gitea Registry
-        run: |
-          apk_file=$(find ~build/packages -name "*.apk" -type f | head -1)
-          curl --fail-with-body \
-            --user "${{ github.repository_owner }}:${{ secrets.ACCESS_TOKEN }}" \
-            --upload-file "$apk_file" \
-            "${{ github.server_url }}/api/packages/${{ github.repository_owner }}/alpine/edge/main"
@@ -1,15 +1,91 @@
-name: Build and Push Docker Container
+name: Build and Publish Docker Image
 on:
  push:
    tags:
      - 'v*'

 jobs:
-  build-and-push:
+  build-apk:
+    runs-on:
+      - ubuntu-24.04
+    container:
+      image: alpine:latest
+    strategy:
+      matrix:
+        include:
+          - goarch: amd64
+            pkgarch: x86_64
+          - goarch: arm64
+            pkgarch: aarch64
+    steps:
+      - name: Install build dependencies
+        run: |
+          apk update
+          apk add --no-cache git nodejs go abuild curl sudo build-base
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Create build user
+        run: |
+          adduser -D -G abuild build
+          echo "build ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+          chown -R build:abuild .
+
+      - name: Configure git safe directory
+        run: git config --global --add safe.directory "$PWD"
+
+      - name: Setup abuild for package signing
+        run: |
+          su build -c "abuild-keygen -a -n"
+          cp /home/build/.abuild/*.pub /etc/apk/keys/
+
+      - name: Prepare source
+        run: |
+          pkgver=$(echo "${{ github.ref_name }}" | sed 's/^v//')
+          pkgname="axolotl"
+
+          sed -i "s/pkgver=.*/pkgver=$pkgver/" packaging/alpine/APKBUILD
+          sed -i "s/^arch=.*/arch=\"${{ matrix.pkgarch }}\"/" packaging/alpine/APKBUILD
+
+          git archive --format=tar.gz --prefix="$pkgname-$pkgver/" -o "packaging/alpine/$pkgname-$pkgver.tar.gz" HEAD
+
+          sed -i "s|source=.*|source=\"\$pkgname-\$pkgver.tar.gz\"|" packaging/alpine/APKBUILD
+          chown -R build:abuild .
+
+      - name: Generate checksums
+        run: su build -c "cd $PWD/packaging/alpine && abuild checksum"
+
+      - name: Build package
+        run: su build -c "cd $PWD/packaging/alpine && GOARCH=${{ matrix.goarch }} CARCH=${{ matrix.pkgarch }} abuild -r"
+
+      - name: Publish to Gitea Registry
+        run: |
+          apk_file=$(find ~build/packages -name "*.apk" -type f | head -1)
+          curl --fail-with-body \
+            --user "${{ github.repository_owner }}:${{ secrets.ACCESS_TOKEN }}" \
+            --upload-file "$apk_file" \
+            "${{ github.server_url }}/api/packages/${{ github.repository_owner }}/alpine/edge/main"
+
+  build-and-push-docker:
    runs-on:
      - ubuntu-24.04
    steps:
-      - name: Login to Docker Hub
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: src/go.mod
+
+      - name: Cross-compile binaries
+        run: |
+          cd src
+          CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -trimpath -o ../out/amd64/ax .
+          CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="-s -w" -trimpath -o ../out/arm64/ax .
+
+      - name: Login to Docker Registry
        uses: docker/login-action@v3
        with:
          registry: g.eliaskohout.de
@@ -25,6 +101,7 @@ jobs:
      - name: Build and push
        uses: docker/build-push-action@v6
        with:
+          context: .
          push: true
          platforms: linux/amd64,linux/arm64
          tags: "g.eliaskohout.de/eliaskohout/axolotl-server:${{gitea.ref_name}},g.eliaskohout.de/eliaskohout/axolotl-server:latest"
@@ -1,25 +1,11 @@
-FROM golang:1.24-alpine AS builder
-
-WORKDIR /app
-
-ENV GOTOOLCHAIN=auto
-
-COPY src/go.mod src/go.sum ./
-RUN go mod download
-
-COPY src/ ./
-
-RUN CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH \
-    go build -ldflags="-s -w" -trimpath -o /ax .
-
 FROM alpine:latest

+ARG TARGETARCH
+
 RUN apk --no-cache add ca-certificates

+COPY out/${TARGETARCH}/ax /usr/local/bin/ax
+
 WORKDIR /data
-
-COPY --from=builder /ax /usr/local/bin/ax
-
 EXPOSE 7000
-
 ENTRYPOINT ["ax", "serve"]
@@ -1,266 +1,52 @@
 # Axolotl

-CLI-native lightweight issue tracker for you and your agents. A SQLite-based
-single portable binary, built from ~1300 lines of Go code.
+CLI-native issue tracker for you and your agents. Single binary, SQLite-backed, a few lines of Go.

-## Features
+## Install

- **Issues with dependencies** - blocks, subtask, related relations
- **Tagging system** - flexible tags with `_key::value` property pattern
- **Namespacing** - organize issues by project or team
- **Due dates** - track deadlines
- **Thread-safe** - WAL mode for concurrent access
- **Multiuser support** - @mentions and assignments, inbox per user
- **JSON output** - all commands support `--json` for agent integration
- **Alias system** - define custom command shortcuts with argument expansion
- **Single binary** - no dependencies, portable `.ax.db` file
+**Alpine Linux** (apk):
+Download from the Gitea package registry. Have a look
+[here](https://g.eliaskohout.de/eliaskohout/-/packages/alpine/axolotl/).

-## Installation
+**Arch Linux** (pacman):
+Download from the Gitea package registry. Have a look
+[here](https://g.eliaskohout.de/eliaskohout/-/packages/arch/axolotl/).

+**From source:**
 ```bash
-go build -o ax .
+go build -o ax ./src
 ```

+**Docker (server mode):**
+```bash
+docker run -v ./data:/data g.eliaskohout.de/eliaskohout/axolotl-server:latest
+```
+
+Packages are built automatically on every version tag for `linux/amd64` and `linux/arm64`.
+
 ## Quick Start

 ```bash
-# Initialize a new database
-ax init .
-
-# Create an issue
-ax add "Implement feature X" --tag backend --prio high
-
-# Create with relations
-ax add "Fix bug in auth" --rel blocks:abc12
-
-# List open issues
-ax list --status open
-
-# Show issue details
-ax show abc12
-
-# Update an issue
-ax update abc12 --status done
-
-# View your inbox
-ax inbox
-
-# Define an alias
-ax alias mywork "list --namespace myproject --status open" --desc "My project tasks"
+ax init .                                      # create .ax.db in current dir
+ax add "Fix login bug" --prio high             # create an issue
+ax list --status open                          # list open issues
+ax show abc12                                  # show issue details
+ax update abc12 --status done                  # close issue
+ax inbox                                       # your @mention inbox
 ```

-## Commands
+## Key Features

-### `ax init [path]`
+- **Graph relations** — `blocks`, `subtask`, `related`, `assignee`
+- **Namespaces** — organize issues by project or team
+- **Permissions** — per-node access control (`can_read`, `can_write`, `has_ownership`)
+- **Aliases** — custom shortcuts with `$me`, `$1`, `$@` expansion
+- **JSON output** — `--json` flag on all commands for agent integration
+- **Multiuser** — `@mention` auto-creates inbox entries; `AX_USER` to switch users
+- **Server mode** — HTTP JSON API with optional OIDC authentication (`ax serve` / `ax login`)
+- **Portable** — single `.ax.db` file, no server required

-Create a new `.ax.db` database in the specified directory (default: current).
-
-### `ax add <title> [flags]`
-
-Create a new node.
-
-| Flag | Description |
-|------|-------------|
-| `--type` | Node type: `issue` (default), `note`, `user`, `namespace` |
-| `--status` | Status: `open` (default), `done` |
-| `--prio` | Priority: `high`, `medium`, `low` |
-| `--namespace` | Namespace (default: current user) |
-| `--tag` | Add tag (repeatable) |
-| `--due` | Due date |
-| `--content` | Content/body text |
-| `--rel` | Add relation `type:id` (repeatable) |
-
-### `ax update <id> [flags]`
-
-Update a node.
-
-| Flag | Description |
-|------|-------------|
-| `--title` | New title |
-| `--status` | New status |
-| `--prio` | New priority |
-| `--type` | New type |
-| `--namespace` | New namespace |
-| `--assignee` | New assignee |
-| `--due` | New due date |
-| `--clear-due` | Clear due date |
-| `--content` | New content |
-| `--tag` | Add tag (repeatable) |
-| `--tag-remove` | Remove tag (repeatable) |
-| `--rel` | Add relation `type:id` (repeatable) |
-| `--rel-remove` | Remove relation `type:id` (repeatable) |
-
-### `ax show <id>`
-
-Display node details.
-
-### `ax list [flags]`
-
-Query and list nodes.
-
-| Flag | Description |
-|------|-------------|
-| `--type` | Filter by type |
-| `--status` | Filter by status |
-| `--prio` | Filter by priority |
-| `--namespace` | Filter by namespace |
-| `--tag` | Filter by tag (repeatable) |
-| `--assignee` | Filter by assignee |
-| `--mention` | Filter by mention |
-
-### `ax edit <id>`
-
-Open node content in `$EDITOR`.
-
-### `ax del <id> [-f|--force]`
-
-Delete a node. Prompts for confirmation unless `--force`.
-
-### `ax alias [name] [command] [flags]`
-
-Manage aliases.
-
-```bash
-ax alias                           # list all aliases
-ax alias mywork "list --tag work"  # create alias
-ax alias mywork                    # show alias command
-ax alias mywork "list --tag work2" # update alias
-ax alias del mywork             # delete alias
-```
-
-**Default aliases:**
-
-| Alias | Command | Description |
-|-------|---------|-------------|
-| `mine` | `list --assignee $me --type issue --status open` | Show open issues assigned to you |
-| `due` | `list --type issue --status open` | Show open issues |
-| `inbox` | `list --mention $me` | Show your inbox |
-
-**Alias argument expansion:**
-
-| Variable | Expands to |
-|----------|------------|
-| `$me` | Current username |
-| `$@` | All arguments |
-| `$1`, `$2`, ... | Positional arguments |
-
-```bash
-# Create alias with argument expansion
-ax alias find "list --tag $1 --status $2"
-ax find backend open  # expands to: list --tag backend --status open
-```
-
-## Relations
-
-Relations connect nodes together:
-
-| Type | Meaning | Behavior |
-|------|---------|----------|
-| `blocks` | A blocks B — B can't close until A is done | Enforced on status=done |
-| `subtask` | A is a subtask of B | |
-| `related` | A is related to B | |
-| `assignee` | A is assigned to user | Single-value; set via `--assignee` flag |
-| `in_namespace` | A belongs to namespace | Single-value; set via `--namespace` flag |
-
-```bash
-# Block an issue (B can't close until A is done)
-ax update A --rel blocks:B
-
-# Assign to user
-ax update abc12 --assignee alice
-
-# Create subtask
-ax update abc12 --rel subtask:parent12
-```
-
-## Tags and Properties
-
-Tags are flexible labels. Tags with pattern `_key::value` are properties:
-
-```bash
-# Regular tag
-ax add "Task" --tag backend
-
-# Property tags (set via flags)
-ax add "Task" --type issue --status open --prio high
-# Equivalent to: --tag _type::issue --tag _status::open --tag _prio::high
-```
-
-**Built-in properties:**
-
-| Property | Values | Required |
-|----------|--------|----------|
-| `_type` | `issue`, `note`, `user`, `namespace` | Yes (default: `issue`) |
-| `_status` | `open`, `done` | No |
-| `_prio` | `high`, `medium`, `low` | No |
-
-## Mentions and Inbox
-
-Use `@username` in title or content to automatically add to user's inbox:
-
-```bash
-ax add "Review PR @alice" --content "@bob please check"
-# Both alice and bob get this in their inbox
-```
-
-View inbox:
-```bash
-ax inbox                          # your inbox
-AX_USER=alice ax inbox            # alice's inbox
-```
-
-## JSON Output
-
-All commands support `--json` for machine-readable output:
-
-```bash
-ax list --status open --json
-ax show abc12 --json
-```
-
-Example output:
-```json
-{
-  "id": "abc12",
-  "title": "Implement feature",
-  "content": "Description here",
-  "created_at": "2026-03-25T10:00:00Z",
-  "updated_at": "2026-03-25T10:00:00Z",
-  "tags": ["_type::issue", "_status::open", "backend"],
-  "relations": {
-    "blocks": ["def34"]
-  }
-}
-```
-
-## Configuration
-
-`ax` stores user configuration in a JSON file. It searches for `.axconfig` in the
-current directory and parent directories (like git finds `.git`), falling back to
-`~/.config/ax/config.json`.
-
-**Config file format:**
-```json
-{
-  "user": "alice",
-  "aliases": [
-    {"name": "mywork", "command": "list --namespace myproject", "description": "My tasks"}
-  ]
-}
-```
-
-## Database Location
-
-`ax` searches for `.ax.db` in the current directory and parent directories,
-similar to how git finds `.git`. This allows you to run commands from any
-subdirectory.
-
-## Environment Variables
-
-| Variable | Description |
-|----------|-------------|
-| `AX_USER` | Override current username |
-| `EDITOR` | Editor for `ax edit` (default: `vi`) |
+For full command reference and examples, see [USAGE.md](USAGE.md).

 ## License

@@ -0,0 +1,194 @@
+# Axolotl Usage Reference
+
+## Commands
+
+### `ax init [path]`
+Create a new `.ax.db` in the specified directory (default: current).
+
+### `ax add <title> [flags]`
+| Flag | Description |
+|------|-------------|
+| `--type` | `issue` (default), `note`, `user`, `namespace` |
+| `--status` | `open` (default), `done` |
+| `--prio` | `high`, `medium`, `low` |
+| `--namespace` | Namespace (default: current user) |
+| `--tag` | Add tag (repeatable) |
+| `--due` | Due date |
+| `--content` | Body text |
+| `--rel` | Relation `type:id` (repeatable) |
+
+### `ax update <id> [flags]`
+| Flag | Description |
+|------|-------------|
+| `--title` | New title |
+| `--status` | New status |
+| `--prio` | New priority |
+| `--type` | New type |
+| `--namespace` | Transfer to namespace |
+| `--assignee` | Assign to user |
+| `--due` / `--clear-due` | Set or clear due date |
+| `--content` | New body text |
+| `--tag` / `--tag-remove` | Add or remove tag |
+| `--rel` / `--rel-remove` | Add or remove relation `type:id` |
+
+### `ax show <id>`
+Display node details.
+
+### `ax list [flags]`
+| Flag | Description |
+|------|-------------|
+| `--type` | Filter by type |
+| `--status` | Filter by status |
+| `--prio` | Filter by priority |
+| `--namespace` | Filter by namespace |
+| `--tag` | Filter by tag (repeatable) |
+| `--assignee` | Filter by assignee |
+| `--mention` | Filter by mention |
+
+### `ax edit <id>`
+Open node content in `$EDITOR`.
+
+### `ax del <id> [-f]`
+Delete a node. Prompts for confirmation unless `--force`.
+
+### `ax alias [name] [command]`
+```bash
+ax alias                            # list all aliases
+ax alias mywork "list --tag work"   # create/update alias
+ax alias del mywork                 # delete alias
+```
+
+**Built-in aliases:** `mine`, `due`, `inbox`
+
+**Argument expansion:** `$me` → current user, `$@` → all args, `$1`/`$2`/… → positional
+
+## Relations
+
+| Type | Description |
+|------|-------------|
+| `blocks` | Prevents target from closing until this is done |
+| `subtask` | Marks as subtask of target |
+| `related` | General association |
+| `assignee` | Assigns to a user (single-value) |
+
+```bash
+ax update A --rel blocks:B          # A blocks B
+ax update abc12 --assignee alice    # assign to alice
+```
+
+## Tags and Properties
+
+Tags follow the `_key::value` pattern for properties:
+
+| Property | Values |
+|----------|--------|
+| `_type` | `issue`, `note`, `user`, `namespace` |
+| `_status` | `open`, `done` |
+| `_prio` | `high`, `medium`, `low` |
+
+## Mentions and Inbox
+
+Use `@username` in title or content to add to a user's inbox:
+```bash
+ax add "Review PR @alice"           # alice gets an inbox entry
+ax inbox                            # your inbox
+AX_USER=alice ax inbox              # alice's inbox
+```
+
+## JSON Output
+
+All commands support `--json`:
+```bash
+ax list --status open --json
+ax show abc12 --json
+```
+
+## Configuration
+
+`ax` searches upward from CWD for `.axconfig`, falling back to `~/.config/ax/config.json`.
+
+```json
+{
+  "user": "alice",
+  "aliases": [
+    {"name": "mywork", "command": "list --namespace myproject", "description": "My tasks"}
+  ]
+}
+```
+
+## Server Mode
+
+`ax` can run as a shared HTTP JSON API server:
+
+```bash
+ax serve    # starts server on configured host:port (default: 0.0.0.0:7000)
+```
+
+The server exposes the same operations (add, list, show, update, delete) over HTTP. Clients connect by setting `remote.host` / `remote.port` in their config — the CLI then transparently routes calls to the server instead of a local database.
+
+### OIDC Authentication
+
+The server supports OIDC for authentication. Configure in `.axconfig`:
+
+```json
+{
+  "serve": { "host": "0.0.0.0", "port": 7000 },
+  "oidc": {
+    "issuer": "https://your-idp.example.com",
+    "client_id": "axolotl",
+    "client_secret": "secret",
+    "public_url": "https://ax.example.com",
+    "user_claim": "preferred_username"
+  }
+}
+```
+
+Client login:
+```bash
+ax login    # opens browser for OIDC flow, saves session token
+```
+
+Without OIDC configured, the server accepts an `X-Ax-User` header for the username (development/trusted networks only).
+
+### Docker
+
+```bash
+docker run -v ./data:/data g.eliaskohout.de/eliaskohout/axolotl-server:latest
+```
+
+The image runs `ax serve` and exposes port 7000. Mount a volume at `/data` to persist the database.
+
+## Permission Model
+
+Every node has per-node access control. Permissions are transitive via BFS from the requesting user's own node.
+
+| Level | Relation | Grants |
+|-------|----------|--------|
+| 1 | `can_read` | Read / show / list |
+| 2 | `can_create_rel` | Create relations pointing to this node |
+| 3 | `can_write` | Update title, content, tags |
+| 4 | `has_ownership` | Full control including delete and granting access |
+
+- Creators automatically get `has_ownership` on nodes they create.
+- Namespace nodes own regular nodes within them; users own their namespaces.
+- Deleting an owner cascades to all nodes it owns.
+- User nodes and namespace nodes are globally readable.
+
+```bash
+# Grant bob read access to a node
+ax update <bob-user-id> --rel can_read:<node-id>
+
+# Grant bob write access
+ax update <bob-user-id> --rel can_write:<node-id>
+```
+
+## Environment Variables
+
+| Variable | Description |
+|----------|-------------|
+| `AX_USER` | Override current username |
+| `EDITOR` | Editor for `ax edit` (default: `vi`) |
+
+## Database Location
+
+`ax` searches for `.ax.db` upward from CWD (like git finds `.git`), so commands work from any subdirectory.
@@ -3,7 +3,9 @@ package cmd
 import (
 	"axolotl/models"
 	"axolotl/service"
+	"encoding/json"
 	"fmt"
+	"io"
 	"os"

 	"github.com/spf13/cobra"
@@ -43,7 +45,7 @@ var addCmd = &cobra.Command{
 			input.Rels = append(input.Rels, service.RelInput{Type: models.RelType("_prio::" + cPrio), Target: ""})
 		}
 		if cNamespace != "" {
-			input.Rels = append(input.Rels, service.RelInput{Type: models.RelInNamespace, Target: cNamespace})
+			input.Namespace = cNamespace
 		}
 		if cAssignee != "" {
 			input.Rels = append(input.Rels, service.RelInput{Type: models.RelAssignee, Target: cAssignee})
@@ -64,6 +66,9 @@ var addCmd = &cobra.Command{
 			return
 		}

+		if n.GetProperty("type") == "agent" {
+			printAgentToken(cmd.OutOrStdout(), n)
+		}
 		PrintNode(cmd.OutOrStdout(), svc, n, jsonFlag)
 	},
 }
@@ -81,3 +86,13 @@ func init() {
 	f.StringArrayVar(&cTags, "tag", nil, "label tag (alias for --rel tagname)")
 	f.StringArrayVar(&cRels, "rel", nil, "relation (prefix::value or relname:target)")
 }
+
+func printAgentToken(w io.Writer, n *models.Node) {
+	var c struct {
+		AccessToken string `json:"access_token"`
+	}
+	if err := json.Unmarshal([]byte(n.Content), &c); err == nil && c.AccessToken != "" {
+		fmt.Fprintf(w, "\nAgent access token: %s\n", c.AccessToken)
+		fmt.Fprintln(w, "Save this token — it cannot be retrieved later via the CLI.")
+	}
+}
@@ -4,6 +4,7 @@ import (
 	"axolotl/store"
 	"fmt"
 	"os"
+	"slices"

 	"github.com/spf13/cobra"
 )
@@ -15,21 +16,32 @@ var aliasCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		w := cmd.OutOrStdout()
 		if len(args) == 0 {
-			if aliases, err := cfg.ListAliases(); err == nil {
-				PrintAliases(w, aliases, jsonFlag)
-			}
+			PrintAliases(w, cfg.Aliases, jsonFlag)
 			return
 		}
 		if len(args) == 1 {
-			a, err := cfg.GetAlias(args[0])
-			if err != nil {
-				fmt.Fprintln(os.Stderr, "alias not found:", args[0])
-				os.Exit(1)
-			}
+			for _, a := range cfg.Aliases {
+				if a.Name == args[0] {
 					fmt.Println(a.Command)
 					return
 				}
-		if err := cfg.SetAlias(&store.Alias{Name: args[0], Command: args[1], Description: aliasDesc}); err != nil {
+			}
+			fmt.Fprintln(os.Stderr, "alias not found:", args[0])
+			os.Exit(1)
+		}
+		alias := &store.Alias{Name: args[0], Command: args[1], Description: aliasDesc}
+		found := false
+		for i, a := range cfg.Aliases {
+			if a.Name == alias.Name {
+				cfg.Aliases[i] = alias
+				found = true
+				break
+			}
+		}
+		if !found {
+			cfg.Aliases = append(cfg.Aliases, alias)
+		}
+		if err := cfg.Save(); err != nil {
 			fmt.Fprintln(os.Stderr, "failed to set alias:", err)
 		} else {
 			PrintAction(w, "Alias set", args[0], false)
@@ -40,7 +52,19 @@ var aliasCmd = &cobra.Command{
 var aliasDelCmd = &cobra.Command{
 	Use: "del <name>", Short: "Delete an alias", Args: cobra.ExactArgs(1),
 	Run: func(cmd *cobra.Command, args []string) {
-		if err := cfg.DeleteAlias(args[0]); err != nil {
+		found := false
+		for i, a := range cfg.Aliases {
+			if a.Name == args[0] {
+				cfg.Aliases = slices.Delete(cfg.Aliases, i, i+1)
+				found = true
+				break
+			}
+		}
+		if !found {
+			fmt.Fprintln(os.Stderr, "alias not found")
+			os.Exit(1)
+		}
+		if err := cfg.Save(); err != nil {
 			fmt.Fprintln(os.Stderr, err)
 			os.Exit(1)
 		}
@@ -33,7 +33,7 @@ var editCmd = &cobra.Command{
 		tmp.Close()
 		defer os.Remove(tmp.Name())

-		c := exec.Command(cfg.GetEditor(), tmp.Name())
+		c := exec.Command(cfg.Editor, tmp.Name())
 		c.Stdin, c.Stdout, c.Stderr = os.Stdin, os.Stdout, os.Stderr
 		if err := c.Run(); err != nil {
 			fmt.Fprintln(os.Stderr, "editor failed:", err)
@@ -46,7 +46,7 @@ var listCmd = &cobra.Command{
 			filter.Rels = append(filter.Rels, service.RelInput{Type: models.RelType("_type::" + lType), Target: ""})
 		}
 		if lNamespace != "" {
-			filter.Rels = append(filter.Rels, service.RelInput{Type: models.RelInNamespace, Target: lNamespace})
+			filter.Namespace = lNamespace
 		}
 		if lAssignee != "" {
 			filter.Rels = append(filter.Rels, service.RelInput{Type: models.RelAssignee, Target: lAssignee})
@@ -15,13 +15,54 @@ var loginCmd = &cobra.Command{
 	Use:   "login",
 	Short: "Authenticate with the remote server via OIDC",
 	Run: func(cmd *cobra.Command, args []string) {
-		rc, ok := cfg.GetRemoteConfig()
-		if !ok {
+		if cfg.Remote.Host == "" {
 			fmt.Fprintln(os.Stderr, "no remote server configured; set remote.host in your config")
 			os.Exit(1)
 		}
-		base := fmt.Sprintf("http://%s:%d", rc.Host, rc.Port)
+		base := fmt.Sprintf("http://%s:%d", cfg.Remote.Host, cfg.Remote.Port)

+		sessionID := tryDeviceFlow(base)
+		if sessionID == "" {
+			sessionID = tryCallbackFlow(base)
+		}
+
+		pollForToken(base, sessionID)
+	},
+}
+
+// tryDeviceFlow attempts the device authorization flow. Returns a session ID
+// on success, or "" if the server does not support it.
+func tryDeviceFlow(base string) string {
+	resp, err := http.Post(base+"/auth/device/start", "application/json", nil)
+	if err != nil {
+		return ""
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		return ""
+	}
+	var start struct {
+		SessionID               string `json:"session_id"`
+		UserCode                string `json:"user_code"`
+		VerificationURI         string `json:"verification_uri"`
+		VerificationURIComplete string `json:"verification_uri_complete"`
+	}
+	json.NewDecoder(resp.Body).Decode(&start)
+	if start.SessionID == "" {
+		return ""
+	}
+
+	uri := start.VerificationURI
+	if start.VerificationURIComplete != "" {
+		uri = start.VerificationURIComplete
+	}
+	fmt.Printf("To sign in, open this URL in any browser:\n\n  %s\n\nThen enter this code: %s\n\nWaiting for authentication...\n", uri, start.UserCode)
+	return start.SessionID
+}
+
+// tryCallbackFlow initiates the traditional callback-based OIDC flow.
+// Exits the process on failure.
+func tryCallbackFlow(base string) string {
 	resp, err := http.Post(base+"/auth/start", "application/json", nil)
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "failed to contact server: %v\n", err)
@@ -40,12 +81,16 @@ var loginCmd = &cobra.Command{
 	}

 	fmt.Printf("Open this URL in your browser:\n\n  %s\n\nWaiting for login...\n", start.URL)
+	return start.SessionID
+}

+// pollForToken polls the server until the login completes or times out.
+func pollForToken(base, sessionID string) {
 	deadline := time.Now().Add(5 * time.Minute)
 	for time.Now().Before(deadline) {
 		time.Sleep(2 * time.Second)

-			resp, err := http.Get(fmt.Sprintf("%s/auth/poll?session_id=%s", base, start.SessionID))
+		resp, err := http.Get(fmt.Sprintf("%s/auth/poll?session_id=%s", base, sessionID))
 		if err != nil {
 			continue
 		}
@@ -82,7 +127,6 @@ var loginCmd = &cobra.Command{

 	fmt.Fprintln(os.Stderr, "login timed out")
 	os.Exit(1)
-	},
 }

 func init() {
@@ -49,7 +49,7 @@ var (
 		"low":    {" ", "low", cDim},
 		"":       {" ", "n/a", cDim},
 	}
-	relIcons    = map[string]string{"blocks": "\uf068", "subtask": "\uf0da", "related": "\uf0c1", "assignee": "\uf007", "in_namespace": "\uf07b"}
+	relIcons = map[string]string{"blocks": "\uf068", "subtask": "\uf0da", "related": "\uf0c1", "assignee": "\uf007"}
 	prioRanks   = map[string]int{"high": 3, "medium": 2, "low": 1}
 	statusRanks = map[string]int{"open": 2, "": 1, "done": 0}
 )
@@ -94,24 +94,12 @@ func PrintNodes(w io.Writer, svc service.NodeService, nodes []*models.Node, json
 	})

 	for _, n := range nodes {
-		n_rels := n.Relations
-		ns_rel_node_ids := n_rels[string(models.RelInNamespace)]
-		ns_rel_node_titles := make([]string, 0, len(ns_rel_node_ids))
-		for _, id := range ns_rel_node_ids {
-			ns_rel_node, err := svc.GetByID(id)
-			if err != nil {
-				ns_rel_node_titles = append(ns_rel_node_titles, id)
-				continue
-			}
-			ns_rel_node_titles = append(ns_rel_node_titles, ns_rel_node.Title)
-		}
-		fmt.Fprintf(w, "  %s %s %s %s %s %s %s",
+		fmt.Fprintf(w, "  %s %s %s %s %s %s",
 			cDim.Sprint(n.ID),
 			render(prioRM, n.GetProperty("prio"), true),
 			render(statusRM, n.GetProperty("status"), true),
 			render(typeRM, n.GetProperty("type"), true),
 			cTitle.Sprint(truncate(n.Title, 80)),
-			cDim.Sprint("["+strings.Join(ns_rel_node_titles, ",")+"]"),
 			dueDateShort(n.DueDate),
 		)
 		tags := n.GetDisplayTags()
@@ -12,12 +12,12 @@ import (
 )

 func getNodeService() (service.NodeService, error) {
-	user := cfg.GetUser()
+	user := cfg.User
 	if user == "" {
 		return nil, fmt.Errorf("no user configured: run 'ax user set <username>' first")
 	}
-	if rc, ok := cfg.GetRemoteConfig(); ok {
-		base := fmt.Sprintf("http://%s:%d", rc.Host, rc.Port)
+	if cfg.Remote.Host != "" {
+		base := fmt.Sprintf("http://%s:%d", cfg.Remote.Host, cfg.Remote.Port)
 		return service.NewRemoteNodeService(base, user), nil
 	}
 	st, err := store.FindAndOpenSQLiteStore()
@@ -33,7 +33,7 @@ var rootCmd = &cobra.Command{Use: "ax", Short: "The axolotl issue tracker"}

 func Execute() {
 	var err error
-	cfg, err = store.LoadConfigFile()
+	cfg, err = store.LoadConfig()
 	if err != nil {
 		fmt.Fprintln(os.Stderr, "failed to load config:", err)
 		os.Exit(1)
@@ -50,7 +50,7 @@ func init() {

 func RegisterAliasCommands() {
 	rootCmd.AddGroup(&cobra.Group{ID: "aliases", Title: "Aliases:"})
-	aliases, _ := cfg.ListAliases()
+	aliases := cfg.Aliases
 	for _, a := range aliases {
 		rootCmd.AddCommand(&cobra.Command{
 			Use:                a.Name,
@@ -59,7 +59,7 @@ func RegisterAliasCommands() {
 			DisableFlagParsing: true,
 			Run: func(ccmd *cobra.Command, args []string) {
 				acmd := a.Command
-				acmd = strings.ReplaceAll(acmd, "$me", cfg.GetUser())
+				acmd = strings.ReplaceAll(acmd, "$me", cfg.User)
 				parts := strings.Fields(acmd)
 				var expanded []string
 				usedArgs := make([]bool, len(args))
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"net/http"
 	"os"
+	"time"

 	"github.com/spf13/cobra"
 )
@@ -15,12 +16,19 @@ var serveCmd = &cobra.Command{
 	Use:   "serve",
 	Short: "Start the JSON API server",
 	Run: func(cmd *cobra.Command, args []string) {
-		sc := cfg.GetServerConfig()
-		addr := fmt.Sprintf("%s:%d", sc.Host, sc.Port)
+		addr := fmt.Sprintf("%s:%d", cfg.Serve.Host, cfg.Serve.Port)

 		var oidcCfg *store.OIDCConfig
-		if oc, ok := cfg.GetOIDCConfig(); ok {
-			oidcCfg = oc
+		if cfg.OIDC.Issuer != "" {
+			oidcCfg = &cfg.OIDC
+		}
+
+		agentLookup := func(token string) string {
+			st, err := store.FindOrInitSQLiteStore()
+			if err != nil {
+				return ""
+			}
+			return service.LookupAgentToken(st, token)
 		}

 		handler, err := serve.New(func(user string) (service.NodeService, error) {
@@ -32,13 +40,20 @@ var serveCmd = &cobra.Command{
 				return nil, err
 			}
 			return service.NewLocalNodeService(st, user), nil
-		}, oidcCfg)
+		}, oidcCfg, agentLookup)
 		if err != nil {
 			fmt.Fprintln(os.Stderr, err)
 			os.Exit(1)
 		}
 		fmt.Fprintf(os.Stdout, "listening on %s\n", addr)
-		if err := http.ListenAndServe(addr, handler); err != nil {
+		srv := &http.Server{
+			Addr:         addr,
+			Handler:      handler,
+			ReadTimeout:  5 * time.Second,
+			WriteTimeout: 30 * time.Second,
+			IdleTimeout:  120 * time.Second,
+		}
+		if err := srv.ListenAndServe(); err != nil {
 			fmt.Fprintln(os.Stderr, err)
 			os.Exit(1)
 		}
@@ -11,7 +11,7 @@ import (

 var (
 	uTitle, uContent, uDue               string
-	uClearDue                            bool
+	uClearDue, uRegenToken               bool
 	uStatus, uPrio, uType                string
 	uNamespace, uAssignee                string
 	uAddTags, uRmTags, uAddRels, uRmRels []string
@@ -61,7 +61,7 @@ var updateCmd = &cobra.Command{
 			input.AddRels = append(input.AddRels, service.RelInput{Type: models.RelType("_prio::" + uPrio), Target: ""})
 		}
 		if cmd.Flags().Changed("namespace") {
-			input.AddRels = append(input.AddRels, service.RelInput{Type: models.RelInNamespace, Target: uNamespace})
+			input.Namespace = &uNamespace
 		}
 		if cmd.Flags().Changed("assignee") {
 			input.AddRels = append(input.AddRels, service.RelInput{Type: models.RelAssignee, Target: uAssignee})
@@ -83,12 +83,18 @@ var updateCmd = &cobra.Command{
 			}
 			input.RemoveRels = append(input.RemoveRels, ri)
 		}
+		if uRegenToken {
+			input.RegenerateAccessToken = true
+		}

 		n, err := svc.Update(args[0], input)
 		if err != nil {
 			fmt.Fprintln(os.Stderr, err)
 			os.Exit(1)
 		}
+		if uRegenToken {
+			printAgentToken(cmd.OutOrStdout(), n)
+		}
 		PrintNode(cmd.OutOrStdout(), svc, n, jsonFlag)
 	},
 }
@@ -109,4 +115,5 @@ func init() {
 	f.StringArrayVar(&uRmTags, "tag-remove", nil, "remove label tag")
 	f.StringArrayVar(&uAddRels, "rel", nil, "add relation (prefix::value or relname:target)")
 	f.StringArrayVar(&uRmRels, "rel-remove", nil, "remove relation (prefix::value or relname:target)")
+	f.BoolVar(&uRegenToken, "regenerate-access-token", false, "regenerate agent access token")
 }
@@ -33,9 +33,6 @@ func TestCRUD(t *testing.T) {
 		if len(n.Relations["created"]) == 0 {
 			t.Error("expected created relation to be set")
 		}
-		if len(n.Relations["in_namespace"]) == 0 {
-			t.Error("expected in_namespace relation to be set")
-		}
 		if n.CreatedAt == "" || n.UpdatedAt == "" {
 			t.Error("expected timestamps to be set")
 		}
@@ -73,9 +70,6 @@ func TestCRUD(t *testing.T) {
 		if n.Content != "some body" {
 			t.Errorf("content: want %q, got %q", "some body", n.Content)
 		}
-		if len(n.Relations["in_namespace"]) == 0 {
-			t.Error("expected in_namespace relation")
-		}
 		if len(n.Relations["assignee"]) == 0 {
 			t.Error("expected assignee relation")
 		}
@@ -168,10 +168,6 @@ func TestNamespaceExplicitCreate(t *testing.T) {

 	nsNode := env.parseNode(env.mustAx("add", "myworkspace", "--type", "namespace", "--json"))

-	if !nsNode.HasRelation("in_namespace", nsNode.ID) {
-		t.Errorf("expected namespace to have in_namespace pointing to itself, got relations: %v", nsNode.Relations)
-	}
-
 	users := env.parseNodes(env.mustAx("list", "--type", "user", "--json"))
 	var userNode *NodeResponse
 	for i := range users {
@@ -89,7 +89,7 @@ func (n *Node) AddRelation(relType RelType, target string) {
 	if n.Relations == nil {
 		n.Relations = make(map[string][]string)
 	}
-	if relType == RelAssignee || relType == RelCreated || relType == RelInNamespace {
+	if relType == RelAssignee || relType == RelCreated {
 		n.Relations[string(relType)] = []string{target}
 		return
 	}
@@ -13,7 +13,6 @@ const (
 	RelRelated  RelType = "related"
 	RelCreated  RelType = "created"
 	RelAssignee RelType = "assignee"
-	RelInNamespace RelType = "in_namespace"
 	RelMentions RelType = "mentions"

 	// Permission rels (subject → object). Levels are inclusive and transitive.
@@ -23,16 +23,26 @@ type pendingLogin struct {
 	serverToken string // set by callback when complete; empty while pending
 }

+// pendingDeviceLogin tracks an in-progress device authorization flow.
+type pendingDeviceLogin struct {
+	created     time.Time
+	serverToken string // set when device token exchange completes
+	username    string // set when device token exchange completes
+	err         string // set if the flow fails
+}
+
 // authHandler owns the OIDC provider connection, the pending login store,
 // and the active server-side session map.
 type authHandler struct {
 	mu            sync.Mutex
 	pending       map[string]*pendingLogin       // loginID → pending state
+	pendingDevice map[string]*pendingDeviceLogin // loginID → pending device state
 	sessions      map[string]string              // serverToken → username

 	cfg                 store.OIDCConfig
 	provider            *oidc.Provider
 	oauth2              oauth2.Config
+	deviceFlowAvailable bool
 }

 func newAuthHandler(cfg store.OIDCConfig) (*authHandler, error) {
@@ -43,18 +53,21 @@ func newAuthHandler(cfg store.OIDCConfig) (*authHandler, error) {
 	if err != nil {
 		return nil, fmt.Errorf("OIDC provider: %w", err)
 	}
+	endpoint := provider.Endpoint()
 	h := &authHandler{
 		pending:       make(map[string]*pendingLogin),
+		pendingDevice: make(map[string]*pendingDeviceLogin),
 		sessions:      make(map[string]string),
 		cfg:           cfg,
 		provider:      provider,
 		oauth2: oauth2.Config{
 			ClientID:     cfg.ClientID,
 			ClientSecret: cfg.ClientSecret,
-			Endpoint:     provider.Endpoint(),
+			Endpoint:     endpoint,
 			RedirectURL:  cfg.PublicURL + "/auth/callback",
 			Scopes:       []string{oidc.ScopeOpenID, "profile", "email", "offline_access"},
 		},
+		deviceFlowAvailable: endpoint.DeviceAuthURL != "",
 	}
 	go h.cleanup()
 	return h, nil
@@ -68,6 +81,11 @@ func (h *authHandler) cleanup() {
 				delete(h.pending, id)
 			}
 		}
+		for id, p := range h.pendingDevice {
+			if time.Since(p.created) > 15*time.Minute {
+				delete(h.pendingDevice, id)
+			}
+		}
 		h.mu.Unlock()
 	}
 }
@@ -126,13 +144,13 @@ func (h *authHandler) callback(w http.ResponseWriter, r *http.Request) {
 		oauth2.SetAuthURLParam("code_verifier", pending.verifier),
 	)
 	if err != nil {
-		http.Error(w, "token exchange failed: "+err.Error(), http.StatusBadRequest)
+		http.Error(w, "token exchange failed", http.StatusBadRequest)
 		return
 	}

 	username, err := h.extractUsername(r.Context(), token)
 	if err != nil {
-		http.Error(w, "failed to identify user: "+err.Error(), http.StatusInternalServerError)
+		http.Error(w, "failed to identify user", http.StatusInternalServerError)
 		return
 	}

@@ -148,6 +166,71 @@ func (h *authHandler) callback(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintln(w, "Login successful! You can close this tab.")
 }

+// POST /auth/device/start → {session_id, user_code, verification_uri, verification_uri_complete}
+func (h *authHandler) deviceStart(w http.ResponseWriter, r *http.Request) {
+	if !h.deviceFlowAvailable {
+		writeError(w, http.StatusNotFound, "device flow not supported by OIDC provider")
+		return
+	}
+
+	da, err := h.oauth2.DeviceAuth(r.Context(),
+		oauth2.SetAuthURLParam("client_secret", h.cfg.ClientSecret),
+	)
+	if err != nil {
+		writeError(w, http.StatusBadGateway, "device authorization request failed")
+		return
+	}
+
+	loginID := randomToken(16)
+
+	h.mu.Lock()
+	h.pendingDevice[loginID] = &pendingDeviceLogin{created: time.Now()}
+	h.mu.Unlock()
+
+	// Exchange device code for token in the background.
+	go func() {
+		ctx, cancel := context.WithTimeout(context.Background(), 15*time.Minute)
+		defer cancel()
+
+		token, err := h.oauth2.DeviceAccessToken(ctx, da)
+		if err != nil {
+			h.mu.Lock()
+			if p := h.pendingDevice[loginID]; p != nil {
+				p.err = "device token exchange failed"
+			}
+			h.mu.Unlock()
+			return
+		}
+
+		username, err := h.extractUsername(ctx, token)
+		if err != nil {
+			h.mu.Lock()
+			if p := h.pendingDevice[loginID]; p != nil {
+				p.err = "failed to identify user"
+			}
+			h.mu.Unlock()
+			return
+		}
+
+		serverToken := randomToken(32)
+
+		h.mu.Lock()
+		h.sessions[serverToken] = username
+		if p := h.pendingDevice[loginID]; p != nil {
+			p.serverToken = serverToken
+			p.username = username
+		}
+		h.mu.Unlock()
+	}()
+
+	writeJSON(w, map[string]string{
+		"session_id":                loginID,
+		"user_code":                 da.UserCode,
+		"verification_uri":          da.VerificationURI,
+		"verification_uri_complete": da.VerificationURIComplete,
+	})
+}
+
 // GET /auth/poll?session_id=...
 // Returns 202 while pending, 200 {token, username} when done, 404 if expired.
 func (h *authHandler) poll(w http.ResponseWriter, r *http.Request) {
@@ -157,15 +240,12 @@ func (h *authHandler) poll(w http.ResponseWriter, r *http.Request) {
 	p := h.pending[loginID]
 	h.mu.Unlock()

-	if p == nil {
-		writeError(w, http.StatusNotFound, "session not found or expired")
-		return
-	}
-
+	// Check callback-based flow first.
+	if p != nil {
 		h.mu.Lock()
 		serverToken := p.serverToken
 		if serverToken != "" {
-		delete(h.pending, loginID) // consume once delivered
+			delete(h.pending, loginID)
 		}
 		h.mu.Unlock()

@@ -173,9 +253,39 @@ func (h *authHandler) poll(w http.ResponseWriter, r *http.Request) {
 			w.WriteHeader(http.StatusAccepted)
 			return
 		}
-
 		username := h.lookupSession(serverToken)
 		writeJSON(w, map[string]string{"token": serverToken, "username": username})
+		return
+	}
+
+	// Check device flow.
+	h.mu.Lock()
+	dp := h.pendingDevice[loginID]
+	h.mu.Unlock()
+
+	if dp == nil {
+		writeError(w, http.StatusNotFound, "session not found or expired")
+		return
+	}
+
+	h.mu.Lock()
+	serverToken := dp.serverToken
+	errMsg := dp.err
+	if serverToken != "" || errMsg != "" {
+		delete(h.pendingDevice, loginID)
+	}
+	h.mu.Unlock()
+
+	if errMsg != "" {
+		writeError(w, http.StatusGone, errMsg)
+		return
+	}
+	if serverToken == "" {
+		w.WriteHeader(http.StatusAccepted)
+		return
+	}
+
+	writeJSON(w, map[string]string{"token": serverToken, "username": dp.username})
 }

 func (h *authHandler) extractUsername(ctx context.Context, token *oauth2.Token) (string, error) {
@@ -13,7 +13,8 @@ const userContextKey contextKey = "ax_user"
 // withSessionAuth wraps a handler with ax session token authentication.
 // Auth endpoints (/auth/*) are passed through without a token check.
 // All other requests must supply Authorization: Bearer <server_token>.
-func withSessionAuth(ah *authHandler, next http.Handler) http.Handler {
+// If the token is not a valid OIDC session, agentLookup is tried as a fallback.
+func withSessionAuth(ah *authHandler, agentLookup func(string) string, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if strings.HasPrefix(r.URL.Path, "/auth/") {
 			next.ServeHTTP(w, r)
@@ -26,6 +27,9 @@ func withSessionAuth(ah *authHandler, next http.Handler) http.Handler {
 		}
 		token := strings.TrimPrefix(auth, "Bearer ")
 		username := ah.lookupSession(token)
+		if username == "" && agentLookup != nil {
+			username = agentLookup(token)
+		}
 		if username == "" {
 			writeError(w, http.StatusUnauthorized, "invalid or expired session; run 'ax login'")
 			return
@@ -0,0 +1,86 @@
+package serve
+
+import (
+	"net/http"
+	"sync"
+	"time"
+)
+
+type visitor struct {
+	tokens   float64
+	lastSeen time.Time
+}
+
+type rateLimiter struct {
+	mu       sync.Mutex
+	visitors map[string]*visitor
+	rate     float64 // tokens per second
+	burst    float64 // max tokens
+}
+
+func newRateLimiter(rate float64, burst int) *rateLimiter {
+	rl := &rateLimiter{
+		visitors: make(map[string]*visitor),
+		rate:     rate,
+		burst:    float64(burst),
+	}
+	go rl.cleanup()
+	return rl
+}
+
+func (rl *rateLimiter) allow(ip string) bool {
+	rl.mu.Lock()
+	defer rl.mu.Unlock()
+
+	v, exists := rl.visitors[ip]
+	now := time.Now()
+	if !exists {
+		rl.visitors[ip] = &visitor{tokens: rl.burst - 1, lastSeen: now}
+		return true
+	}
+
+	elapsed := now.Sub(v.lastSeen).Seconds()
+	v.lastSeen = now
+	v.tokens += elapsed * rl.rate
+	if v.tokens > rl.burst {
+		v.tokens = rl.burst
+	}
+
+	if v.tokens < 1 {
+		return false
+	}
+	v.tokens--
+	return true
+}
+
+func (rl *rateLimiter) cleanup() {
+	for range time.Tick(time.Minute) {
+		rl.mu.Lock()
+		for ip, v := range rl.visitors {
+			if time.Since(v.lastSeen) > 5*time.Minute {
+				delete(rl.visitors, ip)
+			}
+		}
+		rl.mu.Unlock()
+	}
+}
+
+func clientIP(r *http.Request) string {
+	if ip := r.Header.Get("X-Forwarded-For"); ip != "" {
+		return ip
+	}
+	if ip := r.Header.Get("X-Real-IP"); ip != "" {
+		return ip
+	}
+	return r.RemoteAddr
+}
+
+func withRateLimit(rl *rateLimiter, next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if !rl.allow(clientIP(r)) {
+			writeError(w, http.StatusTooManyRequests, "rate limit exceeded")
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
@@ -14,8 +14,8 @@ import (
 // When oidcCfg is non-nil, every request must carry a valid Bearer token;
 // the authenticated username is derived from the token claim configured in
 // OIDCConfig.UserClaim. Without OIDC, the X-Ax-User header is used instead.
-func New(newSvc func(user string) (service.NodeService, error), oidcCfg *store.OIDCConfig) (http.Handler, error) {
-	s := &server{newSvc: newSvc}
+func New(newSvc func(user string) (service.NodeService, error), oidcCfg *store.OIDCConfig, agentLookup func(string) string) (http.Handler, error) {
+	s := &server{newSvc: newSvc, agentLookup: agentLookup}
 	mux := http.NewServeMux()
 	mux.HandleFunc("GET /nodes", s.listNodes)
 	mux.HandleFunc("POST /nodes", s.addNode)
@@ -24,25 +24,34 @@ func New(newSvc func(user string) (service.NodeService, error), oidcCfg *store.O
 	mux.HandleFunc("DELETE /nodes/{id}", s.deleteNode)
 	mux.HandleFunc("GET /users", s.listUsers)
 	mux.HandleFunc("POST /users", s.addUser)
+	rl := newRateLimiter(10, 30) // 10 req/s sustained, burst of 30
+
 	if oidcCfg != nil {
 		ah, err := newAuthHandler(*oidcCfg)
 		if err != nil {
 			return nil, err
 		}
 		mux.HandleFunc("POST /auth/start", ah.start)
+		mux.HandleFunc("POST /auth/device/start", ah.deviceStart)
 		mux.HandleFunc("GET /auth/callback", ah.callback)
 		mux.HandleFunc("GET /auth/poll", ah.poll)
-		return withSessionAuth(ah, mux), nil
+		return withRateLimit(rl, withSessionAuth(ah, agentLookup, mux)), nil
 	}
-	return mux, nil
+	return withRateLimit(rl, mux), nil
 }

 type server struct {
 	newSvc      func(user string) (service.NodeService, error)
+	agentLookup func(string) string
 }

 func (s *server) svc(w http.ResponseWriter, r *http.Request) (service.NodeService, bool) {
 	user := userFromContext(r)
+	if user == "" && s.agentLookup != nil {
+		if auth := r.Header.Get("Authorization"); strings.HasPrefix(auth, "Bearer ") {
+			user = s.agentLookup(strings.TrimPrefix(auth, "Bearer "))
+		}
+	}
 	if user == "" {
 		user = r.Header.Get("X-Ax-User")
 	}
@@ -52,7 +61,7 @@ func (s *server) svc(w http.ResponseWriter, r *http.Request) (service.NodeServic
 	}
 	svc, err := s.newSvc(user)
 	if err != nil {
-		writeError(w, http.StatusInternalServerError, err.Error())
+		writeError(w, http.StatusInternalServerError, "internal error")
 		return nil, false
 	}
 	return svc, true
@@ -77,7 +86,7 @@ func (s *server) listNodes(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 	if v := q.Get("namespace"); v != "" {
-		filter.Rels = append(filter.Rels, service.RelInput{Type: models.RelInNamespace, Target: v})
+		filter.Namespace = v
 	}
 	if v := q.Get("assignee"); v != "" {
 		filter.Rels = append(filter.Rels, service.RelInput{Type: models.RelAssignee, Target: v})
@@ -95,7 +104,7 @@ func (s *server) listNodes(w http.ResponseWriter, r *http.Request) {
 	}
 	nodes, err := svc.List(filter)
 	if err != nil {
-		writeError(w, http.StatusInternalServerError, err.Error())
+		writeError(w, http.StatusInternalServerError, "internal error")
 		return
 	}
 	writeJSON(w, nodes)
@@ -170,7 +179,7 @@ func (s *server) listUsers(w http.ResponseWriter, r *http.Request) {
 	}
 	users, err := svc.ListUsers()
 	if err != nil {
-		writeError(w, http.StatusInternalServerError, err.Error())
+		writeError(w, http.StatusInternalServerError, "internal error")
 		return
 	}
 	writeJSON(w, users)
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"os"
 	"strconv"
 )

@@ -42,6 +43,11 @@ func (c *apiClient) do(method, path string, body any) (*http.Response, error) {
 // setAuth attaches either a Bearer token (when a session exists) or the
 // X-Ax-User header (no session / non-OIDC servers).
 func (c *apiClient) setAuth(req *http.Request) error {
+	// Agent token takes priority (stateless, no login needed).
+	if token := os.Getenv("AX_TOKEN"); token != "" {
+		req.Header.Set("Authorization", "Bearer "+token)
+		return nil
+	}
 	sess, err := store.LoadSession()
 	if err != nil || sess == nil || sess.Token == "" {
 		req.Header.Set("X-Ax-User", c.user)
@@ -72,6 +78,9 @@ func (c *apiClient) GetByID(id string) (*models.Node, error) {

 func (c *apiClient) List(filter ListFilter) ([]*models.Node, error) {
 	q := url.Values{}
+	if filter.Namespace != "" {
+		q.Set("namespace", filter.Namespace)
+	}
 	for _, r := range filter.Rels {
 		if r.Target == "" {
 			q.Add("rel", string(r.Type))
@@ -37,25 +37,30 @@ type AddInput struct {
 	Title     string
 	Content   string
 	DueDate   string
+	Namespace string // namespace name or ID; defaults to the user's personal namespace
 	Rels      []RelInput
 }

 // UpdateInput describes changes to apply to an existing node.
 // AddRels and RemoveRels accept both tag rels (Target == "") and edge rels.
 // Setting _status::done in AddRels is rejected when the node has open blockers.
-// Adding assignee or in_namespace rels replaces the previous single target.
+// Adding an assignee rel replaces the previous single target.
+// Setting Namespace transfers ownership from the current namespace to the new one.
 type UpdateInput struct {
 	Title                 *string
 	Content               *string
 	DueDate               *string // nil = no change; pointer to "" = clear due date
+	Namespace             *string // nil = no change; namespace name or ID to move node into
 	AddRels               []RelInput
 	RemoveRels            []RelInput
+	RegenerateAccessToken bool // when true, regenerates the access token for agent nodes
 }

 // ListFilter specifies which nodes to return. Empty slices are ignored.
 // Tag filters (Target == "") match by rel_name prefix.
 // Edge filters (Target != "") are resolved to node IDs.
 type ListFilter struct {
+	Namespace  string // when non-empty, only return nodes owned by this namespace
 	Rels       []RelInput
 	HasDueDate bool // when true, only return nodes that have a due date set
 	DueWithin  *int // when non-nil, only return nodes due within this many days (includes overdue)
@@ -3,6 +3,10 @@ package service
 import (
 	"axolotl/models"
 	"axolotl/store"
+	"crypto/rand"
+	"crypto/subtle"
+	"encoding/base64"
+	"encoding/json"
 	"fmt"
 	"maps"
 	"regexp"
@@ -11,6 +15,39 @@ import (
 	"time"
 )

+// agentContent is the JSON structure stored in agent node content.
+type agentContent struct {
+	AccessToken string `json:"access_token"`
+}
+
+// generateAccessToken returns a cryptographically random base64url token.
+func generateAccessToken() (string, error) {
+	b := make([]byte, 32)
+	if _, err := rand.Read(b); err != nil {
+		return "", err
+	}
+	return base64.RawURLEncoding.EncodeToString(b), nil
+}
+
+// LookupAgentToken finds the agent node whose content contains the given
+// access token. Returns the agent node ID, or "" if not found.
+func LookupAgentToken(st store.GraphStore, token string) string {
+	agents, err := st.FindNodes([]*models.Rel{{Type: "_type::agent", Target: ""}})
+	if err != nil {
+		return ""
+	}
+	for _, agent := range agents {
+		var c agentContent
+		if err := json.Unmarshal([]byte(agent.Content), &c); err != nil {
+			continue
+		}
+		if subtle.ConstantTimeCompare([]byte(c.AccessToken), []byte(token)) == 1 {
+			return agent.ID
+		}
+	}
+	return ""
+}
+
 type nodeServiceImpl struct {
 	store  store.GraphStore
 	userID string
@@ -75,7 +112,7 @@ const (
 // namespaces are globally readable and any node can reference them.
 func isReferenceRel(t models.RelType) bool {
 	switch t {
-	case models.RelAssignee, models.RelCreated, models.RelMentions, models.RelInNamespace:
+	case models.RelAssignee, models.RelCreated, models.RelMentions:
 		return true
 	}
 	return false
@@ -105,10 +142,17 @@ func (pc *permContext) hasOwnership(nodeID string) bool { return pc.levels[nodeI
 // If the user node doesn't exist yet, returns an empty permContext (no access);
 // Add operations still work because unresolved targets skip the permission check.
 func (s *nodeServiceImpl) getPermContext() (*permContext, error) {
-	userNodeID, err := s.resolveIDByNameAndType(s.store, s.userID, "user")
+	// If userID is already a node ID (e.g. for agents), use it directly.
+	var userNodeID string
+	if exists, _ := s.store.NodeExists(s.userID); exists {
+		userNodeID = s.userID
+	} else {
+		var err error
+		userNodeID, err = s.resolveIDByNameAndType(s.store, s.userID, "user")
 		if err != nil {
 			return nil, err
 		}
+	}
 	pc := &permContext{levels: make(map[string]int)}
 	if userNodeID == "" {
 		return pc, nil // user not bootstrapped yet; Add will auto-create user node
@@ -158,7 +202,7 @@ func (s *nodeServiceImpl) getPermContext() (*permContext, error) {
 // --- Validation ---

 var (
-	validTypes    = map[string]bool{"issue": true, "note": true, "user": true, "namespace": true}
+	validTypes    = map[string]bool{"issue": true, "note": true, "user": true, "namespace": true, "agent": true}
 	validStatuses = map[string]bool{"open": true, "done": true}
 	validPrios    = map[string]bool{"high": true, "medium": true, "low": true}
 )
@@ -208,6 +252,28 @@ func (s *nodeServiceImpl) GetByID(id string) (*models.Node, error) {
 }

 func (s *nodeServiceImpl) List(filter ListFilter) ([]*models.Node, error) {
+	// Resolve namespace filter to owned node IDs.
+	var nsOwnedIDs map[string]bool
+	if filter.Namespace != "" {
+		nsID, _ := s.resolveIDByNameAndType(s.store, filter.Namespace, "namespace")
+		if nsID == "" {
+			if exists, _ := s.store.NodeExists(filter.Namespace); exists {
+				nsID = filter.Namespace
+			}
+		}
+		if nsID == "" {
+			return nil, nil // namespace not found
+		}
+		nsNode, err := s.store.GetNode(nsID)
+		if err != nil {
+			return nil, nil
+		}
+		nsOwnedIDs = make(map[string]bool)
+		for _, ownedID := range nsNode.Relations[string(models.RelHasOwnership)] {
+			nsOwnedIDs[ownedID] = true
+		}
+	}
+
 	var storeFilters []*models.Rel
 	for _, ri := range filter.Rels {
 		if ri.Target == "" {
@@ -230,9 +296,13 @@ func (s *nodeServiceImpl) List(filter ListFilter) ([]*models.Node, error) {
 	}
 	var result []*models.Node
 	for _, n := range nodes {
-		if pc.canRead(n.ID) {
-			result = append(result, n)
+		if !pc.canRead(n.ID) {
+			continue
 		}
+		if nsOwnedIDs != nil && !nsOwnedIDs[n.ID] {
+			continue
+		}
+		result = append(result, n)
 	}

 	if filter.HasDueDate || filter.DueWithin != nil {
@@ -323,11 +393,14 @@ func (s *nodeServiceImpl) Add(input AddInput) (*models.Node, error) {
 		}
 	}

-	hasNamespace := false
-	for _, ri := range input.Rels {
-		if ri.Type == models.RelInNamespace && ri.Target != "" {
-			hasNamespace = true
+	// Agent nodes get an auto-generated access token stored as JSON content.
+	if tmp.GetProperty("type") == "agent" {
+		token, err := generateAccessToken()
+		if err != nil {
+			return nil, fmt.Errorf("failed to generate access token: %w", err)
 		}
+		data, _ := json.Marshal(agentContent{AccessToken: token})
+		input.Content = string(data)
 	}

 	dueDate, err := parseDueDate(input.DueDate)
@@ -364,9 +437,8 @@ func (s *nodeServiceImpl) Add(input AddInput) (*models.Node, error) {
 			}
 		}

-		// Edge rels. Track the namespace the node is placed in for ownership.
+		// Edge rels.
 		hasCreated := false
-		var actualNsID string
 		for _, ri := range input.Rels {
 			if ri.Target == "" {
 				continue // already stored as tag
@@ -378,9 +450,6 @@ func (s *nodeServiceImpl) Add(input AddInput) (*models.Node, error) {
 			if err != nil {
 				return err
 			}
-			if ri.Type == models.RelInNamespace {
-				actualNsID = resolved
-			}
 			if ri.Type == models.RelHasOwnership {
 				// Ownership transfer: remove existing owner of the target.
 				existingOwners, _ := st.FindNodes([]*models.Rel{{Type: models.RelHasOwnership, Target: resolved}})
@@ -393,18 +462,6 @@ func (s *nodeServiceImpl) Add(input AddInput) (*models.Node, error) {
 			}
 		}

-		// Default namespace.
-		if !hasNamespace {
-			nsID, err := s.resolveNamespaceRef(st, s.userID)
-			if err != nil {
-				return err
-			}
-			if err := st.AddRel(id, string(models.RelInNamespace), nsID); err != nil {
-				return err
-			}
-			actualNsID = nsID
-		}
-
 		// Default created.
 		if !hasCreated {
 			userID, err := s.resolveUserRef(st, s.userID)
@@ -416,40 +473,39 @@ func (s *nodeServiceImpl) Add(input AddInput) (*models.Node, error) {
 			}
 		}

+		// Agent nodes get self-ownership (like users).
+		if tmp.GetProperty("type") == "agent" {
+			if err := st.AddRel(id, string(models.RelHasOwnership), id); err != nil {
+				return err
+			}
+		}
+
 		// Grant ownership of the new node.
-		// Namespace nodes are owned by their creator. All other nodes are owned
-		// by the namespace they belong to — the user retains transitive ownership
-		// through the namespace's own ownership chain (e.g. user→owns→default-ns→owns→node).
+		// Namespace and agent nodes are owned by their creator (user node).
+		// All other nodes are owned by the namespace they belong to — the user
+		// retains transitive ownership through the namespace's own ownership chain
+		// (e.g. user→has_ownership→default-ns→has_ownership→node).
 		creatorID, err := s.resolveUserRef(st, s.userID)
 		if err != nil {
 			return err
 		}
 		ownerID := creatorID
-		if tmp.GetProperty("type") != "namespace" && actualNsID != "" {
-			ownerID = actualNsID
+		nodeType := tmp.GetProperty("type")
+		if nodeType != "namespace" && nodeType != "agent" {
+			nsRef := input.Namespace
+			if nsRef == "" {
+				nsRef = s.userID
+			}
+			nsID, err := s.resolveNamespaceRef(st, nsRef)
+			if err != nil {
+				return err
+			}
+			ownerID = nsID
 		}
 		if err := st.AddRel(ownerID, string(models.RelHasOwnership), id); err != nil {
 			return err
 		}

-		// Namespace bootstrap: when creating a namespace node directly, apply the
-		// same setup as ensureNamespace — self in_namespace and creator ownership.
-		if tmp.GetProperty("type") == "namespace" {
-			if !hasNamespace {
-				// Replace the default namespace rel (user's ns) with self-reference.
-				userNsID, _ := s.resolveIDByNameAndType(st, s.userID, "namespace")
-				if userNsID != "" {
-					if err := st.RemoveRel(id, string(models.RelInNamespace), userNsID); err != nil {
-						return err
-					}
-				}
-				if err := st.AddRel(id, string(models.RelInNamespace), id); err != nil {
-					return err
-				}
-			}
-			// Creator already gets ownership via the block above; nothing more to do.
-		}
-
 		return nil
 	})
 	if err != nil {
@@ -470,8 +526,8 @@ func (s *nodeServiceImpl) Update(id string, input UpdateInput) (*models.Node, er
 		return nil, err
 	}

-	// Field/tag changes and rel removals require can_write on the node.
-	needsWrite := input.Title != nil || input.Content != nil || input.DueDate != nil
+	// Field/tag changes, rel removals, and namespace change require can_write on the node.
+	needsWrite := input.Title != nil || input.Content != nil || input.DueDate != nil || input.Namespace != nil || input.RegenerateAccessToken
 	for _, ri := range input.AddRels {
 		if ri.Target == "" {
 			needsWrite = true
@@ -554,8 +610,22 @@ func (s *nodeServiceImpl) Update(id string, input UpdateInput) (*models.Node, er
 			title = *input.Title
 		}
 		if input.Content != nil {
+			if current.GetProperty("type") == "agent" {
+				return fmt.Errorf("cannot set content on agent nodes; use --regenerate-access-token to rotate the token")
+			}
 			content = *input.Content
 		}
+		if input.RegenerateAccessToken {
+			if current.GetProperty("type") != "agent" {
+				return fmt.Errorf("cannot regenerate access token: node is not an agent")
+			}
+			token, err := generateAccessToken()
+			if err != nil {
+				return fmt.Errorf("failed to generate access token: %w", err)
+			}
+			data, _ := json.Marshal(agentContent{AccessToken: token})
+			content = string(data)
+		}
 		if input.DueDate != nil {
 			parsed, err := parseDueDate(*input.DueDate)
 			if err != nil {
@@ -619,7 +689,7 @@ func (s *nodeServiceImpl) Update(id string, input UpdateInput) (*models.Node, er
 				return err
 			}
 			// Single-value relations replace the previous target.
-			if ri.Type == models.RelAssignee || ri.Type == models.RelInNamespace {
+			if ri.Type == models.RelAssignee {
 				for _, oldTgt := range currentRels[string(ri.Type)] {
 					if err := st.RemoveRel(id, string(ri.Type), oldTgt); err != nil {
 						return err
@@ -651,6 +721,24 @@ func (s *nodeServiceImpl) Update(id string, input UpdateInput) (*models.Node, er
 			}
 		}

+		// Namespace change: transfer ownership from the current namespace to the new one.
+		if input.Namespace != nil {
+			newNsID, err := s.resolveNamespaceRef(st, *input.Namespace)
+			if err != nil {
+				return err
+			}
+			// Remove ownership from any current namespace owner.
+			currentOwners, _ := st.FindNodes([]*models.Rel{{Type: models.RelHasOwnership, Target: id}})
+			for _, owner := range currentOwners {
+				if owner.GetProperty("type") == "namespace" {
+					st.RemoveRel(owner.ID, string(models.RelHasOwnership), id) //nolint:errcheck
+				}
+			}
+			if err := st.AddRel(newNsID, string(models.RelHasOwnership), id); err != nil {
+				return err
+			}
+		}
+
 		return nil
 	})
 	if err != nil {
@@ -770,8 +858,6 @@ func (s *nodeServiceImpl) resolveRelTarget(st store.GraphStore, ri RelInput) (st
 	switch ri.Type {
 	case models.RelAssignee, models.RelCreated, models.RelMentions:
 		return s.resolveUserRef(st, ri.Target)
-	case models.RelInNamespace:
-		return s.resolveNamespaceRef(st, ri.Target)
 	default:
 		// Permission rels and all other edge rels expect raw node IDs.
 		return ri.Target, nil
@@ -788,8 +874,6 @@ func (s *nodeServiceImpl) lookupRelTarget(relType models.RelType, target string)
 	switch relType {
 	case models.RelAssignee, models.RelCreated, models.RelMentions:
 		nodeType = "user"
-	case models.RelInNamespace:
-		nodeType = "namespace"
 	default:
 		// Permission rels and other edge rels use raw node IDs.
 		return "", false
@@ -843,9 +927,6 @@ func (s *nodeServiceImpl) ensureGlobalNamespace(st store.GraphStore) (string, er
 	if err := st.AddRel(id, "_type::namespace", ""); err != nil {
 		return "", err
 	}
-	if err := st.AddRel(id, string(models.RelInNamespace), id); err != nil {
-		return "", err
-	}
 	// Self-owned so no single user controls it.
 	if err := st.AddRel(id, string(models.RelHasOwnership), id); err != nil {
 		return "", err
@@ -916,9 +997,6 @@ func (s *nodeServiceImpl) ensureNamespace(st store.GraphStore, name string) (str
 	if err := st.AddRel(id, "_type::namespace", ""); err != nil {
 		return "", err
 	}
-	if err := st.AddRel(id, string(models.RelInNamespace), id); err != nil {
-		return "", err
-	}
 	userID, err := s.resolveUserRef(st, s.userID)
 	if err != nil {
 		return "", err
@@ -2,40 +2,26 @@ package store

 import (
 	"encoding/json"
-	"errors"
 	"fmt"
 	"os"
 	"os/user"
 	"path/filepath"
-	"slices"
 )

-var builtinAliases = []*Alias{
-	{Name: "mine", Command: "list --assignee $me", Description: "My assigned issues"},
-	{Name: "due", Command: "list --status open", Description: "Open issues"},
-	{Name: "inbox", Command: "list --mention $me", Description: "My mentions"},
-}
-
-func isBuiltinAlias(name string) bool {
-	for _, a := range builtinAliases {
-		if a.Name == name {
-			return true
-		}
-	}
-	return false
-}
-
+// Alias defines a user-defined command shortcut.
 type Alias struct {
 	Name        string `json:"name"`
 	Command     string `json:"command"`
 	Description string `json:"description,omitempty"`
 }

+// ServerConfig holds a host:port pair used for both the local server and the remote connection.
 type ServerConfig struct {
 	Host string `json:"host"`
 	Port int    `json:"port"`
 }

+// OIDCConfig holds the settings needed to authenticate users via OpenID Connect.
 type OIDCConfig struct {
 	Issuer       string `json:"issuer"`
 	ClientID     string `json:"client_id"`
@@ -44,16 +30,86 @@ type OIDCConfig struct {
 	UserClaim    string `json:"user_claim"`
 }

+// Config is the central configuration object for ax, loaded from config.json.
 type Config struct {
 	path    string
 	User    string       `json:"user"`
 	Editor  string       `json:"editor"`
-	UserAliases []*Alias     `json:"aliases"`
+	Aliases []*Alias     `json:"aliases"`
 	Serve   ServerConfig `json:"serve"`
 	Remote  ServerConfig `json:"remote"`
 	OIDC    OIDCConfig   `json:"oidc"`
 }

+// LoadConfig reads config.json from the data root and applies environment
+// variable overrides (AX_USER, EDITOR) and sensible defaults for any
+// unset fields. If no config file exists, a default config is returned.
+func LoadConfig() (*Config, error) {
+	configRoot, err := FindDataRoot(".config")
+	if err != nil {
+		return nil, err
+	}
+	path := filepath.Join(configRoot, "config.json")
+	c := &Config{path: path, Aliases: []*Alias{}}
+	data, err := os.ReadFile(path)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			return nil, err
+		}
+	} else {
+		if err := json.Unmarshal(data, c); err != nil {
+			return nil, err
+		}
+	}
+
+	// Apply env overrides and defaults.
+	if c.User == "" {
+		c.User = os.Getenv("AX_USER")
+	}
+	if c.User == "" {
+		if u, err := user.Current(); err == nil {
+			c.User = u.Username
+		} else {
+			c.User = "unknown"
+		}
+	}
+	if c.Editor == "" {
+		c.Editor = os.Getenv("EDITOR")
+	}
+	if c.Editor == "" {
+		c.Editor = "vi"
+	}
+	if c.Serve.Host == "" {
+		c.Serve.Host = "localhost"
+	}
+	if c.Serve.Port == 0 {
+		c.Serve.Port = 7000
+	}
+	if c.Remote.Host != "" && c.Remote.Port == 0 {
+		c.Remote.Port = 7000
+	}
+	if c.OIDC.Issuer != "" && c.OIDC.UserClaim == "" {
+		c.OIDC.UserClaim = "preferred_username"
+	}
+
+	return c, nil
+}
+
+// Save writes the config back to disk as indented JSON.
+func (c *Config) Save() error {
+	if err := os.MkdirAll(filepath.Dir(c.path), 0755); err != nil {
+		return err
+	}
+	data, err := json.MarshalIndent(c, "", "  ")
+	if err != nil {
+		return err
+	}
+	return os.WriteFile(c.path, data, 0644)
+}
+
+// FindDataRoot locates the .ax directory by walking up from the current
+// working directory. If none is found, it falls back to ~/<std>/ax
+// (e.g. ~/.config/ax or ~/.local/share/ax).
 func FindDataRoot(std ...string) (string, error) {
 	dir, err := filepath.Abs(".")
 	if err != nil {
@@ -74,145 +130,8 @@ func FindDataRoot(std ...string) (string, error) {
 	}
 	home, err := os.UserHomeDir()
 	if err != nil {
-		return "", err
+		return "", fmt.Errorf("could not determine home directory: %w", err)
 	}
 	stdpath := filepath.Join(std...)
 	return filepath.Join(home, stdpath, "ax"), nil
 }
-
-func LoadConfigFile() (*Config, error) {
-	configRoot, err := FindDataRoot(".config")
-	if err != nil {
-		return nil, err
-	}
-	path := filepath.Join(configRoot, "config.json")
-	fc := &Config{path: path, UserAliases: []*Alias{}}
-	data, err := os.ReadFile(path)
-	if err != nil {
-		if !os.IsNotExist(err) {
-			return nil, err
-		}
-	} else {
-		if err := json.Unmarshal(data, fc); err != nil {
-			return nil, err
-		}
-	}
-	return fc, nil
-}
-
-func (c *Config) GetUser() string {
-	if c.User != "" {
-		return c.User
-	}
-	if u := os.Getenv("AX_USER"); u != "" {
-		return u
-	}
-	if u, err := user.Current(); err == nil {
-		return u.Username
-	}
-	return "unknown"
-}
-
-func (c *Config) GetEditor() string {
-	if c.Editor != "" {
-		return c.User
-	}
-	if u := os.Getenv("EDITOR"); u != "" {
-		return u
-	}
-	return "vi"
-}
-
-func (c *Config) GetAlias(name string) (*Alias, error) {
-	for _, a := range c.UserAliases {
-		if a.Name == name {
-			return a, nil
-		}
-	}
-	return nil, errors.New("alias not found")
-}
-
-func (c *Config) SetAlias(alias *Alias) error {
-	for i, a := range c.UserAliases {
-		if a.Name == alias.Name {
-			c.UserAliases[i] = alias
-			return c.Save()
-		}
-	}
-	c.UserAliases = append(c.UserAliases, alias)
-	return c.Save()
-}
-
-func (c *Config) DeleteAlias(name string) error {
-	if isBuiltinAlias(name) {
-		return fmt.Errorf("cannot delete built-in alias %q", name)
-	}
-	for i, a := range c.UserAliases {
-		if a.Name == name {
-			c.UserAliases = slices.Delete(c.UserAliases, i, i+1)
-			return c.Save()
-		}
-	}
-	return errors.New("alias not found")
-}
-
-func (c *Config) ListAliases() ([]*Alias, error) {
-	seen := make(map[string]bool)
-	var result []*Alias
-	for _, a := range builtinAliases {
-		result = append(result, a)
-		seen[a.Name] = true
-	}
-	for _, a := range c.UserAliases {
-		if !seen[a.Name] {
-			result = append(result, a)
-			seen[a.Name] = true
-		}
-	}
-	return result, nil
-}
-
-func (c *Config) GetOIDCConfig() (*OIDCConfig, bool) {
-	if c.OIDC.Issuer == "" {
-		return nil, false
-	}
-	cfg := c.OIDC
-	if cfg.UserClaim == "" {
-		cfg.UserClaim = "preferred_username"
-	}
-	return &cfg, true
-}
-
-func (c *Config) GetRemoteConfig() (*ServerConfig, bool) {
-	if c.Remote.Host == "" {
-		return nil, false
-	}
-	port := c.Remote.Port
-	if port == 0 {
-		port = 7000
-	}
-	return &ServerConfig{Host: c.Remote.Host, Port: port}, true
-}
-
-func (c *Config) GetServerConfig() *ServerConfig {
-	host := c.Serve.Host
-	if host == "" {
-		host = "localhost"
-	}
-	port := c.Serve.Port
-	if port == 0 {
-		port = 7000
-	}
-	return &ServerConfig{Host: host, Port: port}
-}
-
-func (c *Config) Save() error {
-	if err := os.MkdirAll(filepath.Dir(c.path), 0755); err != nil {
-		return err
-	}
-	data, err := json.MarshalIndent(c, "", "  ")
-	if err != nil {
-		return err
-	}
-	return os.WriteFile(c.path, data, 0644)
-}
@@ -74,31 +74,20 @@ func FindAndOpenSQLiteStore() (GraphStore, error) {
 }

 // FindOrInitSQLiteStore is like FindAndOpenSQLiteStore but intended for server
-// mode: if no .ax.db is found it creates and initialises one in the current
-// working directory instead of returning an error.
+// mode: if no database is found it creates and initialises one in the
+// ~/.local/share/ax/ directory instead of returning an error.
 func FindOrInitSQLiteStore() (GraphStore, error) {
-	dir, err := filepath.Abs(".")
+	dataRoot, err := FindDataRoot(".local", "share")
 	if err != nil {
+		return nil, fmt.Errorf("failed to find data dir: %w", err)
+	}
+	dbPath := filepath.Join(dataRoot, "ax.db")
+	if _, err := os.Stat(dbPath); err != nil {
+		if err := InitSQLiteStore(dbPath); err != nil {
 			return nil, err
 		}
-	for {
-		dbpath := filepath.Join(dir, ".ax.db")
-		if _, err := os.Stat(dbpath); err == nil {
-			return NewSQLiteStore(dbpath)
 	}
-		if parent := filepath.Dir(dir); parent == dir {
-			break
-		} else {
-			dir = parent
-		}
-	}
-	// Not found — create and initialise in CWD.
-	cwd, _ := filepath.Abs(".")
-	dbpath := filepath.Join(cwd, ".ax.db")
-	if err := InitSQLiteStore(dbpath); err != nil {
-		return nil, err
-	}
-	return NewSQLiteStore(dbpath)
+	return NewSQLiteStore(dbPath)
 }

 // NewSQLiteStore opens a SQLite database at the given path, runs a one-time
@@ -13,6 +13,8 @@ type Session struct {
 	Token string `json:"token"`
 }

+// LoadSession reads the session token from disk. If no session file
+// exists, an empty Session is returned (Token will be "").
 func LoadSession() (*Session, error) {
 	sessionRoot, err := FindDataRoot(".local", "share")
 	if err != nil {
@@ -22,7 +24,7 @@ func LoadSession() (*Session, error) {
 	data, err := os.ReadFile(path)
 	if err != nil {
 		if os.IsNotExist(err) {
-			return nil, nil
+			return &Session{path: path}, nil
 		}
 		return nil, err
 	}
@@ -34,6 +36,7 @@ func LoadSession() (*Session, error) {
 	return &s, nil
 }

+// Save writes the session token to disk with restrictive permissions (0600).
 func (s *Session) Save() error {
 	if err := os.MkdirAll(filepath.Dir(s.path), 0700); err != nil {
 		return err
@@ -45,6 +48,7 @@ func (s *Session) Save() error {
 	return os.WriteFile(s.path, data, 0600)
 }

+// ClearSession deletes the session file from disk.
 func (s *Session) ClearSession() error {
 	err := os.Remove(s.path)
 	if os.IsNotExist(err) {
Author	SHA1	Message	Date
eliaskohout	83f015cb95	feat: add agent user nodes with access token authentication Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Successful in 1m50s Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Successful in 51s Details Build and Publish Docker Image / build-apk (amd64, x86_64) (push) Successful in 53s Details Build and Publish Docker Image / build-apk (arm64, aarch64) (push) Successful in 48s Details Build and Publish Docker Image / build-and-push-docker (push) Successful in 12m50s Details	2026-06-12 01:54:08 +02:00
eliaskohout	6421c28191	refactor: simplify config into a single load/save with defaults resolved at load time	2026-06-12 01:21:04 +02:00
eliaskohout	7b8202b50b	feat: harden HTTP server with rate limiting, request timeouts, and sanitized error messages	2026-06-12 00:55:09 +02:00
eliaskohout	02c5b4ae40	remove binary	2026-04-14 13:03:13 +02:00
eliaskohout	388e24a8df	ci: cross-compile binaries in workflow instead of downloading from APK registry Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Successful in 58s Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Failing after 1m2s Details Build and Publish Docker Image / build-apk (amd64, x86_64) (push) Successful in 52s Details Build and Publish Docker Image / build-apk (arm64, aarch64) (push) Failing after 47s Details Build and Publish Docker Image / build-and-push-docker (push) Successful in 10m50s Details	2026-04-14 11:24:37 +02:00
eliaskohout	b5ef107f9c	ci: use pre-built APK in Docker image instead of compiling from source Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Has been cancelled Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Has been cancelled Details Build and Publish Docker Image / build-apk (amd64, x86_64) (push) Successful in 46s Details Build and Publish Docker Image / build-apk (arm64, aarch64) (push) Successful in 51s Details Build and Publish Docker Image / build-and-push-docker (push) Failing after 11m58s Details	2026-04-14 00:59:31 +02:00
eliaskohout	21a01e9412	fix: include client_secret in device authorization request Build and Publish APK Package / build-apk (arm64, aarch64) (push) Failing after 46s Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Successful in 1m2s Details Build and Publish APK Package / build-apk (amd64, x86_64) (push) Waiting to run Details Build and Push Docker Container / build-and-push (push) Has been cancelled Details Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Has been cancelled Details	2026-04-14 00:48:16 +02:00
eliaskohout	77e2610fe8	feat: add RFC 8628 device authorization flow for out-of-VPN authentication Build and Publish APK Package / build-apk (amd64, x86_64) (push) Successful in 52s Details Build and Publish APK Package / build-apk (arm64, aarch64) (push) Successful in 43s Details Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Successful in 2m11s Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Successful in 1m6s Details Build and Push Docker Container / build-and-push (push) Successful in 20m0s Details	2026-04-13 23:32:18 +02:00
eliaskohout	2c48c75387	fix: use FindDataRoot in FindOrInitSQLiteStore for consistent database location Build and Publish APK Package / build-apk (arm64, aarch64) (push) Has been cancelled Details Build and Publish APK Package / build-apk (amd64, x86_64) (push) Has been cancelled Details Build and Push Docker Container / build-and-push (push) Successful in 17m44s Details Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Failing after 58s Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Failing after 1m0s Details	2026-04-02 14:26:13 +02:00
eliaskohout	e04a44cdcf	remove line count from readme	2026-04-02 13:41:47 +02:00
eliaskohout	b6c8a158af	docs: simplify README and extract full reference to USAGE.md - Condensed README to quick overview (~40 lines) with key features - Added install instructions for Alpine, Arch, source, and Docker - Created USAGE.md with full command reference, server mode, OIDC, and permission model docs - New features documented: server mode, OIDC authentication, per-node permissions, multiplatform auto-builds Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2026-04-02 13:38:38 +02:00
eliaskohout	5f0f8f3396	fix: update Dockerfile Go version to 1.25 and disable toolchain auto-download Build and Publish APK Package / build-apk (amd64, x86_64) (push) Successful in 42s Details Build and Publish APK Package / build-apk (arm64, aarch64) (push) Successful in 48s Details Build and Publish Arch Package / build-arch (amd64, x86_64) (push) Successful in 1m4s Details Build and Publish Arch Package / build-arch (arm64, aarch64) (push) Successful in 1m6s Details Build and Push Docker Container / build-and-push (push) Successful in 17m50s Details - Bump golang:1.24-alpine to golang:1.25-alpine to match go.mod requirement - Set GOTOOLCHAIN=local to prevent segfault from toolchain download in Docker This fixes the multiplatform build failure where go mod download would attempt to download Go 1.25.0 in the container and crash. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2026-04-02 13:25:19 +02:00
eliaskohout	24fb3a8b62	fix: prevent segfault in login command when session doesn't exist LoadSession() was returning nil when the session file didn't exist (first login). The login command then tried to dereference nil when setting session.Token, causing a panic. Now LoadSession() returns an empty Session with the path set, so callers can always use the returned session. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2026-04-02 13:23:34 +02:00
eliaskohout	89432e608b	feat: replace in_namespace relation with ownership-based namespace membership Remove the in_namespace edge relation. A node now belongs to a namespace if that namespace has has_ownership on it. This simplifies the model: namespace membership is determined by the ownership chain rather than a separate relation type. Changes: - Remove RelInNamespace constant - Add Namespace fields to AddInput, UpdateInput, and ListFilter - Update Add() to resolve namespace from input and assign it as owner - Update List() to filter by namespace ownership instead of in_namespace edges - Update() can now transfer nodes between namespaces via ownership transfer - Remove in_namespace self-references from ensureNamespace/ensureGlobalNamespace The ownership chain now fully describes both permissions and namespace membership, reducing redundancy. All tests pass with the new model. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2026-04-02 13:20:03 +02:00