Chahuadev Code

Overview

Chahuadev Code is a desktop coding environment built around a protected AI workflow. The product combines an Electron shell, AI provider integration, terminal-driven login, plan-based access control, and a future team management layer.

Core features

  • Desktop editor shell and workbench
  • Integrated terminal and CLI-based provider login
  • Agent-oriented AI workflows
  • Workspace dashboard and future billing control plane
  • Member-only access to protected AI routes

Authentication

Authentication is handled outside the static site. The worker is responsible for OAuth flow, token verification, and membership lookup. The desktop app should never trust the renderer alone for premium access decisions.

Google OAuth  -> worker auth callback
JWT/session   -> verified by backend
Membership    -> resolved server-side
AI access     -> granted through short-lived lease

Membership gating

The membership model is designed around Free, Pro, and Admin access:

  • Free: public site, docs, onboarding, and normal file editing only
  • Pro: Git unlock, AI agent access, and protected provider routes
  • Admin: full internal access with admin override by email

Real AI usage should be checked by the worker or backend before every protected action, not hidden behind only V8 or frontend logic.

AI providers

  • Codex CLI
  • Claude Code CLI
  • Gemini CLI
  • OpenAI-compatible API providers through protected routing

Security model

Protected AI usage should follow a server-authoritative architecture. The app can render premium UI, but the backend must issue and refresh access leases. This keeps paid AI rights harder to bypass than a client-only check.

  • Server-side entitlement resolution
  • Short-lived AI access lease
  • Main-process or backend route checks
  • Isolated CLI login profiles

Deployment notes

The static site in site/ should be hosted separately from the worker. The worker remains focused on auth, verification, plan resolution, and API routing.