lock-me-in
Remote browser login via temporary public URL. The user logs in visually; cookies persist for future automation.
How It Works
- 1. Agent launches headless Chromium with Playwright
- A web UI streams live screenshots of the browser
- Cloudflared creates a temporary public tunnel URL
- User opens the link, clicks/types to log in
- Session (cookies + localStorage) saved to disk
- Future Playwright sessions load the saved state
Quick Start
CODEBLOCK0
Run in background with nohup, capture the tunnel URL from stdout:
�CODEBLOCK1
Send the tunnel URL to the user via their messaging channel.
Loading Saved Sessions
To use a saved session in Playwright automation:
CODEBLOCK2
Session Storage
Sessions persist at /data/home/.browser-sessions/<name>/:
- -
storage.json — Cookies + localStorage (Playwright format) - INLINECODE2� — Session metadata (last URL, timestamp, cookie count)
List saved sessions: �INLINECODE3
Configuration
Environment variables:
- -
LOCK_ME_IN_SESSIONS_DIR — Override sessions dir (default: /data/home/.browser-sessions) - INLINECODE6� — Override Chrome path (auto-detected from Playwright)
- INLINECODE7� — Override local proxy port (default: 18850)
- INLINECODE8� — HTTP proxy for browser traffic (auto-parsed for auth)
Script flags:
- -
--port=N — Local proxy port - INLINECODE10� — Auto-close after N seconds (default: 900 = 15 min)
Requirements
- - Playwright-compatible Chromium (installed via
npx playwright install chromium) - INLINECODE12� binary for tunneling (install:
curl -sL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared && chmod +x /usr/local/bin/cloudflared) - Node.js 18+
Web UI Controls
- - Click on screenshot to click that position
- Send types text into the focused element
- Tab / Enter for keyboard navigation
- ← Back browser back button
- ↓ Scroll scroll down
- Navigate go to a specific URL
- 💾 Save persist session without closing
- ✅ Done save and close everything
Security Notes
- - Tunnel URLs are random and short-lived (valid only while the process runs)
- No authentication on the tunnel by default — share the URL only with the intended user
- Sessions contain auth cookies — treat
storage.json as sensitive - Auto-closes after 15 minutes by default to limit exposure
lock-me-in
通过临时公共URL进行远程浏览器登录。用户可视化登录;Cookies持久化保存以供后续自动化使用。
工作原理
- 1. 代理使用Playwright启动无头Chromium
- Web界面实时传输浏览器截图
- Cloudflared创建临时公共隧道URL
- 用户打开链接,点击/输入完成登录
- 会话(Cookies + localStorage)保存到磁盘
- 后续Playwright会话加载已保存的状态
快速开始
bash
启动登录会话
node
/scripts/browser-login.mjs
示例
node /scripts/browser-login.mjs https://linkedin.com/login linkedin
node /scripts/browser-login.mjs https://github.com/login github
node /scripts/browser-login.mjs https://mail.google.com gmail
使用nohup在后台运行,从标准输出捕获隧道URL:
bash
nohup node /scripts/browser-login.mjs > /tmp/lock-me-in.log 2>&1 &
等待URL:
grep -m1 LOGIN URL /tmp/lock-me-in.log
通过用户的消息渠道将隧道URL发送给用户。
加载已保存的会话
在Playwright自动化中使用已保存的会话:
javascript
import { chromium } from playwright-core;
const browser = await chromium.launch({ executablePath: CHROME_PATH, headless: true, args: [--no-sandbox] });
const context = await browser.newContext({
storageState: /data/home/.browser-sessions//storage.json
});
const page = await context.newPage();
await page.goto(https://linkedin.com/feed); // 已自动登录!
会话存储
会话持久化保存在 /data/home/.browser-sessions//:
- - storage.json — Cookies + localStorage(Playwright格式)
- meta.json — 会话元数据(最后访问URL、时间戳、Cookie数量)
列出已保存的会话:ls /data/home/.browser-sessions/
配置
环境变量:
- - LOCKMEINSESSIONSDIR — 覆盖会话目录(默认:/data/home/.browser-sessions)
- LOCKMEINCHROMEPATH — 覆盖Chrome路径(从Playwright自动检测)
- LOCKMEINPORT — 覆盖本地代理端口(默认:18850)
- OPENCLAWPROXY_URL — 浏览器流量的HTTP代理(自动解析认证信息)
脚本参数:
- - --port=N — 本地代理端口
- --timeout=N — N秒后自动关闭(默认:900 = 15分钟)
环境要求
- - 兼容Playwright的Chromium(通过 npx playwright install chromium 安装)
- cloudflared 隧道工具(安装:curl -sL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared && chmod +x /usr/local/bin/cloudflared)
- Node.js 18+
Web界面控制
- - 点击 截图上的位置进行点击
- 发送 在聚焦元素中输入文本
- Tab / Enter 键盘导航
- ← 返回 浏览器后退按钮
- ↓ 滚动 向下滚动
- 导航 跳转到指定URL
- 💾 保存 持久化会话但不关闭
- ✅ 完成 保存并关闭所有内容
安全说明
- - 隧道URL随机生成且短期有效(仅在进程运行时有效)
- 默认隧道无身份验证——仅与目标用户分享URL
- 会话包含认证Cookie——请将 storage.json 视为敏感信息
- 默认15分钟后自动关闭以限制暴露时间
