From 5e3067a92a6b22094cd04d36e826b448fe4f062c Mon Sep 17 00:00:00 2001
From: yumoqing <yumoqing@gmail.com>
Date: Wed, 22 Apr 2026 21:51:04 +0800
Subject: [PATCH] fix(settings): resolve undefined security variable in
 settings.ui

- Added jinja2 set statement to fetch settings data from /hermes-web-cli/settings/ API
- Updated Form fields to use value/checked properties with proper fallbacks
- Implemented settings API endpoint to return current configuration
- Removed incorrect load event binding and template variable references
---
 wwwroot/settings.ui         | 11 +++++++----
 wwwroot/settings/index.dspy | 39 +++++++++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 4 deletions(-)
 create mode 100644 wwwroot/settings/index.dspy

diff --git a/wwwroot/settings.ui b/wwwroot/settings.ui
index 67fc4ef..604eaa3 100644
--- a/wwwroot/settings.ui
+++ b/wwwroot/settings.ui
@@ -16,6 +16,7 @@
         "marginBottom": "20px"
       }
     },
+    {% set settings_data = get_url('/hermes-web-cli/settings/') %}
     {
       "widgettype": "TabPanel",
       "id": "settings-tabs",
@@ -47,6 +48,7 @@
                         "name": "default-model",
                         "label": "Default AI Model",
                         "placeholder": "Select default model...",
+                        "value": "{{ settings_data.general.default_model if settings_data.general.default_model else '' }}",
                         "width": "100%",
                         "marginBottom": "16px"
                       },
@@ -55,6 +57,7 @@
                         "name": "session-timeout",
                         "label": "Session Timeout (minutes)",
                         "placeholder": "Enter timeout in minutes...",
+                        "value": "{{ settings_data.general.session_timeout if settings_data.general.session_timeout else 30 }}",
                         "width": "100%",
                         "marginBottom": "16px"
                       },
@@ -62,7 +65,7 @@
                         "uitype": "check",
                         "name": "auto-save",
                         "label": "Auto-save sessions",
-                        "checked": true,
+                        "checked": "{{ settings_data.general.auto_save if 'auto_save' in settings_data.general else true }}",
                         "marginBottom": "24px"
                       }
                     ],
@@ -168,14 +171,14 @@
                     "uitype": "check",
                     "name": "require-auth",
                     "label": "Require authentication for API access",
-                    "checked": "{{security.require_auth}}",
+                    "checked": "{{ settings_data.security.require_auth if 'require_auth' in settings_data.security else false }}",
                     "marginBottom": "12px"
                   },
                   {
                     "uitype": "check",
                     "name": "encrypt-storage",
                     "label": "Encrypt local storage",
-                    "checked": "{{security.encrypt_storage}}",
+                    "checked": "{{ settings_data.security.encrypt_storage if 'encrypt_storage' in settings_data.security else false }}",
                     "marginBottom": "24px"
                   }
                 ],
@@ -228,7 +231,7 @@
                       {"label": "Light", "value": "light"},
                       {"label": "System", "value": "system"}
                     ],
-                    "value": "dark",
+                    "value": "{{ settings_data.appearance.theme if settings_data.appearance.theme else 'dark' }}",
                     "width": "200px",
                     "marginBottom": "24px"
                   }
diff --git a/wwwroot/settings/index.dspy b/wwwroot/settings/index.dspy
new file mode 100644
index 0000000..2ea5e5a
--- /dev/null
+++ b/wwwroot/settings/index.dspy
@@ -0,0 +1,39 @@
+import os
+import json
+from pathlib import Path
+
+# Load current settings from config file or return defaults
+config_path = Path.home() / ".hermes" / "hermes-web-cli-config.json"
+
+default_settings = {
+    "security": {
+        "require_auth": False,
+        "encrypt_storage": False
+    },
+    "general": {
+        "default_model": "",
+        "session_timeout": 30,
+        "auto_save": True
+    },
+    "appearance": {
+        "theme": "dark"
+    }
+}
+
+if config_path.exists():
+    try:
+        with open(config_path, 'r') as f:
+            saved_settings = json.load(f)
+            # Merge with defaults to ensure all keys exist
+            for section, defaults in default_settings.items():
+                if section not in saved_settings:
+                    saved_settings[section] = defaults
+                else:
+                    for key, value in defaults.items():
+                        if key not in saved_settings[section]:
+                            saved_settings[section][key] = value
+            return saved_settings
+    except (json.JSONDecodeError, IOError):
+        pass
+
+return default_settings
\ No newline at end of file