Problem
Once a device is paired with Happy, the app requires no additional authentication to open. Anyone who picks up an unlocked phone, or opens a browser tab where the web app is already loaded, has full access to all sessions — including the ability to send messages to running Claude Code sessions.
There is no app-level PIN, biometric prompt, or session timeout to re-authenticate. The security model relies entirely on the OS-level device lock (phone PIN/biometric, browser profile password), which is not sufficient for many environments:
- Shared computers / shared browser profiles
- Unlocked phones picked up by a third party
- Kiosk or office machines where the browser is left open
Suggested solution
Add an optional app lock feature:
- Mobile: require Face ID / Touch ID / PIN before the app becomes usable (similar to banking apps, Signal's Screen Lock feature)
- Web: require a user-defined passcode stored in-browser before rendering session content; auto-lock after a configurable idle timeout
- A grace period option (e.g. "lock after 5 minutes of inactivity")
This would be opt-in so it doesn't break existing workflows.
Related issues
Context
Self-hosted relay users are often running Claude Code on servers with elevated access. An in-app lock provides a meaningful second factor at the client level, independent of device OS security.
Problem
Once a device is paired with Happy, the app requires no additional authentication to open. Anyone who picks up an unlocked phone, or opens a browser tab where the web app is already loaded, has full access to all sessions — including the ability to send messages to running Claude Code sessions.
There is no app-level PIN, biometric prompt, or session timeout to re-authenticate. The security model relies entirely on the OS-level device lock (phone PIN/biometric, browser profile password), which is not sufficient for many environments:
Suggested solution
Add an optional app lock feature:
This would be opt-in so it doesn't break existing workflows.
Related issues
Context
Self-hosted relay users are often running Claude Code on servers with elevated access. An in-app lock provides a meaningful second factor at the client level, independent of device OS security.