Skip to content

feat: support Grok Web account setup scripts (Tos, NSFW)#692

Merged
chenyme merged 1 commit into
mainfrom
setup_tools
Jul 18, 2026
Merged

feat: support Grok Web account setup scripts (Tos, NSFW)#692
chenyme merged 1 commit into
mainfrom
setup_tools

Conversation

@chenyme

@chenyme chenyme commented Jul 18, 2026

Copy link
Copy Markdown
Owner

Summary

Add Grok Web account setup workflows for accepting the service agreement, setting an adult birth date, and enabling NSFW preferences.

The operations support both individual accounts and batch execution from the account management page.

Changes

Account scripts

  • Add three Grok Web account operations:
    • Accept service agreement
    • Set a randomized birth date
    • Enable NSFW
  • Generate birth dates uniformly across valid calendar dates for users aged 20–40.
  • Execute account scripts in a fixed order:
    1. Accept service agreement
    2. Set birth date
    3. Enable NSFW
  • Enabling NSFW automatically includes the birth-date prerequisite.
  • Default all operations to selected in the batch dialog.

Batch execution

  • Support selected-account and all-account execution.
  • Stream task progress through SSE.
  • Reuse the existing batch.syncConcurrency worker pool and hot-reload setting.
  • Limit explicit batches to 1,000 unique account IDs.
  • Use the runtime distributed lock to prevent concurrent scripts from modifying the same account.

Upstream protocol

  • Implement the captured Grok Web endpoints:
    • SetTosAcceptedVersion
    • /rest/auth/set-birth-date
    • UpdateUserFeatureControls
  • Preserve the expected JSON and gRPC-Web payloads.
  • Validate gRPC status from response headers, HTTP trailers, and gRPC-Web body trailer frames.
  • Refresh Statsig once after an applicable 403 response.
  • Treat only the exact 429 + account:birth-date-change-limit-reached response as an idempotent “birth date already set” result.
  • Ordinary 429 responses and other upstream failures remain errors.

Egress and browser identity

All XAI account-setting requests use the existing Grok Web egress manager:

  • Direct routing when no enabled Web node is configured
  • Fail-closed behavior when configured nodes are unavailable
  • Fixed proxy support
  • Resin {account} sticky-proxy support
  • Stable SSO-derived Resin account identity
  • Account-specific Cloudflare cookies with node-level fallback
  • Configured Web User-Agent with the Chrome 146 default
  • Shared browser transport and safe connection-only Resin retries

The TOS request intentionally omits grok.com Cloudflare cookies because it targets accounts.x.ai. Birth-date and NSFW requests include the normal Grok Web cookies and Statsig identity.

NSFW status

  • Add web_account_profiles.nsfw_enabled_at.
  • Record the first time this service confirms that NSFW was successfully enabled.
  • Keep the first timestamp during repeated executions.
  • Preserve the marker during account import, updates, quota synchronization, and credential refresh.
  • Expose nsfwEnabledAt only for Grok Web accounts.
  • Display an NSFW marker and confirmation time in the Web account table.

This is a historical confirmation marker, not a live query of the upstream preference.

Admin UI

  • Add an “Account scripts” action to the Grok Web toolbar.
  • Add individual account actions to the row menu.
  • Add progress, partial-failure, and cancellation handling.
  • Refresh account data after individual or batch completion.
  • Shorten the account type column label to “Type”.

Compatibility

  • No new configuration is required.
  • Existing databases automatically receive the nullable NSFW timestamp column during schema initialization.
  • Existing accounts are not guessed or automatically backfilled.
  • Accounts that enabled NSFW before this change receive the marker after the NSFW script succeeds once.

Test plan

  • go test ./... -count=1
  • go test -race ./internal/infra/provider/web ./internal/application/account -count=1
  • go vet ./...
  • go build ./cmd/grok2api
  • pnpm build
  • pnpm lint
  • git diff --check

Regression coverage includes:

  • Protocol payloads and request headers
  • gRPC-Web trailer failures
  • Randomized 20–40-year-old birth dates
  • Locked birth-date idempotency
  • Ordinary 429 preservation
  • Script ordering and partial failures
  • Same-account concurrency protection
  • SSE request validation and progress
  • NSFW marker persistence and migration
  • Import/update marker preservation
  • Resin identity and safe retry behavior

@chenyme chenyme self-assigned this Jul 18, 2026
@chenyme
chenyme merged commit 2c15828 into main Jul 18, 2026
9 checks passed
@chenyme
chenyme deleted the setup_tools branch July 18, 2026 17:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant