shiny/auth
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
679fd59cbcdbb02fcaede626f446549ebb575bf1
auth/README.md
T
argoyle 81ac3e6ea5
auth / test (push) Has been skipped
Details
auth / vulnerabilities (push) Has been skipped
Details
feat: initial shared auth module 
Signed user-header middleware (UserMiddleware/FromContext/User, ADR-0005) plus
the deployed-secrets startup guard (MissingDeployedSecrets, ADR-0005/0006).
Replaces the byte-identical auth package + secrets_guard.go copied into every
backend service.
2026-06-15 11:43:11 +02:00

13 lines
565 B
Markdown
Raw Blame History

# auth
Shared authentication primitives for Shiny backend services.
- `UserMiddleware(signingKey)` — verifies the HMAC-signed `user` header the
gateway propagates (ADR-0005) and injects the `*User` into the request context.
- `FromContext(ctx)` / `User.HasRole(...)` — read the authenticated user.
- `MissingDeployedSecrets(env, secrets)` — startup guard that fails closed when
required secrets are empty in `staging`/`production` (ADR-0005/0006).
Replaces the byte-identical `auth` package and `secrets_guard.go` previously
copied into every service.
Reference in New Issue View Git Blame Copy Permalink