shiny/auth
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
0074e7a74c32f9831bd6ffc216d9e7a66eb88265
auth/CLAUDE.md
T
argoyle 1fd859af5c
auth / test (push) Has been skipped
Details
auth / vulnerabilities (push) Has been skipped
Details
Release / release (push) Successful in 1m16s
Details
auth / coverage-baseline (push) Successful in 2m53s
Details
pre-commit / pre-commit (push) Successful in 5m34s
Details
chore(ci): add shared-lib scaffolding and functional coverage gate (#4)
2026-06-15 17:53:44 +00:00

2.2 KiB
Raw Blame History

auth

Shared Go library with authentication primitives for all Shiny backend services.

Shared Documentation

@../docs/claude/architecture.md @../docs/claude/go-services.md @../docs/claude/conventions.md

Library Information

Purpose

Single home for the user-header auth and secret-startup-guard code that was previously byte-identical-copied into every backend (the auth package and cmd/service/secrets_guard.go). Enforces ADR-0005 (HMAC-signed user header, keyless fail-open only in acctest) and ADR-0006 (fail closed when required secrets are missing in staging/production).

Usage

import "gitea.unbound.se/shiny/auth"

// Fail closed on missing deployed secrets before serving (ADR-0005/0006).
if missing := auth.MissingDeployedSecrets(environment, map[string]string{
    "USER_SIGNING_KEY":  cfg.UserSigningKey,
    "INTERNAL_API_KEY":  cfg.InternalAPIKey,
}); len(missing) > 0 {
    log.Fatalf("refusing to start: missing secrets in %s: %v", environment, missing)
}

// Verify the gateway's signed user header and inject *User into the context.
handler = auth.UserMiddleware([]byte(cfg.UserSigningKey))(handler)

// Read the authenticated user downstream.
user := auth.FromContext(ctx)
if user.HasRole("admin") { /* ... */ }

Exported API

  • UserMiddleware(signingKey []byte) — HTTP middleware verifying the HMAC-signed user header; injects *User into the request context.
  • FromContext(ctx) *User, User.HasRole(...) bool, ContextKey/UserKey.
  • MissingDeployedSecrets(environment string, secrets map[string]string) []string — returns the sorted names of secrets that are empty in staging/production (nil for any other environment, e.g. development/acctest).

Conventions

Standard Shiny library scaffolding: gofumpt/goimports -local, golangci-lint, gitleaks and conventional-commit checks via pre-commit; coverage-regression gate in CI (.testcoverage.yml); releases auto-tagged from conventional commits by the shared Release workflow. Bump the consuming services' go.mod after a release. A breaking change to the signed-header or secret-guard contract is a cross-service change — see ADR-0005/0006 before changing it.

Reference in New Issue View Git Blame Copy Permalink