feat(auth): 2.0.0-alpha.10 — Cloudflare Access SSO as owner auth

A cryptographically-verified CF Access JWT (signature vs team JWKS + audience + email allow-list) now counts as the owner, so browser requests through the CF tunnel don't need the owner token copied onto each device. Fails closed → owner token remains the fallback (LAN-direct + dev/tests unaffected). Opt-in via CF_ACCESS_TEAM_DOMAIN / CF_ACCESS_AUD / CF_ACCESS_OWNER_EMAILS. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-03 10:25:58 +10:00
parent 925cb0d7d6
commit 4e943ada12
6 changed files with 172 additions and 2 deletions
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "void-server",
-  "version": "2.0.0-alpha.9",
+  "version": "2.0.0-alpha.10",
  "type": "module",
  "private": true,
  "scripts": {