Hynes/Void-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): 2.0.0-alpha.10 — Cloudflare Access SSO as owner auth

Browse Source 
A cryptographically-verified CF Access JWT (signature vs team JWKS + audience +
email allow-list) now counts as the owner, so browser requests through the CF
tunnel don't need the owner token copied onto each device. Fails closed → owner
token remains the fallback (LAN-direct + dev/tests unaffected). Opt-in via
CF_ACCESS_TEAM_DOMAIN / CF_ACCESS_AUD / CF_ACCESS_OWNER_EMAILS.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
root
2026-06-03 10:25:58 +10:00
parent 925cb0d7d6
commit 4e943ada12
6 changed files with 172 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server.js
View File

@@ -9,7 +9,7 @@ import { router as ingestRouter } from './lib/api/routes/ingest.js';
import { router as iconsRouter } from './lib/api/routes/icons.js';
import { startCron } from './lib/cron/index.js';
const VERSION = '2.0.0-alpha.9';
const VERSION = '2.0.0-alpha.10';
export function createApp() {
const app = express();