Hynes/Void-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): agents routes + token mgmt (owner-only)

Browse Source 
Add lib/api/routes/agents.js: list/create/get, PATCH capabilities,
mint token (plaintext returned exactly once, then bcrypt-hashed),
revoke token. All endpoints gated by requireOwner so an agent token
can never bootstrap a new agent or grant itself capabilities.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
root
2026-05-31 21:05:42 +10:00
parent 56805053f0
commit 5437b68316
3 changed files with 160 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/api/index.js
View File

@@ -12,6 +12,7 @@ import { router as pagesRouter, spacesScopedRouter as pagesBySpaceRouter } from
import { router as refsRouter } from './routes/refs.js';
import { router as resourcesRouter, spacesScopedRouter as resourcesBySpaceRouter } from './routes/resources.js';
import { router as sourceDocsRouter, resourcesScopedRouter as sourceDocsByResourceRouter } from './routes/source_docs.js';
import { router as agentsRouter, tokensRouter as agentTokensRouter } from './routes/agents.js';
export function mountApi(app) {
const api = Router();
@@ -30,6 +31,8 @@ export function mountApi(app) {
api.use('/resources', resourcesRouter);
api.use('/resources/:resource_id/source-docs', sourceDocsByResourceRouter);
api.use('/source-docs', sourceDocsRouter);
api.use('/agents', agentsRouter);
api.use('/agent-tokens', agentTokensRouter);
api.use((_req, _res, next) => next(new NotFoundError('route not found')));