Hynes/Void-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): agent bearer auth middleware

Browse Source 
Add lib/api/middleware/agent_auth.js: agentOrOwner accepts the owner
token (kind=user actor) or a hashed agent token (kind=agent actor
carrying capabilities + scopes). /api router now mounts this in place
of ownerOnly so agent tokens become first-class.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
root
2026-05-31 20:59:29 +10:00
parent ba782ed690
commit 7862d22a03
3 changed files with 89 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/api/index.js
View File

@@ -1,5 +1,5 @@
import { Router } from 'express';
import { ownerOnly } from '../auth/owner.js';
import { agentOrOwner } from './middleware/agent_auth.js';
import { errorMiddleware, NotFoundError } from './errors.js';
import { router as spacesRouter } from './routes/spaces.js';
import { router as projectsRouter, spacesScopedRouter as projectsBySpaceRouter } from './routes/projects.js';
@@ -15,7 +15,7 @@ import { router as sourceDocsRouter, resourcesScopedRouter as sourceDocsByResour
export function mountApi(app) {
const api = Router();
api.use(ownerOnly);
api.use(agentOrOwner);
api.use('/spaces', spacesRouter);
api.use('/spaces/:space_id/projects', projectsBySpaceRouter);