fix: set authenticated user on request context in bearer token auth

tryBearerAuth validated the bearer token but never looked up the associated user or set it on the request context. This meant downstream handlers calling GetCurrentUser would get nil even with a valid token. Changes: - Add ContextWithUser/UserFromContext helpers in auth package - tryBearerAuth now looks up the user by token's UserID and sets it on the request context via auth.ContextWithUser - GetCurrentUser checks context first before falling back to session cookie - Add integration tests for bearer auth user context
2026-02-19 13:54:09 -08:00
parent dde0ad5250
commit 160b02b0b6
5 changed files with 218 additions and 24 deletions
--- a/internal/models/app.go
+++ b/internal/models/app.go
@@ -32,23 +32,23 @@ const (
 type App struct {
 	db *database.Database

-	ID             string
-	Name           string
-	RepoURL        string
-	Branch         string
-	DockerfilePath string
+	ID                string
+	Name              string
+	RepoURL           string
+	Branch            string
+	DockerfilePath    string
 	WebhookSecret     string
 	WebhookSecretHash string
 	SSHPrivateKey     string
-	SSHPublicKey   string
-	ImageID         sql.NullString
-	PreviousImageID sql.NullString
-	Status          AppStatus
-	DockerNetwork  sql.NullString
-	NtfyTopic      sql.NullString
-	SlackWebhook   sql.NullString
-	CreatedAt      time.Time
-	UpdatedAt      time.Time
+	SSHPublicKey      string
+	ImageID           sql.NullString
+	PreviousImageID   sql.NullString
+	Status            AppStatus
+	DockerNetwork     sql.NullString
+	NtfyTopic         sql.NullString
+	SlackWebhook      sql.NullString
+	CreatedAt         time.Time
+	UpdatedAt         time.Time
 }

 // NewApp creates a new App with a database reference.