sneak/upaas
1
0
Fork 0
Code Issues 9 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

feat: add API token authentication (closes #87)

Browse Source 
- Add api_tokens table migration (007)
- Add APIToken model with CRUD operations
- Generate tokens with upaas_ prefix + 32 hex chars
- Store SHA-256 hash of tokens (not plaintext)
- Update APISessionAuth middleware to check Bearer tokens
- Add POST/GET/DELETE /api/v1/tokens endpoints
- Token creation returns plaintext once; list never exposes it
- Expired and revoked tokens are rejected
- Tests for creation, listing, deletion, bearer auth, revocation
This commit is contained in:
clawbot
2026-02-19 13:47:39 -08:00
committed by user
parent 3a4e999382
commit 7387ba6b5c
8 changed files with 809 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/server/routes.go
View File

@@ -119,6 +119,11 @@ func (s *Server) SetupRoutes() {
r.Delete("/apps/{id}", s.handlers.HandleAPIDeleteApp())
r.Post("/apps/{id}/deploy", s.handlers.HandleAPITriggerDeploy())
r.Get("/apps/{id}/deployments", s.handlers.HandleAPIListDeployments())
// API token management
r.Post("/tokens", s.handlers.HandleAPICreateToken())
r.Get("/tokens", s.handlers.HandleAPIListTokens())
r.Delete("/tokens/{tokenID}", s.handlers.HandleAPIDeleteToken())
})
})