upaas/internal
clawbot 730a46c9ca feat: add API token authentication (closes #87)
- Add api_tokens table migration (007)
- Add APIToken model with CRUD operations
- Generate tokens with upaas_ prefix + 32 hex chars
- Store SHA-256 hash of tokens (not plaintext)
- Update APISessionAuth middleware to check Bearer tokens
- Add POST/GET/DELETE /api/v1/tokens endpoints
- Token creation returns plaintext once; list never exposes it
- Expired and revoked tokens are rejected
- Tests for creation, listing, deletion, bearer auth, revocation
2026-02-19 20:15:19 -08:00
..
config fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
database feat: add API token authentication (closes #87) 2026-02-19 20:15:19 -08:00
docker fix: resolve all golangci-lint issues 2026-02-15 21:55:24 -08:00
globals Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
handlers feat: add API token authentication (closes #87) 2026-02-19 20:15:19 -08:00
healthcheck Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
logger Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
middleware feat: add API token authentication (closes #87) 2026-02-19 20:15:19 -08:00
models feat: add API token authentication (closes #87) 2026-02-19 20:15:19 -08:00
server feat: add API token authentication (closes #87) 2026-02-19 20:15:19 -08:00
service fix: restrict CORS to configured origins (closes #40) 2026-02-19 13:45:18 -08:00
ssh Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00