upaas

History

clawbot 7387ba6b5c feat: add API token authentication (closes #87 ) - Add api_tokens table migration (007) - Add APIToken model with CRUD operations - Generate tokens with upaas_ prefix + 32 hex chars - Store SHA-256 hash of tokens (not plaintext) - Update APISessionAuth middleware to check Bearer tokens - Add POST/GET/DELETE /api/v1/tokens endpoints - Token creation returns plaintext once; list never exposes it - Expired and revoked tokens are rejected - Tests for creation, listing, deletion, bearer auth, revocation		2026-02-19 23:43:22 -08:00
..
cors_test.go	fix: restrict CORS to configured origins (closes #40 )	2026-02-19 13:45:18 -08:00
middleware.go	feat: add API token authentication (closes #87 )	2026-02-19 23:43:22 -08:00
ratelimit_test.go	fix: resolve all golangci-lint issues	2026-02-15 21:55:24 -08:00
realip_test.go	fix: only trust proxy headers from RFC1918/loopback sources (closes #44 )	2026-02-15 22:01:54 -08:00