v0.0.1 (#8)

Co-authored-by: Tasnim Kabir Sadik <tksadik92@gmail.com> Reviewed-on: wrenn/sandbox#8
2026-04-09 19:24:49 +00:00
parent 32e5a5a715
commit d3e4812e46
199 changed files with 24552 additions and 2776 deletions
--- a/internal/api/middleware_hosttoken.go
+++ b/internal/api/middleware_hosttoken.go
@ -4,6 +4,7 @@ import (
 	"net/http"

 	"git.omukk.dev/wrenn/sandbox/internal/auth"
+	"git.omukk.dev/wrenn/sandbox/internal/id"
 )

 // requireHostToken validates the X-Host-Token header containing a host JWT,
@ -23,7 +24,13 @@ func requireHostToken(secret []byte) func(http.Handler) http.Handler {
 				return
 			}

-			ctx := auth.WithHostContext(r.Context(), auth.HostContext{HostID: claims.HostID})
+			hostID, err := id.ParseHostID(claims.HostID)
+			if err != nil {
+				writeError(w, http.StatusUnauthorized, "unauthorized", "invalid host ID in token")
+				return
+			}
+
+			ctx := auth.WithHostContext(r.Context(), auth.HostContext{HostID: hostID})
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}