v0.0.1 (#8)

Co-authored-by: Tasnim Kabir Sadik <tksadik92@gmail.com> Reviewed-on: wrenn/sandbox#8
2026-04-09 19:24:49 +00:00
parent 32e5a5a715
commit d3e4812e46
199 changed files with 24552 additions and 2776 deletions
--- a/internal/api/middleware_jwt.go
+++ b/internal/api/middleware_jwt.go
@ -5,6 +5,7 @@ import (
 	"strings"

 	"git.omukk.dev/wrenn/sandbox/internal/auth"
+	"git.omukk.dev/wrenn/sandbox/internal/id"
 )

 // requireJWT validates the Authorization: Bearer <token> header, verifies the JWT
@ -25,11 +26,26 @@ func requireJWT(secret []byte) func(http.Handler) http.Handler {
 				return
 			}

+			teamID, err := id.ParseTeamID(claims.TeamID)
+			if err != nil {
+				writeError(w, http.StatusUnauthorized, "unauthorized", "invalid team ID in token")
+				return
+			}
+			userID, err := id.ParseUserID(claims.Subject)
+			if err != nil {
+				writeError(w, http.StatusUnauthorized, "unauthorized", "invalid user ID in token")
+				return
+			}
+
 			ctx := auth.WithAuthContext(r.Context(), auth.AuthContext{
-				TeamID: claims.TeamID,
-				UserID: claims.Subject,
-				Email:  claims.Email,
+				TeamID:  teamID,
+				UserID:  userID,
+				Email:   claims.Email,
+				Name:    claims.Name,
+				Role:    claims.Role,
+				IsAdmin: claims.IsAdmin,
 			})
+
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}