forked from wrenn/wrenn
pptx704
e069b3e679
- Frontend: BYOC hosts page (/dashboard/byoc) with register/delete flows,
shimmer loading, pulsing online status, animated token reveal checkmark
- Frontend: Admin section (/admin/hosts) with platform + BYOC tabs, stat
pills, skeleton loading, slide-in animations for new rows
- Frontend: AdminSidebar component with accent top bar and admin pill badge
- Frontend: BYOC nav item shown only when team.is_byoc is true (derived
from teams store, not JWT); disabled for members
- Frontend: Admin shield button in Sidebar, visible only to platform admins
- Backend: is_admin in JWT claims + requireAdmin middleware (DB-validated)
- Backend: is_byoc added to teamResponse so frontend derives visibility
from fresh team data rather than stale JWT fields
- Backend: SetBYOC admin endpoint (PUT /v1/admin/teams/{id}/byoc)
- Backend: Admin hosts list enriches BYOC entries with team_name
- Host agent: load .env file via godotenv on startup
67 lines
2.0 KiB
Go
67 lines
2.0 KiB
Go
package auth
|
|
|
|
import "context"
|
|
|
|
type contextKey int
|
|
|
|
const authCtxKey contextKey = 0
|
|
|
|
// AuthContext is stamped into request context by auth middleware.
|
|
type AuthContext struct {
|
|
TeamID string
|
|
UserID string // empty when authenticated via API key
|
|
Email string // empty when authenticated via API key
|
|
Name string // empty when authenticated via API key
|
|
Role string // owner, admin, or member; empty when authenticated via API key
|
|
IsAdmin bool // platform-level admin; always false when authenticated via API key
|
|
}
|
|
|
|
// WithAuthContext returns a new context with the given AuthContext.
|
|
func WithAuthContext(ctx context.Context, a AuthContext) context.Context {
|
|
return context.WithValue(ctx, authCtxKey, a)
|
|
}
|
|
|
|
// FromContext retrieves the AuthContext. Returns zero value and false if absent.
|
|
func FromContext(ctx context.Context) (AuthContext, bool) {
|
|
a, ok := ctx.Value(authCtxKey).(AuthContext)
|
|
return a, ok
|
|
}
|
|
|
|
// MustFromContext retrieves the AuthContext. Panics if absent — only call
|
|
// inside handlers behind auth middleware.
|
|
func MustFromContext(ctx context.Context) AuthContext {
|
|
a, ok := FromContext(ctx)
|
|
if !ok {
|
|
panic("auth: MustFromContext called on unauthenticated request")
|
|
}
|
|
return a
|
|
}
|
|
|
|
const hostCtxKey contextKey = 1
|
|
|
|
// HostContext is stamped into request context by host token middleware.
|
|
type HostContext struct {
|
|
HostID string
|
|
}
|
|
|
|
// WithHostContext returns a new context with the given HostContext.
|
|
func WithHostContext(ctx context.Context, h HostContext) context.Context {
|
|
return context.WithValue(ctx, hostCtxKey, h)
|
|
}
|
|
|
|
// HostFromContext retrieves the HostContext. Returns zero value and false if absent.
|
|
func HostFromContext(ctx context.Context) (HostContext, bool) {
|
|
h, ok := ctx.Value(hostCtxKey).(HostContext)
|
|
return h, ok
|
|
}
|
|
|
|
// MustHostFromContext retrieves the HostContext. Panics if absent — only call
|
|
// inside handlers behind host token middleware.
|
|
func MustHostFromContext(ctx context.Context) HostContext {
|
|
h, ok := HostFromContext(ctx)
|
|
if !ok {
|
|
panic("auth: MustHostFromContext called on unauthenticated request")
|
|
}
|
|
return h
|
|
}
|