doc.go

// Package httpauth provides Firebase-backed HTTP middleware for authentication,
// identity enrichment, and role-based access control.
//
// Typical middleware chain:
//
//	r.Use(httpauth.AuthMiddleware(firebaseClient, publicPaths))
//	r.Use(httpauth.EnrichmentMiddleware(userEnricher, httpauth.WithTenantHeader("X-Tenant-ID")))
//	r.Use(httpauth.AuthzMiddleware(permProvider, "orders", rbac.Read))
//
// AuthMiddleware verifies Firebase Bearer tokens and injects uid + claims into
// the request context. EnrichmentMiddleware reads those values, calls the
// app-provided IdentityEnricher, and stores the full rbac.Identity. AuthzMiddleware
// resolves the permission mask and gates the request.
//
// All three middleware functions accept interfaces, so they can be tested without
// a live Firebase connection.
package httpauth
docs(httpauth-firebase): fix rbac tier reference from 1 to 0 rbac is a Tier 0 module (no micro-lib dependencies). The dependency line incorrectly cited it as Tier 1. The module's own tier (4) is unchanged — it remains the auth layer above the transport infrastructure. 2026-03-19 13:44:45 +00:00			`// Package httpauth provides Firebase-backed HTTP middleware for authentication,`
			`// identity enrichment, and role-based access control.`
			`//`
			`// Typical middleware chain:`
			`//`
			`// r.Use(httpauth.AuthMiddleware(firebaseClient, publicPaths))`
			`// r.Use(httpauth.EnrichmentMiddleware(userEnricher, httpauth.WithTenantHeader("X-Tenant-ID")))`
			`// r.Use(httpauth.AuthzMiddleware(permProvider, "orders", rbac.Read))`
			`//`
			`// AuthMiddleware verifies Firebase Bearer tokens and injects uid + claims into`
			`// the request context. EnrichmentMiddleware reads those values, calls the`
			`// app-provided IdentityEnricher, and stores the full rbac.Identity. AuthzMiddleware`
			`// resolves the permission mask and gates the request.`
			`//`
			`// All three middleware functions accept interfaces, so they can be tested without`
			`// a live Firebase connection.`
			`package httpauth`