Rene Nochebuena
2c90fe22bf
EnrichmentMiddleware, AuthzMiddleware, IdentityEnricher, PermissionProvider, and related types are removed from this module. They now live in code.nochebuena.dev/go/httpauth, the provider-agnostic middleware layer. AuthMiddleware is updated to call httpauth.SetTokenData, fulfilling the integration contract between provider-specific auth and generic middleware. This module now has a single responsibility: Firebase JWT verification. BREAKING CHANGE: IdentityEnricher, PermissionProvider, EnrichmentMiddleware, AuthzMiddleware, and WithTenantHeader are no longer exported from this package. Import code.nochebuena.dev/go/httpauth for those identifiers.
19 lines
848 B
Go
19 lines
848 B
Go
// Package httpauth provides Firebase-backed HTTP authentication middleware.
|
|
//
|
|
// AuthMiddleware verifies Firebase Bearer tokens and injects uid + claims into
|
|
// the request context via httpauth.SetTokenData (code.nochebuena.dev/go/httpauth).
|
|
// Downstream middleware (EnrichmentMiddleware, AuthzMiddleware) comes from that
|
|
// package and is provider-agnostic.
|
|
//
|
|
// Typical middleware chain:
|
|
//
|
|
// import httpauthmw "code.nochebuena.dev/go/httpauth"
|
|
//
|
|
// r.Use(httpauth.AuthMiddleware(firebaseClient, publicPaths))
|
|
// r.Use(httpauthmw.EnrichmentMiddleware(userEnricher, httpauthmw.WithTenantHeader("X-Tenant-ID")))
|
|
// r.With(httpauthmw.AuthzMiddleware(permProvider, "orders", rbac.Read)).Post("/orders", handler)
|
|
//
|
|
// AuthMiddleware accepts a TokenVerifier interface, so it can be tested without
|
|
// a live Firebase connection.
|
|
package httpauth
|