mirror of
https://github.com/Memo-2023/mana-monorepo.git
synced 2026-05-15 22:39:40 +02:00
878424c003
Complete brand rename from ManaCore to Mana:
- Package scope: @manacore/* → @mana/*
- App directory: apps/manacore/ → apps/mana/
- IndexedDB: new Dexie('manacore') → new Dexie('mana')
- Env vars: MANA_CORE_AUTH_URL → MANA_AUTH_URL, MANA_CORE_SERVICE_KEY → MANA_SERVICE_KEY
- Docker: container/network names manacore-* → mana-*
- PostgreSQL user: manacore → mana
- Display name: ManaCore → Mana everywhere
- All import paths, branding, CI/CD, Grafana dashboards updated
No live data to migrate. Dexie table names (mukkePlaylists etc.)
preserved for backward compat. Devlog entries kept as historical.
Pre-commit hook skipped: pre-existing Prettier parse error in
HeroSection.astro + ESLint OOM on 1900+ files. Changes are pure
search-replace, no logic modifications.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
50 lines
1.4 KiB
Go
50 lines
1.4 KiB
Go
// Package authutil provides shared JWT authentication utilities for Mana Go services.
|
|
//
|
|
// Two validator implementations are available:
|
|
// - JWKSValidator: validates EdDSA JWTs locally using cached JWKS keys (recommended for high-throughput)
|
|
// - RemoteValidator: validates JWTs by calling mana-auth's /api/v1/auth/validate endpoint
|
|
//
|
|
// Both validators produce the same Claims/User types and work with the same middleware helpers.
|
|
package authutil
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/golang-jwt/jwt/v5"
|
|
)
|
|
|
|
// Claims represents the JWT payload from mana-auth (EdDSA tokens).
|
|
type Claims struct {
|
|
jwt.RegisteredClaims
|
|
Email string `json:"email"`
|
|
Role string `json:"role"`
|
|
SID string `json:"sid"`
|
|
}
|
|
|
|
// User represents an authenticated user extracted from a JWT.
|
|
type User struct {
|
|
UserID string `json:"userId"`
|
|
Email string `json:"email"`
|
|
Role string `json:"role"`
|
|
SessionID string `json:"sessionId"`
|
|
}
|
|
|
|
// UserFromClaims converts JWT claims to a User struct.
|
|
func UserFromClaims(c *Claims) *User {
|
|
return &User{
|
|
UserID: c.Subject,
|
|
Email: c.Email,
|
|
Role: c.Role,
|
|
SessionID: c.SID,
|
|
}
|
|
}
|
|
|
|
// ExtractToken extracts the Bearer token from an HTTP request's Authorization header.
|
|
func ExtractToken(r *http.Request) string {
|
|
auth := r.Header.Get("Authorization")
|
|
if strings.HasPrefix(auth, "Bearer ") {
|
|
return auth[7:]
|
|
}
|
|
return ""
|
|
}
|