Skip to content

feat: wire role-based auth middleware into all write endpoints#65

Merged
EricGrill merged 6 commits intomainfrom
feat/wire-auth-middleware
Apr 6, 2026
Merged

feat: wire role-based auth middleware into all write endpoints#65
EricGrill merged 6 commits intomainfrom
feat/wire-auth-middleware

Conversation

@EricGrill
Copy link
Copy Markdown
Contributor

@EricGrill EricGrill commented Apr 5, 2026

Summary

  • Wired the existing requireAuth middleware (from middleware/auth.js) into all POST/PUT routes across 5 route files
  • admin: POST /farm, POST /payroll, PUT /worker/:id/pay-rate
  • foreman: POST /shift, POST /shift/:id/close, POST /worker, PUT /worker/:id, POST /lot, POST /lot/:id/transfer
  • worker: POST /shift/:id/checkin
  • GET endpoints remain public (read-only data)
  • Auth still auto-skips in dev/test mode when no API keys are set

Test plan

  • All 115 existing tests pass (auth skipped in test mode)
  • Manual test with ADMIN_KEY=test123 env var: confirm POST /payroll returns 401 without header, 200 with Bearer test123
  • Confirm mobile app still works (no keys configured = dev mode bypass)

Serves goal #12: API authentication

🤖 Generated with Claude Code

EricGrill and others added 4 commits April 5, 2026 10:02
@EricGrill @claude
test: cover remaining 3 untested backend endpoints
5fa176f 
Add tests for GET /lot (list by farm_id), GET /lot/:id/provenance
(redirect), and GET /provenance/:lotId (HTML page). All 29 backend
endpoints now have integration test coverage. 105 tests passing.

Serves goal #13 — 100% unit test coverage by April 15th.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@EricGrill @claude
test: add 10 edge-case tests for BTC price + export routes
ea09828 
Cover zero USD→sats, Infinity, NaN, null, cache consistency,
export format case-insensitivity, default format, Content-Disposition,
and invalid format rejection. Also expose response headers in test helper.

115 tests passing (was 105).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@EricGrill @claude
test: add 21 unit tests for mobile API service layer
c6bccfe 
Set up Jest + ts-jest for the mobile app (previously had 0 tests).
Covers all api.ts endpoints: health, farms, workers, shifts, lots,
payroll, provenance, plus error handling and header verification.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@EricGrill @claude
feat: wire role-based auth middleware into all write endpoints
f82c534 
The requireAuth middleware existed but was not applied to any routes.
Now all POST/PUT endpoints enforce role-based API key auth:

- admin: POST /farm, POST /payroll, PUT /worker/:id/pay-rate
- foreman: POST /shift, POST /shift/:id/close, POST /worker,
           PUT /worker/:id, POST /lot, POST /lot/:id/transfer
- worker: POST /shift/:id/checkin

Auth is still skipped in dev/test mode (no keys configured).
All 115 tests continue to pass.

Closes #12

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@EricGrill EricGrill mentioned this pull request Apr 5, 2026
Closed
@EricGrill EricGrill merged commit 1359d56 into main Apr 6, 2026
2 of 6 checks passed
@EricGrill EricGrill deleted the feat/wire-auth-middleware branch April 6, 2026 08:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@EricGrill