feat(auth): admin user management + impersonation + magic/reset links#2
Open
fadymondy wants to merge 1 commit into
Open
feat(auth): admin user management + impersonation + magic/reset links#2fadymondy wants to merge 1 commit into
fadymondy wants to merge 1 commit into
Conversation
Adds an admin route group (/api/auth/admin/*) for user CRUD, impersonation
(reuses Service.IssueToken), and signed reset/magic-login links — guarded by
RequireRole("admin") + double-submit CSRF, reusing the plugin's own bcrypt
hashing and HMAC secret. Mail kept out of scope: links return emailed:false
and lifecycle events fire on the kernel bus for a mail/audit plugin to consume.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds an admin route group
/api/auth/admin/*to the auth plugin so every togo app that mounts auth gets functional user management out of the box (instead of each app hand-rolling it).Endpoints (role=admin + double-submit CSRF; bearer exempt):
GET/POST /api/auth/admin/users,GET/PATCH/DELETE /api/auth/admin/users/{id}(refuses deleting the last admin → 409)POST .../impersonate→{token,identity}viaService.IssueTokenPOST .../reset-password/POST .../magic-link→ signed HMAC links (emailed:false; lifecycle events fire on the kernel bus for a mail/audit plugin)GET /api/auth/magic?token=consumes the link → sessionReuses the plugin's own bcrypt hashing,
FindOrCreateByEmail,IssueToken, and HMAC secret — no new framework primitive, no new env var. 5 focused tests (in-memory sqlite).go build/vet/testgreen.Pairs with togo-framework/dashboard#(functional-admin) which consumes these endpoints.