memos

Commit Graph

Author	SHA1	Message	Date
Johnny	09afa579e4	chore: implement session sliding expiration and JWT authentication - Added UpdateSessionLastAccessed method to update session access time. - Enhanced Authenticate method to support both session cookie and JWT token authentication. - Introduced AuthResult struct to encapsulate authentication results. - Added SetUserInContext function to simplify context management for authenticated users. refactor(auth): streamline gRPC and HTTP authentication - Removed gRPC authentication interceptor and replaced it with a unified approach using GatewayAuthMiddleware for HTTP requests. - Updated Connect interceptors to utilize the new authentication logic. - Consolidated public and admin-only method checks into service layer for better maintainability. chore(api): clean up unused code and improve documentation - Removed deprecated logger interceptor and unused gRPC server code. - Updated ACL configuration documentation for clarity on public and admin-only methods. - Enhanced metadata handling in Connect RPC to ensure consistent header access. fix(server): simplify server startup and shutdown process - Eliminated cmux dependency for handling HTTP and gRPC traffic. - Streamlined server initialization and shutdown logic for better performance and readability.	2025-12-15 10:04:11 +08:00
Steven	3d893a7394	fix(backend): implement protocol-agnostic header setting for dual gRPC/Connect-RPC support Problem: The codebase supports both native gRPC and Connect-RPC protocols, but auth service was using grpc.SetHeader() which only works for native gRPC. This caused "failed to set grpc header" errors when using Connect-RPC clients (browsers using nice-grpc-web). Solution: - Created HeaderCarrier pattern for protocol-agnostic header setting - HeaderCarrier stores headers in context for Connect-RPC requests - Falls back to grpc.SetHeader for native gRPC requests - Updated auth service to use SetResponseHeader() instead of grpc.SetHeader() - Refactored Connect wrappers to use withHeaderCarrier() helper to eliminate code duplication Additional fixes: - Allow public methods when gRPC metadata is missing in ACL interceptor - Properly handle ParseSessionCookieValue errors instead of ignoring them - Fix buildSessionCookie to gracefully handle missing metadata Files changed: - server/router/api/v1/header_carrier.go: New protocol-agnostic header carrier - server/router/api/v1/auth_service.go: Use SetResponseHeader, handle missing metadata - server/router/api/v1/connect_services.go: Use withHeaderCarrier helper - server/router/api/v1/acl.go: Allow public methods without metadata - server/router/api/v1/connect_interceptors.go: Handle ParseSessionCookieValue errors 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2025-12-12 07:46:28 +08:00
Johnny	edd3ced9bf	refactor: migrate to connect-rpc (#5338 )	2025-12-11 19:49:07 +08:00

Author

SHA1

Message

Date

Johnny

09afa579e4

chore: implement session sliding expiration and JWT authentication

- Added UpdateSessionLastAccessed method to update session access time.
- Enhanced Authenticate method to support both session cookie and JWT token authentication.
- Introduced AuthResult struct to encapsulate authentication results.
- Added SetUserInContext function to simplify context management for authenticated users.

refactor(auth): streamline gRPC and HTTP authentication

- Removed gRPC authentication interceptor and replaced it with a unified approach using GatewayAuthMiddleware for HTTP requests.
- Updated Connect interceptors to utilize the new authentication logic.
- Consolidated public and admin-only method checks into service layer for better maintainability.

chore(api): clean up unused code and improve documentation

- Removed deprecated logger interceptor and unused gRPC server code.
- Updated ACL configuration documentation for clarity on public and admin-only methods.
- Enhanced metadata handling in Connect RPC to ensure consistent header access.

fix(server): simplify server startup and shutdown process

- Eliminated cmux dependency for handling HTTP and gRPC traffic.
- Streamlined server initialization and shutdown logic for better performance and readability.

2025-12-15 10:04:11 +08:00

Steven

3d893a7394

fix(backend): implement protocol-agnostic header setting for dual gRPC/Connect-RPC support

Problem:
The codebase supports both native gRPC and Connect-RPC protocols, but auth
service was using grpc.SetHeader() which only works for native gRPC. This
caused "failed to set grpc header" errors when using Connect-RPC clients
(browsers using nice-grpc-web).

Solution:
- Created HeaderCarrier pattern for protocol-agnostic header setting
- HeaderCarrier stores headers in context for Connect-RPC requests
- Falls back to grpc.SetHeader for native gRPC requests
- Updated auth service to use SetResponseHeader() instead of grpc.SetHeader()
- Refactored Connect wrappers to use withHeaderCarrier() helper to eliminate
  code duplication

Additional fixes:
- Allow public methods when gRPC metadata is missing in ACL interceptor
- Properly handle ParseSessionCookieValue errors instead of ignoring them
- Fix buildSessionCookie to gracefully handle missing metadata

Files changed:
- server/router/api/v1/header_carrier.go: New protocol-agnostic header carrier
- server/router/api/v1/auth_service.go: Use SetResponseHeader, handle missing metadata
- server/router/api/v1/connect_services.go: Use withHeaderCarrier helper
- server/router/api/v1/acl.go: Allow public methods without metadata
- server/router/api/v1/connect_interceptors.go: Handle ParseSessionCookieValue errors

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2025-12-12 07:46:28 +08:00

Johnny

edd3ced9bf

refactor: migrate to connect-rpc (#5338 )

2025-12-11 19:49:07 +08:00

3 Commits