Skip to content

refactor: api router declaration & tenant auth scope #668

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alexluong wants to merge 5 commits into
base: main
Choose a base branch
from
Open

refactor: api router declaration & tenant auth scope #668

alexluong wants to merge 5 commits into from

Conversation

@alexluong
Copy link
Collaborator

@alexluong alexluong commented Jan 30, 2026

implements #643

@vercel
Copy link

vercel bot commented Jan 30, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
outpost-docs Ready Ready Preview, Comment Jan 30, 2026 6:22pm
outpost-website Ready Ready Preview, Comment Jan 30, 2026 6:22pm

Request Review

@alexluong alexluong changed the base branch from main to refactor-models January 30, 2026 08:48
Base automatically changed from refactor-models to main January 30, 2026 18:16
alexluong and others added 5 commits January 31, 2026 01:21
@alexluong @claude
fix: return 401 for malformed bearer token + add expired JWT tests
f76ce74 
ErrInvalidBearerToken now returns 401 instead of 400 — a malformed
bearer token is an authentication failure, not a bad request.

Add expired JWT tests for Extract, TenantJWTAuthMiddleware, and
APIKeyOrTenantJWTAuthMiddleware.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@alexluong @claude
refactor: introduce AuthMode + TenantScoped, flatten route list
0a1c84f 
Replace AuthScope/RouteMode with simpler AuthMode enum and TenantScoped
bool. Flatten 5 route slices into 2 (nonTenantRoutes + tenantRoutes)
with portal routes conditionally appended. Auto-apply
RequireTenantMiddleware via TenantScoped instead of manual Middlewares
arrays. Define narrow TenantRetriever interface to decouple middleware
from full TenantStore. Change mustTenantFromContext to panic on missing
tenant (programming bug, not user error).

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@alexluong @claude
chore: update handlers to use mustTenantFromContext
39c8e63 
Co-Authored-By: Claude Opus 4.5 <[email protected]>
@alexluong @claude
chore: remove dead code — ErrTenantIDNotFound, SetTenantIDMiddleware,…
b7f70f5 
… mustTenantIDFromContext

- Remove 3 dead symbols from auth_middleware.go
- Remove TestSetTenantIDMiddleware from auth_middleware_test.go
- RequireTenantMiddleware reads c.Param("tenantID") instead of c.Get
- Remove SetTenantIDMiddleware() from router global middleware
- Upsert handler uses c.Param("tenantID") directly

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@alexluong
chore: gofmt
8cf2d42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexbouchardd alexbouchardd alexbouchardd approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@alexluong @alexbouchardd