go-ws

core/go-ws

Fork 0

Commit graph

Author	SHA1	Message	Date
Snider	9e48f0b60d	feat(auth): Phase 2 — token-based authentication on WebSocket upgrade Add Authenticator interface with AuthenticatorFunc adapter and built-in APIKeyAuthenticator for Bearer token validation. Hub.Handler() now gates connections when an Authenticator is configured on HubConfig, responding HTTP 401 for failed auth. Client.UserID and Client.Claims are populated on successful upgrade. OnAuthFailure callback enables logging/metrics. Nil authenticator preserves full backward compatibility — all existing tests pass unchanged. 18 new tests (unit + integration) cover valid/ invalid/missing/malformed headers, func adapter, multi-client auth, message delivery post-auth, and the OnAuthFailure callback. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 08:12:45 +00:00

Author

SHA1

Message

Date

Snider

9e48f0b60d

feat(auth): Phase 2 — token-based authentication on WebSocket upgrade

Add Authenticator interface with AuthenticatorFunc adapter and built-in
APIKeyAuthenticator for Bearer token validation. Hub.Handler() now gates
connections when an Authenticator is configured on HubConfig, responding
HTTP 401 for failed auth. Client.UserID and Client.Claims are populated
on successful upgrade. OnAuthFailure callback enables logging/metrics.

Nil authenticator preserves full backward compatibility — all existing
tests pass unchanged. 18 new tests (unit + integration) cover valid/
invalid/missing/malformed headers, func adapter, multi-client auth,
message delivery post-auth, and the OnAuthFailure callback.

Co-Authored-By: Virgil <virgil@lethean.io>

2026-02-20 08:12:45 +00:00

1 commit