auth/middleware.ts

Auth middleware stack factory.
Creates the standard middleware layers (origin, session, request_context,
bearer_auth, optional daemon_token) from configuration.

Declarations
#

2 declarations

view source

AuthMiddlewareOptions
#

auth/middleware.ts view source

AuthMiddlewareOptions

Per-factory configuration for the standard auth middleware stack.

`allowed_origins`

type Array<RegExp>

`session_options`

type SessionOptions<string>

`path`

Path pattern for middleware (default: '/api/*').

type string

`daemon_token_state`

Daemon token state for keeper auth. Omit to disable daemon token middleware.

type DaemonTokenState

`bearer_ip_rate_limiter`

Rate limiter for bearer token auth attempts (per-IP). Pass null to disable.

type RateLimiter | null

create_auth_middleware_specs
#

auth/middleware.ts view source

(deps: AppDeps, options: AuthMiddlewareOptions): Promise<MiddlewareSpec[]>

Create the auth middleware stack.
Returns [origin, session, request_context, bearer_auth] middleware specs
for the given path pattern. When daemon_token_state is provided, appends
a 5th daemon_token layer. Apps can append extra entries for non-standard
paths (e.g., tx's /tx binary endpoint).

`deps`

stateless capabilities (keyring, db)

type AppDeps

`options`

middleware configuration (allowed_origins, session_options, path, daemon_token_state)

type AuthMiddlewareOptions

returns

Promise<MiddlewareSpec[]>

the middleware spec array

Depends on
#

Imported by
#

server/app_server.ts