auth

package
v1.41.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2026 License: MIT Imports: 3 Imported by: 0

Documentation

Overview

Package auth wires gateway-supplied identity headers (X-Org-Id, X-User-Id, X-User-Email) into request context. commerced does not validate JWTs itself — hanzoai/gateway already did that. The middleware is the trust boundary: in production, only the gateway can reach commerced, and COMMERCED_REQUIRE_IDENTITY=true rejects any request without identity headers.

Index

Constants

View Source 
const (
	HeaderOrgID     = "X-Org-Id"
	HeaderUserID    = "X-User-Id"
	HeaderUserEmail = "X-User-Email"
)

Header names — vendor-free X-* convention (see /Users/z/work/hanzo/CLAUDE.md).

Variables

This section is empty.

Functions

func Gin 

func Gin(require bool) gin.HandlerFunc

Gin returns a Gin middleware that mirrors RequireIdentity. Used by pkg/commerce/server.go to gate the /v1/commerce and /_/commerce groups.

func OrgID 

func OrgID(ctx context.Context) string

OrgID returns the org id attached by RequireIdentity, or "".

func RequireIdentity 

func RequireIdentity(require bool) func(http.Handler) http.Handler

RequireIdentity reads identity headers and attaches them to ctx. When require=true and no headers are present, responds 401. When require=false, missing headers yield empty ctx values — the embedded/dev path.

func UserEmail 

func UserEmail(ctx context.Context) string

UserEmail returns the user email attached by RequireIdentity, or "".

func UserID 

func UserID(ctx context.Context) string

UserID returns the user id attached by RequireIdentity, or "".

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.