Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BearerAuth ¶
func BearerAuth(cfg *AuthConfig) gin.HandlerFunc
BearerAuth returns a Gin middleware that enforces Bearer token authentication.
Security features (aligned with OpenClaw auth.ts):
- Uses crypto/subtle.ConstantTimeCompare to prevent timing attacks
- Skips auth for local loopback requests when allowLocal is true
- Whitelists /healthz and /version paths
Types ¶
type AuthConfig ¶
type AuthConfig struct {
// Enabled controls whether authentication is enforced.
Enabled bool `json:"enabled"`
// Token is the expected Bearer token value.
// Can also be set via ECHORYN_GATEWAY_TOKEN environment variable.
Token string `json:"token"`
}
AuthConfig holds configuration for Bearer token authentication. Modeled after OpenClaw's gateway/auth.ts — supports token + local bypass.
func (*AuthConfig) ResolveToken ¶
func (c *AuthConfig) ResolveToken() string
ResolveToken returns the effective token, checking env vars as fallback.
Click to show internal directories.
Click to hide internal directories.