forked from molecule-ai/molecule-core
c84171df72
Without middleware, any caller on a non-production instance could mint a bearer token for any workspace UUID with no authentication. AdminAuth is defence-in-depth: on a fresh install (no tokens yet) it is fail-open so the bootstrap path still works; once the first workspace enrolls a token all callers must present a valid bearer. Adds two router-level tests confirming the gate: - TestTestTokenRoute_RequiresAdminAuth_WhenTokensExist → 401 with no header - TestTestTokenRoute_FailOpenOnFreshInstall → 200 (bootstrap path intact) Env-var gating inside GetTestToken is retained as a second layer. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| bundle | ||
| channels | ||
| crypto | ||
| db | ||
| envx | ||
| events | ||
| handlers | ||
| metrics | ||
| middleware | ||
| models | ||
| plugins | ||
| provisioner | ||
| registry | ||
| router | ||
| scheduler | ||
| supervised | ||
| ws | ||
| wsauth | ||