mc/metacrypt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Migrate db, auth to mcdsl; remove mcias client dependency

Browse Source 
- db.Open: delegate to mcdsl/db.Open
- db.Migrate: convert to mcdsl/db.Migration format, delegate
- auth: type aliases for TokenInfo/Authenticator/Config from mcdsl,
  re-export error sentinels, Logout helper
- cmd/server: construct auth.Authenticator from Config (not mcias.Client)
- server/routes.go logout: use auth.Logout(authenticator, token)
- grpcserver/auth.go: same logout pattern, fix Login return type
  (time.Time not string)
- webserver: replace mcias.Client with mcdsl/auth for service token
  validation; resolveUser degrades to raw UUID (TODO: restore when
  mcias client library is properly tagged)
- Dockerfiles: bump to golang:1.25-alpine, remove gcc/musl-dev,
  add VERSION build arg
- Deploy: add docker-compose-rift.yml with localhost-only port mapping
- Remove git.wntrmute.dev/kyle/mcias/clients/go dependency entirely
- All tests pass, net -185 lines

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-03-25 18:42:43 -07:00
parent 5c5d7e184e
commit dd698ff6d8
15 changed files with 157 additions and 342 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/grpcserver/grpcserver_test.go
View File

@@ -74,7 +74,7 @@ func newTestGRPCServer(t *testing.T) (*GRPCServer, func()) {
sealMgr := seal.NewManager(database, b, nil, slog.Default())
policyEngine := policy.NewEngine(b)
reg := newTestRegistry()
authenticator := auth.NewAuthenticator(nil, slog.Default())
authenticator, _ := auth.NewAuthenticator(auth.Config{ServerURL: "http://localhost:0"}, slog.Default())
cfg := &config.Config{
Seal: config.SealConfig{
Argon2Time: 1,
@@ -159,7 +159,7 @@ func TestSealInterceptor_SkipsUnlistedMethod(t *testing.T) {
}
func TestAuthInterceptor_MissingToken(t *testing.T) {
authenticator := auth.NewAuthenticator(nil, slog.Default())
authenticator, _ := auth.NewAuthenticator(auth.Config{ServerURL: "http://localhost:0"}, slog.Default())
methods := map[string]bool{"/test.Service/Method": true}
interceptor := authInterceptor(authenticator, slog.Default(), methods)
@@ -173,7 +173,7 @@ func TestAuthInterceptor_MissingToken(t *testing.T) {
}
func TestAuthInterceptor_SkipsUnlistedMethod(t *testing.T) {
authenticator := auth.NewAuthenticator(nil, slog.Default())
authenticator, _ := auth.NewAuthenticator(auth.Config{ServerURL: "http://localhost:0"}, slog.Default())
methods := map[string]bool{"/test.Service/Other": true}
interceptor := authInterceptor(authenticator, slog.Default(), methods)