joakim/gems
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(backend): add OAuth2/JWT authentication support

Browse Source 
- Add OAuth2 client for Authentik integration
- Implement JWT token generation and validation
- Add refresh token support with database storage
- Update database schema with oauth_subject, oauth_provider, and refresh_tokens table
- Create auth package with config, jwt, oauth, and token management
- Add OAuth endpoints: /auth/login, /auth/callback, /auth/refresh, /auth/logout
- Update AuthMiddleware to support both JWT and API key authentication
- Add user helper functions for OAuth user creation and retrieval
- Add .env.example with OAuth configuration template

API keys still work for CLI compatibility while JWT tokens support web/mobile clients.
This commit is contained in:
Joakim
2026-01-06 15:42:03 +01:00
parent e506d76e6a
commit 4eb18388db
27 changed files with 965 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
opal-task/internal/api/server.go
+6
View File
@@ -39,6 +39,12 @@ func (s *Server) setupRoutes() {
JSON(w, http.StatusOK, map[string]string{"status": "ok"})
})
// OAuth endpoints (no auth required)
r.Get("/auth/login", handlers.GetLoginURL)
r.Post("/auth/callback", handlers.OAuthCallback)
r.Post("/auth/refresh", handlers.RefreshToken)
r.Post("/auth/logout", handlers.Logout)
// Protected routes
r.Group(func(r chi.Router) {
r.Use(AuthMiddleware())