UNPKG

@accounter/server

Version:
28 lines (27 loc) 1.05 kB
import type { Plugin } from '@envelop/types'; import type { BusinessScopeParseResult } from '../shared/types/auth.js'; export interface RawAuth { authType: 'jwt' | 'apiKey' | 'devBypass' | 'gatewayControlPlane' | null; token: string | null; /** * Parsed `X-Business-Scope` header, present only when the header was sent. * Auth context validates it against the user's memberships. */ requestedBusinessScope?: BusinessScopeParseResult; } /** * AuthPlugin - Extracts authentication credentials from request headers. * * This plugin is part of the Auth0 authentication system. * It ONLY handles credential extraction. Verification and context creation * are delegated to the AuthContextProvider. * * Responsibilities: * 1. Extract `X-Dev-Auth: <user-id>` (Dev Bypass, gated by ALLOW_DEV_AUTH=1) * 1. Extract `Authorization: Bearer <token>` (JWT) * 2. Extract `X-API-Key: <key>` (API Key) * 3. Add `rawAuth` object to Yoga context */ export declare const authPlugin: () => Plugin<{ rawAuth: RawAuth; }>;