codecrucible-synth/dist/core/middleware/auth-middleware.d.ts

Production-Ready AI Development Platform with Multi-Voice Synthesis, Smithery MCP Integration, Enterprise Security, and Zero-Timeout Reliability

/**
 * Authentication Middleware for CLI Security
 * Integrates enterprise authentication with CLI request processing
 */
import { RBACSystem } from '../security/production-rbac-system.js';
import { SecretsManager } from '../security/secrets-manager.js';
export interface AuthenticatedRequest {
    userId?: string;
    username?: string;
    permissions?: string[];
    sessionId?: string;
    authenticated: boolean;
    authMethod?: 'token' | 'apikey' | 'interactive' | 'none';
}
export interface AuthMiddlewareConfig {
    enabled: boolean;
    requireAuth: boolean;
    allowedUnauthenticatedCommands: string[];
    tokenHeader?: string;
    apiKeyHeader?: string;
    sessionTimeout: number;
}
export declare class AuthMiddleware {
    private rbacSystem;
    private secretsManager;
    private authManager;
    private config;
    private isInitialized;
    constructor(rbacSystem: RBACSystem, secretsManager: SecretsManager, config?: Partial<AuthMiddlewareConfig>);
    /**
     * Initialize authentication middleware
     */
    initialize(): Promise<void>;
    /**
     * Authenticate CLI request
     */
    authenticateRequest(command: string, headers?: Record<string, string>, ipAddress?: string, interactive?: boolean): Promise<AuthenticatedRequest>;
    /**
     * Authenticate with JWT token
     */
    private authenticateWithToken;
    /**
     * Authenticate with API key
     */
    private authenticateWithAPIKey;
    /**
     * Interactive authentication for CLI
     */
    private authenticateInteractive;
    /**
     * Check if command is allowed without authentication
     */
    private isUnauthenticatedCommandAllowed;
    /**
     * Store session token for subsequent requests
     */
    private storeSessionToken;
    /**
     * Load stored session token
     */
    loadStoredToken(): Promise<string | null>;
    /**
     * Validate permission for specific operation
     */
    validatePermission(auth: AuthenticatedRequest, operation: string, resource?: string): Promise<boolean>;
    /**
     * Logout current session
     */
    logout(sessionId?: string): Promise<void>;
    /**
     * Ensure default admin user exists
     */
    private ensureDefaultAdminUser;
    /**
     * Get authentication statistics
     */
    getAuthStats(): Promise<{
        activeSessions: number;
        activeAPIKeys: number;
        rateLimitedIPs: number;
        totalUsers: number;
    }>;
    /**
     * Check if authentication is enabled
     */
    isAuthEnabled(): boolean;
    /**
     * Check if authentication is required
     */
    isAuthRequired(): boolean;
}
//# sourceMappingURL=auth-middleware.d.ts.map