Skip to content

Auth refactor 6/10 — Pilot migration (one low-risk service) #49

Description

@pranavp10

This ticket was generated by AI (to-tickets) from #43.

Parent

#43

What to build

Prove the plugin API and establish the repeatable migration recipe on a single low-risk, low-traffic service (e.g. logs or template). Mount the shared plugin factory, delete the service's bespoke auth middleware, switch its route handlers to the canonical AuthContext, and smoke-test. The diff here becomes the template every later migration ticket follows.

Acceptance criteria

  • One low-risk service mounts @reloop/auth/middleware with injected config
  • Its old cookie-auth / api-key-auth / auth middleware file(s) are deleted
  • Route handlers consume the canonical AuthContext
  • Fail-closed org default applied; any legitimately org-optional route explicitly uses authNoOrg
  • Smoke test passes: login, logout, one protected endpoint, one API-key call
  • Tripwire (Auth refactor 1/10 — Test harness + characterization tripwire #44) still passes; service builds green

Blocked by

Metadata

Metadata

Assignees

Labels

ready-for-agentFully specified, ready for an AFK agent

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions