senke/veza - Talas Project: Beyond coding. We Forge.

senke/veza

Fork 0

Commit graph

Author	SHA1	Message	Date
senke	76d95ecfb4	incus deployement fully implemented, Makefile updated and make fmt ran	2026-01-13 19:47:57 +01:00
senke	3cfefaa24c	[BE-SEC-012] be-sec: Implement API key authentication for webhooks - Added APIKey field to Webhook model with unique index - Implemented GenerateAPIKey() method using crypto/rand for secure key generation - Implemented ValidateAPIKey() method to authenticate webhook requests - Implemented RegenerateAPIKey() method to rotate API keys - Created WebhookAPIKeyMiddleware for validating API keys in requests - Middleware supports X-API-Key header and Authorization: Bearer format - Added endpoint POST /api/v1/webhooks/:id/regenerate-key - API keys are prefixed with 'whk_' for identification - Comprehensive unit tests for all API key functionality - Inactive webhooks cannot authenticate with their API keys Phase: PHASE-4 Priority: P2 Progress: 119/267 (44.57%)	2025-12-24 18:03:52 +01:00

Author

SHA1

Message

Date

senke

76d95ecfb4

incus deployement fully implemented, Makefile updated and make fmt ran

2026-01-13 19:47:57 +01:00

senke

3cfefaa24c

[BE-SEC-012] be-sec: Implement API key authentication for webhooks

- Added APIKey field to Webhook model with unique index
- Implemented GenerateAPIKey() method using crypto/rand for secure key generation
- Implemented ValidateAPIKey() method to authenticate webhook requests
- Implemented RegenerateAPIKey() method to rotate API keys
- Created WebhookAPIKeyMiddleware for validating API keys in requests
- Middleware supports X-API-Key header and Authorization: Bearer format
- Added endpoint POST /api/v1/webhooks/:id/regenerate-key
- API keys are prefixed with 'whk_' for identification
- Comprehensive unit tests for all API key functionality
- Inactive webhooks cannot authenticate with their API keys

Phase: PHASE-4
Priority: P2
Progress: 119/267 (44.57%)

2025-12-24 18:03:52 +01:00

2 commits