senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/veza-backend-api/internal/handlers
History
senke 2026ffcb06 feat(auth): DB-backed JWT jti revocation ledger (sécu item 6) 
The platform already had two revocation surfaces : Redis-backed
TokenBlacklist (token-hash keyed, T0174) and TokenVersion bump on the
user row (revokes ALL of a user's tokens). Both work but leave gaps :
  * Redis restart wipes the blacklist — a token revoked seconds before
    a Redis crash becomes valid again until natural expiry.
  * No way to revoke "session #3 of user X" from an admin UI : the
    blacklist is keyed by token hash, the admin doesn't have it.

This commit adds a durable, jti-keyed revocation ledger that closes
both gaps. The jti claim is already emitted on every access + refresh
token (services/jwt_service.go:155, RegisteredClaims.ID = uuid).

Schema (migrations/993_jwt_revocations.sql)
  * jwt_revocations(jti PK, user_id, expires_at, revoked_at, reason,
    revoked_by). PRIMARY KEY on jti = idempotent re-revoke. Indexes
    on user_id (admin "list my revocations") and expires_at (cleanup
    cron).

Service (internal/services/jwt_revocation_service.go)
  * NewJWTRevocationService(db, redisClient, logger) — Redis is
    optional cache.
  * Revoke(ctx, jti, userID, expiresAt, reason, revokedBy)
      - Redis SET (best-effort cache, TTL = remaining lifetime)
      - DB INSERT (durable record, idempotent via PK)
  * IsRevoked(ctx, jti)
      - Redis GET fast path
      - DB fallback on cache miss / Redis blip (fail-open : DB error
        is logged + treated as not-revoked, because the existing
        token-hash blacklist still protects).
      - Backfills Redis on DB hit so the next request hits cache.
  * ListByUser(ctx, userID, limit) — for the admin/user "active
    sessions" UI.
  * PurgeExpired(ctx, safetyMargin) — daily cron handle.

Middleware (internal/middleware/auth.go)
  * JTIRevocationChecker interface + SetJTIRevocationChecker setter.
  * After ValidateToken, in addition to the token-hash blacklist
    check, IsRevoked(claims.ID) is called. Either match = reject.
  * Nil-safe via reflect.ValueOf.IsNil() pattern matching the
    existing tokenBlacklist nil guard.

Wiring
  * config/services_init.go : always instantiate the service (DB
    required, Redis passed as nil if unavailable).
  * config/middlewares_init.go : SetJTIRevocationChecker on the auth
    middleware after construction.
  * config/config.go : new Config.JWTRevocationService field.

Logout flow (handlers/auth.go)
  * In addition to TokenBlacklist.Add(token, ttl), now calls
    JWTRevocationService.Revoke(jti, ...). Best-effort : the blacklist
    already protects the immediate-rejection path ; this just adds
    durability + a stable handle for admin tools.

Tests pass : go test ./internal/{handlers,services,middleware,core/auth}
              -short -count=1.

What v1.0.10 leaves to v2.1
  * /api/v1/auth/sessions/revoke/:jti  — admin-targeted endpoint.
    Service is ready ; the admin UI to drive it follows.
  * Daily PurgeExpired cron — call from a Forgejo workflow once
    per day with safetyMargin = 1h to keep table size bounded.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 11:37:02 +02:00
..
account_deletion_handler.go fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 2026-03-14 00:44:46 +01:00
admin_transfer_handler.go feat(marketplace): async stripe connect reversal worker — v1.0.7 item B day 2 2026-04-17 15:34:29 +02:00
admin_transfer_handler_test.go feat(marketplace): async stripe connect reversal worker — v1.0.7 item B day 2 2026-04-17 15:34:29 +02:00
announcement_handler.go fix(backend): unblock handlers + elasticsearch test packages 2026-04-30 14:48:23 +02:00
announcement_handler_test.go test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
api_flow_test.go stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
api_key_handler.go feat(developer): add API keys backend (Lot C) 2026-02-20 00:18:36 +01:00
audit.go api-contracts: update backend handlers to use wrapped format 2026-01-15 17:32:02 +01:00
audit_test.go stabilisation commit A 2026-01-07 19:39:21 +01:00
auth.go feat(auth): DB-backed JWT jti revocation ledger (sécu item 6) 2026-05-02 11:37:02 +02:00
auth_fuzz_test.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
auth_handler_test.go feat(auth): RGPD/COPPA age gate at registration (16+ minimum) 2026-05-01 18:05:47 +02:00
auth_integration_test.go ci: bump Go to 1.25 and fix goimports drift in 3 files 2026-04-14 17:02:09 +02:00
avatar_handler.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
avatar_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
bitrate_handler.go api-contracts: update backend handlers to use wrapped format 2026-01-15 17:32:02 +01:00
bitrate_handler_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
chat_attachment_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
chat_handler.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
chat_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
chat_reaction_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
chat_search_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
chat_websocket_handler.go fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 2026-03-14 00:44:46 +01:00
cloud_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
co_listening_handler.go feat(v0.10.7): Collaboration Temps Réel F481-F483 2026-03-10 13:34:16 +01:00
co_listening_websocket_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
comment_handler.go fix(v0.12.6.1): remediate remaining 15 MEDIUM + LOW pentest findings 2026-03-12 06:13:38 +01:00
comment_handler_test.go chore: consolidate CI, E2E, backend and frontend updates 2026-02-17 16:43:21 +01:00
common.go refactor(backend): J3 — remove 3 deprecated unused handlers 2026-04-14 18:11:07 +02:00
config_reload.go v0.9.4 2026-03-05 23:03:43 +01:00
config_reload_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
csrf.go state-ownership: delete unused optimisticStoreUpdates.ts file 2026-01-15 19:26:53 +01:00
csrf_test.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
dashboard.go release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24 2026-02-27 09:43:25 +01:00
dashboard_test.go chore(release): v0.922 — Greenlight (handler tests: dashboard, presence) 2026-03-02 12:30:51 +01:00
distribution_handler.go feat(subscription): recovery endpoint + distribution gate (v1.0.9 item G — Phase 3) 2026-04-27 11:33:40 +02:00
distribution_handler_test.go feat(v0.12.2): F501-F510 distribution service, handler, and routes 2026-03-10 19:54:26 +01:00
dmca_handler.go feat(legal): DMCA notice handler + admin queue + 451 playback gate (W3 Day 14) 2026-04-28 15:39:33 +02:00
education_handler.go feat(backend,web): single source of truth for upload-size limits 2026-04-16 19:37:37 +02:00
education_handler_test.go feat(v0.12.3): F276-F305 video upload, HLS transcoding, education tests 2026-03-11 19:20:48 +01:00
embed_handler.go feat(embed): /embed/track/:id widget + /oembed envelope + per-track OG tags (W3 Day 15) 2026-04-28 15:49:54 +02:00
embed_handler_test.go feat(embed): /embed/track/:id widget + /oembed envelope + per-track OG tags (W3 Day 15) 2026-04-28 15:49:54 +02:00
error_contract_test.go fix: stabilize builds, tests, and lint across all stacks 2026-04-05 16:48:07 +02:00
error_response.go v0.9.8 2026-03-06 19:13:16 +01:00
feature_flag_handler.go fix(backend): unblock handlers + elasticsearch test packages 2026-04-30 14:48:23 +02:00
feature_flag_handler_test.go test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
frontend_log_handler.go api-contracts: update backend handlers to use wrapped format 2026-01-15 17:32:02 +01:00
frontend_log_handler_test.go stabilisation commit A 2026-01-07 19:39:21 +01:00
gdpr_export_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
gear_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
health.go feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 2026-02-23 23:42:02 +01:00
health_deep_test.go feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 2026-02-23 23:42:02 +01:00
health_p1_test.go refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
health_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
hls_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
hls_handler_test.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
kyc_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
live_health_handler.go feat(backend,web): surface RTMP ingest health on the Go Live page 2026-04-16 23:52:36 +02:00
live_health_handler_test.go feat(backend,web): surface RTMP ingest health on the Go Live page 2026-04-16 23:52:36 +02:00
live_stream_callback.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
live_stream_handler.go feat(v0.10.6): Livestreaming basique F471-F476 2026-03-10 10:21:57 +01:00
login_history_handler.go feat(v0.13.3): complete - Polish Sécurité Avancée 2026-03-13 10:09:01 +01:00
marketplace.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
marketplace_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
marketplace_test.go fix: stabilize builds, tests, and lint across all stacks 2026-04-05 16:48:07 +02:00
metrics.go adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
metrics_aggregated.go stabilisation commit A 2026-01-07 19:39:21 +01:00
metrics_aggregated_test.go stabilisation commit A 2026-01-07 19:39:21 +01:00
metrics_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
metrics_test.go.disabled fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
notification_handlers.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
notification_handlers_test.go feat(v0.10.5): Notifications complètes — F551-F555 2026-03-10 10:02:21 +01:00
oauth_handlers.go v0.9.4 2026-03-05 23:03:43 +01:00
oauth_handlers_test.go release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET 2026-02-26 19:49:15 +01:00
password_reset_handler.go feat(openapi): annotate queue + password-reset handlers + regen 2026-04-26 00:55:26 +02:00
password_reset_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
payout_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
payout_handler_test.go feat(v0.12.0): F252-F254 marketplace service enhancements 2026-03-10 18:52:06 +01:00
playback_analytics_handler.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
playback_analytics_handler_test.go chore(v0.102): consolidate remaining changes — docs, frontend, backend 2026-02-20 13:02:12 +01:00
playback_websocket_handler.go refactor(backend): J3 — remove 3 deprecated unused handlers 2026-04-14 18:11:07 +02:00
playback_websocket_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
playlist_collaboration_integration_test.go [BE-TEST-010] test: Add integration tests for playlist collaboration 2025-12-25 01:39:43 +01:00
playlist_error_helper.go adding initial backend API (Go) 2025-12-03 20:29:37 +01:00
playlist_error_helper_test.go STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
playlist_export_handler.go stabilisation commit: while implementing v0.10.5 2026-03-09 19:36:33 +01:00
playlist_export_handler_test.go [T0-006] test(backend): Ajout tests pour frontend_log_handler 2026-01-04 01:44:22 +01:00
playlist_handler.go refactor(backend): extract upload + collaborators into sibling files 2026-05-01 04:10:43 +02:00
playlist_handler_collaborators.go refactor(backend): extract upload + collaborators into sibling files 2026-05-01 04:10:43 +02:00
playlist_handler_integration_test.go stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
playlist_handler_test.go feat(v0.10.4): Playlists collaboratives - F136, F140, F141, F143, F145 2026-03-09 16:49:05 +01:00
playlist_track_handler_integration_test.go stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
presence_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
presence_handler_test.go chore(release): v0.922 — Greenlight (handler tests: dashboard, presence) 2026-03-02 12:30:51 +01:00
privacy_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
profile_handler.go feat(openapi): annotate profile_handler users endpoints (v1.0.8 B-annot) 2026-04-24 01:09:05 +02:00
profile_handler_integration_test.go [BE-API-002] api: Implement playlist collaborators endpoints 2025-12-23 01:41:43 +01:00
profile_handler_test.go [BE-TEST-007] test: Add unit tests for webhook handlers 2025-12-25 01:32:54 +01:00
profile_handler_test.go.disabled fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
queue_handler.go feat(openapi): annotate queue + password-reset handlers + regen 2026-04-26 00:55:26 +02:00
queue_session_handler.go feat(openapi): annotate queue + password-reset handlers + regen 2026-04-26 00:55:26 +02:00
report_handler.go fix(v0.12.6.1): remediate remaining 15 MEDIUM + LOW pentest findings 2026-03-12 06:13:38 +01:00
report_handler_test.go test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
response.go STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
role_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
role_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
room_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
room_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
royalty_splits_handler.go feat(marketplace): multi-creator royalty splits with audit ledger 2026-05-01 20:53:22 +02:00
search_handlers.go feat(search): faceted filters (genre/key/BPM/year) + FacetSidebar UI (W4 Day 18) 2026-04-29 10:33:35 +02:00
search_handlers_test.go feat(search): faceted filters (genre/key/BPM/year) + FacetSidebar UI (W4 Day 18) 2026-04-29 10:33:35 +02:00
sell_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
session.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
session_test.go feat(auth): enrich sessions page with history and revoke (A4) 2026-02-20 14:52:20 +01:00
settings_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
settings_handler_test.go incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
social.go chore(api): orval-migrate search/social wrappers + drop dead auth duplicates (v1.0.9 item 1.6) 2026-04-26 23:25:07 +02:00
social_group_handler.go style(backend): gofmt -w on 85 files (whitespace only) 2026-04-14 12:22:14 +02:00
social_test.go chore(release): v0.931 — Cursor (cursor-based pagination, performance baseline) 2026-03-02 12:35:49 +01:00
status_handler.go STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
status_handler_test.go fix: resolve stream server compilation errors and integrate chat stability fixes 2026-01-04 01:44:22 +01:00
stream_events_handler.go v0.9.8 2026-03-06 19:13:16 +01:00
subscription_handler.go feat(subscription): recovery endpoint + distribution gate (v1.0.9 item G — Phase 3) 2026-04-27 11:33:40 +02:00
subscription_handler_test.go feat(v0.12.1): subscription plans service, handler, and routes 2026-03-10 19:36:57 +01:00
support_handler.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
support_handler_test.go feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 2026-03-13 14:57:19 +01:00
system_metrics.go state-ownership: delete unused optimisticStoreUpdates.ts file 2026-01-15 19:26:53 +01:00
system_metrics_test.go state-ownership: delete unused optimisticStoreUpdates.ts file 2026-01-15 19:26:53 +01:00
system_metrics_test.go.disabled fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
tag_handler.go v0.9.8 beta 2026-03-07 00:54:35 +01:00
tag_handler_test.go feat(v0.802): frontend Cloud/Gear, MSW, docs, scope v0.803, archive 2026-02-25 14:00:58 +01:00
terms_handler.go feat(legal): versioned terms acceptance ledger (CGU/CGV/mentions) 2026-05-01 20:47:07 +02:00
track_stem_handler.go feat(v0.10.7): Collaboration Temps Réel F481-F483 2026-03-10 13:34:16 +01:00
two_factor_handler.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
two_factor_handler_test.go fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 2026-03-12 05:40:53 +01:00
upgrade_creator_handler.go feat(backend,web): self-service creator role upgrade via /settings 2026-04-16 18:35:07 +02:00
upgrade_creator_handler_test.go feat(backend,web): self-service creator role upgrade via /settings 2026-04-16 18:35:07 +02:00
upload.go fix(backend): commit swagger annotation pass + missing handler methods 2026-05-01 10:16:57 +02:00
upload_test.go fix(security): add ownership check to GetUploadStatus handler (IDOR fix) 2026-02-22 17:30:30 +01:00
validate.go security: create useFormValidation hook for pre-validation 2026-01-15 20:06:30 +01:00
validation_test.go refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
webauthn_handler.go feat(v0.13.3): complete - Polish Sécurité Avancée 2026-03-13 10:09:01 +01:00
webhook_handlers.go chore(docs): add v0.101 diagnostic baseline 2026-02-19 16:08:05 +01:00
webhook_handlers_test.go [BE-TEST-007] test: Add unit tests for webhook handlers 2025-12-25 01:32:54 +01:00
webrtc_config_handler.go feat(webrtc): coturn ICE config endpoint + frontend wiring + ops template (v1.0.9 item 1.2) 2026-04-26 23:38:42 +02:00
webrtc_config_handler_test.go feat(webrtc): coturn ICE config endpoint + frontend wiring + ops template (v1.0.9 item 1.2) 2026-04-26 23:38:42 +02:00