Merged
Conversation
added 2 commits
October 23, 2025 10:55
Add BasicAuth implementation, context utilities, and tests. Update server to require Basic Auth for all endpoints. Update example requests to include Authorization header. Add PROJECT_ID and SECRET_KEY to config.
Contributor
There was a problem hiding this comment.
Pull Request Overview
This pull request introduces HTTP Basic Authentication to the API server to secure all endpoints with credential validation. The authentication system is configurable through environment variables and includes comprehensive testing.
Key Changes:
- Added Basic Authentication middleware with username/password validation using constant-time comparison
- Implemented context utilities for storing and retrieving authenticated user information
- Updated all API endpoint examples to include required Authorization headers
Reviewed Changes
Copilot reviewed 11 out of 12 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/auth/basic.go | Core Basic Auth implementation with credential validation, parsing, and middleware |
| pkg/auth/basic_test.go | Comprehensive test suite covering authentication scenarios and edge cases |
| pkg/auth/ctx.go | Context utilities for managing authenticated user data |
| pkg/auth/ctx_test.go | Tests for context management functions |
| cmd/setup/httpserver.go | Integration of auth middleware into HTTP server setup |
| internal/cfg/env.go | Added PROJECT_ID and SECRET_KEY configuration fields |
| internal/interstore/postgres_store.go | Added GetServiceName method for event service lookup |
| deployment/app-pgsql/docker-compose.yaml | Environment variables for authentication credentials |
| example/example.md | Updated example requests with Authorization headers |
| example/publisher_data.json | Changed schedule timing from 2m to 100ms |
| go.mod | Added JWT library dependency |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces HTTP Basic Authentication to the API server, requiring clients to provide credentials for all endpoints. The authentication credentials are now configurable via environment variables, and example requests have been updated to include the required
Authorizationheader. Additionally, utility functions and tests were added for managing authenticated user context, and a small scheduling change was made in publisher event data.