admin/honeyDueAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): replace hand-rolled auth with Ory Kratos — phase 2 backend
Backend CI / Test (push) Has been cancelled
Details
Backend CI / Contract Tests (push) Has been cancelled
Details
Backend CI / Lint (push) Has been cancelled
Details
Backend CI / Secret Scanning (push) Has been cancelled
Details
Backend CI / Build (push) Has been cancelled
Details

Browse Source 
Delegates all credential management (login, register, password reset,
email verification, social sign-in) to Ory Kratos. The Go API now acts
as a resource server: the new KratosAuth middleware validates sessions
against the Kratos whoami endpoint, writes the local User mirror into
Echo context, and all existing domain handlers continue working
unchanged. Hand-rolled token auth, AuthToken model, apple_auth/
google_auth services, and the auth refresh flow are removed. Tests are
updated to use the fake-token middleware pattern so existing integration
assertions require no rewrite.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Trey t
2026-05-18 17:55:56 -05:00
parent b66151ddd9
commit 81578f6e27
36 changed files with 927 additions and 7002 deletions
Download Patch File Download Diff File Expand all files Collapse all files
migrations/000007_kratos_identity.sql
+37
View File
@@ -0,0 +1,37 @@
-- +goose Up
-- Phase 2: hand-rolled auth replaced by Ory Kratos. Kratos owns identities,
-- credentials, sessions, email verification, recovery and social sign-in.
-- honeyDue keeps a slim auth_user row linked to the Kratos identity by
-- kratos_id; all domain tables keep their existing integer auth_user FKs.
--
-- Pre-production: a clean slate is taken. auth_user is truncated (cascading
-- to all user-scoped domain data) so no auth_user row exists without a
-- Kratos identity behind it. There is no data migration.
-- honeyDue's hand-rolled auth tables are no longer used — Kratos owns this.
DROP TABLE IF EXISTS user_authtoken;
DROP TABLE IF EXISTS user_confirmationcode;
DROP TABLE IF EXISTS user_passwordresetcode;
DROP TABLE IF EXISTS user_applesocialauth;
DROP TABLE IF EXISTS user_googlesocialauth;
-- Link each auth_user row to its Kratos identity (UUID).
ALTER TABLE auth_user ADD COLUMN IF NOT EXISTS kratos_id uuid;
CREATE UNIQUE INDEX IF NOT EXISTS uq_auth_user_kratos_id
ON auth_user (kratos_id) WHERE kratos_id IS NOT NULL;
-- password is NOT NULL in the Django-era schema but is no longer used —
-- Kratos holds credentials. Make it nullable so provisioning need not
-- invent a placeholder hash.
ALTER TABLE auth_user ALTER COLUMN password DROP NOT NULL;
-- Clean slate (pre-production): drop every existing account and all
-- user-scoped domain data so nothing is left orphaned without a Kratos id.
TRUNCATE TABLE auth_user CASCADE;
-- +goose Down
-- The dropped tables' data cannot be restored. Down only removes the
-- kratos_id column and restores the password NOT NULL constraint; reverting
-- to hand-rolled auth means reverting the Phase 2 application code.
DROP INDEX IF EXISTS uq_auth_user_kratos_id;
ALTER TABLE auth_user DROP COLUMN IF EXISTS kratos_id;