dkam/clinch
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

Add API keys / bearer tokens for forward auth
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / scan_container (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details

Browse Source 
Enables server-to-server authentication for forward auth applications
(e.g., video players accessing WebDAV) where browser cookies aren't
available. API keys use clk_ prefixed tokens stored as HMAC hashes.

Bearer token auth is checked before cookie auth in /api/verify.
Invalid tokens return 401 JSON (no redirect). Requests without
bearer tokens fall through to existing cookie flow unchanged.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Dan Milne
2026-03-05 21:45:40 +11:00
parent 444ae6291c
commit fd8785a43d
15 changed files with 651 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
app/javascript/controllers/clipboard_controller.js Normal file
View File

@@ -0,0 +1,15 @@
import { Controller } from "@hotwired/stimulus"
export default class extends Controller {
static targets = ["source", "label"]
async copy() {
try {
await navigator.clipboard.writeText(this.sourceTarget.value)
this.labelTarget.textContent = "Copied!"
setTimeout(() => { this.labelTarget.textContent = "Copy" }, 2000)
} catch {
this.sourceTarget.select()
}
}
}