feat(router)!: inherit sub-router overrides; add global auth token#111
Merged
Conversation
Update README and authentication docs to cover the new `RouterConfig.GlobalAuthToken` option for global auth token sources and the `SubRouterConfig.IsolateOverrides` flag. Clarify that auth token source precedence follows: route override, sub-router override, global config, then the default Authorization header.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #111 +/- ##
==========================================
+ Coverage 97.49% 97.57% +0.08%
==========================================
Files 18 18
Lines 1873 1935 +62
==========================================
+ Hits 1826 1888 +62
Misses 35 35
Partials 12 12 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Suhaibinator
changed the title
- Update GitHub Actions workflows to use Go 1.26.3 - Expand documentation for authRequiredMiddleware and authOptionalMiddleware to clarify default auth token config usage and relationship to WithConfig variants
Migrate test assertions from implicit global config middleware helpers to explicit *WithConfig variants. Update getEffectiveAuthTokenConfig calls to use the WithOrigin accessor and remove a redundant test case.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Nested sub-routers now inherit their parent sub-router's configuration
overrides (timeout, max body size, rate limit, and auth token source)
by default. Previously these were not inherited and each nested level
had to redeclare them. Set SubRouterConfig.IsolateOverrides to opt a
sub-router (and its descendants) out of parent inheritance; RouterConfig
globals still apply.
Also:
token source. Effective precedence is now: route override, current or
inherited sub-router override, global config, then the built-in
Authorization header default.
the built-in default token source because no route, sub-router, or
global source is configured.
via RegisterGenericRouteOnSubRouter on a nested sub-router produces the
correct concatenated path (relative-prefix lookup retained as a
fallback).
BREAKING CHANGE: Sub-router configuration overrides (timeout, max body
size, rate limit, auth token source) are now inherited by nested
sub-routers by default. Routes in nested sub-routers that previously fell
through to RouterConfig globals will now pick up the parent sub-router's
overrides. This can change effective timeouts, rate limits, body-size
limits, and—most importantly—the auth token source used for AuthRequired
routes. Audit nested sub-routers and set IsolateOverrides: true where the
previous (non-inherited) behavior is required.