- Bumped version from 0.52.15 to 0.52.16 in the Makefile.
- Added connection pool configuration with timeouts and limits in the RQLite adapter and gateway, improving database connection management.
- Added Base64 encoding for the response body in the anonProxyHandler to prevent corruption of binary data when returned in JSON format.
- Updated the response structure to include the encoded body, ensuring compatibility with various data types.
- Added support for installing and configuring the Anyone Relay (Anon) for anonymous networking in the setup process.
- Updated the Makefile to include the Anon client in the development stack, allowing it to run alongside other services.
- Implemented a new HTTP proxy handler for the Anon service, enabling proxied requests through the Anyone network.
- Enhanced the installation script to manage Anon installation, configuration, and firewall settings.
- Introduced tests for the Anon proxy handler to ensure proper request validation and error handling.
- Updated documentation to reflect the new Anon service and its usage in the development environment.
- Implemented logic to ensure an API key is created or retrieved for each wallet during the verification process.
- Added best-effort recording of ownership for both API keys and wallets in the namespace ownership database.
- Improved error handling and logging for better traceability of ownership checks and API key operations.
- Cleaned up unnecessary comments and whitespace in the auth_handlers.go file for better code readability.
- Added support for verifying signatures from both Ethereum (ETH) and Solana (SOL) blockchains in the verifyHandler.
- Introduced a new ChainType field in the request to specify the blockchain type, defaulting to ETH for backward compatibility.
- Implemented Ed25519 signature verification for Solana, including base64 decoding of signatures and base58 decoding of public keys.
- Enhanced error handling for unsupported chain types and invalid signature formats, improving robustness of the verification process.
- Updated the pubsubPublishHandler to publish messages to libp2p asynchronously, preventing HTTP response blocking.
- Introduced context with timeout for libp2p publishing to enhance reliability and logging for success and failure cases.
- Maintained immediate response for local delivery to WebSocket subscribers, improving overall message handling efficiency.
- Added local subscriber management to the Gateway for direct message delivery to WebSocket clients.
- Introduced synchronization mechanisms to handle concurrent access to local subscribers.
- Enhanced pubsub handlers to register and unregister local subscribers, improving message delivery efficiency.
- Updated message publishing logic to prioritize local delivery before forwarding to libp2p, ensuring faster response times for local clients.
- Implemented namespace isolation in pubsub handlers to ensure message segregation.
- Refactored subscription management to support multiple handlers per topic, allowing independent lifecycles for each handler.
- Introduced a unique HandlerID for each subscription, enabling better management of handler registrations and unsubscriptions.
- Updated message handling to broadcast to all registered handlers, improving message delivery efficiency.
- Added steps to generate node2.yaml, node3.yaml, and gateway.yaml configurations during the full stack initialization process.
- Implemented checks to prevent overwriting existing configuration files unless the --force flag is used.
- Improved output messages to provide clear feedback on generated configurations and bootstrap information.
- Removed the `Domain` field from the gateway configuration to simplify setup.
- Eliminated related logic for domain validation and ACME certificate management.
- Updated installation script to remove references to ACME certificate storage and HTTP/HTTPS port configurations.
- Bumped version in Makefile to 0.52.0-beta to reflect changes.
- Introduced a new `Domain` field in the gateway configuration to support HTTPS and ACME certificate provisioning.
- Implemented domain validation to ensure proper format.
- Enhanced the main gateway logic to handle ACME challenges and manage TLS certificates using CertMagic.
- Updated installation script to create necessary directories for ACME certificate storage and configure firewall rules for HTTP/HTTPS ports.
- Removed old pkg/gatway storage and migrated to new rqlite
- Updated readme
- Created new rqlite implementation
- Updated changelog
- Fixed migration error on migrations.go applySQL
Implemented CRUD operations for database tables via REST: create-table,
drop-table, query, transaction, and schema retrieval. Included
authentication and namespace ownership enforcement. Added comprehensive
end-to-end tests for new database routes. Updated documentation with
usage examples and migration workflow.
- Use internal auth context for all downstream client calls in pubsub
and storage handlers to avoid circular auth and enforce security - Add
gateway component warning logs for pubsub websocket handler on error
conditions and important branch decisions - Fix pubsub topic
subscription and publishing to use un-namespaced topics; handle
namespace filtering explicitly on listing - Accept base64-encoded
payloads in storage E2E test to handle encoded responses transparently
Enforce GATEWAY_API_KEY in Makefile E2E test target Fix gateway E2E test
payload reading to use io.ReadAll Remove deprecated multi-node test
targets and cleanup Makefile comments
- Require API key or JWT by default for client connections - Auto-derive
namespace from JWT claim or API key format `ak_<rand>:<namespace>` -
Deny calls if per-call namespace override mismatches resolved namespace
- Guard Storage, PubSub, Database, and NetworkInfo operations with
access checks - Add context helpers for consistent namespace override
handling - Update docs and add end-to-end and unit tests for
authentication logic
This commit adds wallet-based authentication to protected CLI commands
by removing the manual auth command and automatically prompting for
credentials when needed. Protected commands will check for valid
credentials and trigger the auth
Here's the commit message:
``` Fix code style and indentation
Apply consistent indentation, fix whitespace and tabs vs spaces issues,
remove trailing whitespace, and ensure proper line endings throughout
the codebase. Also add comments and improve code organization. ```
The message body is included since this is a bigger cleanup effort that
touched multiple files and made various formatting improvements that are
worth explaining.
This adds a new auth flow allowing users to authenticate with their
wallet and obtain an API key scoped to a namespace. It also moves API
key storage from config to the database for better persistence and
key-to-wallet linkage.
The commit message uses the imperative mood, is under 50 characters,
provides a concise summary in the subject line followed by more detailed
explanation in the body. This follows good Git commit message style
while capturing the key changes made.
