Expand description
Mandatory authentication middleware
All endpoints except /health require a valid Bearer token.
Auth cannot be disabled. If no CODETETHER_AUTH_TOKEN is set the
server generates a secure random token at startup and prints it to stderr
so the operator can copy it — but the gates never open without a token.
Structs§
- Auth
State - Shared auth state.
Functions§
- require_
auth - Axum middleware layer that enforces Bearer token auth on every request except public paths.