Skip to main content

ENV_ALLOW_DEV_MODE

Constant ENV_ALLOW_DEV_MODE 

Source
pub const ENV_ALLOW_DEV_MODE: &str = "TENSOR_WASM_API_ALLOW_DEV_MODE";
Expand description

Environment variable that explicitly opts the gateway into dev mode (auth disabled, every request passes through with AuthContext::dev).

Accepted truthy values are "1" and "true" (case-insensitive, trimmed). Any other value — including unset — leaves dev mode disabled.

Closes the M4 finding: an empty / unset ENV_API_TOKENS used to make bearer_auth fail open (wildcard pass-through), so a deployment that merely forgot to populate the allowlist silently accepted every request. We now fail closed: when no tokens are configured AND this opt-in is not set, bearer_auth rejects every request with 401 Unauthorized. The startup warn! in AuthConfig::from_env is preserved so an operator who genuinely wants dev mode still sees the loud signal — they just have to acknowledge it by setting this variable.

Only AuthConfig::from_env consults this variable. Configs built programmatically via AuthConfig::from_tokens / AuthConfig::from_scopes / AuthConfig::default are treated as an explicit in-process opt-in (they cannot be poisoned by hostile ambient environment), so they preserve the historical pass-through behaviour for tests and embedders.