egutierrez
2a3d780347
Adds `fn doctor` read-only diagnostic command with subcommands artefacts, services, sync, uses-functions, unused, and --json flag for agents. Each subcommand wraps a registry function in functions/infra/. New functions: - artefact_doctor, services_status, pc_locations_drift, audit_uses_functions, find_unused_functions (Go diagnostics) - backup_sqlite_db, rotate_backups, wait_for_http, wait_for_port, port_kill, tail_journal, pre_commit_hook_install (bash utilities) - notify_telegram (Go HTTP) - backup_all pipeline (tag launcher) Plus prior session leftovers (scan_secrets_in_dirty, append_diary_entry, git utilities, http_session_cookie_middleware, compile/full-git pipelines). Fixes pc_locations_drift filepath.Join bug with absolute dir_path. Documents fn doctor in CLAUDE.md, .claude/rules/fn_doctor.md (rule 23), docs/architecture.md, CHANGELOG.md (2026-05-07), and diary entry. First fn doctor uses-functions run found drift in 7/12 apps (deuda para sincronizar app.md con imports reales). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2.2 KiB
2.2 KiB
name, kind, lang, domain, version, purity, signature, description, params, output, tags, uses_functions, uses_types, returns, returns_optional, error_type, imports, tested, tests, test_file_path, file_path
| name | kind | lang | domain | version | purity | signature | description | params | output | tags | uses_functions | uses_types | returns | returns_optional | error_type | imports | tested | tests | test_file_path | file_path | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| http_session_cookie_middleware | function | go | infra | 1.0.0 | impure | func HTTPSessionCookieMiddleware(cfg SessionCookieConfig) Middleware | Middleware HTTP que valida sesiones via cookie o header Authorization: Bearer. Inyecta el userID en el contexto si la sesion es valida. Delega sin validar los paths en SkipPaths. |
|
Middleware (func(http.Handler) http.Handler) que protege los endpoints no listados en SkipPaths. |
|
|
|
false | error_go_core |
|
true |
|
functions/infra/http_session_cookie_middleware_test.go | functions/infra/http_session_cookie_middleware.go |
Ejemplo
type ctxKey string
const userKey ctxKey = "user_id"
mw := infra.HTTPSessionCookieMiddleware(infra.SessionCookieConfig{
DB: db,
CookieName: "kanban_session",
SkipPaths: []string{"/api/auth/", "/health"},
UserCtxKey: userKey,
})
mux := http.NewServeMux()
mux.Handle("/api/", mw(apiRouter))
// En un handler:
userID, ok := infra.UserIDFromContext(r.Context(), userKey)
Notas
SessionCookieConfig.UserCtxKey debe ser una clave tipada propia del caller (no string) para evitar colisiones en el contexto. Patron canonico: type ctxKey string; const userKey ctxKey = "user_id".
El helper UserIDFromContext(ctx, key) esta en el mismo paquete y hace el type-assert de forma segura retornando ("", false) si no hay valor o el tipo no coincide.
El orden de extraccion del token es: cookie → Authorization: Bearer. Si ninguno esta presente responde 401 con {"code":"unauthorized","message":"session required"}.