WIP: backend: add single-use token auth for spawned stream proxies #3

Draft

restitux wants to merge 1 commits from auth/3-stream-proxy-token into auth/2-gate-endpoints

Author	SHA1	Message	Date
restitux	b8c705554f	backend: add single-use token auth for spawned stream proxies Generate a random 256-bit token when spawning a proxy process, pass it as a CLI argument, and return it to the client in the stream start response. The proxy validates the token on WebTransport connect and consumes it after first use, preventing replay. A wrong token attempt also consumes the token for security. Includes 5 unit tests for token validation logic. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 15:36:29 +00:00

Author

SHA1

Message

Date

restitux

b8c705554f

backend: add single-use token auth for spawned stream proxies

Generate a random 256-bit token when spawning a proxy process, pass
it as a CLI argument, and return it to the client in the stream start
response. The proxy validates the token on WebTransport connect and
consumes it after first use, preventing replay. A wrong token attempt
also consumes the token for security. Includes 5 unit tests for token
validation logic.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-16 15:36:29 +00:00

WIP: backend: add single-use token auth for spawned stream proxies #3

1 Commits