Nicolaj Hartmann
926085eeab
Backend: - Cookie + OIDC + API Key authentication schemes - ApiKeyAuthenticationHandler with SHA-256 validation and 24h cache - AuthController with login/logout/profile endpoints - API Key domain model (EventFlow aggregate, events, commands) - ApiKeyReadModel and repository for key validation - Database migration 002_ApiKeys.sql - CORS configuration for frontend Frontend: - authService.ts for login/logout/profile API calls - authStore.ts (Zustand) for user context state - ProtectedRoute component for route guards - Header updated with user display and logout - GraphQL client with credentials: include 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
24 lines
666 B
C#
24 lines
666 B
C#
using Books.Api.Domain.ApiKeys;
|
|
using EventFlow.Commands;
|
|
|
|
namespace Books.Api.Commands.ApiKeys;
|
|
|
|
public class CreateApiKeyCommand(
|
|
ApiKeyId aggregateId,
|
|
string name,
|
|
string keyHash,
|
|
string companyId,
|
|
string createdBy) : Command<ApiKeyAggregate, ApiKeyId>(aggregateId)
|
|
{
|
|
public string Name { get; } = name;
|
|
public string KeyHash { get; } = keyHash;
|
|
public string CompanyId { get; } = companyId;
|
|
public string CreatedBy { get; } = createdBy;
|
|
}
|
|
|
|
public class RevokeApiKeyCommand(
|
|
ApiKeyId aggregateId,
|
|
string revokedBy) : Command<ApiKeyAggregate, ApiKeyId>(aggregateId)
|
|
{
|
|
public string RevokedBy { get; } = revokedBy;
|
|
}
|