mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

feat(api): add break-glass local authentication module
Some checks failed
ci/woodpecker/push/orchestrator Pipeline is pending
Details
ci/woodpecker/push/web Pipeline is pending
Details
ci/woodpecker/push/api Pipeline failed
Details

Browse Source 
Implement LocalAuth module for emergency access without OIDC.
Endpoints: POST /api/auth/local/setup (first-time user creation with
BREAKGLASS_SETUP_TOKEN), POST /api/auth/local/login (email + password).
Both return 404 when ENABLE_LOCAL_AUTH != true. Uses bcrypt (12 rounds)
for password hashing and creates BetterAuth-compatible sessions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-28 11:59:35 -06:00
parent 8388d49786
commit 2d7fb285c3
10 changed files with 1004 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/api/package.json
View File

@@ -52,6 +52,7 @@
"adm-zip": "^0.5.16",
"archiver": "^7.0.1",
"axios": "^1.13.5",
"bcryptjs": "^3.0.3",
"better-auth": "^1.4.17",
"bullmq": "^5.67.2",
"class-transformer": "^0.5.1",
@@ -85,6 +86,7 @@
"@swc/core": "^1.10.18",
"@types/adm-zip": "^0.5.7",
"@types/archiver": "^7.0.0",
"@types/bcryptjs": "^3.0.0",
"@types/cookie-parser": "^1.4.10",
"@types/express": "^5.0.1",
"@types/highlight.js": "^10.1.0",