2e11931ded
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
createAuthMiddleware was calling SET LOCAL on the raw PrismaClient outside of any transaction. In PostgreSQL, SET LOCAL without a transaction acts as a session-level SET, which can leak RLS context to subsequent requests sharing the same pooled connection, enabling cross-tenant data access. Wrapped the setCurrentUser call and downstream handler execution inside a $transaction block so SET LOCAL is automatically reverted when the transaction ends (on both success and failure). Added comprehensive test suite for db-context module verifying: - RLS context is set on the transaction client, not the raw client - next() executes inside the transaction boundary - Authentication errors prevent any transaction from starting - Errors in downstream handlers propagate correctly Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>