mirror of
https://github.com/trustgraph-ai/trustgraph.git
synced 2026-05-30 17:55:13 +02:00
da7d10e995
Adds `no-auth-svc`, a lightweight IAM service that permits all access unconditionally — no database, no bootstrap, no signing keys. Deploy it in place of `iam-svc` for development, demos, and single-user setups where authentication overhead is unwanted. The gateway no longer hard-codes a 401 on missing credentials. Instead it asks the IAM regime via a new `authenticate-anonymous` operation whether token-free access is allowed. This keeps the gateway regime-agnostic: `iam-svc` rejects anonymous auth (preserving existing security), while `no-auth-svc` grants it with a configurable default user and workspace. Includes a tech spec (docs/tech-specs/no-auth-regime.md) and tests that pin the safety boundary — malformed tokens never fall through to the anonymous path, and a contract test ensures the full iam-svc always rejects `authenticate-anonymous`. |
||
|---|---|---|
| .. | ||
| config | ||
| dispatch | ||
| endpoint | ||
| unused | ||
| __init__.py | ||
| __main__.py | ||
| auth.py | ||
| capabilities.py | ||
| registry.py | ||
| running.py | ||
| service.py | ||