trustgraph

mirror of https://github.com/trustgraph-ai/trustgraph.git synced 2026-05-19 12:25:13 +02:00

cybermaggedon da7d10e995 feat: add no-auth IAM regime as a drop-in replacement for iam-svc (#933 ) Adds `no-auth-svc`, a lightweight IAM service that permits all access unconditionally — no database, no bootstrap, no signing keys. Deploy it in place of `iam-svc` for development, demos, and single-user setups where authentication overhead is unwanted. The gateway no longer hard-codes a 401 on missing credentials. Instead it asks the IAM regime via a new `authenticate-anonymous` operation whether token-free access is allowed. This keeps the gateway regime-agnostic: `iam-svc` rejects anonymous auth (preserving existing security), while `no-auth-svc` grants it with a configurable default user and workspace. Includes a tech spec (docs/tech-specs/no-auth-regime.md) and tests that pin the safety boundary — malformed tokens never fall through to the anonymous path, and a contract test ensures the full iam-svc always rejects `authenticate-anonymous`.		2026-05-18 14:10:05 +01:00
..
trustgraph	feat: add no-auth IAM regime as a drop-in replacement for iam-svc (#933 )	2026-05-18 14:10:05 +01:00
pyproject.toml	Add missing websockets dep (#859 )	2026-04-30 09:53:32 +01:00
README.md	Maint/fix build env (#84 )	2024-09-30 19:47:09 +01:00