From 4dbd96ec697196d43ad41eca4fd43d53da46a081 Mon Sep 17 00:00:00 2001
From: bndw <ben@bdw.to>
Date: Sat, 14 Feb 2026 14:54:30 -0800
Subject: refactor: use AuthStore interface and remove type assertions

Replace runtime type assertions with compile-time safe AuthStore interface.
Add connState struct for cleaner per-connection state management instead
of mutable pointer parameters. Reduce auth challenge TTL from 10min to 2min.

- Add AuthStore interface with CreateAuthChallenge and ValidateAndConsumeChallenge
- Add connState struct for authenticatedPubkey and authChallenge
- Remove fragile type assertion pattern in requireAuth and handleAuth
- Add nil checks for auth store with clear error messages
- Update Handler to have separate auth field
- Wire auth store in main.go when auth is enabled
---
 cmd/relay/main.go | 1 +
 1 file changed, 1 insertion(+)

(limited to 'cmd/relay/main.go')

diff --git a/cmd/relay/main.go b/cmd/relay/main.go
index 6974f65..e4afec8 100644
--- a/cmd/relay/main.go
+++ b/cmd/relay/main.go
@@ -116,6 +116,7 @@ func main() {
 	}
 
 	if cfg.Auth.Read.Enabled || cfg.Auth.Write.Enabled {
+		wsHandler.SetAuth(store)
 		wsHandler.SetAuthConfig(&wshandler.AuthConfig{
 			ReadEnabled:         cfg.Auth.Read.Enabled,
 			WriteEnabled:        cfg.Auth.Write.Enabled,
-- 
cgit v1.2.3