refactor: rename service references arcadia-app → arcadia-core
The Phoenix auth/identity/tenancy backend repo is being renamed arcadia-app → arcadia-core (its primary OTP app is already arcadia_core). Updates prose, doc paths, and git.sky-ai.com repo URLs. Deliberately leaves the Rust crate arcadia-app-client and host arcadia-app.internal (handled separately), and the kept namespace (issuer/release "arcadia"). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -30,8 +30,8 @@ config :logger, :default_formatter,
|
|||||||
# Use Jason for JSON parsing in Phoenix
|
# Use Jason for JSON parsing in Phoenix
|
||||||
config :phoenix, :json_library, Jason
|
config :phoenix, :json_library, Jason
|
||||||
|
|
||||||
# Guardian — JWTs are issued by arcadia-app. arcadia-cloud only verifies them.
|
# Guardian — JWTs are issued by arcadia-core. arcadia-cloud only verifies them.
|
||||||
# Issuer and secret_key MUST match arcadia-app's Arcadia.Guardian config.
|
# Issuer and secret_key MUST match arcadia-core's Arcadia.Guardian config.
|
||||||
config :arcadia_cloud, ArcadiaCloud.Guardian,
|
config :arcadia_cloud, ArcadiaCloud.Guardian,
|
||||||
issuer: "arcadia",
|
issuer: "arcadia",
|
||||||
verify_issuer: true
|
verify_issuer: true
|
||||||
|
|||||||
@@ -22,7 +22,7 @@ config :arcadia_cloud, ArcadiaCloudWeb.Endpoint,
|
|||||||
secret_key_base: "FkyzbvuBWWUEnx/M5KDYyEQdPVbxAiFIkNFbSUK+/DCFvRM+W0NGCnE0bGW6NnCk",
|
secret_key_base: "FkyzbvuBWWUEnx/M5KDYyEQdPVbxAiFIkNFbSUK+/DCFvRM+W0NGCnE0bGW6NnCk",
|
||||||
watchers: []
|
watchers: []
|
||||||
|
|
||||||
# Guardian — must match arcadia-app's Arcadia.Guardian dev secret_key
|
# Guardian — must match arcadia-core's Arcadia.Guardian dev secret_key
|
||||||
# (shared verbatim with arcadia-social and arcadia-voice).
|
# (shared verbatim with arcadia-social and arcadia-voice).
|
||||||
config :arcadia_cloud, ArcadiaCloud.Guardian,
|
config :arcadia_cloud, ArcadiaCloud.Guardian,
|
||||||
secret_key: "DuMkIRN3Qcxk8VqOu8nHj5i7a7a7YgBHF4oXqKwDI4A="
|
secret_key: "DuMkIRN3Qcxk8VqOu8nHj5i7a7a7YgBHF4oXqKwDI4A="
|
||||||
|
|||||||
@@ -2,11 +2,11 @@ defmodule ArcadiaCloud.Guardian do
|
|||||||
@moduledoc """
|
@moduledoc """
|
||||||
Verify-only Guardian implementation.
|
Verify-only Guardian implementation.
|
||||||
|
|
||||||
arcadia-cloud never issues tokens — that is arcadia-app's job. We only
|
arcadia-cloud never issues tokens — that is arcadia-core's job. We only
|
||||||
decode and verify tokens minted by `Arcadia.Guardian`, then expose the
|
decode and verify tokens minted by `Arcadia.Guardian`, then expose the
|
||||||
claims as a lightweight identity struct.
|
claims as a lightweight identity struct.
|
||||||
|
|
||||||
Token contract (set by arcadia-app):
|
Token contract (set by arcadia-core):
|
||||||
sub => "<user_id>:<tenant_id>"
|
sub => "<user_id>:<tenant_id>"
|
||||||
tenant_id => UUID string
|
tenant_id => UUID string
|
||||||
tenant_slug => string
|
tenant_slug => string
|
||||||
@@ -36,7 +36,7 @@ defmodule ArcadiaCloud.Guardian do
|
|||||||
|
|
||||||
@doc """
|
@doc """
|
||||||
Dev/test helper: mint a JWT using the local secret. Production tokens
|
Dev/test helper: mint a JWT using the local secret. Production tokens
|
||||||
are minted by arcadia-app.
|
are minted by arcadia-core.
|
||||||
"""
|
"""
|
||||||
def mint_dev_token(claims_overrides \\ %{}) do
|
def mint_dev_token(claims_overrides \\ %{}) do
|
||||||
defaults = %{
|
defaults = %{
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
defmodule ArcadiaCloudWeb.Plugs.RequireAuth do
|
defmodule ArcadiaCloudWeb.Plugs.RequireAuth do
|
||||||
@moduledoc """
|
@moduledoc """
|
||||||
Validates a Bearer JWT issued by arcadia-app and assigns the resulting
|
Validates a Bearer JWT issued by arcadia-core and assigns the resulting
|
||||||
identity + raw claims onto the conn. Halts with 401 on any failure.
|
identity + raw claims onto the conn. Halts with 401 on any failure.
|
||||||
|
|
||||||
Downstream controllers read `conn.assigns.current_identity` and, if
|
Downstream controllers read `conn.assigns.current_identity` and, if
|
||||||
|
|||||||
Reference in New Issue
Block a user