2980a441

By: Michael Lynch <git@mtlynch.io>

Simplify shared-secret auth plumbing

Move session cleanup out of handlers.New so the server constructor only takes request-time dependencies. Replace the extra auth_users table and session creation transaction with a single auth_sessions table, and let the session manager own expiration checks through its injected clock.

Use direct password-hash verification for the shared secret instead of adapting simpleauth's username/password store interface.

Codeberg

Dependencies Timing

Agent Instructions

Each run corresponds to one flake attribute. Click a run for its logs and status.

Example: https://nix-ci.com/cb:mtlynch:little-moments/shared-secret-auth/2980a4410605c0d0ce1e71db60c80049ecc90720/600a2304-664c-46fc-8317-beefdfbc4985

Wait for suite to complete:

curl --netrc -N https://nix-ci.com/cb:mtlynch:little-moments/shared-secret-auth/2980a4410605c0d0ce1e71db60c80049ecc90720/wait

For more instructions, fetch https://nix-ci.com/instructions .