Skip to content

feat: add Bearer token auth for Anticapture API Gateway#225

Merged
pikonha merged 1 commit intodevfrom
feat/anticapture-api-auth-token
Mar 5, 2026
Merged

feat: add Bearer token auth for Anticapture API Gateway#225
pikonha merged 1 commit intodevfrom
feat/anticapture-api-auth-token

Conversation

@alextnetto
Copy link
Copy Markdown
Member

@alextnetto alextnetto commented Mar 3, 2026
edited
Loading

Summary

  • Adds optional BLOCKFUL_API_TOKEN env var to Logic System, Dispatcher, and Consumers so all Anticapture API requests include a Authorization: Bearer <token> header when the token is configured.
  • Matches the auth scheme introduced in anticapture PR #1680 — backward-compatible (no token = open access for local dev).

Changes

Env config schemas (3 files)

  • apps/logic-system/src/config/env.ts — added BLOCKFUL_API_TOKEN: z.string().optional()
  • apps/dispatcher/src/envConfig.ts — added to Zod schema + returned as blockfulApiToken
  • apps/consumers/src/config/env.ts — same pattern

Axios instances (3 files)

  • apps/logic-system/src/index.ts — spread Authorization header into axios.create() when token is set
  • apps/dispatcher/src/app.ts — threaded blockfulApiToken through constructor, added header to internal axios.create()
  • apps/consumers/src/index.ts — spread Authorization header into axios.create()

Dispatcher wiring (2 files)

  • apps/dispatcher/src/index.ts — passes config.blockfulApiToken to App constructor
  • apps/dispatcher/src/app.ts — accepts optional blockfulApiToken parameter

Env examples + Docker Compose (3 files)

  • .env.example, apps/logic-system/.env.example, apps/consumers/example.env — added BLOCKFUL_API_TOKEN=
  • docker-compose.yml — added BLOCKFUL_API_TOKEN: ${BLOCKFUL_API_TOKEN:-} to logic-system, dispatcher, and consumers

Test plan

  • pnpm logic-system test — 44 passed
  • pnpm dispatcher test — 80 passed (1 pre-existing failure in non-voting-handler)
  • pnpm consumer test — 14 passed
  • Set BLOCKFUL_API_TOKEN in Railway env vars for all three services after anticapture PR #1680 is deployed

@alextnetto
feat: add Bearer token auth for AntiCapture API Gateway
391e3e5 
AntiCapture PR #1680 adds BLOCKFUL_API_TOKEN-based auth to the API
Gateway. Wire the optional token into all three services (logic-system,
dispatcher, consumers) so requests include the Authorization header
when the env var is set.
@vercel
Copy link
Copy Markdown

vercel Bot commented Mar 3, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
flow-editor Ready Ready Preview, Comment Mar 3, 2026 9:26pm
notification-system-dashboard Ready Ready Preview, Comment Mar 3, 2026 9:26pm

Request Review

@alextnetto alextnetto changed the title feat: add Bearer token auth for AntiCapture API Gateway feat: add Bearer token auth for Anticapture API Gateway Mar 3, 2026
@LeonardoVieira1630 LeonardoVieira1630 self-requested a review March 4, 2026 18:11
@pikonha pikonha merged commit 5f0260a into dev Mar 5, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LeonardoVieira1630 LeonardoVieira1630 LeonardoVieira1630 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@alextnetto @LeonardoVieira1630 @pikonha