Skip to content

Finish /plans implementation #642

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
raymondjacobson merged 15 commits into from
Feb 12, 2026
Merged

Finish /plans implementation #642

raymondjacobson merged 15 commits into from
Feb 12, 2026

Conversation

@raymondjacobson
Copy link
Member

@raymondjacobson raymondjacobson commented Feb 12, 2026
edited
Loading

  • Ability to create apps from /plans
  • Rate limits in go code
  • Add bearer authorization in addition to basic auth, updated swagger to allow both methods
  • Update plans site to show bearer tokens, allowing for deletion + creation of new ones
  • Add legacy app indicator where we cannot show you a key with instructions on using api secret instead

Play with it here:
https://weathered-field-271e.audius.workers.dev/

It's a bit messy, will do some passes with cursor to clean up after it goes out

rickyrombo
rickyrombo approved these changes Feb 12, 2026
View reviewed changes
api/v1_users_developer_apps.go Outdated

// requirePlansAppAuth validates Bearer token and checks that the plans app has a grant from the user.
// Must run after requireUserIdMiddleware.
func (app *ApiServer) requirePlansAppAuth(c *fiber.Ctx) error {
Copy link
Contributor

@rickyrombo rickyrombo Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this feels like it should belong somewhere else?

config/config.go Outdated
RewardCodeAuthorizedKeys []string
LaunchpadDeterministicSecret string
UnsplashKeys []string
AudiusApiSecret string
Copy link
Contributor

@rickyrombo rickyrombo Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe some context of where this is used/why it's here? It may not be obvious this is just for the plans app and not being used broadly for the api

Copy link
Member Author

@raymondjacobson raymondjacobson Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is reasonable to have across the API, other things could use it. I'll add a comment though.
It's so that you can authorize api.audius.co to do something for you

Copy link
Contributor

@rickyrombo rickyrombo Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

perhaps... i just don't want there to be confusion about "oh i have an api key, it probably has access to do stuff on behalf of users" or whatever

@raymondjacobson raymondjacobson merged commit 56904fc into main Feb 12, 2026
5 checks passed
@raymondjacobson raymondjacobson deleted the rj-plans-2 branch February 12, 2026 18:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rickyrombo rickyrombo rickyrombo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@raymondjacobson @rickyrombo