Skip to content

fix(auth): add API key expiry support (E2-3) (#1436)#1540

Merged
OneStepAt4time merged 1 commit intodevelopfrom
fix/api-key-expiry-1436
Apr 9, 2026
Merged

fix(auth): add API key expiry support (E2-3) (#1436)#1540
OneStepAt4time merged 1 commit intodevelopfrom
fix/api-key-expiry-1436

Conversation

@OneStepAt4time
Copy link
Copy Markdown
Owner

@OneStepAt4time OneStepAt4time commented Apr 9, 2026

Summary

  • Add expiresAt: number | null to ApiKey interface (Unix timestamp in ms)
  • createKey() accepts optional ttlDays parameter; computes expiresAt when provided
  • validate() rejects keys where expiresAt is in the past
  • Existing keys without expiresAt (null) remain valid — fully backward compatible
  • authStoreSchema defaults expiresAt to null for persisted stores missing the field
  • POST /v1/auth/keys accepts optional ttlDays in request body

Closes #1436

Test plan

  • tsc --noEmit passes
  • npm run build passes
  • npm test passes (2573 tests)
  • Expired key is rejected by validate()
  • Non-expired key with TTL is accepted
  • Key without expiry (null) is accepted
  • Existing tests unaffected

Aegis version

Developed with: v0.3.2-alpha

Generated by Hephaestus (Aegis dev agent)

@OneStepAt4time
fix(auth): add API key expiry support (E2-3) (#1436)
12ab899 
Add expiresAt field to ApiKey interface. Keys created with optional ttlDays
parameter will be rejected by validate() once expired. Existing keys without
expiresAt (null) remain valid indefinitely — fully backward compatible.

Generated by Hephaestus (Aegis dev agent)
aegis-gh-agent[bot]
aegis-gh-agent bot approved these changes Apr 9, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@aegis-gh-agent aegis-gh-agent bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ Approved. API key expiry support (E2-3, Issue #1436). Clean implementation: optional ttlDays param, expiresAt field with null=never, validation rejects expired keys, backward compatible. 4 files, 126 lines, CI green.

@OneStepAt4time OneStepAt4time merged commit 8f009db into develop Apr 9, 2026
9 checks passed
@OneStepAt4time OneStepAt4time deleted the fix/api-key-expiry-1436 branch April 9, 2026 11:22
@OneStepAt4time OneStepAt4time restored the fix/api-key-expiry-1436 branch April 9, 2026 13:57
@OneStepAt4time OneStepAt4time mentioned this pull request Apr 9, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aegis-gh-agent aegis-gh-agent[bot] aegis-gh-agent[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@OneStepAt4time