arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(auth): JWT secret retention policy + automatic cleanup loop (ADR-0021) (#41)
Some checks failed
CI/CD Pipeline / Build Docker Cache (push) Successful in 13s
Details
CI/CD Pipeline / Trigger Docker Push (push) Has been cancelled
Details
CI/CD Pipeline / CI Pipeline (push) Has been cancelled
Details

Browse Source 
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
This commit was merged in pull request #41.
This commit is contained in:
Gabriel Radureau
2026-05-05 08:40:27 +02:00
committed by arcodange
parent a2beadc458
commit 03ea2a7b89
8 changed files with 319 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pkg/user/user.go
View File

@@ -43,6 +43,15 @@ type AuthService interface {
RotateJWTSecret(newSecret string)
GetJWTSecretByIndex(index int) (string, bool)
ResetJWTSecrets() // Reset JWT secrets to initial state for test cleanup
// StartJWTSecretCleanupLoop starts a goroutine that periodically calls
// RemoveExpiredJWTSecrets at the given interval, stopping when ctx is
// cancelled. Implements the cleanup half of ADR-0021. interval <= 0
// disables the loop.
StartJWTSecretCleanupLoop(ctx context.Context, interval time.Duration)
// RemoveExpiredJWTSecrets triggers an immediate cleanup pass and returns
// the count of removed non-primary expired secrets. Useful for tests
// driving cleanup synchronously.
RemoveExpiredJWTSecrets() int
}
// UserManager defines interface for user management operations