# Issue #4: Secure User and Group Management Endpoints with Authentication Middleware **Status:** Open **Author:** MrKalzu **Created:** 2025-09-12 **Assignee:** ryyst **Repository:** https://git.rauhala.info/ryyst/kalzu-value-store/issues/4 ## Description **Security Vulnerability:** User, group, and token management API endpoints are currently exposed without authentication, creating a significant security risk. ## Current Problem The following administrative endpoints are accessible without authentication: - User management endpoints (`createUserHandler`, `getUserHandler`, etc.) - Group management endpoints - Token management endpoints ## Proposed Solution ### 1. Define Granular Administrative Scopes Create specific administrative scopes for fine-grained access control: - `admin:users:create` - Create new users - `admin:users:read` - View user information - `admin:users:update` - Modify user data - `admin:users:delete` - Remove users - `admin:groups:create` - Create new groups - `admin:groups:read` - View group information - `admin:groups:update` - Modify group membership - `admin:groups:delete` - Remove groups - `admin:tokens:create` - Generate API tokens - `admin:tokens:revoke` - Revoke API tokens ### 2. Apply Authentication Middleware Wrap all administrative handlers with `authMiddleware` and specific scope requirements: ```go // Example implementation router.Handle("/auth/users", authMiddleware("admin:users:create")(createUserHandler)) router.Handle("/auth/users/{id}", authMiddleware("admin:users:read")(getUserHandler)) ``` ## Dependencies - **Depends on Issue #3**: Requires implementation of autogenerated root account for initial setup ## Security Benefits - Prevents unauthorized administrative access - Implements principle of least privilege - Provides audit trail for administrative operations - Protects against privilege escalation attacks ## Implementation Priority **High Priority** - This addresses a critical security vulnerability that could allow unauthorized access to administrative functions.