Skip to content

feat: extract Ed25519 signature verification into reusable middleware#426

Open
devAgatha wants to merge 1 commit into
AnnabelJoe:mainfrom
devAgatha:feat/268-ed25519-middleware
Open

feat: extract Ed25519 signature verification into reusable middleware#426
devAgatha wants to merge 1 commit into
AnnabelJoe:mainfrom
devAgatha:feat/268-ed25519-middleware

Conversation

@devAgatha
Copy link
Copy Markdown

@devAgatha devAgatha commented Jun 1, 2026

Summary

Extracts the inline Ed25519 signature verification from the readings route handler into a reusable verifyMeterSignature() middleware function.

Changes

  • src/lib/middleware/verifyEd25519.ts — new middleware with verifyMeterSignature(), isErrorResponse(), and withMeterAuth() HOF
  • src/app/api/readings/route.ts — refactored to call middleware instead of inline verify logic
  • src/lib/middleware/__tests__/verifyEd25519.test.ts — unit tests covering valid signature, invalid signature, missing meter, and crypto error cases

Acceptance Criteria

  • Middleware verifies Ed25519 signature against meter public key
  • Returns 401 if signature invalid or meter key not registered
  • Applied to all meter-facing endpoints
  • Unit tested with valid and invalid signature cases

Closes #268

@devAgatha
feat: extract Ed25519 signature verification into reusable middleware (
7e1ac9d 
…AnnabelJoe#268)

- Add verifyMeterSignature() and withMeterAuth() in lib/middleware/verifyEd25519.ts
- Refactor /api/readings to use the new middleware
- Add unit tests for valid/invalid signature and missing meter cases

Closes AnnabelJoe#268
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement Ed25519 signature verification middleware

1 participant

@devAgatha