Bounty: $50 (LT)
Area: market/gateway/middleware.go
Current state: The gateway middleware stack documents a previous auth/rate-limit ordering incident, and AuthMiddleware plus RateLimitMiddleware affect request identity and quota behavior. The combined behavior is not covered by focused integration tests.
What is needed: Add Go tests that exercise the middleware chain around auth, rate limiting, and request context propagation.
Acceptance criteria:
- Cover missing bearer token returning 401 with the expected JSON error shape.
- Cover invalid token returning 401 without calling the wrapped handler.
- Cover a valid token setting user/session/auth context before rate limiting.
- Cover middleware ordering so authenticated requests are keyed separately from anonymous/IP-only requests.
- Keep changes scoped to gateway middleware tests and any minimal helper needed for testability.
Required validation:
- Run
go test ./market/gateway or the closest package-level Go test command available in this repo.
- Run
python3 build.py.
- Include the generated
diagnostic/build-*.logd artifact from diagnostic/; include the matching diagnostic/build-*.json if present.
- Use
.github/pull_request_template.md for the submission.
Bounty: $50 (LT)
Area:
market/gateway/middleware.goCurrent state: The gateway middleware stack documents a previous auth/rate-limit ordering incident, and
AuthMiddlewareplusRateLimitMiddlewareaffect request identity and quota behavior. The combined behavior is not covered by focused integration tests.What is needed: Add Go tests that exercise the middleware chain around auth, rate limiting, and request context propagation.
Acceptance criteria:
Required validation:
go test ./market/gatewayor the closest package-level Go test command available in this repo.python3 build.py.diagnostic/build-*.logdartifact fromdiagnostic/; include the matchingdiagnostic/build-*.jsonif present..github/pull_request_template.mdfor the submission.