#389 — Galt PoC back-end with auth
Repo: Twill-AI/facade State: closed | Status: done Assignee: Unassigned
Created: 2025-07-11 · Updated: 2025-09-15
Description
Request
Caused by https://github.com/Twill-AI/twill-ai-ui/issues/423 and 2025/07/11 (previous day in PST) communication between Aleksandr and Nader.
We want to build PoC of API to facilitate UI for Galt. It should provide required data only in API. It should be “deploy-able”.
Acceptance criteria
- Some back-end app provides access to filtered merchants table with full auth flow.
Implementation details.
Let’s call new API ‘Merchants’. Because the central entity for Galt users would be PE Merchant.
Back-end auth
We need in Supabase auth (may re-use SupabaseService from Facade) to:
- Sign up new user (POST
/sign-up) or reset password (POST/reset-password). - Get access token (POST
/tokenor/loginForTokenViaGoogle).
Resulting token can be used for regular bearer auth via Supabase. But on Facade GrantedFor and MasterGrantedFor are using TenantsManager for “has tenant” verification. While NoTenantGrantedFor uses only DepsSingleton’s cache and only if user was found it adds “master” tenant ID to the User entity.
This also means that UI may reuse auth logic for both general TwillAI users and Galt users.
✅ We may implement authorization logic on “Merchants” API-s which would accept only specific users - like with verifying email in the list. FYI - may change on https://github.com/Twill-AI/twill-partner-portal/issues/5.
PayEngine auth
All PE web components require “hash”/“hmac” value (deprecated but implemented in Facade in GET `/a
Notes
Add implementation notes, blockers, and context here
Related
Add wikilinks to related people, meetings, or other tickets