refactor: per-connection auth via Authorization header

Replace startup token authentication with per-SSE-connection auth. Each client now passes Bearer token in Authorization header when connecting. Server validates against config.yaml tokens and creates isolated Server instance per connection. - server.py: accept (auth, agent) instead of (config_path, token) - main.py: extract Bearer token, authenticate, create server per connection - Remove GRIST_MCP_TOKEN from docker-compose environments
2026-01-01 08:49:58 -05:00
parent a2e8d76237
commit 8809095549
8 changed files with 58 additions and 35 deletions
--- a/deploy/dev/.env.example
+++ b/deploy/dev/.env.example
@@ -1,3 +1 @@
-PORT=3000
-GRIST_MCP_TOKEN=your-token-here
-CONFIG_PATH=/app/config.yaml
+PORT=3010