pub async fn private_key_for(user_id: Uuid) -> Result<String, DBError>Expand description
Fetches a user’s base64-PEM private signing key from their per-user
database (user_auth_keys, a single-row table). Used on the token MINT path
after the user has been identified.
§Errors
DBError::Sqlx on a DB error; DBError::KeyGen if the user has no key
(a provisioning invariant violation — surfaced rather than silently signing
with nothing).