summaryrefslogtreecommitdiff
path: root/internal/middleware
diff options
context:
space:
mode:
authorPeter Stone <thepeterstone@gmail.com>2026-01-12 13:43:07 -1000
committerPeter Stone <thepeterstone@gmail.com>2026-01-12 13:43:07 -1000
commit1d47891d0097c10920ab5706b54c847024ec8f29 (patch)
treeec5f88639ef8dcb27b4428153f0f10de93bcfdd5 /internal/middleware
parent80c233287b65927a012ff46a27d4eac9a796fce0 (diff)
Remove AI agent middleware and snapshot endpoint
Simplified the dashboard by removing the AI agent access layer: - Deleted internal/middleware/ai_auth.go and tests - Removed AIAgentAPIKey from config.Config - Removed /api/claude/snapshot endpoint registration - Updated SESSION_STATE.md and CLAUDE.md documentation - All tests passing after cleanup Dashboard is now human-facing only without the AI agent endpoint. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Diffstat (limited to 'internal/middleware')
-rw-r--r--internal/middleware/ai_auth.go46
1 files changed, 0 insertions, 46 deletions
diff --git a/internal/middleware/ai_auth.go b/internal/middleware/ai_auth.go
deleted file mode 100644
index 3c04a37..0000000
--- a/internal/middleware/ai_auth.go
+++ /dev/null
@@ -1,46 +0,0 @@
-package middleware
-
-import (
- "net/http"
- "strings"
-)
-
-// AIAuthMiddleware validates Bearer token for AI agent access
-func AIAuthMiddleware(validToken string) func(http.Handler) http.Handler {
- return func(next http.Handler) http.Handler {
- return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- // Skip auth if no token configured
- if validToken == "" {
- respondError(w, http.StatusServiceUnavailable, "ai_disabled", "AI agent access not configured")
- return
- }
-
- authHeader := r.Header.Get("Authorization")
-
- if authHeader == "" {
- respondError(w, http.StatusUnauthorized, "unauthorized", "Missing Authorization header")
- return
- }
-
- if !strings.HasPrefix(authHeader, "Bearer ") {
- respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid Authorization header format")
- return
- }
-
- token := strings.TrimPrefix(authHeader, "Bearer ")
- if token != validToken {
- respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid or missing token")
- return
- }
-
- next.ServeHTTP(w, r)
- })
- }
-}
-
-// respondError sends a JSON error response
-func respondError(w http.ResponseWriter, status int, error, message string) {
- w.Header().Set("Content-Type", "application/json")
- w.WriteHeader(status)
- w.Write([]byte(`{"error":"` + error + `","message":"` + message + `"}`))
-}
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-28 09:23:41 +0000