diff options
| author | Peter Stone <thepeterstone@gmail.com> | 2026-01-12 09:27:16 -1000 |
|---|---|---|
| committer | Peter Stone <thepeterstone@gmail.com> | 2026-01-12 09:27:16 -1000 |
| commit | 9fe0998436488537a8a2e8ffeefb0c4424b41c60 (patch) | |
| tree | ce877f04e60a187c2bd0e481e80298ec5e7cdf80 /internal/middleware | |
Initial commit: Personal Consolidation Dashboard (Phase 1 Complete)
Implemented a unified web dashboard aggregating tasks, notes, and meal planning:
Core Features:
- Trello integration (PRIMARY feature - boards, cards, lists)
- Todoist integration (tasks and projects)
- Obsidian integration (20 most recent notes)
- PlanToEat integration (optional - 7-day meal planning)
- Mobile-responsive web UI with auto-refresh (5 min)
- SQLite caching with 5-minute TTL
- AI agent endpoint with Bearer token authentication
Technical Implementation:
- Go 1.21+ backend with chi router
- Interface-based API client design for testability
- Parallel data fetching with goroutines
- Graceful degradation (partial data on API failures)
- .env file loading with godotenv
- Comprehensive test coverage (9/9 tests passing)
Bug Fixes:
- Fixed .env file not being loaded at startup
- Fixed nil pointer dereference with optional API clients (typed nil interface gotcha)
Documentation:
- START_HERE.md - Quick 5-minute setup guide
- QUICKSTART.md - Fast track setup
- SETUP_GUIDE.md - Detailed step-by-step instructions
- PROJECT_SUMMARY.md - Complete project overview
- CLAUDE.md - Guide for Claude Code instances
- AI_AGENT_ACCESS.md - AI agent design document
- AI_AGENT_SETUP.md - Claude.ai integration guide
- TRELLO_AUTH_UPDATE.md - New Power-Up auth process
Statistics:
- Binary: 17MB
- Code: 2,667 lines
- Tests: 5 unit + 4 acceptance tests (all passing)
- Dependencies: chi, sqlite3, godotenv
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Diffstat (limited to 'internal/middleware')
| -rw-r--r-- | internal/middleware/ai_auth.go | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/internal/middleware/ai_auth.go b/internal/middleware/ai_auth.go new file mode 100644 index 0000000..3c04a37 --- /dev/null +++ b/internal/middleware/ai_auth.go @@ -0,0 +1,46 @@ +package middleware + +import ( + "net/http" + "strings" +) + +// AIAuthMiddleware validates Bearer token for AI agent access +func AIAuthMiddleware(validToken string) func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Skip auth if no token configured + if validToken == "" { + respondError(w, http.StatusServiceUnavailable, "ai_disabled", "AI agent access not configured") + return + } + + authHeader := r.Header.Get("Authorization") + + if authHeader == "" { + respondError(w, http.StatusUnauthorized, "unauthorized", "Missing Authorization header") + return + } + + if !strings.HasPrefix(authHeader, "Bearer ") { + respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid Authorization header format") + return + } + + token := strings.TrimPrefix(authHeader, "Bearer ") + if token != validToken { + respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid or missing token") + return + } + + next.ServeHTTP(w, r) + }) + } +} + +// respondError sends a JSON error response +func respondError(w http.ResponseWriter, status int, error, message string) { + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(status) + w.Write([]byte(`{"error":"` + error + `","message":"` + message + `"}`)) +} |