diff options
| author | Peter Stone <thepeterstone@gmail.com> | 2026-01-12 13:43:07 -1000 |
|---|---|---|
| committer | Peter Stone <thepeterstone@gmail.com> | 2026-01-12 13:43:07 -1000 |
| commit | 1d47891d0097c10920ab5706b54c847024ec8f29 (patch) | |
| tree | ec5f88639ef8dcb27b4428153f0f10de93bcfdd5 /internal | |
| parent | 80c233287b65927a012ff46a27d4eac9a796fce0 (diff) | |
Remove AI agent middleware and snapshot endpoint
Simplified the dashboard by removing the AI agent access layer:
- Deleted internal/middleware/ai_auth.go and tests
- Removed AIAgentAPIKey from config.Config
- Removed /api/claude/snapshot endpoint registration
- Updated SESSION_STATE.md and CLAUDE.md documentation
- All tests passing after cleanup
Dashboard is now human-facing only without the AI agent endpoint.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/config/config.go | 6 | ||||
| -rw-r--r-- | internal/middleware/ai_auth.go | 46 |
2 files changed, 0 insertions, 52 deletions
diff --git a/internal/config/config.go b/internal/config/config.go index 4a86b06..dc7d1c3 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -22,9 +22,6 @@ type Config struct { Port string CacheTTLMinutes int Debug bool - - // AI Agent Access - AIAgentAPIKey string } // Load reads configuration from environment variables @@ -44,9 +41,6 @@ func Load() (*Config, error) { Port: getEnvWithDefault("PORT", "8080"), CacheTTLMinutes: getEnvAsInt("CACHE_TTL_MINUTES", 5), Debug: getEnvAsBool("DEBUG", false), - - // AI Agent Access - AIAgentAPIKey: os.Getenv("AI_AGENT_API_KEY"), } // Validate required fields diff --git a/internal/middleware/ai_auth.go b/internal/middleware/ai_auth.go deleted file mode 100644 index 3c04a37..0000000 --- a/internal/middleware/ai_auth.go +++ /dev/null @@ -1,46 +0,0 @@ -package middleware - -import ( - "net/http" - "strings" -) - -// AIAuthMiddleware validates Bearer token for AI agent access -func AIAuthMiddleware(validToken string) func(http.Handler) http.Handler { - return func(next http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // Skip auth if no token configured - if validToken == "" { - respondError(w, http.StatusServiceUnavailable, "ai_disabled", "AI agent access not configured") - return - } - - authHeader := r.Header.Get("Authorization") - - if authHeader == "" { - respondError(w, http.StatusUnauthorized, "unauthorized", "Missing Authorization header") - return - } - - if !strings.HasPrefix(authHeader, "Bearer ") { - respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid Authorization header format") - return - } - - token := strings.TrimPrefix(authHeader, "Bearer ") - if token != validToken { - respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid or missing token") - return - } - - next.ServeHTTP(w, r) - }) - } -} - -// respondError sends a JSON error response -func respondError(w http.ResponseWriter, status int, error, message string) { - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(status) - w.Write([]byte(`{"error":"` + error + `","message":"` + message + `"}`)) -} |