From 1d47891d0097c10920ab5706b54c847024ec8f29 Mon Sep 17 00:00:00 2001
From: Peter Stone <thepeterstone@gmail.com>
Date: Mon, 12 Jan 2026 13:43:07 -1000
Subject: Remove AI agent middleware and snapshot endpoint

Simplified the dashboard by removing the AI agent access layer:
- Deleted internal/middleware/ai_auth.go and tests
- Removed AIAgentAPIKey from config.Config
- Removed /api/claude/snapshot endpoint registration
- Updated SESSION_STATE.md and CLAUDE.md documentation
- All tests passing after cleanup

Dashboard is now human-facing only without the AI agent endpoint.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
---
 internal/middleware/ai_auth.go | 46 ------------------------------------------
 1 file changed, 46 deletions(-)
 delete mode 100644 internal/middleware/ai_auth.go

(limited to 'internal/middleware/ai_auth.go')

diff --git a/internal/middleware/ai_auth.go b/internal/middleware/ai_auth.go
deleted file mode 100644
index 3c04a37..0000000
--- a/internal/middleware/ai_auth.go
+++ /dev/null
@@ -1,46 +0,0 @@
-package middleware
-
-import (
-	"net/http"
-	"strings"
-)
-
-// AIAuthMiddleware validates Bearer token for AI agent access
-func AIAuthMiddleware(validToken string) func(http.Handler) http.Handler {
-	return func(next http.Handler) http.Handler {
-		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			// Skip auth if no token configured
-			if validToken == "" {
-				respondError(w, http.StatusServiceUnavailable, "ai_disabled", "AI agent access not configured")
-				return
-			}
-
-			authHeader := r.Header.Get("Authorization")
-
-			if authHeader == "" {
-				respondError(w, http.StatusUnauthorized, "unauthorized", "Missing Authorization header")
-				return
-			}
-
-			if !strings.HasPrefix(authHeader, "Bearer ") {
-				respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid Authorization header format")
-				return
-			}
-
-			token := strings.TrimPrefix(authHeader, "Bearer ")
-			if token != validToken {
-				respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid or missing token")
-				return
-			}
-
-			next.ServeHTTP(w, r)
-		})
-	}
-}
-
-// respondError sends a JSON error response
-func respondError(w http.ResponseWriter, status int, error, message string) {
-	w.Header().Set("Content-Type", "application/json")
-	w.WriteHeader(status)
-	w.Write([]byte(`{"error":"` + error + `","message":"` + message + `"}`))
-}
-- 
cgit v1.2.3