From 9fe0998436488537a8a2e8ffeefb0c4424b41c60 Mon Sep 17 00:00:00 2001 From: Peter Stone Date: Mon, 12 Jan 2026 09:27:16 -1000 Subject: Initial commit: Personal Consolidation Dashboard (Phase 1 Complete) Implemented a unified web dashboard aggregating tasks, notes, and meal planning: Core Features: - Trello integration (PRIMARY feature - boards, cards, lists) - Todoist integration (tasks and projects) - Obsidian integration (20 most recent notes) - PlanToEat integration (optional - 7-day meal planning) - Mobile-responsive web UI with auto-refresh (5 min) - SQLite caching with 5-minute TTL - AI agent endpoint with Bearer token authentication Technical Implementation: - Go 1.21+ backend with chi router - Interface-based API client design for testability - Parallel data fetching with goroutines - Graceful degradation (partial data on API failures) - .env file loading with godotenv - Comprehensive test coverage (9/9 tests passing) Bug Fixes: - Fixed .env file not being loaded at startup - Fixed nil pointer dereference with optional API clients (typed nil interface gotcha) Documentation: - START_HERE.md - Quick 5-minute setup guide - QUICKSTART.md - Fast track setup - SETUP_GUIDE.md - Detailed step-by-step instructions - PROJECT_SUMMARY.md - Complete project overview - CLAUDE.md - Guide for Claude Code instances - AI_AGENT_ACCESS.md - AI agent design document - AI_AGENT_SETUP.md - Claude.ai integration guide - TRELLO_AUTH_UPDATE.md - New Power-Up auth process Statistics: - Binary: 17MB - Code: 2,667 lines - Tests: 5 unit + 4 acceptance tests (all passing) - Dependencies: chi, sqlite3, godotenv Co-Authored-By: Claude Sonnet 4.5 --- internal/middleware/ai_auth.go | 46 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 internal/middleware/ai_auth.go (limited to 'internal/middleware') diff --git a/internal/middleware/ai_auth.go b/internal/middleware/ai_auth.go new file mode 100644 index 0000000..3c04a37 --- /dev/null +++ b/internal/middleware/ai_auth.go @@ -0,0 +1,46 @@ +package middleware + +import ( + "net/http" + "strings" +) + +// AIAuthMiddleware validates Bearer token for AI agent access +func AIAuthMiddleware(validToken string) func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Skip auth if no token configured + if validToken == "" { + respondError(w, http.StatusServiceUnavailable, "ai_disabled", "AI agent access not configured") + return + } + + authHeader := r.Header.Get("Authorization") + + if authHeader == "" { + respondError(w, http.StatusUnauthorized, "unauthorized", "Missing Authorization header") + return + } + + if !strings.HasPrefix(authHeader, "Bearer ") { + respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid Authorization header format") + return + } + + token := strings.TrimPrefix(authHeader, "Bearer ") + if token != validToken { + respondError(w, http.StatusUnauthorized, "unauthorized", "Invalid or missing token") + return + } + + next.ServeHTTP(w, r) + }) + } +} + +// respondError sends a JSON error response +func respondError(w http.ResponseWriter, status int, error, message string) { + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(status) + w.Write([]byte(`{"error":"` + error + `","message":"` + message + `"}`)) +} -- cgit v1.2.3