feat(tools): implement CRUD operations for thoughts and projects

* Add tools for creating, retrieving, updating, and deleting thoughts. * Implement project management tools for creating and listing projects. * Introduce linking functionality between thoughts. * Add search and recall capabilities for thoughts based on semantic queries. * Implement statistics and summarization tools for thought analysis. * Create database migrations for thoughts, projects, and links. * Add helper functions for UUID parsing and project resolution.
2026-03-24 15:38:59 +02:00
parent 64024193e9
commit 66370a7f0e
68 changed files with 4422 additions and 0 deletions
--- a/internal/auth/middleware.go
+++ b/internal/auth/middleware.go
@@ -0,0 +1,49 @@
+package auth
+
+import (
+	"context"
+	"log/slog"
+	"net/http"
+	"strings"
+
+	"git.warky.dev/wdevs/amcs/internal/config"
+)
+
+type contextKey string
+
+const keyIDContextKey contextKey = "auth.key_id"
+
+func Middleware(cfg config.AuthConfig, keyring *Keyring, log *slog.Logger) func(http.Handler) http.Handler {
+	headerName := cfg.HeaderName
+	if headerName == "" {
+		headerName = "x-brain-key"
+	}
+
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			token := strings.TrimSpace(r.Header.Get(headerName))
+			if token == "" && cfg.AllowQueryParam {
+				token = strings.TrimSpace(r.URL.Query().Get(cfg.QueryParam))
+			}
+
+			if token == "" {
+				http.Error(w, "missing API key", http.StatusUnauthorized)
+				return
+			}
+
+			keyID, ok := keyring.Lookup(token)
+			if !ok {
+				log.Warn("authentication failed", slog.String("remote_addr", r.RemoteAddr))
+				http.Error(w, "invalid API key", http.StatusUnauthorized)
+				return
+			}
+
+			next.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), keyIDContextKey, keyID)))
+		})
+	}
+}
+
+func KeyIDFromContext(ctx context.Context) (string, bool) {
+	value, ok := ctx.Value(keyIDContextKey).(string)
+	return value, ok
+}