Server refactor completed

cmd/server/middleware.go

@@ -0,0 +1,57 @@
+package main
+
+import (
+	"net/http"
+)
+
+// authMiddleware validates authentication credentials
+func (s *Server) authMiddleware(next http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// Check if any authentication is configured
+		hasAuth := s.config.Server.Username != "" || s.config.Server.Password != "" || s.config.Server.AuthKey != ""
+
+		if !hasAuth {
+			// No authentication configured, allow access
+			next(w, r)
+			return
+		}
+
+		authenticated := false
+
+		// Check for API key authentication (x-api-key header or Authorization bearer token)
+		if s.config.Server.AuthKey != "" {
+			// Check x-api-key header
+			apiKey := r.Header.Get("x-api-key")
+			if apiKey == s.config.Server.AuthKey {
+				authenticated = true
+			}
+
+			// Check Authorization header for bearer token
+			if !authenticated {
+				authHeader := r.Header.Get("Authorization")
+				if len(authHeader) > 7 && authHeader[:7] == "Bearer " {
+					token := authHeader[7:]
+					if token == s.config.Server.AuthKey {
+						authenticated = true
+					}
+				}
+			}
+		}
+
+		// Check for username/password authentication (HTTP Basic Auth)
+		if !authenticated && s.config.Server.Username != "" && s.config.Server.Password != "" {
+			username, password, ok := r.BasicAuth()
+			if ok && username == s.config.Server.Username && password == s.config.Server.Password {
+				authenticated = true
+			}
+		}
+
+		if !authenticated {
+			w.Header().Set("WWW-Authenticate", `Basic realm="WhatsHooked Server"`)
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		next(w, r)
+	}
+}