Initial MVP: multiplexer + chat DB

src/auth.ts

@@ -0,0 +1,22 @@
+import type { FastifyRequest } from "fastify";
+import { env } from "./env.js";
+
+export function requireAdmin(req: FastifyRequest) {
+  // If ADMIN_TOKEN isn't set, run in "open" mode (dev).
+  if (!env.ADMIN_TOKEN) return;
+
+  const auth = req.headers.authorization;
+  if (!auth?.startsWith("Bearer ")) {
+    const err = new Error("missing bearer token");
+    // @ts-expect-error attach status
+    err.statusCode = 401;
+    throw err;
+  }
+  const token = auth.slice("Bearer ".length);
+  if (token !== env.ADMIN_TOKEN) {
+    const err = new Error("invalid bearer token");
+    // @ts-expect-error attach status
+    err.statusCode = 403;
+    throw err;
+  }
+}