From d81a8bec9c0eeb627354e54dab444d8d38458513 Mon Sep 17 00:00:00 2001
From: Cohan Carpentier <cohan.carpentier@gmail.com>
Date: Mon, 7 Oct 2024 11:43:42 -0400
Subject: [PATCH 1/5] feat: add pwd to zk-socials demos

---
 zk-socials/.env.example      |  1 +
 zk-socials/src/app/robots.ts | 10 ++++++++++
 zk-socials/src/env.js        |  2 ++
 zk-socials/src/middleware.ts | 24 ++++++++++++++++++++++++
 4 files changed, 37 insertions(+)
 create mode 100644 zk-socials/src/app/robots.ts
 create mode 100644 zk-socials/src/middleware.ts

diff --git a/zk-socials/.env.example b/zk-socials/.env.example
index 3286098..d8c3063 100644
--- a/zk-socials/.env.example
+++ b/zk-socials/.env.example
@@ -1,6 +1,7 @@
 # Public
 NEXT_PUBLIC_GOOGLE_CLIENT_ID=381952934096-ahvjn5cj420qiosnjl2g4o2olpbuopf9.apps.googleusercontent.com
 NEXT_PUBLIC_VERCEL_BRANCH_URL=localhost
+PASSWORD=password
 
 # Private
 BONSAI_API_KEY=
diff --git a/zk-socials/src/app/robots.ts b/zk-socials/src/app/robots.ts
new file mode 100644
index 0000000..c2fe42f
--- /dev/null
+++ b/zk-socials/src/app/robots.ts
@@ -0,0 +1,10 @@
+import type { MetadataRoute } from 'next'
+ 
+export default function robots(): MetadataRoute.Robots {
+  return {
+    rules: {
+      userAgent: '*',
+      disallow: '/',
+    },
+  }
+}
diff --git a/zk-socials/src/env.js b/zk-socials/src/env.js
index 144a58a..5fafad7 100644
--- a/zk-socials/src/env.js
+++ b/zk-socials/src/env.js
@@ -12,6 +12,7 @@ const env = createEnv({
     BONSAI_API_KEY: z.string(),
     IMAGE_ID: z.string(),
     NODE_ENV: z.enum(["development", "test", "production"]).default("development"),
+    PASSWORD: z.string(),
   },
 
   /**
@@ -36,6 +37,7 @@ const env = createEnv({
     BONSAI_API_KEY: process.env.BONSAI_API_KEY,
     IMAGE_ID: process.env.IMAGE_ID,
     NODE_ENV: process.env.NODE_ENV,
+    PASSWORD: process.env.PASSWORD,
   },
   /**
    * Makes it so that empty strings are treated as undefined.
diff --git a/zk-socials/src/middleware.ts b/zk-socials/src/middleware.ts
new file mode 100644
index 0000000..d875ca7
--- /dev/null
+++ b/zk-socials/src/middleware.ts
@@ -0,0 +1,24 @@
+import { NextResponse } from 'next/server'
+import type { NextRequest } from 'next/server'
+import env from "./env";
+
+// This function can be marked `async` if using `await` inside
+export function middleware(request: NextRequest) {
+  const basicAuth = request.headers.get('authorization')
+
+  if (basicAuth) {
+    const auth = basicAuth.split(' ')[1]
+    const [user, pwd] = Buffer.from(auth, 'base64').toString().split(':')
+
+    if (user === 'root' && pwd === env.PASSWORD) {
+      return NextResponse.next()
+    }
+  }
+
+  return new Response('Auth required', {
+    status: 401,
+    headers: {
+      'WWW-Authenticate': 'Basic realm="Secure Area"',
+    },
+  })
+}

From 5b95fb2fc60c66ddcd9b836f8aea2b7c312a4207 Mon Sep 17 00:00:00 2001
From: Cohan Carpentier <cohan.carpentier@gmail.com>
Date: Mon, 7 Oct 2024 11:48:40 -0400
Subject: [PATCH 2/5] fix: middleware vercel edge runtime

---
 zk-socials/src/middleware.ts | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/zk-socials/src/middleware.ts b/zk-socials/src/middleware.ts
index d875ca7..416ab2b 100644
--- a/zk-socials/src/middleware.ts
+++ b/zk-socials/src/middleware.ts
@@ -1,24 +1,27 @@
 import { NextResponse } from 'next/server'
 import type { NextRequest } from 'next/server'
-import env from "./env";
+import env from "./env"
 
-// This function can be marked `async` if using `await` inside
 export function middleware(request: NextRequest) {
   const basicAuth = request.headers.get('authorization')
 
   if (basicAuth) {
-    const auth = basicAuth.split(' ')[1]
-    const [user, pwd] = Buffer.from(auth, 'base64').toString().split(':')
+    const authParts = basicAuth.split(' ')
+    if (authParts.length === 2) {
+      const auth = authParts[1]
+      const decodedAuth = atob(auth)
+      const [user, pwd] = decodedAuth.split(':')
 
-    if (user === 'root' && pwd === env.PASSWORD) {
-      return NextResponse.next()
+      if (user === 'root' && pwd === env.PASSWORD) {
+        return NextResponse.next()
+      }
     }
   }
 
-  return new Response('Auth required', {
+  return new Response('Authentication required', {
     status: 401,
     headers: {
-      'WWW-Authenticate': 'Basic realm="Secure Area"',
+      'WWW-Authenticate': 'Basic realm="Enter root as username and password"',
     },
   })
 }

From b94c53839f736b5c0c82ff9cc817dc4bd0d718db Mon Sep 17 00:00:00 2001
From: Cohan Carpentier <cohan.carpentier@gmail.com>
Date: Mon, 7 Oct 2024 11:53:35 -0400
Subject: [PATCH 3/5] fix: types

---
 zk-socials/src/middleware.ts | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/zk-socials/src/middleware.ts b/zk-socials/src/middleware.ts
index 416ab2b..9eabc92 100644
--- a/zk-socials/src/middleware.ts
+++ b/zk-socials/src/middleware.ts
@@ -9,11 +9,14 @@ export function middleware(request: NextRequest) {
     const authParts = basicAuth.split(' ')
     if (authParts.length === 2) {
       const auth = authParts[1]
-      const decodedAuth = atob(auth)
-      const [user, pwd] = decodedAuth.split(':')
+      
+      if (typeof auth === 'string') {
+        const decodedAuth = atob(auth)
+        const [user, pwd] = decodedAuth.split(':')
 
-      if (user === 'root' && pwd === env.PASSWORD) {
-        return NextResponse.next()
+        if (user === 'root' && pwd === env.PASSWORD) {
+          return NextResponse.next()
+        }
       }
     }
   }

From d267338bbf283158f766a0b3f968d05633a165d1 Mon Sep 17 00:00:00 2001
From: Cohan Carpentier <cohan.carpentier@gmail.com>
Date: Mon, 7 Oct 2024 11:56:39 -0400
Subject: [PATCH 4/5] fix: disable in dev

---
 zk-socials/src/env.js        | 2 +-
 zk-socials/src/middleware.ts | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/zk-socials/src/env.js b/zk-socials/src/env.js
index 5fafad7..c0b581a 100644
--- a/zk-socials/src/env.js
+++ b/zk-socials/src/env.js
@@ -12,7 +12,7 @@ const env = createEnv({
     BONSAI_API_KEY: z.string(),
     IMAGE_ID: z.string(),
     NODE_ENV: z.enum(["development", "test", "production"]).default("development"),
-    PASSWORD: z.string(),
+    PASSWORD: z.string().optional(),
   },
 
   /**
diff --git a/zk-socials/src/middleware.ts b/zk-socials/src/middleware.ts
index 9eabc92..63bb98a 100644
--- a/zk-socials/src/middleware.ts
+++ b/zk-socials/src/middleware.ts
@@ -3,13 +3,18 @@ import type { NextRequest } from 'next/server'
 import env from "./env"
 
 export function middleware(request: NextRequest) {
+  if (env.NODE_ENV === 'development') {
+    // disable auth in dev
+    return NextResponse.next()
+  }
+
   const basicAuth = request.headers.get('authorization')
 
   if (basicAuth) {
     const authParts = basicAuth.split(' ')
     if (authParts.length === 2) {
       const auth = authParts[1]
-      
+
       if (typeof auth === 'string') {
         const decodedAuth = atob(auth)
         const [user, pwd] = decodedAuth.split(':')

From 0ccc8741b95c7327c93ecc168270483c36c86958 Mon Sep 17 00:00:00 2001
From: Cohan Carpentier <cohan.carpentier@gmail.com>
Date: Mon, 7 Oct 2024 11:57:32 -0400
Subject: [PATCH 5/5] fix: remove from env example

---
 zk-socials/.env.example | 1 -
 1 file changed, 1 deletion(-)

diff --git a/zk-socials/.env.example b/zk-socials/.env.example
index d8c3063..3286098 100644
--- a/zk-socials/.env.example
+++ b/zk-socials/.env.example
@@ -1,7 +1,6 @@
 # Public
 NEXT_PUBLIC_GOOGLE_CLIENT_ID=381952934096-ahvjn5cj420qiosnjl2g4o2olpbuopf9.apps.googleusercontent.com
 NEXT_PUBLIC_VERCEL_BRANCH_URL=localhost
-PASSWORD=password
 
 # Private
 BONSAI_API_KEY=