feat: add pwd to zk-socials demo

zk-socials/src/app/robots.ts

@@ -0,0 +1,10 @@
+import type { MetadataRoute } from 'next'
+
+export default function robots(): MetadataRoute.Robots {
+  return {
+    rules: {
+      userAgent: '*',
+      disallow: '/',
+    },
+  }
+}

zk-socials/src/env.js

@@ -12,6 +12,7 @@ const env = createEnv({
     BONSAI_API_KEY: z.string(),
     IMAGE_ID: z.string(),
     NODE_ENV: z.enum(["development", "test", "production"]).default("development"),
+    PASSWORD: z.string().optional(),
   },
 
   /**
@@ -36,6 +37,7 @@ const env = createEnv({
     BONSAI_API_KEY: process.env.BONSAI_API_KEY,
     IMAGE_ID: process.env.IMAGE_ID,
     NODE_ENV: process.env.NODE_ENV,
+    PASSWORD: process.env.PASSWORD,
   },
   /**
    * Makes it so that empty strings are treated as undefined.

zk-socials/src/middleware.ts

@@ -0,0 +1,35 @@
+import { NextResponse } from 'next/server'
+import type { NextRequest } from 'next/server'
+import env from "./env"
+
+export function middleware(request: NextRequest) {
+  if (env.NODE_ENV === 'development') {
+    // disable auth in dev
+    return NextResponse.next()
+  }
+
+  const basicAuth = request.headers.get('authorization')
+
+  if (basicAuth) {
+    const authParts = basicAuth.split(' ')
+    if (authParts.length === 2) {
+      const auth = authParts[1]
+
+      if (typeof auth === 'string') {
+        const decodedAuth = atob(auth)
+        const [user, pwd] = decodedAuth.split(':')
+
+        if (user === 'root' && pwd === env.PASSWORD) {
+          return NextResponse.next()
+        }
+      }
+    }
+  }
+
+  return new Response('Authentication required', {
+    status: 401,
+    headers: {
+      'WWW-Authenticate': 'Basic realm="Enter root as username and password"',
+    },
+  })
+}