Add internal authentication configuration and middleware support

- Enable internal authentication via environment variable in .env.example
- Update nuxt.config.ts to include internalAuthEnabled check
- Modify internal-auth middleware to conditionally enforce authentication based on the new configuration

.env.example

@@ -112,6 +112,7 @@ SMTP_FROM=noreply@experimenta.science
 # INTERNAL PAGES (Styleguide, Admin)
 # ==============================================
 # HTTP Basic Auth credentials for /internal/* routes
+INTERNAL_AUTH_ENABLED=true
 INTERNAL_AUTH_USERNAME=experimenta
 INTERNAL_AUTH_PASSWORD=change-me-to-secure-password
 

nuxt.config.ts

@@ -51,6 +51,7 @@ export default defineNuxtConfig({
     databaseUrl: process.env.DATABASE_URL,
     redisHost: process.env.REDIS_HOST || 'localhost',
     redisPort: process.env.REDIS_PORT || '6379',
+    internalAuthEnabled: ['true', '1'].includes(process.env.INTERNAL_AUTH_ENABLED || '') || false,
     internalAuthUsername: process.env.INTERNAL_AUTH_USERNAME || '',
     internalAuthPassword: process.env.INTERNAL_AUTH_PASSWORD || '',
 
@@ -97,4 +98,4 @@ export default defineNuxtConfig({
       },
     },
   },
-})
+})

server/middleware/internal-auth.ts

@@ -13,13 +13,20 @@ export default defineEventHandler((event) => {
 
   const config = useRuntimeConfig()
 
+  // Skip auth if internal auth is not enabled
+  if (!config.internalAuthEnabled) {
+    return
+  }
+
   // Get credentials from environment variables
   const validUsername = config.internalAuthUsername
   const validPassword = config.internalAuthPassword
 
   // Skip auth if credentials are not configured (development convenience)
   if (!validUsername || !validPassword) {
-    console.warn('⚠️  INTERNAL_AUTH_USERNAME or INTERNAL_AUTH_PASSWORD not set. /internal routes are unprotected!')
+    console.warn(
+      '⚠️  INTERNAL_AUTH_USERNAME or INTERNAL_AUTH_PASSWORD not set. /internal routes are unprotected!'
+    )
     return
   }