chore: initial clean commit

src/auth/mod.rs

@@ -0,0 +1,46 @@
+use axum::{extract::FromRequestParts, http::request::Parts};
+use axum_extra::headers::Authorization;
+use axum_extra::TypedHeader;
+use headers::authorization::Bearer;
+
+use crate::errors::AppError;
+
+pub struct AuthenticatedClient {
+    pub token: String,
+    pub client_id: String,
+}
+
+impl<S> FromRequestParts<S> for AuthenticatedClient
+where
+    S: Send + Sync,
+{
+    type Rejection = AppError;
+
+    fn from_request_parts(parts: &mut Parts, state: &S) -> impl std::future::Future<Output = Result<Self, Self::Rejection>> + Send {
+        async move {
+            // Extract bearer token from Authorization header
+            let TypedHeader(Authorization(bearer)) =
+                TypedHeader::<Authorization<Bearer>>::from_request_parts(parts, state)
+                    .await
+                    .map_err(|_| AppError::AuthError("Missing or invalid bearer token".to_string()))?;
+
+            let token = bearer.token().to_string();
+            
+            // In a real implementation, we would:
+            // 1. Validate token against database or config
+            // 2. Look up client_id associated with token
+            // 3. Check token permissions/rate limits
+            
+            // For now, use token hash as client_id
+            let client_id = format!("client_{}", &token[..8]);
+            
+            Ok(AuthenticatedClient { token, client_id })
+        }
+    }
+}
+
+pub fn validate_token(token: &str, valid_tokens: &[String]) -> bool {
+    // Simple validation against list of tokens
+    // In production, use proper token validation (JWT, database lookup, etc.)
+    valid_tokens.contains(&token.to_string())
+}