Add authentication check and logout functionality in app.vue

server/api/auth/check.get.js

@@ -0,0 +1,21 @@
+export default defineEventHandler(async (event) => {
+  const token = getCookie(event, 'auth-token')
+  
+  if (!token) {
+    return { authenticated: false }
+  }
+  
+  const session = await useStorage('memory').getItem(`session:${token}`)
+  
+  if (!session) {
+    return { authenticated: false }
+  }
+  
+  // Check if session has expired
+  if (session.expiresAt && new Date() > new Date(session.expiresAt)) {
+    await useStorage('memory').removeItem(`session:${token}`)
+    return { authenticated: false }
+  }
+  
+  return { authenticated: true }
+})

server/api/auth/login.post.js

@@ -0,0 +1,38 @@
+import crypto from 'crypto'
+
+export default defineEventHandler(async (event) => {
+  const { password } = await readBody(event)
+  
+  if (!password) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: 'Password is required'
+    })
+  }
+  
+  const correctPassword = process.env.APP_PASSWORD
+  
+  if (password !== correctPassword) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: 'Invalid password'
+    })
+  }
+  
+  const sessionToken = crypto.randomBytes(32).toString('hex')
+  
+  setCookie(event, 'auth-token', sessionToken, {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === 'production',
+    sameSite: 'lax',
+    maxAge: 60 * 60 * 24 * 7 // 7 days
+  })
+  
+  await useStorage('memory').setItem(`session:${sessionToken}`, {
+    authenticated: true,
+    createdAt: new Date().toISOString(),
+    expiresAt: new Date(Date.now() + (60 * 60 * 24 * 7 * 1000)).toISOString() // 7 days
+  })
+  
+  return { success: true }
+})

server/api/auth/logout.post.js

@@ -0,0 +1,11 @@
+export default defineEventHandler(async (event) => {
+  const token = getCookie(event, 'auth-token')
+  
+  if (token) {
+    await useStorage('memory').removeItem(`session:${token}`)
+  }
+  
+  deleteCookie(event, 'auth-token')
+  
+  return { success: true }
+})