feat: implement centralized logging and authentication middleware

Co-authored-by: aider (openai/andrew/openrouter/anthropic/claude-sonnet-4) <aider@aider.chat>

src/modes/server/api/status.rs

@@ -1,12 +1,11 @@
 use axum::{
-    extract::{ConnectInfo, State},
-    http::{HeaderMap, StatusCode},
+    extract::State,
+    http::StatusCode,
     response::Json,
 };
 use log::warn;
-use std::net::SocketAddr;
 
-use crate::modes::server::common::{AppState, ApiResponse, check_auth};
+use crate::modes::server::common::{AppState, ApiResponse};
 use crate::common::status::{generate_status_info, StatusInfo};
 use crate::meta_plugin::MetaPluginType;
 
@@ -24,13 +23,7 @@ use crate::meta_plugin::MetaPluginType;
 )]
 pub async fn handle_status(
     State(state): State<AppState>,
-    headers: HeaderMap,
-    ConnectInfo(addr): ConnectInfo<SocketAddr>,
 ) -> Result<Json<ApiResponse<StatusInfo>>, StatusCode> {
-    if !check_auth(&headers, &state.password) {
-        warn!("Unauthorized request to /api/status from {}", addr);
-        return Err(StatusCode::UNAUTHORIZED);
-    }
 
     // Get database path
     let db_path = state.db.lock().await.path().unwrap_or("unknown").to_string();