feat(proxy): add optional auth for dashboard and API

Co-Authored-By: Claude <noreply@anthropic.com>

packages/proxy/src/auth/middleware.ts

@@ -0,0 +1,18 @@
+import type { MiddlewareHandler } from 'hono';
+import { isAuthEnabled } from '../config.js';
+import { validateSession } from './sessionStore.js';
+
+export const authMiddleware: MiddlewareHandler = async (c, next) => {
+  if (!isAuthEnabled()) {
+    return next();
+  }
+
+  const header = c.req.header('Authorization');
+  const token = header?.startsWith('Bearer ') ? header.slice(7) : null;
+
+  if (!token || !validateSession(token)) {
+    return c.json({ error: 'Unauthorized' }, 401);
+  }
+
+  return next();
+};