feat: asa.news RSS reader with developer tier, REST API, and webhooks

Full-stack RSS reader SaaS: Supabase + Next.js + Go worker.
Includes three subscription tiers (free/pro/developer), API key auth,
read-only REST API, webhook push notifications, Stripe billing with
proration, and PWA support.

1 files changed, 43 insertions, 0 deletions

diff --git a/services/worker/internal/fetcher/authentication.go b/services/worker/internal/fetcher/authentication.go
new file mode 100644
index 0000000..ba10196
--- /dev/null
+++ b/services/worker/internal/fetcher/authentication.go
@@ -0,0 +1,43 @@
+package fetcher
+
+import (
+	"encoding/base64"
+	"fmt"
+	"net/http"
+	"net/url"
+)
+
+type AuthenticationConfiguration struct {
+	AuthenticationType  string
+	AuthenticationValue string
+}
+
+func ApplyAuthentication(request *http.Request, authenticationConfig AuthenticationConfiguration) error {
+	switch authenticationConfig.AuthenticationType {
+	case "bearer":
+		request.Header.Set("Authorization", "Bearer "+authenticationConfig.AuthenticationValue)
+	case "basic":
+		encodedCredentials := base64.StdEncoding.EncodeToString([]byte(authenticationConfig.AuthenticationValue))
+
+		request.Header.Set("Authorization", "Basic "+encodedCredentials)
+	case "query_param":
+		existingURL, parseError := url.Parse(request.URL.String())
+
+		if parseError != nil {
+			return fmt.Errorf("failed to parse request URL for query param authentication: %w", parseError)
+		}
+
+		queryParameters := existingURL.Query()
+
+		queryParameters.Set("key", authenticationConfig.AuthenticationValue)
+
+		existingURL.RawQuery = queryParameters.Encode()
+		request.URL = existingURL
+	case "":
+		return nil
+	default:
+		return fmt.Errorf("unsupported authentication type: %s", authenticationConfig.AuthenticationType)
+	}
+
+	return nil
+}