export function authenticateBasic(req) {
  const authHeader = req.headers.authorization;
  
  if (!authHeader || !authHeader.startsWith('Basic ')) {
    return {
      success: false,
      message: 'Missing or invalid Authorization header'
    };
  }

  try {
    const base64Credentials = authHeader.split(' ')[1];
    const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
    const [username, password] = credentials.split(':');

    // Simple hardcoded credentials for demo
    // In production, these should be stored securely and hashed
    const validUsername = process.env.AUTH_USERNAME || 'admin';
    const validPassword = process.env.AUTH_PASSWORD || 'password123';

    if (username === validUsername && password === validPassword) {
      return {
        success: true,
        username
      };
    } else {
      return {
        success: false,
        message: 'Invalid credentials'
      };
    }
  } catch (error) {
    return {
      success: false,
      message: 'Invalid Authorization header format'
    };
  }
}