From bf59d4a014508d99f755dba4dc98f640250bc719 Mon Sep 17 00:00:00 2001
From: Andreas Dinauer <andreas.j.dinauer@gmail.com>
Date: Sun, 22 Mar 2026 09:39:21 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=EF=B8=8F=20Inject=20Password=20+?=
 =?UTF-8?q?=20username?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nuxt.config.ts                 | 2 +-
 server/routes/api/[...path].ts | 9 +++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/nuxt.config.ts b/nuxt.config.ts
index b4394dc..273f29c 100644
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@@ -15,5 +15,5 @@ export default defineNuxtConfig({
                 { rel: 'icon', type: 'image/x-icon', href: '/logo.ico' }
             ]
         }
-    },
+    }
 })
\ No newline at end of file
diff --git a/server/routes/api/[...path].ts b/server/routes/api/[...path].ts
index 494d89c..65b218b 100644
--- a/server/routes/api/[...path].ts
+++ b/server/routes/api/[...path].ts
@@ -1,11 +1,16 @@
 export default defineEventHandler(async (event) => {
     if (process.env.NODE_ENV === 'development')
     {
-        setHeader(event, "Authorization", "Basic " + Buffer.from("admin:pw").toString('base64'))
+        const user = process.env.NUXT_PRIVATE_SUPERUSER_USER;
+        const password = process.env.NUXT_PRIVATE_SUPERUSER_PASSWORD;
+        if (user == null || password == null)
+        {
+            throw new Error();
+        }
         return proxyRequest(event, 'http://localhost:8089' + event.path, {
             fetchOptions: {
                 headers: {
-                    Authorization: "Basic " + Buffer.from("admin:pw").toString('base64')
+                    Authorization: "Basic " + Buffer.from(user + ':' + password).toString('base64')
                 }
             }
         });