2 files changed, 7 insertions, 35 deletions

diff --git a/packages/api/middlewares/prometheusAuth.ts b/packages/api/middlewares/prometheusAuth.ts
deleted file mode 100644
index bf35608f..00000000
--- a/packages/api/middlewares/prometheusAuth.ts
+++ /dev/null
@@ -1,33 +0,0 @@
-import { createMiddleware } from "hono/factory";
-import { HTTPException } from "hono/http-exception";
-
-import serverConfig from "@karakeep/shared/config";
-
-export const prometheusAuthMiddleware = createMiddleware(async (c, next) => {
-  const { metricsToken } = serverConfig.prometheus;
-
-  // If no token is configured, deny access (safe default)
-  if (!metricsToken) {
-    throw new HTTPException(404, {
-      message: "Not Found",
-    });
-  }
-
-  const auth = c.req.header("Authorization");
-
-  if (!auth || !auth.startsWith("Bearer ")) {
-    throw new HTTPException(401, {
-      message: "Unauthorized",
-    });
-  }
-
-  const token = auth.slice(7); // Remove "Bearer " prefix
-
-  if (token !== metricsToken) {
-    throw new HTTPException(401, {
-      message: "Unauthorized",
-    });
-  }
-
-  await next();
-});
diff --git a/packages/api/routes/metrics.ts b/packages/api/routes/metrics.ts
index 9d668afe..aeb03c03 100644
--- a/packages/api/routes/metrics.ts
+++ b/packages/api/routes/metrics.ts
@@ -3,15 +3,20 @@ import "@karakeep/trpc/stats";
 
 import { prometheus } from "@hono/prometheus";
 import { Hono } from "hono";
+import { bearerAuth } from "hono/bearer-auth";
 import { register } from "prom-client";
 
-import { prometheusAuthMiddleware } from "../middlewares/prometheusAuth";
+import serverConfig from "@karakeep/shared/config";
 
 export const { printMetrics, registerMetrics } = prometheus({
   registry: register,
   prefix: "karakeep_",
 });
 
-const app = new Hono().get("/", prometheusAuthMiddleware, printMetrics);
+const app = new Hono().get(
+  "/",
+  bearerAuth({ token: serverConfig.prometheus.metricsToken }),
+  printMetrics,
+);
 
 export default app;