FEAT: add API Key to access some APIs

[madjiebimaa]

Closes #34

Description

Add the API key to the env variable, make sure the Server (by default can read) and Client can read that env variable, and create a middleware so that the function can run on specific or whole APIs (for initialization the function will be run on the /api/private/question/*).

Current Tasks

• [x] Add new env API_KEY
• [x] Passing the key in the header request
• [x] Read the key, make sure it's match with our env value
• [ ] I can rotate the value when abuse happens, ideally it happened in the runtime, but if it's hard then we can trigger deployment

Asks

• I don't really understand how to implement the last part mas, and I'm just wondering what the conditions are for someone to abuse our API?

[vercel[bot]]

Someone is attempting to deploy a commit to a Personal Account owned by @mazipan on Vercel.

@mazipan first needs to authorize it.