feat(backend): integrate JWT authentication for repository endpoints

- Replace API key verification with JWT token authentication
- Use get_current_user dependency for protected endpoints
- Extract user_id from JWT tokens for multi-tenant support
- Update GET /api/repos to require authenticated user
- Update POST /api/repos to use JWT-based user identification

Changes:
- Import get_current_user from middleware.auth
- Add Depends(get_current_user) to repository endpoints
- Replace verify_api_key() calls with JWT verification
- Use user_id from JWT for rate limiting and repo association
- Generate user_id_hash from JWT user_id instead of API key

Security improvements:
- Proper user authentication per request
- User-scoped repository access (foundation for RLS)
- No hardcoded API keys in frontend
- Session-based authentication flow

Prepares backend for multi-tenant repository isolation

Author: DevanshuNEU

backend/main.py

@@ -2,7 +2,7 @@
 CodeIntel Backend API
 FastAPI backend for codebase intelligence
 """
-from fastapi import FastAPI, HTTPException, Header, WebSocket, WebSocketDisconnect
+from fastapi import FastAPI, HTTPException, Header, WebSocket, WebSocketDisconnect, Depends
 from fastapi.middleware.cors import CORSMiddleware
 from pydantic import BaseModel
 from typing import Optional, List
@@ -27,6 +27,7 @@
 
 # Import routers
 from routes.auth import router as auth_router
+from middleware.auth import get_current_user
 
 app = FastAPI(
     title="CodeIntel API",
@@ -141,21 +142,23 @@ async def health_check():
 
 
 @app.get("/api/repos")
-async def list_repositories(api_key: str = Header(None, alias="Authorization")):
-    """List all repositories"""
-    verify_api_key(api_key)
+async def list_repositories(current_user: dict = Depends(get_current_user)):
+    """List all repositories for authenticated user"""
+    user_id = current_user["user_id"]
 
+    # TODO: Filter repos by user_id once we add user_id column to repositories table
+    # For now, return all repos (will fix in next section)
     repos = repo_manager.list_repos()
     return {"repositories": repos}
 
 
 @app.post("/api/repos")
 async def add_repository(
     request: AddRepoRequest,
-    api_key: str = Header(None, alias="Authorization")
+    current_user: dict = Depends(get_current_user)
 ):
     """Add a new repository with validation and cost controls"""
-    key_data = verify_api_key(api_key)
+    user_id = current_user["user_id"]
 
     # Validate repository name
     valid_name, name_error = InputValidator.validate_repo_name(request.name)
@@ -168,10 +171,9 @@ async def add_repository(
         raise HTTPException(status_code=400, detail=f"Invalid Git URL: {url_error}")
 
     # Check repository limit
-    user_id = key_data.get("user_id")
-    api_key_hash = hashlib.sha256(api_key.replace("Bearer ", "").encode()).hexdigest()
+    user_id_hash = hashlib.sha256(user_id.encode()).hexdigest()
 
-    can_add, limit_error = cost_controller.check_repo_limit(user_id, api_key_hash)
+    can_add, limit_error = cost_controller.check_repo_limit(user_id, user_id_hash)
     if not can_add:
         raise HTTPException(status_code=429, detail=limit_error)
 
@@ -181,7 +183,7 @@ async def add_repository(
             git_url=request.git_url,
             branch=request.branch,
             user_id=user_id,
-            api_key_hash=api_key_hash
+            api_key_hash=user_id_hash
         )
 
         # Check repo size before allowing indexing

frontend/src/components/Dashboard.tsx

@@ -1,6 +1,7 @@
 import { useState, useEffect } from 'react'
 import { Toaster } from '@/components/ui/sonner'
 import { toast } from 'sonner'
+import { useAuth } from '../contexts/AuthContext'
 import { RepoList } from './RepoList'
 import { AddRepoForm } from './AddRepoForm'
 import { SearchPanel } from './SearchPanel'
@@ -13,21 +14,23 @@ import { UserNav } from './UserNav'
 import type { Repository } from '../types'
 
 const API_URL = 'http://localhost:8000'
-const API_KEY = 'dev-secret-key'
 
 type RepoTab = 'overview' | 'search' | 'dependencies' | 'insights' | 'impact'
 
 export function Dashboard() {
+  const { session } = useAuth()
   const [repos, setRepos] = useState<Repository[]>([])
   const [selectedRepo, setSelectedRepo] = useState<string | null>(null)
   const [activeTab, setActiveTab] = useState<RepoTab>('overview')
   const [loading, setLoading] = useState(false)
   const [showPerformance, setShowPerformance] = useState(false)
 
   const fetchRepos = async () => {
+    if (!session?.access_token) return
+    
     try {
       const response = await fetch(`${API_URL}/api/repos`, {
-        headers: { 'Authorization': `Bearer ${API_KEY}` }
+        headers: { 'Authorization': `Bearer ${session.access_token}` }
       })
       const data = await response.json()
       setRepos(data.repositories || [])
@@ -50,7 +53,7 @@ export function Dashboard() {
       const response = await fetch(`${API_URL}/api/repos`, {
         method: 'POST',
         headers: {
-          'Authorization': `Bearer ${API_KEY}`,
+          'Authorization': `Bearer ${session.access_token}`,
           'Content-Type': 'application/json'
         },
         body: JSON.stringify({ name, git_url: gitUrl, branch })
@@ -60,7 +63,7 @@ export function Dashboard() {
 
       await fetch(`${API_URL}/api/repos/${data.repo_id}/index`, {
         method: 'POST',
-        headers: { 'Authorization': `Bearer ${API_KEY}` }
+        headers: { 'Authorization': `Bearer ${session.access_token}` }
       })
 
       await fetchRepos()
@@ -84,7 +87,7 @@ export function Dashboard() {
       setLoading(true)
       await fetch(`${API_URL}/api/repos/${selectedRepo}/index`, {
         method: 'POST',
-        headers: { 'Authorization': `Bearer ${API_KEY}` }
+        headers: { 'Authorization': `Bearer ${session.access_token}` }
       })
       await fetchRepos()
       // RepoOverview component will show the toast and progress
@@ -143,7 +146,7 @@ export function Dashboard() {
         {/* Performance Dashboard Overlay */}
         {showPerformance && (
           <div className="mb-6">
-            <PerformanceDashboard apiUrl={API_URL} apiKey={API_KEY} />
+            <PerformanceDashboard apiUrl={API_URL} apiKey={session.access_token} />
           </div>
         )}
 
@@ -254,24 +257,24 @@ export function Dashboard() {
                 repo={selectedRepoData} 
                 onReindex={handleReindex}
                 apiUrl={API_URL}
-                apiKey={API_KEY}
+                apiKey={session.access_token}
               />
             )}
 
             {activeTab === 'search' && (
-              <SearchPanel repoId={selectedRepo} apiUrl={API_URL} apiKey={API_KEY} />
+              <SearchPanel repoId={selectedRepo} apiUrl={API_URL} apiKey={session.access_token} />
             )}
 
             {activeTab === 'dependencies' && (
-              <DependencyGraph repoId={selectedRepo} apiUrl={API_URL} apiKey={API_KEY} />
+              <DependencyGraph repoId={selectedRepo} apiUrl={API_URL} apiKey={session.access_token} />
             )}
 
             {activeTab === 'insights' && (
-              <StyleInsights repoId={selectedRepo} apiUrl={API_URL} apiKey={API_KEY} />
+              <StyleInsights repoId={selectedRepo} apiUrl={API_URL} apiKey={session.access_token} />
             )}
 
             {activeTab === 'impact' && (
-              <ImpactAnalyzer repoId={selectedRepo} apiUrl={API_URL} apiKey={API_KEY} />
+              <ImpactAnalyzer repoId={selectedRepo} apiUrl={API_URL} apiKey={session.access_token} />
             )}
           </div>
         )}