Skip to content

feat(auth): unified auth middleware (closes #12)#13

Merged
DevanshuNEU merged 6 commits into
mainfrom
refactor/issue-12-unified-auth
Nov 26, 2025
Merged

feat(auth): unified auth middleware (closes #12)#13
DevanshuNEU merged 6 commits into
mainfrom
refactor/issue-12-unified-auth

Conversation

@DevanshuNEU

@DevanshuNEU DevanshuNEU commented Nov 26, 2025

Copy link
Copy Markdown
Collaborator

Unified the two separate auth systems (verify_api_key + get_current_user) into a single AuthContext-based middleware.

What changed:

  • Added require_auth() dependency that accepts both JWT tokens and API keys
  • Migrated all 12 routes to use it
  • Removed the old verify_api_key() function
  • Fixed a test mock issue

All 25 tests passing, tested manually in Docker.

@DevanshuNEU
feat(auth): unified auth middleware with JWT, API key, and public sup…
d643c67 
…port

- Add AuthContext dataclass for consistent return type
- Add require_auth() - accepts JWT or API key, raises 401 if invalid
- Add public_auth() - for demo routes, works with or without auth
- Add _validate_jwt() and _validate_api_key() core functions
- Keep legacy get_current_user/get_optional_user for backwards compat
- Clean, readable code structure with section separators

Part of #12
@DevanshuNEU
feat(auth): export new auth functions from middleware package
3225a05 
Part of #12
@DevanshuNEU
refactor(auth): migrate /api/repos routes to unified auth
290d6db 
- GET /api/repos now uses require_auth + AuthContext
- POST /api/repos now uses require_auth + AuthContext
- Supports both JWT and API key authentication

Part of #12
@DevanshuNEU
refactor(auth): migrate core API routes to unified auth
df9ccf8 
- POST /api/repos/{id}/index
- POST /api/search
- POST /api/explain
- GET /api/repos/{id}/dependencies
- POST /api/repos/{id}/impact
- GET /api/repos/{id}/insights
- GET /api/repos/{id}/style-analysis

All now use require_auth + AuthContext

Part of #12
@DevanshuNEU
refactor(auth): complete migration, remove legacy verify_api_key
e1caa35 
- Migrate remaining routes: /api/metrics, /api/keys/generate, /api/keys/usage
- Remove legacy verify_api_key() function
- Clean up unused Header import
- All routes now use unified auth middleware

Part of #12
@DevanshuNEU
test(auth): fix Supabase mock to properly reject invalid tokens
f221903 
- Mock auth.get_user to return response.user=None by default
- This ensures invalid JWT tokens are rejected (401)
- Fixes test_invalid_key_rejected test

Part of #12
@DevanshuNEU DevanshuNEU merged commit 8d392f6 into main Nov 26, 2025
4 checks passed
@DevanshuNEU DevanshuNEU deleted the refactor/issue-12-unified-auth branch December 4, 2025 20:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DevanshuNEU