Merge pull request 'fix: fix supabase auth url' (#89) from develop into main

Reviewed-on: #89

backend/pyproject.toml

@@ -5,7 +5,7 @@ description = "Backend API for Another Nuzlocke Tracker"
 readme = "README.md"
 requires-python = ">=3.14"
 dependencies = [
-    "fastapi==0.135.3",
+    "fastapi==0.135.1",
     "uvicorn[standard]==0.42.0",
     "pydantic==2.12.5",
     "pydantic-settings==2.13.1",

backend/src/app/api/health.py

@@ -1,10 +1,6 @@
-import urllib.request
+from fastapi import APIRouter
-
-from fastapi import APIRouter, Request
 from sqlalchemy import text
 
-from app.core.auth import _build_jwks_url, _extract_token, _get_jwks_client
-from app.core.config import settings
 from app.core.database import async_session
 
 router = APIRouter(tags=["health"])
@@ -27,45 +23,3 @@ async def health_check():
 async def root():
     """Root endpoint."""
     return {"message": "Nuzlocke Tracker API", "docs": "/docs"}
-
-
-@router.get("/auth-debug")
-async def auth_debug(request: Request):
-    """Temporary diagnostic endpoint for auth debugging."""
-    result: dict = {}
-
-    # Config
-    result["supabase_url"] = settings.supabase_url
-    result["has_jwt_secret"] = bool(settings.supabase_jwt_secret)
-    result["jwks_url"] = (
-        _build_jwks_url(settings.supabase_url) if settings.supabase_url else None
-    )
-
-    # JWKS fetch
-    jwks_url = result["jwks_url"]
-    if jwks_url:
-        try:
-            with urllib.request.urlopen(jwks_url, timeout=5) as resp:
-                result["jwks_status"] = resp.status
-                result["jwks_body"] = resp.read().decode()
-        except Exception as e:
-            result["jwks_fetch_error"] = str(e)
-
-    # JWKS client
-    client = _get_jwks_client()
-    result["jwks_client_exists"] = client is not None
-
-    # Token info (header only, no secrets)
-    token = _extract_token(request)
-    if token:
-        import jwt
-
-        try:
-            header = jwt.get_unverified_header(token)
-            result["token_header"] = header
-        except Exception as e:
-            result["token_header_error"] = str(e)
-    else:
-        result["token"] = "not provided"
-
-    return result

backend/src/app/core/auth.py

@@ -90,7 +90,7 @@ def _verify_jwt(token: str) -> dict | None:
         except PyJWKSetError as e:
             logger.warning("JWKS set error: %s", e)
     else:
-        logger.warning("No JWKS client available (SUPABASE_URL not set?)")
+        logger.debug("No JWKS client available (SUPABASE_URL not set?)")
     return _verify_jwt_hs256(token)
 
 

backend/uv.lock

@@ -65,7 +65,7 @@ requires-dist = [
     { name = "alembic", specifier = "==1.18.4" },
     { name = "asyncpg", specifier = "==0.31.0" },
     { name = "cryptography", specifier = "==45.0.3" },
-    { name = "fastapi", specifier = "==0.135.3" },
+    { name = "fastapi", specifier = "==0.135.1" },
     { name = "httpx", marker = "extra == 'dev'", specifier = "==0.28.1" },
     { name = "pydantic", specifier = "==2.12.5" },
     { name = "pydantic-settings", specifier = "==2.13.1" },
@@ -216,7 +216,7 @@ wheels = [
 
 [[package]]
 name = "fastapi"
-version = "0.135.3"
+version = "0.135.1"
 source = { registry = "https://pypi.org/simple" }
 dependencies = [
     { name = "annotated-doc" },
@@ -225,9 +225,9 @@ dependencies = [
     { name = "typing-extensions" },
     { name = "typing-inspection" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/f7/e6/7adb4c5fa231e82c35b8f5741a9f2d055f520c29af5546fd70d3e8e1cd2e/fastapi-0.135.3.tar.gz", hash = "sha256:bd6d7caf1a2bdd8d676843cdcd2287729572a1ef524fc4d65c17ae002a1be654", size = 396524, upload-time = "2026-04-01T16:23:58.188Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/e7/7b/f8e0211e9380f7195ba3f3d40c292594fd81ba8ec4629e3854c353aaca45/fastapi-0.135.1.tar.gz", hash = "sha256:d04115b508d936d254cea545b7312ecaa58a7b3a0f84952535b4c9afae7668cd", size = 394962, upload-time = "2026-03-01T18:18:29.369Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/84/a4/5caa2de7f917a04ada20018eccf60d6cc6145b0199d55ca3711b0fc08312/fastapi-0.135.3-py3-none-any.whl", hash = "sha256:9b0f590c813acd13d0ab43dd8494138eb58e484bfac405db1f3187cfc5810d98", size = 117734, upload-time = "2026-04-01T16:23:59.328Z" },
+    { url = "https://files.pythonhosted.org/packages/e4/72/42e900510195b23a56bde950d26a51f8b723846bfcaa0286e90287f0422b/fastapi-0.135.1-py3-none-any.whl", hash = "sha256:46e2fc5745924b7c840f71ddd277382af29ce1cdb7d5eab5bf697e3fb9999c9e", size = 116999, upload-time = "2026-03-01T18:18:30.831Z" },
 ]
 
 [[package]]