nuzlocke-tracker/.beans/nuzlocke-tracker-b311--backend-auth-middleware-and-jwt-verification.md at 4132face2ac3adce05d904f1bb731d592003a629

pokemon/nuzlocke-tracker

Fork 0

Files

Julian Tabel c9d42b091f

CI / backend-tests (push) Successful in 26s

Details

CI / frontend-tests (push) Successful in 29s

Details

Daedalus and Talos integration test

2026-03-20 16:31:19 +01:00

1015 B

Raw Blame History

title, status, type, priority, created_at, updated_at, parent, blocked_by

title

status

type

priority

created_at

updated_at

parent

blocked_by

Backend auth middleware and JWT verification

todo

task

normal

2026-03-20T15:28:13Z

2026-03-20T15:28:33Z

nuzlocke-tracker-d98o

nuzlocke-tracker-2561

Add Supabase JWT verification to the FastAPI backend. Create a reusable dependency that extracts and validates the Bearer token, resolves the current user, and provides it to endpoints. Protect all write endpoints (POST/PUT/DELETE) while leaving read endpoints open.

Checklist

Add python-jose[cryptography] or PyJWT dependency
Create auth dependency that extracts Bearer token from Authorization header
Verify JWT against Supabase JWT secret
Create get_current_user dependency (returns User or None)
Create require_auth dependency (raises 401 if not authenticated)
Apply require_auth to all write endpoints (POST, PUT, DELETE)
Add tests for auth middleware (valid token, expired token, missing token)

1015 B Raw Blame History

Checklist

1015 B

Raw Blame History