# middleware/auth_middleware.py
from starlette.middleware.base import BaseHTTPMiddleware
from starlette.responses import JSONResponse
import re
from fastapi import Request, status
from sqlalchemy.orm import Session
from jose import JWTError
import os
from utils.logging import logger
from utils.JWTToken import decode_access_token
from utils.get_db import get_db
from models.user_model import User
PUBLIC_ROUTES = os.getenv("PUBLIC_ROUTES", "")
FINAL_PUBLIC_ROUTES = {
route.strip()
for route in PUBLIC_ROUTES.split(",")
if route.strip()
}
# #logger.info(f"Public Routes: {FINAL_PUBLIC_ROUTES}")
class AuthorizationMiddleware(BaseHTTPMiddleware):
async def dispatch(self, request: Request, call_next):
if request.scope["type"] == "websocket":
return await call_next(request)
if request.method == "OPTIONS":
return await call_next(request)
request_path = request.url.path
for route in FINAL_PUBLIC_ROUTES:
# Convert {param} -> regex
pattern = re.sub(r"\{[^/]+\}", r"[^/]+", route)
# Exact path match
pattern = f"^{pattern}/?$"
if re.match(pattern, request_path):
return await call_next(request)
# Bypass websocket routes (auth is handled in the endpoint)
if request_path.startswith("/api/v1/ws/"):
return await call_next(request)
# Get Authorization header
auth_header = request.headers.get("Authorization")
# Allow token via query parameters for media requests like ![]()
and