uwblueprint
diff --git a/‎backend/app/middleware/__init__.py‎
Lines changed: 55 additions & 1 deletion b/‎backend/app/middleware/__init__.py‎
Lines changed: 55 additions & 1 deletion
diff --git a/‎backend/app/middleware/firebase_auth_middleware.py‎
Lines changed: 58 additions & 36 deletions b/‎backend/app/middleware/firebase_auth_middleware.py‎
Lines changed: 58 additions & 36 deletions
diff --git a/‎backend/app/middleware/user_context_middleware.py‎
Lines changed: 6 additions & 6 deletions b/‎backend/app/middleware/user_context_middleware.py‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎backend/app/routes/auth.py‎
Lines changed: 2 additions & 0 deletions b/‎backend/app/routes/auth.py‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎backend/app/routes/test_endpoints.py‎
Lines changed: 33 additions & 33 deletions b/‎backend/app/routes/test_endpoints.py‎
Lines changed: 33 additions & 33 deletions
@@ -1,3 +1,57 @@
 """
 Middleware package for LLSC backend.
-""" 
+"""
+
+from typing import List
+
+from fastapi import FastAPI
+from .user_context_middleware import UserContextMiddleware
+from .firebase_auth_middleware import FirebaseAuthMiddleware
+
+__all__ = [
+    "UserContextMiddleware",
+    "FirebaseAuthMiddleware",
+    "setup_middlewares"
+]
+
+def setup_middlewares(
+    app: FastAPI,
+    enable_user_context: bool = True,
+    enable_firebase_auth: bool = True,
+    auth_exclude_paths: List[str] = None,
+    user_context_exclude_paths: List[str] = None
+):
+    """
+    Set up middleware for the FastAPI application.
+    
+    Args:
+        app: The FastAPI application instance
+        enable_user_context: Whether to enable the user context middleware
+        enable_firebase_auth: Whether to enable the Firebase auth middleware
+        auth_exclude_paths: Paths to exclude from Firebase auth checks
+        user_context_exclude_paths: Paths to exclude from user context middleware
+    """
+    # Default excluded paths
+    if auth_exclude_paths is None:
+        auth_exclude_paths = [
+            "/docs", 
+            "/redoc", 
+            "/openapi.json",
+            "/health"
+        ]
+    
+    if user_context_exclude_paths is None:
+        user_context_exclude_paths = []
+        
+    # Add middlewares in reverse order (last added is executed first)
+    if enable_user_context:
+        app.add_middleware(
+            UserContextMiddleware,
+            exclude_paths=user_context_exclude_paths
+        )
+        
+    if enable_firebase_auth:
+        app.add_middleware(
+            FirebaseAuthMiddleware,
+            exclude_paths=auth_exclude_paths
+        ) 
@@ -1,51 +1,73 @@
-from fastapi import Request, HTTPException
+from fastapi import Request
+from typing import List
+import logging
+import firebase_admin
 from firebase_admin import auth
-from typing import Optional, List
-from functools import wraps
+from fastapi.responses import JSONResponse
+
+logger = logging.getLogger(__name__)
 
 class FirebaseAuthMiddleware:
     def __init__(self, app, exclude_paths: List[str] = None):
         self.app = app
         self.exclude_paths = exclude_paths or []
+        logger.info("FirebaseAuthMiddleware initialized")
 
-    async def __call__(self, request: Request, call_next):
-        if request.url.path in self.exclude_paths:
-            return await call_next(request)
+    async def __call__(self, scope, receive, send):
+        if scope["type"] != "http":
+            return await self.app(scope, receive, send)
 
-        # Get the Authorization header
-        authorization = request.headers.get("Authorization")
-        if not authorization or not authorization.startswith("Bearer "):
-            raise HTTPException(
-                status_code=401,
-                detail="Missing or invalid authorization header"
-            )
+        request = Request(scope, receive)
+        
+        # Skip excluded paths
+        if request.url.path in self.exclude_paths:
+            logger.debug(f"Path {request.url.path} is excluded from auth check")
+            return await self.app(scope, receive, send)
 
+        # Extract token from headers
         try:
-            # Verify Firebase token
-            token = authorization.split("Bearer ")[1]
-            decoded_token = auth.verify_id_token(token)
+            authorization = request.headers.get("Authorization", "")
+            if not authorization or not authorization.startswith("Bearer "):
+                return await self.send_error_response(
+                    scope, receive, send, 
+                    status_code=401, 
+                    detail="Missing or invalid authorization header"
+                )
 
-            # Add user info to request state
-            request.state.user_id = decoded_token.get("uid")
-            request.state.user_claims = decoded_token.get("claims", {})
+            token = authorization.replace("Bearer ", "")
 
-            response = await call_next(request)
-            return response
-
+            try:
+                # Verify the Firebase token
+                decoded_token = auth.verify_id_token(token)
+                user_id = decoded_token.get("uid")
+                
+                # Add user info to request state
+                request.state.user_id = user_id
+                request.state.firebase_user = decoded_token
+                request.state.user_claims = decoded_token.get("claims", {})
+                logger.debug(f"Authenticated user: {user_id}")
+                
+                # Continue with the request
+                return await self.app(scope, receive, send)
+                
+            except firebase_admin.exceptions.FirebaseError as e:
+                logger.error(f"Firebase auth error: {str(e)}")
+                return await self.send_error_response(
+                    scope, receive, send, 
+                    status_code=401, 
+                    detail="Invalid or expired token"
+                )
         except Exception as e:
-            raise HTTPException(
-                status_code=401,
-                detail=f"Invalid authentication credentials: {str(e)}"
+            logger.exception(f"Unexpected error in auth middleware: {str(e)}")
+            return await self.send_error_response(
+                scope, receive, send, 
+                status_code=401, 
+                detail="Authentication error"
             )
 
-def require_roles(roles: List[str]):
-    """Dependency for role-based access control"""
-    async def role_checker(request: Request):
-        user_roles = request.state.user_claims.get("roles", [])
-        if not any(role in user_roles for role in roles):
-            raise HTTPException(
-                status_code=403,
-                detail="Insufficient permissions"
-            )
-        return True
-    return role_checker
+    async def send_error_response(self, scope, receive, send, status_code, detail):
+        response = JSONResponse(
+            status_code=status_code,
+            content={"detail": detail}
+        )
+        await response(scope, receive, send)
@@ -10,7 +10,7 @@ class UserContextMiddleware:
     def __init__(self, app, exclude_paths: List[str] = None):
         self.app = app
         self.exclude_paths = exclude_paths or []
-        print("[DEBUG] UserContextMiddleware initialized")
+        logger.info("UserContextMiddleware initialized")
 
     async def __call__(self, scope, receive, send):
         if scope["type"] != "http":
@@ -19,21 +19,21 @@ async def __call__(self, scope, receive, send):
         request = Request(scope, receive)
 
         start_time = time.time()
-        print(f"[DEBUG] Processing request in UserContextMiddleware: {request.url.path}")
+        logger.debug(f"Processing request in UserContextMiddleware: {request.url.path}")
 
         # Skip excluded paths
         if request.url.path in self.exclude_paths:
-            print(f"[DEBUG] Path {request.url.path} is excluded")
+            logger.debug(f"Path {request.url.path} is excluded")
             return await self.app(scope, receive, send)
 
         # Initialize state attributes with defaults if they don't exist
         if not hasattr(request.state, "request_id"):
             request.state.request_id = request.headers.get("X-Request-ID", str(uuid.uuid4()))
-            print(f"[DEBUG] Set request_id: {request.state.request_id}")
+            logger.debug(f"Set request_id: {request.state.request_id}")
 
         if not hasattr(request.state, "request_timestamp"):
             request.state.request_timestamp = start_time
-            print(f"[DEBUG] Set timestamp: {request.state.request_timestamp}")
+            logger.debug(f"Set timestamp: {request.state.request_timestamp}")
 
         async def send_wrapper(message):
             if message["type"] == "http.response.start":
@@ -46,5 +46,5 @@ async def send_wrapper(message):
         try:
             await self.app(scope, receive, send_wrapper)
         except Exception as e:
-            print(f"[DEBUG] Error in UserContextMiddleware: {str(e)}")
+            logger.exception(f"Error in UserContextMiddleware: {str(e)}")
             raise
@@ -44,6 +44,8 @@ async def refresh(
     except Exception as e:
         raise HTTPException(status_code=401, detail=str(e))
 
+
+
 @router.get("/verify", response_model=dict)
 async def verify_token(
     current_user = Depends(get_current_user)
 
@@ -1,37 +1,37 @@
-from fastapi import APIRouter, Depends, Request
-from ..middleware.auth_middleware import require_auth, require_roles, require_user_id, get_token_from_header
-from ..middleware.firebase_auth_middleware import require_roles as firebase_require_roles
-from ..schemas.user import UserRole
+# from fastapi import APIRouter, Depends, Request
+# # from ..middleware.auth_middleware import require_auth, require_roles, require_user_id, get_token_from_header
+# # from ..middleware.firebase_auth_middleware import require_roles as firebase_require_roles
+# from ..schemas.user import UserRole
 
-router = APIRouter(prefix="/test", tags=["test"])
+# router = APIRouter(prefix="/test", tags=["test"])
 
-# # Basic auth test - any valid token
-# @router.get("/auth")
-# @require_auth
-# async def test_auth():
-#     """Test endpoint requiring just authentication"""
-#     return {"message": "You are authenticated!"}
+# # # Basic auth test - any valid token
+# # @router.get("/auth")
+# # @require_auth
+# # async def test_auth():
+# #     """Test endpoint requiring just authentication"""
+# #     return {"message": "You are authenticated!"}
 
-# Basic Firebase middleware test
-@router.get("/auth-middleware")
-async def test_firebase_middleware(request: Request):
-    """Test endpoint to verify Firebase middleware is working"""
-    return {
-        "message": "Firebase auth successful",
-        "user_id": request.state.user_id,
-        "claims": request.state.user_claims
-    }
+# # Basic Firebase middleware test
+# @router.get("/auth-middleware")
+# async def test_firebase_middleware(request: Request):
+#     """Test endpoint to verify Firebase middleware is working"""
+#     return {
+#         "message": "Firebase auth successful",
+#         "user_id": request.state.user_id,
+#         "claims": request.state.user_claims
+#     }
 
-# Test user context middleware
-@router.get("/context")
-async def test_context(request: Request):
-    """Test endpoint to verify user context middleware"""
-    try:
-        return {
-            "request_id": request.state.request_id,
-            "timestamp": request.state.request_timestamp,
-        }
-    except Exception as e:
-        return {
-            "error": str(e)
-        }
+# # Test user context middleware
+# @router.get("/context")
+# async def test_context(request: Request):
+#     """Test endpoint to verify user context middleware"""
+#     try:
+#         return {
+#             "request_id": request.state.request_id,
+#             "timestamp": request.state.request_timestamp,
+#         }
+#     except Exception as e:
+#         return {
+#             "error": str(e)
+#         }