Remove middleware for protecting documentation endpoints

orabe · orabe · commit f302ca01f6ea · 2026-04-29T15:14:30.000+02:00
diff --git a/backend/app/main.py b/backend/app/main.py
@@ -5,7 +5,6 @@
 from starlette.responses import JSONResponse
 from datetime import datetime
 from . import models, schemas, crud, database, security
-from fastapi import Request
 
 app = FastAPI(title="MathCodeLab Certificate Verification API")
 models.Base.metadata.create_all(bind=database.engine)
@@ -20,14 +19,6 @@
     allow_headers=["*"],
 )
 
-@app.middleware("http")
-async def protect_docs(request: Request, call_next):
-    if request.url.path.startswith("/docs") or request.url.path.startswith("/openapi"):
-        auth = request.headers.get("authorization")
-        if auth != f"Bearer {os.getenv('ADMIN_API_KEY')}":
-            return JSONResponse(status_code=401, content={"detail": "Unauthorized"})
-    return await call_next(request)
-
 @app.get("/")
 def root():
     return {
