allow proxy route through auth middleware

albertsalgueda · albertsalgueda · commit d1d35522d0b3 · 2026-03-19T20:28:20.000+01:00
The /api/gateway/proxy route authenticates via gateway_token in the
Authorization header, not via Supabase session cookies. Add it to
the public routes list so the middleware doesn't redirect to /login.

Made-with: Cursor
diff --git a/src/lib/supabase/middleware.ts b/src/lib/supabase/middleware.ts
@@ -35,7 +35,8 @@ export async function updateSession(request: NextRequest) {
 
   const isPublicRoute = request.nextUrl.pathname === '/' ||
     isAuthRoute ||
-    request.nextUrl.pathname.startsWith('/api/webhooks')
+    request.nextUrl.pathname.startsWith('/api/webhooks') ||
+    request.nextUrl.pathname.startsWith('/api/gateway/proxy')
 
   if (!user && !isPublicRoute) {
     const url = request.nextUrl.clone()
