From 661135d137f9f88cc409178e653878d7f1a170f0 Mon Sep 17 00:00:00 2001
From: m <paragraphenreiter@gmail.com>
Date: Wed, 25 Mar 2026 15:58:42 +0100
Subject: [PATCH] fix: exclude /api/ routes from Next.js auth middleware

The middleware was intercepting API proxy requests and redirecting
to /login. API routes should pass through to the Go backend which
handles its own JWT auth.
---
 frontend/src/middleware.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/src/middleware.ts b/frontend/src/middleware.ts
index 7dba35b..1a65ae7 100644
--- a/frontend/src/middleware.ts
+++ b/frontend/src/middleware.ts
@@ -55,6 +55,6 @@ export async function middleware(request: NextRequest) {
 
 export const config = {
   matcher: [
-    "/((?!_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)",
+    "/((?!api/|_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)",
   ],
 };