added more support for supabase-js

auth/src/middleware.rs

@@ -44,11 +44,18 @@ pub async fn auth_middleware(
     if path.contains("/authorize") || path.contains("/callback") {
          return Ok(next.run(req).await);
     }
+    
+    // Allow public Signed URL access (GET only)
+    if path.contains("/object/sign/") && req.method() == axum::http::Method::GET {
+        return Ok(next.run(req).await);
+    }
 
     // Determine the secret to use
     let jwt_secret = if let Some(ctx) = &project_ctx {
+        tracing::info!("Using project-specific JWT secret: '{}'", ctx.jwt_secret);
         ctx.jwt_secret.clone()
     } else {
+        tracing::warn!("ProjectContext not found! Using global JWT secret: '{}'", state.config.jwt_secret);
         state.config.jwt_secret.clone()
     };
 
@@ -98,8 +105,9 @@ pub async fn auth_middleware(
                 req.extensions_mut().insert(ctx);
                 return Ok(next.run(req).await);
             }
-            Err(_) => {
+            Err(e) => {
                 // Invalid token
+                tracing::error!("Token validation failed: {}", e);
                 return Err(StatusCode::UNAUTHORIZED);
             }
         }