From 397fdbf237797bf335c08f713acb053a332a3723 Mon Sep 17 00:00:00 2001
From: Pavel Botsman <11509664+botsman@users.noreply.github.com>
Date: Tue, 7 Oct 2025 21:24:44 +0300
Subject: [PATCH] exclude health check from auth middleware

---
 app/run.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/run.go b/app/run.go
index 3fda375..7460d06 100644
--- a/app/run.go
+++ b/app/run.go
@@ -21,15 +21,15 @@ func SetupRouter(vs *verify.VerifySvc) *gin.Engine {
 		panic("AUTH_HEADER_NAME and AUTH_HEADER_VALUE must be set")
 	}
 
-	r.Use(func(c *gin.Context) {
+	tppGroup := r.Group("/tpp")
+	tppGroup.Use(func(c *gin.Context) {
 		if c.GetHeader(headerName) != headerValue {
 			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Invalid or missing header"})
 			return
 		}
 		c.Next()
 	})
-
-	r.POST("/tpp/verify", vs.Verify)
+	tppGroup.POST("/verify", vs.Verify)
 	r.GET("/health", func(c *gin.Context) {
 		c.JSON(http.StatusOK, gin.H{"status": "ok"})
 	})