ImageProcessor_MainServer/app/deps/auth.py

# app/deps/auth.py
import os
from fastapi import Depends, HTTPException, Request, Form
from app.supabase_auth import check_user_permission_cached

BYPASS = os.getenv("BYPASS_AUTH", "false").lower() == "true"   # ★ 전역 상수

def auth_dep(request: Request, user_id: str = Form(...)) -> None:

    if BYPASS:                # ★ 개발 중엔 여기서 바로 return
        return

    client_ip = request.client.host  # 같은 곳(클라이언트 IP) 기준
    if not check_user_permission_cached(user_id, client_ip):
        raise HTTPException(status_code=403, detail="권한이 없습니다.")