Fix: Add missing await keyword in authentication dependency and make …

[OmShukla-07]

📝 Description

This PR fixes a critical authentication bug where the await keyword was missing from the Supabase async authentication call. When logged-in users attempted to access protected integration endpoints, the backend would crash with AttributeError: 'coroutine' object has no attribute 'user'.

The bug was introduced in commit cedaad3 (October 16, 2025) by CodeRabbit during an automated refactoring pass, where the await keyword was incorrectly removed.

🔧 Changes Made

• Fixed authentication dependency (backend/app/core/dependencies.py line 50): Added missing await keyword to supabase.auth.get_user(token) call
• Made Weaviate connection non-blocking (backend/main.py lines 68-72): Changed error handling from raise to warning to prevent backend crashes when Weaviate times out during startup

📷 Screenshots or Visual Changes (if applicable)

N/A - Backend bug fix with no visual changes

✅ Checklist

• I have read the contributing guidelines.
• I have tested that the backend starts successfully without crashes
• I have verified no syntax errors in the modified code
• The fix restores the original correct implementation that existed before CodeRabbit's automated changes

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Enhanced authentication token verification reliability.
  • Application now gracefully handles backend service unavailability during startup, preventing startup failures and enabling continued operation with degraded features.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Two bug fixes addressing async and error handling: token verification in dependencies now properly awaits the Supabase async call, and Weaviate connection failures during startup now log warnings and continue instead of fatally aborting, enabling degraded operation.

Changes

Cohort / File(s)	Summary
Async token verification backend/app/core/dependencies.py	Added await to supabase.auth.get_user(token) to properly handle asynchronous call
Weaviate startup resilience backend/main.py	Changed Weaviate connection test exception from fatal error (re-raise) to non-fatal warning (continue), allowing graceful degradation

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• The missing await is a straightforward async bug fix
• The Weaviate error handling change requires consideration of downstream implications—verify that systems relying on Weaviate gracefully handle its absence during startup

Possibly related issues

• BUG: Missing await keyword in authentication dependency causes crash for logged-in users #177: Directly addresses both bugs fixed in this PR—adding missing await in token verification and making Weaviate startup exception non-fatal.

Poem

🐰 A rabbit hops through async dreams,
Where await and connections gleam,
Weaviate stumbles? Onward we go,
Graceful degradation's glow,
Two bugs fixed, resilience reigns supreme! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main fix (adding missing await keyword in authentication dependency) but is truncated with ellipsis, making it incomplete and partially obscuring the secondary change to Weaviate error handling.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8eeacad and 7d465ba.

📒 Files selected for processing (2)

• backend/app/core/dependencies.py (1 hunks)
• backend/main.py (1 hunks)

🔇 Additional comments (2)

backend/app/core/dependencies.py (1)

50-50: Critical fix: Async call now properly awaited.

This correctly restores the await keyword for the asynchronous Supabase authentication call. Without it, user_response would be a coroutine object rather than the actual user response, causing AttributeError: 'coroutine' object has no attribute 'user' on line 52.

backend/main.py (1)

68-73: No action required — self.weaviate_client is never used in the codebase.

The review comment assumes self.weaviate_client needs None handling, but it is initialized to None at line 34 and never accessed anywhere. All Weaviate operations use the get_weaviate_client() context manager (which wraps a global _client variable), not self.weaviate_client. This context manager already includes error handling: exceptions during connect() are caught, logged, and re-raised, while all call sites in operations.py, health.py, and other files wrap the context manager in try/except blocks. The existing error handling is adequate.

Likely an incorrect or invalid review comment.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}