fixes

app.py

@@ -76,14 +76,69 @@ app = FastAPI(
     3. **Check status**: Monitor progress with `/jobs/{job_id}`
     4. **Download result**: Get extracted audio with `/jobs/{job_id}/download`
     5. **Optional trimming**: Use `start` and `end` parameters to download specific segments
+    
+    ### Authentication
+    Most endpoints require JWT Bearer token authentication. Include your token in the Authorization header:
+    ```
+    Authorization: Bearer <your-jwt-token>
+    ```
+    
+    Public endpoints (no authentication required):
+    - `GET /api/v1/info` - API information
+    - `GET /api/v1/health` - Health check
     """,
     version=settings.app_version,
     docs_url="/docs",
     redoc_url="/redoc",
     openapi_url="/openapi.json",
-    lifespan=lifespan
+    lifespan=lifespan,
+    # Add OpenAPI security scheme for Bearer token authentication
+    openapi_tags=[
+        {
+            "name": "extraction",
+            "description": "Audio extraction operations (requires authentication)"
+        },
+        {
+            "name": "jobs", 
+            "description": "Job management operations (requires authentication)"
+        },
+        {
+            "name": "info",
+            "description": "Public API information (no authentication required)"
+        }
+    ]
 )
 
+# Configure OpenAPI security scheme
+from fastapi.openapi.utils import get_openapi
+
+def custom_openapi():
+    if app.openapi_schema:
+        return app.openapi_schema
+    
+    openapi_schema = get_openapi(
+        title=app.title,
+        version=app.version,
+        description=app.description,
+        routes=app.routes,
+        tags=app.openapi_tags
+    )
+    
+    # Add Bearer token security scheme
+    openapi_schema["components"]["securitySchemes"] = {
+        "bearerAuth": {
+            "type": "http",
+            "scheme": "bearer",
+            "bearerFormat": "JWT",
+            "description": "Enter your JWT Bearer token"
+        }
+    }
+    
+    app.openapi_schema = openapi_schema
+    return app.openapi_schema
+
+app.openapi = custom_openapi
+
 # Configure middleware
 configure_cors(app)
 register_exception_handlers(app)

application/dto/extraction_response.py

@@ -16,10 +16,10 @@ class DirectExtractionResultDTO:
 class JobStatusDTO:
     """DTO for job status."""
     job_id: str
-    external_job_id: Optional[str] = None
     status: str
     created_at: datetime
     updated_at: datetime
+    external_job_id: Optional[str] = None
     filename: Optional[str] = None
     file_size_mb: Optional[float] = None
     output_format: Optional[str] = None
@@ -35,14 +35,14 @@ class DownloadResultDTO:
     media_type: str
     filename: str
     processing_time: float
-    storage_key: str = None
+    storage_key: Optional[str] = None
 
 @dataclass
 class JobCreationDTO:
     """DTO for job creation."""
     job_id: str
-    external_job_id: Optional[str] = None
     status: str
     message: str
     check_url: str
+    external_job_id: Optional[str] = None
     file_size_mb: Optional[float] = None

interfaces/api/dependencies.py

@@ -71,6 +71,11 @@ async def validate_bearer_token(
     Raises:
         HTTPException: 401 if token is missing or invalid
     """
+    from infrastructure.config.settings import settings
+
+    if not settings.enforce_authentication:
+        return "authentication-disabled"
+    
     if not authorization:
         raise HTTPException(
             status_code=401,

interfaces/api/routes/extraction_routes.py

@@ -1,6 +1,7 @@
 """Audio extraction API routes."""
-from fastapi import APIRouter, BackgroundTasks, UploadFile, Form, HTTPException
+from fastapi import APIRouter, BackgroundTasks, UploadFile, Form, HTTPException, Security
 from fastapi.responses import JSONResponse
+from fastapi.security import HTTPBearer
 from dataclasses import asdict
 from typing import Optional
 
@@ -16,15 +17,21 @@ from domain.exceptions.domain_exceptions import (
 
 router = APIRouter()
 
+# Security scheme for OpenAPI documentation
+security = HTTPBearer()
+
 @router.post("/extract", 
             response_model=JobCreatedResponse,
             summary="Extract Audio from Video",
             description="""
             Extract audio from uploaded video file.
             
+            **Authentication Required**: This endpoint requires a valid JWT Bearer token.
+            
             All files are processed asynchronously and return a job ID for tracking progress.
             Use the job status endpoint to check processing status and download the result when complete.
             """,
+            dependencies=[Security(security)],
             responses={
                 202: {
                     "description": "Job created for async processing",

interfaces/api/routes/job_routes.py

@@ -1,6 +1,7 @@
 """Job management API routes."""
-from fastapi import APIRouter, HTTPException, Path, Query, BackgroundTasks
+from fastapi import APIRouter, HTTPException, Path, Query, BackgroundTasks, Security
 from fastapi.responses import FileResponse
+from fastapi.security import HTTPBearer
 from typing import Any, Optional
 import logging
 
@@ -16,10 +17,14 @@ from domain.exceptions.domain_exceptions import (
 router = APIRouter()
 logger = logging.getLogger(__name__)
 
+# Security scheme for OpenAPI documentation
+security = HTTPBearer()
+
 @router.get("/jobs/{job_id}", 
            response_model=JobStatusResponse,
            summary="Get Job Status",
-           description="Check the status of an audio extraction job",
+           description="Check the status of an audio extraction job. **Authentication Required**: This endpoint requires a valid JWT Bearer token.",
+           dependencies=[Security(security)],
            responses={
                200: {"description": "Job status retrieved successfully"},
                401: {"description": "Authentication required", "content": {"application/json": {"example": {"error": "Authentication required", "code": "AUTHENTICATION_ERROR"}}}},
@@ -78,6 +83,8 @@ async def get_job_status(
            description="""
            Download the audio file from a completed extraction job.
            
+           **Authentication Required**: This endpoint requires a valid JWT Bearer token.
+           
            Optionally specify start and end times to download only a portion of the audio:
            - start: Start time in HH:MM:SS format (e.g., 00:01:30 for 1 minute 30 seconds)
            - end: End time in HH:MM:SS format (e.g., 00:03:45 for 3 minutes 45 seconds)
@@ -86,6 +93,7 @@ async def get_job_status(
            If only start is provided, audio from start time to the end is returned.
            If only end is provided, audio from beginning to end time is returned.
            """,
+           dependencies=[Security(security)],
            responses={
                200: {
                    "description": "Audio file",