fix: update authentication method for internal Gmail & Outlook integration endpoints

[vedant-kawale-27]

Description

This PR resolves an issue where the Gmail & Outlook integrations failed internally with 401 Unauthorized errors because the Flask API expected a JWT token on protected endpoints. Since the Flask app is an internal service accessed through the Express Gateway, the gateway only forwards the user identity via the X-User-Username header and secures the request with X-Internal-Secret.

Changes

• Removed the @jwt_or_secret_required() decorator from internal integration routes:
  • /gmail/callback
  • /gmail/emails
  • /outlook/callback
  • /outlook/emails
  • /scan-emails
• Updated these endpoints to authenticate using the existing _require_username() helper, extracting the identity from the X-User-Username header and validating X-Internal-Secret.
• Updated the test suite in backend/tests/test_internal_secret.py to match the updated header-based authentication strategy.

Related Issues

Closes #173

[vercel]

@vedant-kawale-27 is attempting to deploy a commit to the Aditya Sharma's projects Team on Vercel.

A member of the Team first needs to authorize it.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.