diff --git a/products/02-iac-drift-detection/saas/src/auth/middleware.ts b/products/02-iac-drift-detection/saas/src/auth/middleware.ts
index 74d519f..321df57 100644
--- a/products/02-iac-drift-detection/saas/src/auth/middleware.ts
+++ b/products/02-iac-drift-detection/saas/src/auth/middleware.ts
@@ -27,7 +27,8 @@ export function registerAuth(app: FastifyInstance, jwtSecret: string, pool: Pool
     if (req.url === '/health' || req.url === '/version') return;
     if (req.url.startsWith('/webhooks/')) return;
     if (req.url.startsWith('/slack/')) return;
-    if (req.url.startsWith('/api/v1/auth/login') || req.url.startsWith('/api/v1/auth/signup')) return;
+    const path = req.url.split('?')[0];
+    if (path === '/api/v1/auth/login' || path === '/api/v1/auth/signup') return;
 
     const apiKey = req.headers['x-api-key'] as string | undefined;
     const authHeader = req.headers['authorization'];
diff --git a/products/03-alert-intelligence/src/auth/middleware.ts b/products/03-alert-intelligence/src/auth/middleware.ts
index 74d519f..321df57 100644
--- a/products/03-alert-intelligence/src/auth/middleware.ts
+++ b/products/03-alert-intelligence/src/auth/middleware.ts
@@ -27,7 +27,8 @@ export function registerAuth(app: FastifyInstance, jwtSecret: string, pool: Pool
     if (req.url === '/health' || req.url === '/version') return;
     if (req.url.startsWith('/webhooks/')) return;
     if (req.url.startsWith('/slack/')) return;
-    if (req.url.startsWith('/api/v1/auth/login') || req.url.startsWith('/api/v1/auth/signup')) return;
+    const path = req.url.split('?')[0];
+    if (path === '/api/v1/auth/login' || path === '/api/v1/auth/signup') return;
 
     const apiKey = req.headers['x-api-key'] as string | undefined;
     const authHeader = req.headers['authorization'];
diff --git a/products/04-lightweight-idp/src/auth/middleware.ts b/products/04-lightweight-idp/src/auth/middleware.ts
index 74d519f..321df57 100644
--- a/products/04-lightweight-idp/src/auth/middleware.ts
+++ b/products/04-lightweight-idp/src/auth/middleware.ts
@@ -27,7 +27,8 @@ export function registerAuth(app: FastifyInstance, jwtSecret: string, pool: Pool
     if (req.url === '/health' || req.url === '/version') return;
     if (req.url.startsWith('/webhooks/')) return;
     if (req.url.startsWith('/slack/')) return;
-    if (req.url.startsWith('/api/v1/auth/login') || req.url.startsWith('/api/v1/auth/signup')) return;
+    const path = req.url.split('?')[0];
+    if (path === '/api/v1/auth/login' || path === '/api/v1/auth/signup') return;
 
     const apiKey = req.headers['x-api-key'] as string | undefined;
     const authHeader = req.headers['authorization'];
diff --git a/products/05-aws-cost-anomaly/src/auth/middleware.ts b/products/05-aws-cost-anomaly/src/auth/middleware.ts
index 74d519f..321df57 100644
--- a/products/05-aws-cost-anomaly/src/auth/middleware.ts
+++ b/products/05-aws-cost-anomaly/src/auth/middleware.ts
@@ -27,7 +27,8 @@ export function registerAuth(app: FastifyInstance, jwtSecret: string, pool: Pool
     if (req.url === '/health' || req.url === '/version') return;
     if (req.url.startsWith('/webhooks/')) return;
     if (req.url.startsWith('/slack/')) return;
-    if (req.url.startsWith('/api/v1/auth/login') || req.url.startsWith('/api/v1/auth/signup')) return;
+    const path = req.url.split('?')[0];
+    if (path === '/api/v1/auth/login' || path === '/api/v1/auth/signup') return;
 
     const apiKey = req.headers['x-api-key'] as string | undefined;
     const authHeader = req.headers['authorization'];
diff --git a/products/06-runbook-automation/saas/src/auth/middleware.ts b/products/06-runbook-automation/saas/src/auth/middleware.ts
index 74d519f..321df57 100644
--- a/products/06-runbook-automation/saas/src/auth/middleware.ts
+++ b/products/06-runbook-automation/saas/src/auth/middleware.ts
@@ -27,7 +27,8 @@ export function registerAuth(app: FastifyInstance, jwtSecret: string, pool: Pool
     if (req.url === '/health' || req.url === '/version') return;
     if (req.url.startsWith('/webhooks/')) return;
     if (req.url.startsWith('/slack/')) return;
-    if (req.url.startsWith('/api/v1/auth/login') || req.url.startsWith('/api/v1/auth/signup')) return;
+    const path = req.url.split('?')[0];
+    if (path === '/api/v1/auth/login' || path === '/api/v1/auth/signup') return;
 
     const apiKey = req.headers['x-api-key'] as string | undefined;
     const authHeader = req.headers['authorization'];
diff --git a/products/shared/auth.ts b/products/shared/auth.ts
index 84510bc..2b83366 100644
--- a/products/shared/auth.ts
+++ b/products/shared/auth.ts
@@ -27,7 +27,8 @@ export function registerAuth(app: FastifyInstance, jwtSecret: string, pool: Pool
     if (req.url === '/health') return;
     if (req.url.startsWith('/webhooks/')) return;
     if (req.url.startsWith('/slack/')) return;
-    if (req.url.startsWith('/api/v1/auth/login') || req.url.startsWith('/api/v1/auth/signup')) return;
+    const path = req.url.split('?')[0];
+    if (path === '/api/v1/auth/login' || path === '/api/v1/auth/signup') return;
 
     const apiKey = req.headers['x-api-key'] as string | undefined;
     const authHeader = req.headers['authorization'];