Revert "Revert to main branch account handling logic"

This reverts commit 219dae83c6.
2025-11-17 01:35:19 +05:00
parent ab292de06c
commit 11a5a66c8b
2 changed files with 14 additions and 16 deletions
--- a/backend/igny8_core/auth/middleware.py
+++ b/backend/igny8_core/auth/middleware.py
@@ -99,13 +99,14 @@ class AccountContextMiddleware(MiddlewareMixin):
                    user = User.objects.select_related('account', 'account__plan').get(id=user_id)
                    request.user = user
                    if account_id:
-                        # Verify account still exists and matches user
-                        account = Account.objects.get(id=account_id)
-                        # If user's account changed, use the new one from user object
-                        if user.account and user.account.id != account_id:
-                            request.account = user.account
-                        else:
+                        # Unified API Standard: Extract account_id from JWT, load Account object, set request.account
+                        # Token's account_id is authoritative - no validation against user.account
+                        try:
+                            account = Account.objects.get(id=account_id)
                            request.account = account
+                        except Account.DoesNotExist:
+                            # Account from token doesn't exist - set to None
+                            request.account = None
                    else:
                        try:
                            user_account = getattr(user, 'account', None)