diff --git a/backend/igny8_core/api/authentication.py b/backend/igny8_core/api/authentication.py index 723abeef..9daada1b 100644 --- a/backend/igny8_core/api/authentication.py +++ b/backend/igny8_core/api/authentication.py @@ -62,32 +62,18 @@ class JWTAuthentication(BaseAuthentication): # User not found - return None to allow other auth classes to try return None - # Get account from token (token's account_id is authoritative for current context) + # Get account from token (token's account_id is authoritative per unified API model) + # Unified API Standard: Token contains account_id, middleware extracts and sets request.account account_id = payload.get('account_id') account = None if account_id: try: account = Account.objects.get(id=account_id) - # Verify user has access to this account - # For developers/admins, they can access any account - # For regular users, verify they belong to this account - if not user.is_admin_or_developer() and not user.is_system_account_user(): - # Regular user - must belong to this account - if user.account and user.account.id != account_id: - # User doesn't belong to token's account - use user's account instead - account = user.account except Account.DoesNotExist: - # Account from token doesn't exist - use user's account instead - pass - - if not account: - try: - account = getattr(user, 'account', None) - except (AttributeError, Exception): - # If account access fails, set to None + # Account from token doesn't exist - set to None account = None - # Set account on request + # Set account on request (unified API model: token's account_id is authoritative) request.account = account return (user, token) diff --git a/backend/igny8_core/auth/middleware.py b/backend/igny8_core/auth/middleware.py index 5b82fb26..f738a4b8 100644 --- a/backend/igny8_core/auth/middleware.py +++ b/backend/igny8_core/auth/middleware.py @@ -99,21 +99,14 @@ class AccountContextMiddleware(MiddlewareMixin): user = User.objects.select_related('account', 'account__plan').get(id=user_id) request.user = user if account_id: - # Verify account still exists - account = Account.objects.get(id=account_id) - # Token's account_id is authoritative for current context - # For developers/admins, they can access any account - # For regular users, verify they belong to this account - if not user.is_admin_or_developer() and not user.is_system_account_user(): - # Regular user - must belong to this account - if user.account and user.account.id != account_id: - # User doesn't belong to token's account - use user's account instead - request.account = user.account - else: - request.account = account - else: - # Developer/admin/system user - use token's account (they can access any) + # Unified API Standard: Extract account_id from JWT, load Account object, set request.account + # Token's account_id is authoritative - no validation against user.account + try: + account = Account.objects.get(id=account_id) request.account = account + except Account.DoesNotExist: + # Account from token doesn't exist - set to None + request.account = None else: try: user_account = getattr(user, 'account', None)