basic accoutn delteion fixed

2025-12-06 16:06:56 +00:00
parent 365dcfbbd2
commit a0eee0df42
4 changed files with 41 additions and 4 deletions
--- a/backend/igny8_core/api/authentication.py
+++ b/backend/igny8_core/api/authentication.py
@@ -119,10 +119,18 @@ class APIKeyAuthentication(BaseAuthentication):
            if not site:
                return None  # API key not found or site inactive
            
-            # Get account and user
+            # Get account and user (prefer owner but gracefully fall back)
            account = site.account
-            user = account.owner  # Use account owner as the authenticated user
+            user = account.owner
+            if not user or not getattr(user, 'is_active', False):
+                # Fall back to any active developer/owner/admin in the account
+                user = account.users.filter(
+                    is_active=True,
+                    role__in=['developer', 'owner', 'admin']
+                ).order_by('role').first() or account.users.filter(is_active=True).first()
            
+            if not user:
+                raise AuthenticationFailed('No active user available for this account.')
            if not user.is_active:
                raise AuthenticationFailed('User account is disabled.')