From c4daeb18709647246a0e39a473ca447ba5ab2dc9 Mon Sep 17 00:00:00 2001 From: Desktop Date: Mon, 17 Nov 2025 01:35:26 +0500 Subject: [PATCH] Revert "Fix authentication: Follow unified API model - token account_id is authoritative" This reverts commit 8171014a7eb1864673bd81d89e81a9f82e6a77be. --- backend/igny8_core/api/authentication.py | 22 ++++++++++++++++++---- backend/igny8_core/auth/middleware.py | 21 ++++++++++++++------- 2 files changed, 32 insertions(+), 11 deletions(-) diff --git a/backend/igny8_core/api/authentication.py b/backend/igny8_core/api/authentication.py index 9daada1b..723abeef 100644 --- a/backend/igny8_core/api/authentication.py +++ b/backend/igny8_core/api/authentication.py @@ -62,18 +62,32 @@ class JWTAuthentication(BaseAuthentication): # User not found - return None to allow other auth classes to try return None - # Get account from token (token's account_id is authoritative per unified API model) - # Unified API Standard: Token contains account_id, middleware extracts and sets request.account + # Get account from token (token's account_id is authoritative for current context) account_id = payload.get('account_id') account = None if account_id: try: account = Account.objects.get(id=account_id) + # Verify user has access to this account + # For developers/admins, they can access any account + # For regular users, verify they belong to this account + if not user.is_admin_or_developer() and not user.is_system_account_user(): + # Regular user - must belong to this account + if user.account and user.account.id != account_id: + # User doesn't belong to token's account - use user's account instead + account = user.account except Account.DoesNotExist: - # Account from token doesn't exist - set to None + # Account from token doesn't exist - use user's account instead + pass + + if not account: + try: + account = getattr(user, 'account', None) + except (AttributeError, Exception): + # If account access fails, set to None account = None - # Set account on request (unified API model: token's account_id is authoritative) + # Set account on request request.account = account return (user, token) diff --git a/backend/igny8_core/auth/middleware.py b/backend/igny8_core/auth/middleware.py index f738a4b8..5b82fb26 100644 --- a/backend/igny8_core/auth/middleware.py +++ b/backend/igny8_core/auth/middleware.py @@ -99,14 +99,21 @@ class AccountContextMiddleware(MiddlewareMixin): user = User.objects.select_related('account', 'account__plan').get(id=user_id) request.user = user if account_id: - # Unified API Standard: Extract account_id from JWT, load Account object, set request.account - # Token's account_id is authoritative - no validation against user.account - try: - account = Account.objects.get(id=account_id) + # Verify account still exists + account = Account.objects.get(id=account_id) + # Token's account_id is authoritative for current context + # For developers/admins, they can access any account + # For regular users, verify they belong to this account + if not user.is_admin_or_developer() and not user.is_system_account_user(): + # Regular user - must belong to this account + if user.account and user.account.id != account_id: + # User doesn't belong to token's account - use user's account instead + request.account = user.account + else: + request.account = account + else: + # Developer/admin/system user - use token's account (they can access any) request.account = account - except Account.DoesNotExist: - # Account from token doesn't exist - set to None - request.account = None else: try: user_account = getattr(user, 'account', None)