borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-16 08:19:42 +02:00
parent b0316493db
commit 4e6e1e79da
2 changed files with 0 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/middleware/multi-tenant-auth.js
View File

@@ -53,16 +53,8 @@ class MultiTenantAuth {
* Can be from subdomain, header, or JWT * Can be from subdomain, header, or JWT
*/ */
async determineTenant(req) { async determineTenant(req) {
console.log('🚀 DETERMINE TENANT FUNCTION START');
console.log('===== DETERMINE TENANT CALLED =====');
console.log('🏢 req.user:', req.user);
console.log('🏢 req.headers.host:', req.headers?.host);
console.log('🏢 req.url:', req.url);
console.log('🏢 req.path:', req.path);
// Method 1: From authenticated user (highest priority) // Method 1: From authenticated user (highest priority)
if (req.user && req.user.tenantId) { if (req.user && req.user.tenantId) {
console.log('🏢 Tenant from req.user.tenantId:', req.user.tenantId);
return req.user.tenantId; return req.user.tenantId;
} }
@@ -87,11 +79,9 @@ class MultiTenantAuth {
// Method 4: x-forwarded-host header (for proxied requests) // Method 4: x-forwarded-host header (for proxied requests)
const forwardedHost = req.headers['x-forwarded-host']; const forwardedHost = req.headers['x-forwarded-host'];
console.log('🏢 x-forwarded-host header:', forwardedHost);
if (forwardedHost) { if (forwardedHost) {
const subdomain = forwardedHost.split('.')[0]; const subdomain = forwardedHost.split('.')[0];
if (subdomain && subdomain !== 'www' && subdomain !== 'api' && !subdomain.includes(':')) { if (subdomain && subdomain !== 'www' && subdomain !== 'api' && !subdomain.includes(':')) {
console.log('🏢 Tenant from x-forwarded-host:', subdomain);
return subdomain; return subdomain;
} }
} }

11
server/routes/user.js
View File

@@ -390,10 +390,8 @@ async function loginLocal(req, res, next) {
// Get tenant information from request (set by multi-tenant auth middleware) // Get tenant information from request (set by multi-tenant auth middleware)
let tenantId = null; let tenantId = null;
if (req.tenant && req.tenant.id) { if (req.tenant && req.tenant.id) {
console.log('🔧 DEBUG: Looking for tenant with slug:', req.tenant.id);
// Find the actual tenant in database // Find the actual tenant in database
const tenant = await Tenant.findOne({ where: { slug: req.tenant.id } }); const tenant = await Tenant.findOne({ where: { slug: req.tenant.id } });
console.log('🔧 DEBUG: Found tenant:', tenant ? { id: tenant.id, slug: tenant.slug } : 'null');
if (tenant) { if (tenant) {
tenantId = tenant.id; tenantId = tenant.id;
} }
@@ -422,9 +420,7 @@ async function loginLocal(req, res, next) {
whereClause[Op.and].push({ tenant_id: null }); whereClause[Op.and].push({ tenant_id: null });
} }
console.log('🔧 DEBUG: User search whereClause:', JSON.stringify(whereClause, null, 2));
const user = await User.findOne({ where: whereClause }); const user = await User.findOne({ where: whereClause });
console.log('🔧 DEBUG: Found user:', user ? { id: user.id, username: user.username, tenant_id: user.tenant_id } : 'null');
if (!user) { if (!user) {
console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - User not found`); console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - User not found`);
@@ -434,14 +430,7 @@ async function loginLocal(req, res, next) {
}); });
} }
console.log('🔧 DEBUG: Comparing password with hash:', {
passwordLength: password.length,
hashLength: user.password_hash?.length,
hashPrefix: user.password_hash?.substring(0, 10) + '...'
});
const passwordMatch = await bcrypt.compare(password, user.password_hash); const passwordMatch = await bcrypt.compare(password, user.password_hash);
console.log('🔧 DEBUG: Password match result:', passwordMatch);
if (!passwordMatch) { if (!passwordMatch) {
console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - Invalid password`); console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - Invalid password`);