Fix jwt-token
This commit is contained in:
@@ -53,16 +53,8 @@ class MultiTenantAuth {
|
||||
* Can be from subdomain, header, or JWT
|
||||
*/
|
||||
async determineTenant(req) {
|
||||
console.log('🚀 DETERMINE TENANT FUNCTION START');
|
||||
console.log('===== DETERMINE TENANT CALLED =====');
|
||||
console.log('🏢 req.user:', req.user);
|
||||
console.log('🏢 req.headers.host:', req.headers?.host);
|
||||
console.log('🏢 req.url:', req.url);
|
||||
console.log('🏢 req.path:', req.path);
|
||||
|
||||
// Method 1: From authenticated user (highest priority)
|
||||
if (req.user && req.user.tenantId) {
|
||||
console.log('🏢 Tenant from req.user.tenantId:', req.user.tenantId);
|
||||
return req.user.tenantId;
|
||||
}
|
||||
|
||||
@@ -87,11 +79,9 @@ class MultiTenantAuth {
|
||||
|
||||
// Method 4: x-forwarded-host header (for proxied requests)
|
||||
const forwardedHost = req.headers['x-forwarded-host'];
|
||||
console.log('🏢 x-forwarded-host header:', forwardedHost);
|
||||
if (forwardedHost) {
|
||||
const subdomain = forwardedHost.split('.')[0];
|
||||
if (subdomain && subdomain !== 'www' && subdomain !== 'api' && !subdomain.includes(':')) {
|
||||
console.log('🏢 Tenant from x-forwarded-host:', subdomain);
|
||||
return subdomain;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -390,10 +390,8 @@ async function loginLocal(req, res, next) {
|
||||
// Get tenant information from request (set by multi-tenant auth middleware)
|
||||
let tenantId = null;
|
||||
if (req.tenant && req.tenant.id) {
|
||||
console.log('🔧 DEBUG: Looking for tenant with slug:', req.tenant.id);
|
||||
// Find the actual tenant in database
|
||||
const tenant = await Tenant.findOne({ where: { slug: req.tenant.id } });
|
||||
console.log('🔧 DEBUG: Found tenant:', tenant ? { id: tenant.id, slug: tenant.slug } : 'null');
|
||||
if (tenant) {
|
||||
tenantId = tenant.id;
|
||||
}
|
||||
@@ -422,9 +420,7 @@ async function loginLocal(req, res, next) {
|
||||
whereClause[Op.and].push({ tenant_id: null });
|
||||
}
|
||||
|
||||
console.log('🔧 DEBUG: User search whereClause:', JSON.stringify(whereClause, null, 2));
|
||||
const user = await User.findOne({ where: whereClause });
|
||||
console.log('🔧 DEBUG: Found user:', user ? { id: user.id, username: user.username, tenant_id: user.tenant_id } : 'null');
|
||||
|
||||
if (!user) {
|
||||
console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - User not found`);
|
||||
@@ -434,14 +430,7 @@ async function loginLocal(req, res, next) {
|
||||
});
|
||||
}
|
||||
|
||||
console.log('🔧 DEBUG: Comparing password with hash:', {
|
||||
passwordLength: password.length,
|
||||
hashLength: user.password_hash?.length,
|
||||
hashPrefix: user.password_hash?.substring(0, 10) + '...'
|
||||
});
|
||||
|
||||
const passwordMatch = await bcrypt.compare(password, user.password_hash);
|
||||
console.log('🔧 DEBUG: Password match result:', passwordMatch);
|
||||
|
||||
if (!passwordMatch) {
|
||||
console.log(`❌ Authentication failed for "${username}" in tenant "${req.tenant?.id}" - Invalid password`);
|
||||
|
||||
Reference in New Issue
Block a user