From 674c2e2d8fe8dbf63e6a0927412b7e6bcd4a2d55 Mon Sep 17 00:00:00 2001 From: Alexander Borg Date: Sun, 14 Sep 2025 09:48:51 +0200 Subject: [PATCH] Fix jwt-token --- client/src/components/Layout.jsx | 8 -------- server/middleware/auth.js | 25 ++++++++++++++++++------- server/routes/user.js | 12 ++++++++++++ 3 files changed, 30 insertions(+), 15 deletions(-) diff --git a/client/src/components/Layout.jsx b/client/src/components/Layout.jsx index 2aae504..16ff011 100644 --- a/client/src/components/Layout.jsx +++ b/client/src/components/Layout.jsx @@ -36,13 +36,6 @@ const Layout = () => { // Build navigation based on user permissions const navigation = React.useMemo(() => { - console.log('🔍 Layout navigation recalculating:', { - userExists: !!user, - userRole: user?.role, - canAccessSettings: user?.role ? canAccessSettings(user.role) : false, - hasDebugPermission: user?.role ? hasPermission(user.role, 'debug.access') : false - }); - if (!user?.role) { return baseNavigation; // Return base navigation if user not loaded yet } @@ -59,7 +52,6 @@ const Layout = () => { nav.push({ name: 'Debug', href: '/debug', icon: BugAntIcon }); } - console.log('✅ Navigation built:', nav.map(n => n.name)); return nav; }, [user]); diff --git a/server/middleware/auth.js b/server/middleware/auth.js index 2fda368..aced91c 100644 --- a/server/middleware/auth.js +++ b/server/middleware/auth.js @@ -1,5 +1,5 @@ const jwt = require('jsonwebtoken'); -const { User } = require('../models'); +const { User, Tenant } = require('../models'); async function authenticateToken(req, res, next) { const authHeader = req.headers['authorization']; @@ -24,8 +24,16 @@ async function authenticateToken(req, res, next) { provider: decoded.provider }); + // For older tokens without tenantId, we need to look up the user's tenant + let tenantId = decoded.tenantId; + const user = await User.findByPk(decoded.userId, { - attributes: ['id', 'username', 'email', 'role', 'is_active', 'tenant_id'] + attributes: ['id', 'username', 'email', 'role', 'is_active', 'tenant_id'], + include: [{ + model: Tenant, + as: 'tenant', + attributes: ['slug', 'name'] + }] }); if (!user || !user.is_active) { @@ -37,12 +45,15 @@ async function authenticateToken(req, res, next) { req.user = user; - // Extract tenant info from JWT token if available - if (decoded.tenantId) { - req.tenantId = decoded.tenantId; - console.log('✅ Tenant context set:', decoded.tenantId); + // Set tenant context - prefer JWT tenantId, fallback to user's tenant + if (tenantId) { + req.tenantId = tenantId; + console.log('✅ Tenant context from JWT:', tenantId); + } else if (user.tenant && user.tenant.slug) { + req.tenantId = user.tenant.slug; + console.log('✅ Tenant context from user record:', user.tenant.slug); } else { - console.log('⚠️ No tenantId in JWT token'); + console.log('⚠️ No tenant context available'); } next(); diff --git a/server/routes/user.js b/server/routes/user.js index 39ac43a..f7de313 100644 --- a/server/routes/user.js +++ b/server/routes/user.js @@ -151,8 +151,20 @@ router.post('/login', validateRequest(loginSchema), async (req, res) => { // GET /api/users/profile - Get current user profile router.get('/profile', authenticateToken, async (req, res) => { try { + // Log the user object for debugging + console.log('📍 /users/profile - req.user:', { + id: req.user.id, + username: req.user.username, + role: req.user.role, + email: req.user.email, + is_active: req.user.is_active, + tenant_id: req.user.tenant_id + }); + const { password_hash: _, ...userProfile } = req.user.toJSON(); + console.log('📤 /users/profile - Response:', userProfile); + res.json({ success: true, data: userProfile