Fix jwt-token

server/middleware/ip-restriction.js

@@ -168,27 +168,21 @@ class IPRestrictionMiddleware {
 
       // Skip IP restrictions for management routes - they have their own access controls
       if (path.startsWith('/api/management/')) {
-        console.log('🔍 IP Restriction - Skipping for management route:', path);
         return next();
       }
 
       // Skip IP restrictions for auth config - users need to see login form and get proper error
       if (path === '/api/auth/config') {
-        console.log('🔍 IP Restriction - Skipping for auth config route');
         return next();
       }
 
-      console.log('🔍 IP Restriction Check - Path:', req.path, 'Method:', req.method);
-
       // Determine tenant (check req.tenant first for test contexts)
       let tenantId = req.tenant;
       if (!tenantId) {
         tenantId = await this.multiAuth.determineTenant(req);
       }
-      console.log('🔍 IP Restriction - Determined tenant:', tenantId);
       
       if (!tenantId) {
-        console.log('🔍 IP Restriction - No tenant found, skipping IP check');
         // No tenant found, continue without IP checking
         return next();
       }
@@ -200,32 +194,16 @@ class IPRestrictionMiddleware {
         attributes: ['id', 'slug', 'ip_restriction_enabled', 'ip_whitelist', 'ip_restriction_message', 'updated_at']
       });
       if (!tenant) {
-        console.log('🔍 IP Restriction - Tenant not found in database:', tenantId);
         return next();
       }
 
-      console.log('🔍 IP Restriction - Tenant config (fresh from DB):', {
-        id: tenant.id,
-        slug: tenant.slug,
-        ip_restriction_enabled: tenant.ip_restriction_enabled,
-        ip_whitelist: tenant.ip_whitelist,
-        updated_at: tenant.updated_at
-      });
-
       // Check if IP restrictions are enabled
       if (!tenant.ip_restriction_enabled) {
-        console.log('🔍 IP Restriction - Restrictions disabled for tenant');
         return next();
       }
 
       // Get client IP
       const clientIP = this.getClientIP(req);
-      console.log('🔍 IP Restriction - Client IP:', clientIP);
-      console.log('🔍 IP Restriction - Request headers:', {
-        'x-forwarded-for': req.headers['x-forwarded-for'],
-        'x-real-ip': req.headers['x-real-ip'],
-        'remote-address': req.connection?.remoteAddress
-      });
       
       // Parse allowed IPs (convert string to array)
       let allowedIPs = [];
@@ -239,11 +217,8 @@ class IPRestrictionMiddleware {
       
       // Check if IP is allowed
       const isAllowed = this.isIPAllowed(clientIP, allowedIPs);
-      console.log('🔍 IP Restriction - Is IP allowed:', isAllowed, 'Allowed IPs:', allowedIPs);
       
       if (!isAllowed) {
-        console.log(`🚫 IP Access Denied: ${clientIP} attempted to access tenant "${tenantId}"`);
-        
         // Log the access attempt for security auditing
         console.log(`[SECURITY AUDIT] ${new Date().toISOString()} - IP ${clientIP} denied access to tenant ${tenantId} - User-Agent: ${req.headers['user-agent']}`);
         
@@ -256,7 +231,6 @@ class IPRestrictionMiddleware {
       }
 
       // IP is allowed, continue
-      console.log(`✅ IP Access Allowed: ${clientIP} accessing tenant "${tenantId}"`);
       next();
 
     } catch (error) {