Fix jwt-token

2025-09-14 09:56:20 +02:00
parent ed51786903
commit 8d3006cbc2
2 changed files with 0 additions and 13 deletions
--- a/server/middleware/multi-tenant-auth.js
+++ b/server/middleware/multi-tenant-auth.js
@@ -34,44 +34,34 @@ class MultiTenantAuth {
   */
  async determineTenant(req) {
    // Method 1: Subdomain (tenant.yourapp.com)
-    console.log('🔍 Determining tenant - hostname:', req.hostname);
    const subdomain = req.hostname.split('.')[0];
-    console.log('🔍 Subdomain extracted:', subdomain);
    if (subdomain && subdomain !== 'www' && subdomain !== 'api') {
-      console.log('🔍 Using subdomain as tenant:', subdomain);
      return subdomain;
    }

    // Method 2: Custom header
    const tenantHeader = req.headers['x-tenant-id'];
-    console.log('🔍 Checking x-tenant-id header:', tenantHeader);
    if (tenantHeader) {
-      console.log('🔍 Using header as tenant:', tenantHeader);
      return tenantHeader;
    }

    // Method 3: From JWT token (for existing sessions)
    const token = req.headers.authorization?.split(' ')[1];
-    console.log('🔍 Checking JWT token:', token ? 'present' : 'missing');
    if (token) {
      try {
        const decoded = jwt.verify(token, process.env.JWT_SECRET);
-        console.log('🔍 JWT decoded tenant:', decoded.tenantId);
        return decoded.tenantId;
      } catch (error) {
-        console.log('🔍 JWT verification failed:', error.message);
        // Token invalid, continue with other methods
      }
    }

    // Method 4: Query parameter (for redirects)
    if (req.query.tenant) {
-      console.log('🔍 Using query parameter as tenant:', req.query.tenant);
      return req.query.tenant;
    }

    // Default to 'default' tenant for backward compatibility
-    console.log('🔍 Using default tenant');
    return 'default';
  }

--- a/server/routes/auth.js
+++ b/server/routes/auth.js
@@ -204,13 +204,10 @@ router.post('/local', async (req, res, next) => {
  try {
    // Determine tenant
    const tenantId = await multiAuth.determineTenant(req);
-    console.log('🔍 Determined tenant for login:', tenantId);
    const authConfig = await multiAuth.getTenantAuthConfig(tenantId);
-    console.log('🔍 Auth config for tenant:', authConfig);
    
    // Verify tenant supports local authentication
    if (authConfig.type !== 'local') {
-      console.log('🔍 Tenant does not support local auth:', authConfig.type);
      return res.status(400).json({
        success: false,
        message: `This tenant uses ${authConfig.type} authentication. Please use the appropriate login method.`,