From e63c7a0767cd6744088328d9986f5d9a29afc14c Mon Sep 17 00:00:00 2001
From: JSC <jschoisy@carea5.com>
Date: Tue, 1 Jul 2025 02:41:25 +0200
Subject: [PATCH] feat(auth): enhance user authentication by querying user data
 from the database and simplifying access token generation

---
 app/services/decorators.py    | 36 +++++++++++++++++++++--------------
 app/services/token_service.py | 15 +--------------
 2 files changed, 23 insertions(+), 28 deletions(-)

diff --git a/app/services/decorators.py b/app/services/decorators.py
index 0c0dcf6..2969aec 100644
--- a/app/services/decorators.py
+++ b/app/services/decorators.py
@@ -17,23 +17,31 @@ def get_user_from_jwt() -> dict[str, Any] | None:
         if not current_user_id:
             return None
 
-        claims = get_jwt()
-        is_active = claims.get("is_active", True)
-
-        if not is_active:
+        # Query database for user data instead of using JWT claims
+        from app.models.user import User
+        
+        user = User.query.get(int(current_user_id))
+        if not user or not user.is_active:
             return None
 
+        # Build comprehensive providers list
+        providers = [p.provider for p in user.oauth_providers]
+        if user.password_hash:
+            providers.append("password")
+        if user.api_token:
+            providers.append("api_token")
+
         return {
-            "id": current_user_id,
-            "email": claims.get("email", ""),
-            "name": claims.get("name", ""),
-            "picture": claims.get("picture"),
-            "role": claims.get("role", "user"),
-            "is_active": is_active,
-            "provider": claims.get("provider", "unknown"),
-            "providers": claims.get("providers", []),
-            "plan": claims.get("plan"),
-            "credits": claims.get("credits"),
+            "id": str(user.id),
+            "email": user.email,
+            "name": user.name,
+            "picture": user.picture,
+            "role": user.role,
+            "is_active": user.is_active,
+            "provider": "jwt",
+            "providers": providers,
+            "plan": user.plan.to_dict() if user.plan else None,
+            "credits": user.credits,
         }
     except Exception:
         return None
diff --git a/app/services/token_service.py b/app/services/token_service.py
index ee5539b..1216e2c 100644
--- a/app/services/token_service.py
+++ b/app/services/token_service.py
@@ -10,20 +10,7 @@ class TokenService:
 
     def generate_access_token(self, user_data: dict[str, Any]) -> str:
         """Generate an access token for the user."""
-        return create_access_token(
-            identity=user_data["id"],
-            additional_claims={
-                "email": user_data["email"],
-                "name": user_data["name"],
-                "picture": user_data.get("picture"),
-                "role": user_data.get("role"),
-                "is_active": user_data.get("is_active"),
-                "provider": user_data.get("provider"),
-                "providers": user_data.get("providers", []),
-                "plan": user_data.get("plan"),
-                "credits": user_data.get("credits"),
-            },
-        )
+        return create_access_token(identity=user_data["id"])
 
     def generate_refresh_token(self, user_data: dict[str, Any]) -> str:
         """Generate a refresh token for the user."""