feat(auth): enhance user authentication by querying user data from the database and simplifying access token generation

2025-07-01 02:41:25 +02:00
parent a7210a8d50
commit e63c7a0767
2 changed files with 23 additions and 28 deletions
--- a/app/services/decorators.py
+++ b/app/services/decorators.py
@@ -17,23 +17,31 @@ def get_user_from_jwt() -> dict[str, Any] | None:
        if not current_user_id:
            return None

-        claims = get_jwt()
-        is_active = claims.get("is_active", True)
+        # Query database for user data instead of using JWT claims
+        from app.models.user import User
        
-        if not is_active:
+        user = User.query.get(int(current_user_id))
+        if not user or not user.is_active:
            return None

+        # Build comprehensive providers list
+        providers = [p.provider for p in user.oauth_providers]
+        if user.password_hash:
+            providers.append("password")
+        if user.api_token:
+            providers.append("api_token")
+
        return {
-            "id": current_user_id,
-            "email": claims.get("email", ""),
-            "name": claims.get("name", ""),
-            "picture": claims.get("picture"),
-            "role": claims.get("role", "user"),
-            "is_active": is_active,
-            "provider": claims.get("provider", "unknown"),
-            "providers": claims.get("providers", []),
-            "plan": claims.get("plan"),
-            "credits": claims.get("credits"),
+            "id": str(user.id),
+            "email": user.email,
+            "name": user.name,
+            "picture": user.picture,
+            "role": user.role,
+            "is_active": user.is_active,
+            "provider": "jwt",
+            "providers": providers,
+            "plan": user.plan.to_dict() if user.plan else None,
+            "credits": user.credits,
        }
    except Exception:
        return None
--- a/app/services/token_service.py
+++ b/app/services/token_service.py
@@ -10,20 +10,7 @@ class TokenService:

    def generate_access_token(self, user_data: dict[str, Any]) -> str:
        """Generate an access token for the user."""
-        return create_access_token(
-            identity=user_data["id"],
-            additional_claims={
-                "email": user_data["email"],
-                "name": user_data["name"],
-                "picture": user_data.get("picture"),
-                "role": user_data.get("role"),
-                "is_active": user_data.get("is_active"),
-                "provider": user_data.get("provider"),
-                "providers": user_data.get("providers", []),
-                "plan": user_data.get("plan"),
-                "credits": user_data.get("credits"),
-            },
-        )
+        return create_access_token(identity=user_data["id"])

    def generate_refresh_token(self, user_data: dict[str, Any]) -> str:
        """Generate a refresh token for the user."""