Improve the frontend and repository layer

gateway/app/middleware/auth.py

@@ -405,8 +405,19 @@ class AuthMiddleware(BaseHTTPMiddleware):
     def _inject_context_headers(self, request: Request, user_context: Dict[str, Any], tenant_id: Optional[str] = None):
         """
         Inject user and tenant context headers for downstream services
-        FIXED: Proper header injection
+        ENHANCED: Added logging to verify header injection
         """
+        # Log what we're injecting for debugging
+        logger.debug(
+            "Injecting context headers",
+            user_id=user_context.get("user_id"),
+            user_type=user_context.get("type", ""),
+            service_name=user_context.get("service", ""),
+            role=user_context.get("role", ""),
+            tenant_id=tenant_id,
+            path=request.url.path
+        )
+
         # Add user context headers
         request.headers.__dict__["_list"].append((
             b"x-user-id", user_context["user_id"].encode()
@@ -414,30 +425,30 @@ class AuthMiddleware(BaseHTTPMiddleware):
         request.headers.__dict__["_list"].append((
             b"x-user-email", user_context["email"].encode()
         ))
-        
+
         user_role = user_context.get("role", "user")
         request.headers.__dict__["_list"].append((
             b"x-user-role", user_role.encode()
         ))
-        
+
         user_type = user_context.get("type", "")
         if user_type:
             request.headers.__dict__["_list"].append((
                 b"x-user-type", user_type.encode()
         ))
-        
+
         service_name = user_context.get("service", "")
         if service_name:
             request.headers.__dict__["_list"].append((
                 b"x-service-name", service_name.encode()
         ))
-        
+
         # Add tenant context if available
         if tenant_id:
             request.headers.__dict__["_list"].append((
                 b"x-tenant-id", tenant_id.encode()
         ))
-            
+
         # Add subscription tier if available
         subscription_tier = user_context.get("subscription_tier", "")
         if subscription_tier:

gateway/app/routes/tenant.py

@@ -58,6 +58,35 @@ async def delete_user_tenants(request: Request, user_id: str = Path(...)):
     """Get all tenant memberships for a user (admin only)"""
     return await _proxy_to_tenant_service(request, f"/api/v1/tenants/user/{user_id}/memberships")
 
+# ================================================================
+# TENANT SETTINGS ENDPOINTS
+# ================================================================
+
+@router.get("/{tenant_id}/settings")
+async def get_tenant_settings(request: Request, tenant_id: str = Path(...)):
+    """Get all settings for a tenant"""
+    return await _proxy_to_tenant_service(request, f"/api/v1/tenants/{tenant_id}/settings")
+
+@router.put("/{tenant_id}/settings")
+async def update_tenant_settings(request: Request, tenant_id: str = Path(...)):
+    """Update tenant settings"""
+    return await _proxy_to_tenant_service(request, f"/api/v1/tenants/{tenant_id}/settings")
+
+@router.get("/{tenant_id}/settings/{category}")
+async def get_category_settings(request: Request, tenant_id: str = Path(...), category: str = Path(...)):
+    """Get settings for a specific category"""
+    return await _proxy_to_tenant_service(request, f"/api/v1/tenants/{tenant_id}/settings/{category}")
+
+@router.put("/{tenant_id}/settings/{category}")
+async def update_category_settings(request: Request, tenant_id: str = Path(...), category: str = Path(...)):
+    """Update settings for a specific category"""
+    return await _proxy_to_tenant_service(request, f"/api/v1/tenants/{tenant_id}/settings/{category}")
+
+@router.post("/{tenant_id}/settings/{category}/reset")
+async def reset_category_settings(request: Request, tenant_id: str = Path(...), category: str = Path(...)):
+    """Reset a category to default values"""
+    return await _proxy_to_tenant_service(request, f"/api/v1/tenants/{tenant_id}/settings/{category}/reset")
+
 # ================================================================
 # TENANT SUBSCRIPTION ENDPOINTS
 # ================================================================
@@ -248,6 +277,13 @@ async def proxy_tenant_transformations_with_path(request: Request, tenant_id: st
     target_path = f"/api/v1/tenants/{tenant_id}/transformations/{path}".rstrip("/")
     return await _proxy_to_inventory_service(request, target_path, tenant_id=tenant_id)
 
+@router.api_route("/{tenant_id}/sustainability/{path:path}", methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"])
+async def proxy_tenant_sustainability(request: Request, tenant_id: str = Path(...), path: str = ""):
+    """Proxy tenant sustainability requests to inventory service"""
+    # The inventory service sustainability endpoints are tenant-scoped: /api/v1/tenants/{tenant_id}/sustainability/{path}
+    target_path = f"/api/v1/tenants/{tenant_id}/sustainability/{path}".rstrip("/")
+    return await _proxy_to_inventory_service(request, target_path, tenant_id=tenant_id)
+
 # ================================================================
 # TENANT-SCOPED PRODUCTION SERVICE ENDPOINTS
 # ================================================================