Improve the demo feature of the project

2025-10-12 18:47:33 +02:00
parent dbc7f2fa0d
commit 7556a00db7
168 changed files with 10102 additions and 18869 deletions
--- a/gateway/app/middleware/auth.py
+++ b/gateway/app/middleware/auth.py
@@ -66,7 +66,11 @@ class AuthMiddleware(BaseHTTPMiddleware):
        if hasattr(request.state, "is_demo_session") and request.state.is_demo_session:
            if hasattr(request.state, "user") and request.state.user:
                logger.info(f"✅ Demo session authenticated for route: {request.url.path}")
-                # Demo middleware already validated and set user context, pass through
+                # Demo middleware already validated and set user context
+                # But we still need to inject context headers for downstream services
+                user_context = request.state.user
+                tenant_id = user_context.get("tenant_id") or getattr(request.state, "tenant_id", None)
+                self._inject_context_headers(request, user_context, tenant_id)
                return await call_next(request)

        # ✅ STEP 1: Extract and validate JWT token
--- a/gateway/app/middleware/demo_middleware.py
+++ b/gateway/app/middleware/demo_middleware.py
@@ -102,20 +102,38 @@ class DemoMiddleware(BaseHTTPMiddleware):
                # Get session info from demo service
                session_info = await self._get_session_info(session_id)

-                if session_info and session_info.get("status") == "active":
+                # Accept pending, ready, partial, failed (if data exists), and active (deprecated) statuses
+                # Even "failed" sessions can be usable if some services succeeded
+                valid_statuses = ["pending", "ready", "partial", "failed", "active"]
+                current_status = session_info.get("status") if session_info else None
+
+                if session_info and current_status in valid_statuses:
                    # Inject virtual tenant ID
                    request.state.tenant_id = session_info["virtual_tenant_id"]
                    request.state.is_demo_session = True
                    request.state.demo_account_type = session_info["demo_account_type"]
+                    request.state.demo_session_status = current_status  # Track status for monitoring

                    # Inject demo user context for auth middleware
+                    # Map demo account type to the actual demo user IDs from seed_demo_users.py
+                    DEMO_USER_IDS = {
+                        "individual_bakery": "c1a2b3c4-d5e6-47a8-b9c0-d1e2f3a4b5c6",  # María García López
+                        "central_baker": "d2e3f4a5-b6c7-48d9-e0f1-a2b3c4d5e6f7"      # Carlos Martínez Ruiz
+                    }
+                    demo_user_id = DEMO_USER_IDS.get(
+                        session_info.get("demo_account_type", "individual_bakery"),
+                        DEMO_USER_IDS["individual_bakery"]
+                    )
+
                    # This allows the request to pass through AuthMiddleware
                    request.state.user = {
-                        "user_id": session_info.get("user_id", "demo-user"),
+                        "user_id": demo_user_id,  # Use actual demo user UUID
                        "email": f"demo-{session_id}@demo.local",
                        "tenant_id": session_info["virtual_tenant_id"],
+                        "role": "owner",  # Demo users have owner role
                        "is_demo": True,
-                        "demo_session_id": session_id
+                        "demo_session_id": session_id,
+                        "demo_session_status": current_status
                    }

                    # Update activity
@@ -151,13 +169,15 @@ class DemoMiddleware(BaseHTTPMiddleware):
                            }
                        )
                else:
-                    # Session expired or invalid
+                    # Session expired, invalid, or in failed/destroyed state
+                    logger.warning(f"Invalid demo session state", session_id=session_id, status=current_status)
                    return JSONResponse(
                        status_code=401,
                        content={
                            "error": "session_expired",
                            "message": "Tu sesión demo ha expirado. Crea una nueva sesión para continuar.",
-                            "message_en": "Your demo session has expired. Create a new session to continue."
+                            "message_en": "Your demo session has expired. Create a new session to continue.",
+                            "session_status": current_status
                        }
                    )

--- a/gateway/app/routes/user.py
+++ b/gateway/app/routes/user.py
@@ -59,7 +59,8 @@ class UserProxy:
        try:
            # Get auth service URL (with service discovery if available)
            auth_url = await self._get_auth_service_url()
-            target_url = f"{auth_url}/api/v1/users/{path}"
+            # FIX: Auth service uses /api/v1/auth/ prefix, not /api/v1/users/
+            target_url = f"{auth_url}/api/v1/auth/{path}"
            
            # Prepare headers (remove hop-by-hop headers)
            headers = self._prepare_headers(dict(request.headers))