From b0629c5971f3a956ce098c5846b6ab8a7f32b18d Mon Sep 17 00:00:00 2001
From: Urtzi Alfaro <urtzialfaro@MacBook-Pro-de-Urtzi.local>
Date: Sat, 26 Jul 2025 19:15:18 +0200
Subject: [PATCH] REFACTOR API gateway fix 1

---
 gateway/app/main.py            |  2 +-
 gateway/app/routes/user.py     |  6 ++--
 services/auth/app/api/users.py | 63 +++++++++++++++++++++++++++-------
 3 files changed, 55 insertions(+), 16 deletions(-)

diff --git a/gateway/app/main.py b/gateway/app/main.py
index 0047af4a..ce8e4e7b 100644
--- a/gateway/app/main.py
+++ b/gateway/app/main.py
@@ -56,7 +56,7 @@ app.add_middleware(AuthMiddleware)
 
 # Include routers
 app.include_router(auth.router, prefix="/api/v1/auth", tags=["authentication"])
-app.include_router(user.router, prefix="/api/v1/user", tags=["user"])
+app.include_router(user.router, prefix="/api/v1/users", tags=["users"])
 app.include_router(tenant.router, prefix="/api/v1/tenants", tags=["tenants"])
 app.include_router(notification.router, prefix="/api/v1/notifications", tags=["notifications"])
 app.include_router(nominatim.router, prefix="/api/v1/nominatim", tags=["location"])
diff --git a/gateway/app/routes/user.py b/gateway/app/routes/user.py
index e25e9bdd..f1b0da4b 100644
--- a/gateway/app/routes/user.py
+++ b/gateway/app/routes/user.py
@@ -59,7 +59,7 @@ class UserProxy:
         try:
             # Get auth service URL (with service discovery if available)
             auth_url = await self._get_auth_service_url()
-            target_url = f"{auth_url}/api/v1/user/{path}"
+            target_url = f"{auth_url}/api/v1/users/{path}"
             
             # Prepare headers (remove hop-by-hop headers)
             headers = self._prepare_headers(dict(request.headers))
@@ -177,12 +177,12 @@ user_proxy = UserProxy()
 @router.get("/me")
 async def get_current_user(request: Request):
     """Proxy get current user to auth service"""
-    return await user_proxy.forward_request("GET", "/me", request)
+    return await user_proxy.forward_request("GET", "me", request)
 
 @router.put("/me")
 async def update_current_user(request: Request):
     """Proxy update current user to auth service"""
-    return await user_proxy.forward_request("PUT", "/me", request)
+    return await user_proxy.forward_request("PUT", "me", request)
 
 # ================================================================
 # CATCH-ALL ROUTE for any other user endpoints
diff --git a/services/auth/app/api/users.py b/services/auth/app/api/users.py
index ac446cbf..476f55df 100644
--- a/services/auth/app/api/users.py
+++ b/services/auth/app/api/users.py
@@ -13,6 +13,8 @@ from app.schemas.users import UserUpdate
 from app.services.user_service import UserService
 from app.models.users import User
 
+from sqlalchemy.ext.asyncio import AsyncSession
+
 # Import unified authentication from shared library
 from shared.auth.decorators import (
     get_current_user_dep,
@@ -30,18 +32,55 @@ async def get_current_user_info(
 ):
     """Get current user information"""
     try:
-        return UserResponse(
-            id=str(current_user.id),
-            email=current_user.email,
-            full_name=current_user.full_name,
-            is_active=current_user.is_active,
-            is_verified=current_user.is_verified,
-            phone=current_user.phone,
-            language=current_user.language,
-            timezone=current_user.timezone,
-            created_at=current_user.created_at,
-            last_login=current_user.last_login
-        )
+        # Handle both User object (direct auth) and dict (from gateway headers)
+        if isinstance(current_user, dict):
+            # Coming from gateway headers - need to fetch user from DB
+            user_id = current_user.get("user_id")
+            if not user_id:
+                raise HTTPException(
+                    status_code=status.HTTP_401_UNAUTHORIZED,
+                    detail="Invalid user context"
+                )
+            
+            # Fetch full user from database
+            from sqlalchemy import select
+            from app.models.users import User
+            
+            result = await db.execute(select(User).where(User.id == user_id))
+            user = result.scalar_one_or_none()
+            
+            if not user:
+                raise HTTPException(
+                    status_code=status.HTTP_404_NOT_FOUND,
+                    detail="User not found"
+                )
+            
+            return UserResponse(
+                id=str(user.id),
+                email=user.email,
+                full_name=user.full_name,
+                is_active=user.is_active,
+                is_verified=user.is_verified,
+                phone=user.phone,
+                language=user.language,
+                timezone=user.timezone,
+                created_at=user.created_at,
+                last_login=user.last_login
+            )
+        else:
+            # Direct User object (when called directly)
+            return UserResponse(
+                id=str(current_user.id),
+                email=current_user.email,
+                full_name=current_user.full_name,
+                is_active=current_user.is_active,
+                is_verified=current_user.is_verified,
+                phone=current_user.phone,
+                language=current_user.language,
+                timezone=current_user.timezone,
+                created_at=current_user.created_at,
+                last_login=current_user.last_login
+            )
     except Exception as e:
         logger.error(f"Get current user error: {e}")
         raise HTTPException(