bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix auth service login failure by correcting logging calls

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-10 21:43:31 +01:00
parent b089c216db
commit cc53037552
2 changed files with 220 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
services/auth/app/services/auth_service.py
View File

@@ -15,6 +15,7 @@ from app.schemas.auth import UserRegistration, UserLogin, TokenResponse, UserRes
from app.models.users import User
from app.models.tokens import RefreshToken
from app.core.security import SecurityManager
from app.utils.subscription_fetcher import SubscriptionFetcher
from shared.messaging import UnifiedEventPublisher, EVENT_TYPES
from shared.database.unit_of_work import UnitOfWork
from shared.database.transactions import transactional
@@ -225,7 +226,7 @@ class EnhancedAuthService:
}
)
except Exception as e:
logger.warning("Failed to publish registration event", error=str(e))
logger.warning("Failed to publish registration event: %s", str(e))
logger.info("User registered successfully using repository pattern",
user_id=new_user.id,
@@ -288,7 +289,28 @@ class EnhancedAuthService:
logger.debug("Existing tokens revoked using repository pattern",
user_id=user.id)
# NEW: Fetch subscription data for JWT enrichment
# This happens ONCE at login, not per-request
from app.core.config import settings
subscription_fetcher = SubscriptionFetcher(
tenant_service_url=settings.TENANT_SERVICE_URL # Now properly configurable
)
# Get service token for inter-service communication
service_token = await self._get_service_token()
subscription_context = await subscription_fetcher.get_user_subscription_context(
user_id=str(user.id),
service_token=service_token
)
logger.debug("Fetched subscription context for JWT enrichment",
user_id=user.id,
subscription_tier=subscription_context.get("subscription", {}).get("tier"))
# Create tokens with different payloads
subscription_data = subscription_context.get("subscription") or {}
access_token_data = {
"user_id": str(user.id),
"email": user.email,
@@ -296,7 +318,14 @@ class EnhancedAuthService:
"is_verified": user.is_verified,
"is_active": user.is_active,
"role": user.role,
"type": "access"
"type": "access",
# NEW: Add subscription data to JWT payload
"tenant_id": subscription_context.get("tenant_id"),
"tenant_role": subscription_context.get("tenant_role"),
"subscription": subscription_data,
"subscription_tier": subscription_data.get("tier", "starter"), # Add direct field for gateway
"subscription_from_jwt": True, # Flag for gateway to use JWT data
"tenant_access": subscription_context.get("tenant_access")
}
refresh_token_data = {
@@ -339,7 +368,7 @@ class EnhancedAuthService:
}
)
except Exception as e:
logger.warning("Failed to publish login event", error=str(e))
logger.warning("Failed to publish login event: %s", str(e))
logger.info("User logged in successfully using repository pattern",
user_id=user.id,
@@ -425,7 +454,24 @@ class EnhancedAuthService:
detail="User not found or inactive"
)
# Create new access token
# NEW: Fetch FRESH subscription data for token refresh
# This ensures subscription changes propagate within token expiry period
subscription_fetcher = SubscriptionFetcher(
tenant_service_url=settings.TENANT_SERVICE_URL # Now properly configurable
)
service_token = await self._get_service_token()
subscription_context = await subscription_fetcher.get_user_subscription_context(
user_id=str(user.id),
service_token=service_token
)
logger.debug("Fetched fresh subscription context for token refresh",
user_id=user.id,
subscription_tier=subscription_context.get("subscription", {}).get("tier"))
# Create new access token with updated subscription data
access_token_data = {
"user_id": str(user.id),
"email": user.email,
@@ -433,7 +479,12 @@ class EnhancedAuthService:
"is_verified": user.is_verified,
"is_active": user.is_active,
"role": user.role,
"type": "access"
"type": "access",
# NEW: Add fresh subscription data to JWT payload
"tenant_id": subscription_context.get("tenant_id"),
"tenant_role": subscription_context.get("tenant_role"),
"subscription": subscription_context.get("subscription"),
"tenant_access": subscription_context.get("tenant_access")
}
new_access_token = SecurityManager.create_access_token(user_data=access_token_data)
@@ -450,7 +501,7 @@ class EnhancedAuthService:
except HTTPException:
raise
except Exception as e:
logger.error("Token refresh failed using repository pattern", error=str(e))
logger.error("Token refresh failed using repository pattern: %s", str(e))
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Token refresh failed"
@@ -469,7 +520,7 @@ class EnhancedAuthService:
return payload
except Exception as e:
logger.error("Token verification error using repository pattern", error=str(e))
logger.error("Token verification error using repository pattern: %s", str(e))
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid token"
@@ -637,6 +688,24 @@ class EnhancedAuthService:
user_id=user_id,
error=str(e))
return False
async def _get_service_token(self) -> str:
"""
Get service token for inter-service communication.
This is used to fetch subscription data from tenant service.
"""
try:
# Create a proper service token with JWT using SecurityManager
service_token = SecurityManager.create_service_token("auth-service")
logger.debug("Generated service token for tenant service communication")
return service_token
except Exception as e:
logger.error(f"Failed to get service token: {e}")
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail="Failed to authenticate with tenant service"
)
# Legacy compatibility - alias EnhancedAuthService as AuthService