Fix user delete flow 6

2025-08-02 21:56:25 +02:00
parent 63151c9bd4
commit fdacbee52f
3 changed files with 25 additions and 24 deletions
--- a/gateway/app/main.py
+++ b/gateway/app/main.py
@@ -66,20 +66,26 @@ async def startup_event():
    """Application startup"""
    logger.info("Starting API Gateway")
    
-    # Start metrics server
+
    metrics_collector.register_counter(
        "gateway_auth_requests_total",
-        "Total authentication requests through gateway"
+        "Total authentication requests"
    )
    metrics_collector.register_counter(
        "gateway_auth_responses_total", 
-        "Total authentication responses through gateway"
+        "Total authentication responses"
    )
-    metrics_collector.register_histogram(
-        "gateway_request_duration_seconds",
-        "Gateway request duration"
+    metrics_collector.register_counter(
+        "gateway_auth_errors_total",
+        "Total authentication errors"
    )
    
+    metrics_collector.register_histogram(
+        "gateway_request_duration_seconds",
+        "Request duration in seconds"
+    )
+    
+    logger.info("Metrics registered successfully")
    
    metrics_collector.start_metrics_server(8080)
    
--- a/gateway/app/middleware/auth.py
+++ b/gateway/app/middleware/auth.py
@@ -203,9 +203,12 @@ class AuthMiddleware(BaseHTTPMiddleware):
        }
    
        if payload.get("service"):
-            base_context["service"] = payload["service"]
+            service_name = payload["service"] 
+            base_context["service"] = service_name
            base_context["type"] = "service"
            base_context["role"] = "service"
+            base_context["user_id"] = f"{service_name}-service"
+            base_context["email"] = f"{service_name}-service@internal"
            logger.debug(f"Service authentication: {payload['service']}")
    
        return base_context
--- a/shared/auth/tenant_access.py
+++ b/shared/auth/tenant_access.py
@@ -6,6 +6,7 @@ Tenant access control utilities for microservices
 Provides both gateway-level and service-level tenant access verification
 """

+import re
 from typing import Dict, Any, Optional
 import httpx
 import structlog
@@ -306,24 +307,15 @@ async def verify_tenant_permission_dep(

 def extract_tenant_id_from_path(path: str) -> Optional[str]:
    """
-    Extract tenant_id from URL path like /api/v1/tenants/{tenant_id}/...
-    BUT NOT from tenant management endpoints like /api/v1/tenants/register
+    More robust tenant ID extraction using regex pattern matching
+    Only matches actual tenant-scoped paths with UUID format
    """
-    path_parts = path.split("/")
-    if "tenants" in path_parts:
-        try:
-            tenant_index = path_parts.index("tenants")
-            if tenant_index + 1 < len(path_parts):
-                potential_tenant_id = path_parts[tenant_index + 1]
+    # Pattern for tenant-scoped paths: /api/v1/tenants/{uuid}/...
+    tenant_pattern = r'/api/v1/tenants/([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})/.*'
    
-                # ✅ EXCLUDE tenant management endpoints
-                if potential_tenant_id in ["register", "list"]:
-                    return None
-                    
-                return potential_tenant_id
-        except (ValueError, IndexError):
-            pass
-    return None
+    match = re.match(tenant_pattern, path, re.IGNORECASE)
+    if match:
+        return match.group(1)

 def is_tenant_scoped_path(path: str) -> bool:
    """