o
    "Æi5  ã                   @   sæ   U d Z ddlmZ ddlmZ ddlmZmZmZ ddl	m
Z
 ddlZddlZe e¡ZedddZeee  ed	< G d
d„ de
ƒZddedee fdd„Zdee fdd„Zdee fdd„Zdee fdd„Zdd„ Zdd„ ZdS )zM
Tenant Context Middleware
Manages tenant context for multi-tenant isolation
é    )Ú
ContextVar)ÚOptional)ÚRequestÚHTTPExceptionÚstatus)ÚBaseHTTPMiddlewareNÚtenant_context)ÚdefaultÚ_tenant_contextc                   @   s   e Zd ZdZdefdd„ZdS )ÚTenantContextMiddlewarezÓ
    Middleware to extract and set tenant context from JWT token

    Extracts tenant_id and user_id from JWT token and sets them in context.
    This enables automatic tenant isolation in database queries.
    Úrequestc              
   Ã   sÖ  g d¢}|j j|v s|j j d¡r||ƒI d H S |j d¡}|rÙ| d¡rÙ| dd¡}zxddlm} tj	||j
dgd	d
id}| d¡pI| d¡}| d¡}	|r£ddlm}
 ddlm} |
ƒ }z=| |¡ |jt|ƒk|jdk¡ ¡ }|st d|› ¡ ntt|ƒ|	r‰t|	ƒnd d t d|› d|	› ¡ W | ¡  n| ¡  w W n4 tjy¿ } zt d|› ¡ W Y d }~nd }~w tyØ } zt d|› ¡ W Y d }~nd }~ww z||ƒI d H }|W tƒ  S tƒ  w )N)ú/z/healthz/docsz/openapi.jsonz/redocz/api/v1/auth/loginz/api/v1/auth/registerz/staticÚAuthorizationzBearer Ú r   )ÚsettingsÚHS256Ú
verify_expT)Ú
algorithmsÚoptionsÚ	tenant_idÚsub)ÚSessionLocal)ÚTenantFz%Invalid or deleted tenant_id in JWT: ©r   Úuser_idz'Tenant context set from JWT: tenant_id=ú
, user_id=zInvalid JWT token: z*Error extracting tenant context from JWT: )ÚurlÚpathÚ
startswithÚheadersÚgetÚreplaceÚ
app.configr   ÚjwtÚdecodeÚ
SECRET_KEYÚapp.db.sessionr   Úapp.models.tenantr   ÚqueryÚfilterÚidÚintÚ
is_deletedÚfirstÚloggerÚwarningÚset_tenant_contextÚdebugÚcloseÚInvalidTokenErrorÚ	ExceptionÚerrorÚclear_tenant_context)Úselfr   Ú	call_nextÚpublic_pathsÚauth_headerÚtokenr   Úpayloadr   r   r   r   ÚdbÚtenantÚeÚresponse© rA   ú?/lsinfo/ai/hellotax_ai/base_platform/app/core/tenant_context.pyÚdispatch   sb   €ü

þýþ€€€€ÿz TenantContextMiddleware.dispatchN)Ú__name__Ú
__module__Ú__qualname__Ú__doc__r   rC   rA   rA   rA   rB   r      s    r   r   r   c                 K   s2   | |dœ|¥}t  |¡ t d| › d|› ¡ dS )zœ
    Set the current tenant context

    Args:
        tenant_id: Tenant ID
        user_id: Optional user ID
        **kwargs: Additional context data
    r   zTenant context set: tenant_id=r   N©r
   Úsetr.   r1   )r   r   ÚkwargsÚcontextrA   rA   rB   r0   a   s   
þý
r0   Úreturnc                   C   s   t  ¡ S )zZ
    Get the current tenant context

    Returns:
        Tenant context dict or None
    ©r
   r    rA   rA   rA   rB   Úget_tenant_contexts   s   rN   c                  C   ó   t  ¡ } | r|  d¡S dS )zX
    Get the current tenant ID from context

    Returns:
        Tenant ID or None
    r   NrM   ©rK   rA   rA   rB   Úget_current_tenant_id}   ó   rQ   c                  C   rO   )zT
    Get the current user ID from context

    Returns:
        User ID or None
    r   NrM   rP   rA   rA   rB   Úget_current_user_idˆ   rR   rS   c                   C   s   t  d¡ t d¡ dS )z*
    Clear the current tenant context
    NzTenant context clearedrH   rA   rA   rA   rB   r6   “   s   
r6   c                  C   s(   t  ¡ } | r|  d¡sttjdd‚| S )zƒ
    Require tenant context to be set, raise exception if not

    Raises:
        HTTPException: If tenant context is not set
    r   z,Tenant context not set. Please authenticate.)Ústatus_codeÚdetail)r
   r    r   r   ÚHTTP_401_UNAUTHORIZEDrP   rA   rA   rB   Úrequire_tenant_context›   s   þrW   )N)rG   Úcontextvarsr   Útypingr   Úfastapir   r   r   Ústarlette.middleware.baser   Úloggingr#   Ú	getLoggerrD   r.   r
   ÚdictÚ__annotations__r   r+   r0   rN   rQ   rS   r6   rW   rA   rA   rA   rB   Ú<module>   s     
O
