Subscription API and API key injection middleware added
This commit is contained in:
ajaysi
@@ -41,12 +41,17 @@ class APIKeyInjectionMiddleware:
|
||||
if user:
|
||||
# Try different possible keys for user_id
|
||||
user_id = user.get('user_id') or user.get('clerk_user_id') or user.get('id')
|
||||
logger.debug(f"[API Key Injection] Extracted user_id: {user_id}")
|
||||
|
||||
# Store user_id in request.state for monitoring middleware
|
||||
request.state.user_id = user_id
|
||||
if user_id:
|
||||
logger.info(f"[API Key Injection] Extracted user_id: {user_id}")
|
||||
|
||||
# Store user_id in request.state for monitoring middleware
|
||||
request.state.user_id = user_id
|
||||
else:
|
||||
logger.warning(f"[API Key Injection] User object missing ID: {user}")
|
||||
else:
|
||||
logger.warning("[API Key Injection] Token verification failed")
|
||||
except Exception as e:
|
||||
logger.debug(f"[API Key Injection] Could not extract user from token: {e}")
|
||||
logger.error(f"[API Key Injection] Could not extract user from token: {e}")
|
||||
|
||||
if not user_id:
|
||||
# No authenticated user, proceed without injection
|
||||
|
||||
@@ -488,9 +488,9 @@ async def monitoring_middleware(request: Request, call_next):
|
||||
# Check for authorization header with user info
|
||||
elif 'authorization' in request.headers:
|
||||
# Auth middleware should have set request.state.user_id
|
||||
# If not, skip usage limits (unauthenticated or auth will handle)
|
||||
# If not, this indicates an authentication failure that should be logged
|
||||
user_id = None
|
||||
logger.debug("Monitoring: Auth header present but no user_id in state - skipping limits")
|
||||
logger.warning("Monitoring: Auth header present but no user_id in state - authentication may have failed")
|
||||
|
||||
# For alpha testing, use IP address as user identifier if no other ID found
|
||||
# But only if there's no auth header (truly anonymous)
|
||||
|
||||
Reference in New Issue
Block a user