fix(auth): always seed the active account into the switch list
Sessions created before multi-session existed had no account_ids, so adding a second account left the first one (e.g. the long-lived session) absent from the switcher. current_user now ensures the active user_id is always present in account_ids, so the switch list is never missing the account you're using.
This commit is contained in:
parent
2d8c47b04e
commit
15716dd578
1 changed files with 6 additions and 0 deletions
|
|
@ -232,6 +232,12 @@ def current_user(request: Request, db: Session = Depends(get_db)) -> User:
|
||||||
if user is None:
|
if user is None:
|
||||||
request.session.clear()
|
request.session.clear()
|
||||||
raise HTTPException(status_code=401, detail="Not authenticated")
|
raise HTTPException(status_code=401, detail="Not authenticated")
|
||||||
|
# Always keep the active account in the switchable list — covers sessions created before
|
||||||
|
# multi-session existed (their account_ids was never seeded), so the switcher isn't empty.
|
||||||
|
accounts = request.session.get("account_ids") or []
|
||||||
|
if user_id not in accounts:
|
||||||
|
accounts.append(user_id)
|
||||||
|
request.session["account_ids"] = accounts[-MAX_SESSION_ACCOUNTS:]
|
||||||
return user
|
return user
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue