Clean up token authorization middleware - remove token variable reference

The middleware logic is correct and matches requirements: - Global tokens (aisbf.json): ONLY access global endpoints - User tokens (database): ONLY access their own /api/u/<username> endpoints - Database admin users: same as normal users (no special API access)

Clean up token authorization middleware - remove token variable reference
The middleware logic is correct and matches requirements: - Global tokens (aisbf.json): ONLY access global endpoints - User tokens (database): ONLY access their own /api/u/<username> endpoints - Database admin users: same as normal users (no special API access)
10332149 · Your Name · ca949768 · 10332149
Commit 10332149 authored Apr 21, 2026 by Your Name
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 2 deletions

main.py main.py +1 -2

No files found.
--- a/main.py
+++ b/main.py
@@ -1353,8 +1353,7 @@ async def api_token_authorization_middleware(request: Request, call_next):
                )
            
            # Debug logging
-            token_short = token[:8] + "..." if len(token) > 8 else token
-            logger.info(f"Token auth check: token={token_short}, user_id={user_id}, authenticated_username={authenticated_user.get('username')}, target_username={target_username}")
+            logger.info(f"Token auth check: user_id={user_id}, authenticated_username={authenticated_user.get('username')}, target_username={target_username}")
            
            if authenticated_user['username'] != target_username:
                return JSONResponse(