From 6ed0aca2df83479c9bc0aaa404b40895914c2d38 Mon Sep 17 00:00:00 2001
From: GareArc <chen4851@purdue.edu>
Date: Thu, 29 May 2025 09:57:07 +0800
Subject: [PATCH] fix: remove app code check in web api

---
 api/controllers/web/wraps.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/api/controllers/web/wraps.py b/api/controllers/web/wraps.py
index ed50a2c43a..a94dded59f 100644
--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@@ -44,9 +44,7 @@ def decode_jwt_token():
         if auth_scheme != "bearer":
             raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
         decoded = PassportService().verify(tk)
-        decoded_app_code = decoded.get("app_code")
-        if not decoded_app_code or decoded_app_code != app_code:
-            raise Unauthorized("Invalid app code in token.")
+        app_code = decoded.get("app_code")
         app_model = db.session.query(App).filter(App.id == decoded["app_id"]).first()
         site = db.session.query(Site).filter(Site.code == app_code).first()
         if not app_model: