From e9ae79d398bb54f9cc204e38c2fe6590264e3811 Mon Sep 17 00:00:00 2001
From: GareArc <chen4851@purdue.edu>
Date: Thu, 29 May 2025 10:42:21 +0800
Subject: [PATCH] fix: adjust webapp login token source name

---
 api/controllers/web/passport.py     | 4 ++--
 api/services/webapp_auth_service.py | 3 +--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/api/controllers/web/passport.py b/api/controllers/web/passport.py
index 501a19e704..d056803d2c 100644
--- a/api/controllers/web/passport.py
+++ b/api/controllers/web/passport.py
@@ -86,8 +86,8 @@ def decode_enterprise_webapp_user_id(jwt_token: str | None):
 
     decoded = PassportService().verify(jwt_token)
     source = decoded.get("token_source")
-    if not source or source != "enterprise_login":
-        raise Unauthorized("Invalid token source. Expected 'enterprise_login'.")
+    if not source or source != "webapp_login_token":
+        raise Unauthorized("Invalid token source. Expected 'webapp_login_token'.")
     return decoded
 
 
diff --git a/api/services/webapp_auth_service.py b/api/services/webapp_auth_service.py
index 75151ecb60..766688a2b9 100644
--- a/api/services/webapp_auth_service.py
+++ b/api/services/webapp_auth_service.py
@@ -106,11 +106,10 @@ class WebAppAuthService:
         exp = int(exp_dt.timestamp())
 
         payload = {
-            "iss": site.id,
             "sub": "Web API Passport",
             "user_id": account.id,
             "end_user_id": end_user_id,
-            "token_source": "enterprise_login",
+            "token_source": "webapp_login_token",
             "exp": exp,
         }