refactor: consolidate user and superadmin sessions into unified model

2026-04-28 20:54:15 +09:30
parent 5abbadff9a
commit 803bf4f4f2
12 changed files with 472 additions and 126 deletions
@@ -15,7 +15,7 @@ def superadmin_required(f):
    """Decorator to require superadmin Bearer token authentication.
    
    Extracts token from Authorization: Bearer {token} header,
-    validates the session against SuperadminSession table,
+    validates the session against the unified sessions table,
    and sets g.current_superadmin and g.superadmin_session.
    
    Returns 401 if no valid session, 403 if not a superadmin.
@@ -46,10 +46,14 @@ def superadmin_required(f):
        token = parts[1]
        
        # Import here to avoid circular imports
-        from gatehouse_app.models.superadmin import SuperadminSession, Superadmin
+        from gatehouse_app.models.user.session import Session
+        from gatehouse_app.models.superadmin import Superadmin
+        from gatehouse_app.utils.constants import SessionType
        
-        # Get active session by token
-        session = SuperadminSession.query.filter_by(token=token).first()
+        # Get active session by token, scoped to superadmin
+        session = Session.query.filter_by(
+            token=token, owner_type=SessionType.SUPERADMIN
+        ).first()
        
        if not session:
            return api_response(
@@ -68,8 +72,8 @@ def superadmin_required(f):
                error_type="SESSION_INACTIVE"
            )
        
-        # Get the superadmin
-        superadmin = session.superadmin
+        # Get the superadmin by owner_id
+        superadmin = Superadmin.query.get(session.owner_id)
        if not superadmin:
            return api_response(
                success=False,