Major Refactor

app/auth/views.py

@@ -5,45 +5,53 @@ from app import db, bcrypt
 from datetime import datetime
 from uuid import uuid4
 from app.classes.auth import Auth_User
-
+from app.classes.employee import Employee_Employee 
 
 @auth.route("/whoami", methods=["GET"])
 def check_session():
     """
-    Checks auth token to ensure user is authenticated
+    Checks auth token and returns user and associated employee data.
     """
-
     api_key = request.headers.get('Authorization')
     if not api_key:
-        return jsonify({"error": "True"}), 200
-    else:
-        api_key = api_key.replace('bearer ', '', 1)
-        api_key = api_key.replace('"', '')
-        
-        user_exists = (db.session
-                          .query(Auth_User)
-                          .filter(Auth_User.api_key == api_key)
-                          .first())
-        if not user_exists:
-            return jsonify({"error": True}), 200
-        else:
-            user = db.session\
-                .query(Auth_User)\
-                .filter(Auth_User.api_key == api_key)\
-                .first()
-              
-            return jsonify({
-                "ok": True,
-                'user': {
-                    'user_name': user.username,
-                    'user_id': user.id,
-                    'user_email': user.email,
-                    'user_admin': user.admin_role,
-                    'token': user.api_key,
-                    'confirmed': user.confirmed
-                         },
-                'token': user.api_key
-            }), 200
+        return jsonify({"ok": False, "error": "Authorization header missing"}), 401
+
+    # Clean up the token
+    api_key = api_key.replace('bearer ', '', 1).strip('"')
+    
+    user = db.session.query(Auth_User).filter(Auth_User.api_key == api_key).first()
+    
+    if not user:
+        return jsonify({"ok": False, "error": "Invalid token"}), 401
+
+    # --- THIS IS THE CRITICAL FIX ---
+    # Now that we have the user, find the corresponding employee record.
+    # This assumes your Employee model has a 'user_id' field linking to the Auth_User 'id'.
+    employee = db.session.query(Employee_Employee).filter(Employee_Employee.user_id == user.id).first()
+
+    # It's possible a user exists without an employee record, so we handle that case.
+    if not employee:
+        return jsonify({"ok": False, "error": "User found, but no associated employee record"}), 404
+    
+    # Now, build the complete response with both user and employee data.
+    return jsonify({
+        "ok": True,
+        'user': {
+            'user_name': user.username,
+            'user_id': user.id,
+            'user_email': user.email,
+            'user_admin': user.admin_role,
+            'token': user.api_key,
+            'confirmed': user.confirmed
+        },
+        # ADD THE EMPLOYEE OBJECT TO THE RESPONSE
+        'employee': {
+            'id': employee.id,
+            'employee_first_name': employee.employee_first_name,
+            'employee_last_name': employee.employee_last_name,
+            # Add any other employee fields you might need on the frontend
+        }
+    }), 200
 
 
 @auth.route("/amiconfirmed", methods=["GET"])