From aa06aa81c8d843fd929419aca01a3bbd2d622103 Mon Sep 17 00:00:00 2001
From: GitHub Actions <actions@github.com>
Date: Fri, 13 Feb 2026 08:20:11 +0000
Subject: [PATCH] fix: update OptionalAuth to retrieve user details from
 authService and ensure user is enabled

---
 backend/internal/api/middleware/optional_auth.go | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/backend/internal/api/middleware/optional_auth.go b/backend/internal/api/middleware/optional_auth.go
index 38f13dd2..6eb28134 100644
--- a/backend/internal/api/middleware/optional_auth.go
+++ b/backend/internal/api/middleware/optional_auth.go
@@ -37,8 +37,14 @@ func OptionalAuth(authService *services.AuthService) gin.HandlerFunc {
 			return
 		}
 
-		c.Set("userID", claims.UserID)
-		c.Set("role", claims.Role)
+		user, err := authService.GetUserByID(claims.UserID)
+		if err != nil || !user.Enabled {
+			c.Next()
+			return
+		}
+
+		c.Set("userID", user.ID)
+		c.Set("role", user.Role)
 		c.Next()
 	}
 }