Enhance API key handling and user authentication

- Improved API key extraction from requests using context variables.
- Updated user authentication to validate API keys and handle development mode securely.
- Added cleanup scripts for correcting bad user_id records in the database.
- Implemented verification for user_id fixes to ensure data integrity.

chat/tools.py

@@ -1340,10 +1340,14 @@ def handle_create_order(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Order creation result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
         # Development mode - use default user
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -1476,9 +1480,13 @@ def handle_create_driver(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Driver creation result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -1603,9 +1611,13 @@ def handle_update_order(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Update result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -1829,9 +1841,13 @@ def handle_delete_all_orders(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Deletion result with count
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -1914,9 +1930,13 @@ def handle_delete_order(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Deletion result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2017,9 +2037,13 @@ def handle_update_driver(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Update result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2166,9 +2190,13 @@ def handle_delete_all_drivers(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Deletion result with count
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2256,9 +2284,13 @@ def handle_delete_driver(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Deletion result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2384,9 +2416,13 @@ def handle_count_orders(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Order count result with breakdown (only user's orders)
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2493,10 +2529,14 @@ def handle_fetch_orders(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         List of orders matching criteria (only user's orders)
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
         # Development mode - use default user
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2647,9 +2687,13 @@ def handle_get_order_details(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Complete order details (only if owned by user)
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2768,9 +2812,13 @@ def handle_search_orders(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         List of matching orders
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2857,9 +2905,13 @@ def handle_get_incomplete_orders(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         List of incomplete orders (pending, assigned, in_transit)
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -2938,9 +2990,13 @@ def handle_count_drivers(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Driver count result with breakdown
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3023,9 +3079,13 @@ def handle_fetch_drivers(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         List of drivers matching criteria (only user's drivers)
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3148,9 +3208,13 @@ def handle_get_driver_details(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Complete driver details
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3267,9 +3331,13 @@ def handle_search_drivers(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         List of matching drivers
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3357,9 +3425,13 @@ def handle_get_available_drivers(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         List of available drivers (active or offline)
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3461,9 +3533,13 @@ def handle_create_assignment(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Assignment creation result with route data
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3737,9 +3813,13 @@ def handle_auto_assign_order(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Assignment details with selected driver info and distance
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -3955,9 +4035,13 @@ def handle_intelligent_assign_order(tool_input: dict, user_id: str = None) -> di
     Returns:
         Assignment details with AI reasoning and selected driver info
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -4285,9 +4369,13 @@ def handle_get_assignment_details(tool_input: dict, user_id: str = None) -> dict
     Returns:
         Assignment details or list of assignments
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -4442,9 +4530,13 @@ def handle_update_assignment(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Update result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -4638,9 +4730,13 @@ def handle_unassign_order(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Unassignment result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -4781,9 +4877,13 @@ def handle_complete_delivery(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Completion result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {
@@ -5016,9 +5116,13 @@ def handle_fail_delivery(tool_input: dict, user_id: str = None) -> dict:
     Returns:
         Failure recording result
     """
-    # Authentication check - allow dev mode
+    # Authentication check - allow dev mode (only in non-production environments)
     if not user_id:
-        if os.getenv("SKIP_AUTH") == "true":
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth and env != "production":
             user_id = "dev-user"
         else:
             return {

cleanup_bad_user_ids.py

@@ -0,0 +1,124 @@
+"""
+Cleanup script for records with incorrect user_id='user_id'
+This fixes data created before the verify_api_key() bug was fixed
+"""
+
+from database.connection import get_db_connection
+from database.api_keys import list_api_keys
+import sys
+
+def check_bad_records():
+    """Check how many records have user_id='user_id'"""
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    print("\n=== Checking for records with incorrect user_id='user_id' ===\n")
+
+    tables = ['orders', 'drivers', 'assignments']
+    total_bad = 0
+    details = {}
+
+    for table in tables:
+        try:
+            cursor.execute(f"SELECT COUNT(*) as count FROM {table} WHERE user_id = %s", ('user_id',))
+            result = cursor.fetchone()
+            count = result['count'] if result else 0
+
+            if count > 0:
+                print(f"  {table}: {count} records with user_id='user_id'")
+                total_bad += count
+                details[table] = count
+            else:
+                print(f"  {table}: No bad records found")
+                details[table] = 0
+        except Exception as e:
+            print(f"  {table}: Error checking - {e}")
+            details[table] = 0
+
+    cursor.close()
+    conn.close()
+
+    print(f"\nTotal bad records: {total_bad}\n")
+    return total_bad, details
+
+def get_first_api_key_user():
+    """Get the first API key user (likely the correct one)"""
+    try:
+        keys = list_api_keys()
+        if keys and len(keys) > 0:
+            return keys[0]['user_id']
+    except Exception as e:
+        print(f"Error fetching API keys: {e}")
+    return None
+
+def cleanup_bad_records(correct_user_id: str):
+    """
+    Update records with user_id='user_id' to the correct user_id
+
+    Args:
+        correct_user_id: The actual user_id to assign (e.g., 'user_75d23af433e0')
+    """
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    print(f"\n=== Updating records to user_id='{correct_user_id}' ===\n")
+
+    tables = ['orders', 'drivers', 'assignments']
+    total_updated = 0
+
+    for table in tables:
+        try:
+            cursor.execute(
+                f"UPDATE {table} SET user_id = %s WHERE user_id = %s",
+                (correct_user_id, 'user_id')
+            )
+            count = cursor.rowcount
+
+            if count > 0:
+                print(f"  {table}: Updated {count} records")
+                total_updated += count
+            else:
+                print(f"  {table}: No records to update")
+        except Exception as e:
+            print(f"  {table}: Error updating - {e}")
+            conn.rollback()
+            cursor.close()
+            conn.close()
+            return 0
+
+    conn.commit()
+    cursor.close()
+    conn.close()
+
+    print(f"\nTotal records updated: {total_updated}\n")
+    return total_updated
+
+if __name__ == "__main__":
+    print("=== FleetMind User ID Cleanup Utility ===")
+
+    # First, check how many bad records exist
+    bad_count, details = check_bad_records()
+
+    if bad_count == 0:
+        print("No cleanup needed - all records have correct user_id values!")
+        sys.exit(0)
+
+    # Get the correct user_id from API keys table
+    correct_user_id = get_first_api_key_user()
+
+    if not correct_user_id:
+        print("\nERROR: Could not determine correct user_id from API keys table")
+        print("Please run this script with the user_id as argument:")
+        print("  python cleanup_bad_user_ids.py <user_id>")
+        sys.exit(1)
+
+    print(f"\nFound API key user: {correct_user_id}")
+
+    # Auto-cleanup
+    print(f"\nProceeding with automatic cleanup...")
+    updated = cleanup_bad_records(correct_user_id)
+
+    if updated > 0:
+        print(f"\nSUCCESS: Cleanup complete! Updated {updated} records.")
+    else:
+        print("\nNo updates were made.")

database/api_keys.py

@@ -163,7 +163,11 @@ def verify_api_key(api_key: str) -> Optional[Dict[str, str]]:
         if not result:
             return None
 
-        user_id, email, name, is_active = result
+        # Access RealDictRow fields by key (not tuple unpacking!)
+        user_id = result['user_id']
+        email = result['email']
+        name = result['name']
+        is_active = result['is_active']
 
         if not is_active:
             return None

fix_user_id.py

@@ -0,0 +1,53 @@
+"""Quick fix for the bad user_id record"""
+
+from database.connection import get_db_connection
+
+def fix_bad_user_id():
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Get the correct user_id from api_keys table
+    cursor.execute("SELECT user_id FROM api_keys WHERE is_active = true LIMIT 1")
+    result = cursor.fetchone()
+
+    if not result:
+        print("ERROR: No active API key found")
+        cursor.close()
+        conn.close()
+        return
+
+    correct_user_id = result['user_id']
+    print(f"Found active user: {correct_user_id}")
+
+    # Update orders with bad user_id
+    cursor.execute(
+        "UPDATE orders SET user_id = %s WHERE user_id = %s",
+        (correct_user_id, 'user_id')
+    )
+    orders_updated = cursor.rowcount
+    print(f"Updated {orders_updated} orders")
+
+    # Update drivers with bad user_id
+    cursor.execute(
+        "UPDATE drivers SET user_id = %s WHERE user_id = %s",
+        (correct_user_id, 'user_id')
+    )
+    drivers_updated = cursor.rowcount
+    print(f"Updated {drivers_updated} drivers")
+
+    # Update assignments with bad user_id
+    cursor.execute(
+        "UPDATE assignments SET user_id = %s WHERE user_id = %s",
+        (correct_user_id, 'user_id')
+    )
+    assignments_updated = cursor.rowcount
+    print(f"Updated {assignments_updated} assignments")
+
+    conn.commit()
+    cursor.close()
+    conn.close()
+
+    print(f"\nTotal records fixed: {orders_updated + drivers_updated + assignments_updated}")
+
+if __name__ == "__main__":
+    fix_bad_user_id()

server.py

@@ -13,6 +13,7 @@ import logging
 from pathlib import Path
 from typing import Literal
 from datetime import datetime
+from contextvars import ContextVar
 
 # Add project root to path
 sys.path.insert(0, str(Path(__file__).parent))
@@ -37,6 +38,38 @@ logging.basicConfig(
 )
 logger = logging.getLogger(__name__)
 
+# ============================================================================
+# API KEY EXTRACTION FROM REQUEST
+# ============================================================================
+
+# Store API key per request using context variable
+_current_api_key: ContextVar[str] = ContextVar('api_key', default=None)
+
+def get_api_key_from_context() -> str:
+    """
+    Get API key from the current request context.
+    This is set by our custom dependencies.
+    """
+    return _current_api_key.get(None)
+
+def extract_api_key_from_request():
+    """
+    Extract API key from HTTP request and store in context variable.
+    Called at the start of each tool execution.
+    """
+    try:
+        from fastmcp.server.dependencies import get_http_request
+        request = get_http_request()
+        api_key = request.query_params.get('api_key')
+        if api_key:
+            _current_api_key.set(api_key)
+            logger.debug(f"API key extracted from request: {api_key[:10]}...")
+            return api_key
+    except RuntimeError:
+        # No HTTP request available (e.g., stdio transport)
+        logger.debug("No HTTP request available for API key extraction")
+    return None
+
 # ============================================================================
 # MCP SERVER INITIALIZATION
 # ============================================================================
@@ -63,67 +96,50 @@ except Exception as e:
 
 def get_authenticated_user():
     """
-    Extract and verify user via API Key authentication
-
-    Supports 3 authentication methods (in order):
-    1. Request context (from FastMCP request, if available)
-    2. Server environment variable FLEETMIND_API_KEY
-    3. Development Mode (SKIP_AUTH=true)
+    Get authenticated user by validating API key from request context.
 
     Returns:
         User info dict with user_id, email, scopes, name or None if not authenticated
     """
     try:
-        api_key = None
-
-        # METHOD 1: Try to get API key from request context (SSE/HTTP)
-        # This is populated by FastMCP from query params or headers
-        try:
-            from fastmcp.server.dependencies import get_request_context
-            context = get_request_context()
-            if context and hasattr(context, 'query_params'):
-                api_key = context.query_params.get('api_key')
-                if api_key:
-                    logger.debug("API key found in query params")
-            elif context and hasattr(context, 'headers'):
-                # Try Authorization header
-                auth_header = context.headers.get('authorization', '')
-                if auth_header.startswith('Bearer '):
-                    api_key = auth_header[7:]
-                    logger.debug("API key found in Authorization header")
-        except (ImportError, RuntimeError, AttributeError) as e:
-            logger.debug(f"No request context available: {e}")
-            pass
-
-        # METHOD 2: Try server environment variable (for local development)
+        # METHOD 1: Extract API key from current HTTP request
+        api_key = extract_api_key_from_request()
+
+        # METHOD 2: Fallback to environment variable for testing
         if not api_key:
             api_key = os.getenv("FLEETMIND_API_KEY")
             if api_key:
-                logger.debug("API key found in server environment")
+                logger.debug("Using API key from environment")
 
-        # Verify the API key if we found one
+        # Validate the API key
         if api_key:
             from database.api_keys import verify_api_key
             user_info = verify_api_key(api_key)
             if user_info:
-                logger.info(f"✅ API Key auth: {user_info['email']} (user_id: {user_info['user_id']})")
+                logger.info(f"✅ Authenticated: {user_info['email']} (user_id: {user_info['user_id']})")
                 return user_info
             else:
-                logger.warning(f"❌ Invalid API key provided")
+                logger.warning(f"❌ Invalid API key: {api_key[:10]}...")
                 return None
 
         # METHOD 3: Development bypass mode (local testing only)
-        if os.getenv("SKIP_AUTH") == "true":
-            logger.debug("SKIP_AUTH enabled - using development user")
-            return {
-                'user_id': 'dev-user',
-                'email': 'dev@fleetmind.local',
-                'scopes': ['admin'],
-                'name': 'Development User'
-            }
+        # SECURITY: Only allow SKIP_AUTH in development environments
+        env = os.getenv("ENV", "production").lower()
+        skip_auth = os.getenv("SKIP_AUTH", "false").lower() == "true"
+
+        if skip_auth:
+            if env == "production":
+                logger.error("⚠️ SKIP_AUTH is enabled but ENV=production - DENYING access for security")
+                return None
+            else:
+                logger.warning(f"⚠️ SKIP_AUTH enabled in {env} environment - using development user")
+                return {
+                    'user_id': 'dev-user',
+                    'email': 'dev@fleetmind.local',
+                    'scopes': ['admin'],
+                    'name': 'Development User'
+                }
 
-        # No authentication provided
-        logger.debug("No API key or SKIP_AUTH - authentication required")
         return None
 
     except Exception as e:
@@ -138,7 +154,7 @@ def get_authenticated_user():
 def get_orders_resource() -> str:
     """
     Real-time orders dataset for AI context.
-    Returns all orders from the last 30 days.
+    Returns authenticated user's orders from the last 30 days.
 
     Returns:
         JSON string containing orders array with key fields:
@@ -146,16 +162,27 @@ def get_orders_resource() -> str:
         - status, priority, created_at, assigned_driver_id
     """
     try:
+        # Authenticate user
+        user = get_authenticated_user()
+        if not user:
+            logger.warning("Resource orders://all - Authentication required")
+            return json.dumps({
+                "error": "Authentication required",
+                "message": "Please provide a valid API key to access orders"
+            })
+
+        # Query only this user's orders
         query = """
             SELECT order_id, customer_name, delivery_address,
                    status, priority, created_at, assigned_driver_id
             FROM orders
-            WHERE created_at > NOW() - INTERVAL '30 days'
+            WHERE user_id = %s
+              AND created_at > NOW() - INTERVAL '30 days'
             ORDER BY created_at DESC
             LIMIT 1000
         """
-        orders = execute_query(query)
-        logger.info(f"Resource orders://all - Retrieved {len(orders) if orders else 0} orders")
+        orders = execute_query(query, (user['user_id'],))
+        logger.info(f"Resource orders://all - User {user['user_id']} retrieved {len(orders) if orders else 0} orders")
         return json.dumps(orders, default=str, indent=2)
     except Exception as e:
         logger.error(f"Resource orders://all failed: {e}")
@@ -166,7 +193,7 @@ def get_orders_resource() -> str:
 def get_drivers_resource() -> str:
     """
     Real-time drivers dataset for AI context.
-    Returns all drivers with current locations and status.
+    Returns authenticated user's drivers with current locations and status.
 
     Returns:
         JSON string containing drivers array with key fields:
@@ -174,14 +201,25 @@ def get_drivers_resource() -> str:
         - current_lat, current_lng, last_location_update
     """
     try:
+        # Authenticate user
+        user = get_authenticated_user()
+        if not user:
+            logger.warning("Resource drivers://all - Authentication required")
+            return json.dumps({
+                "error": "Authentication required",
+                "message": "Please provide a valid API key to access drivers"
+            })
+
+        # Query only this user's drivers
         query = """
             SELECT driver_id, name, status, vehicle_type, vehicle_plate,
                    current_lat, current_lng, last_location_update
             FROM drivers
+            WHERE user_id = %s
             ORDER BY name ASC
         """
-        drivers = execute_query(query)
-        logger.info(f"Resource drivers://all - Retrieved {len(drivers) if drivers else 0} drivers")
+        drivers = execute_query(query, (user['user_id'],))
+        logger.info(f"Resource drivers://all - User {user['user_id']} retrieved {len(drivers) if drivers else 0} drivers")
         return json.dumps(drivers, default=str, indent=2)
     except Exception as e:
         logger.error(f"Resource drivers://all failed: {e}")
@@ -1830,5 +1868,7 @@ if __name__ == "__main__":
     logger.info("Tools: 27 tools registered (19 core + 6 assignment + 2 bulk delete)")
     logger.info("Resources: 2 resources available")
     logger.info("Prompts: 3 workflow templates")
+    logger.info("Authentication: Multi-tenant API key via URL query params")
+    logger.info("Usage: Connect with ?api_key=YOUR_KEY in the SSE URL")
     logger.info("Starting MCP server...")
     mcp.run()

verify_fix.py

@@ -0,0 +1,51 @@
+"""Verify the user_id fix"""
+
+from database.connection import get_db_connection
+
+def verify_order_fix():
+    conn = get_db_connection()
+    cursor = conn.cursor()
+
+    # Check the specific order mentioned by user
+    order_id = "ORD-202511192234450754"
+
+    cursor.execute(
+        "SELECT order_id, user_id, customer_name, status FROM orders WHERE order_id = %s",
+        (order_id,)
+    )
+
+    result = cursor.fetchone()
+
+    if result:
+        print(f"\nOrder: {result['order_id']}")
+        print(f"User ID: {result['user_id']}")
+        print(f"Customer: {result['customer_name']}")
+        print(f"Status: {result['status']}")
+
+        if result['user_id'] == 'user_id':
+            print("\n[ERROR] Still has bad user_id value!")
+        elif result['user_id'].startswith('user_'):
+            print("\n[SUCCESS] User ID is now correct!")
+        else:
+            print(f"\n[WARNING] Unexpected user_id format: {result['user_id']}")
+    else:
+        print(f"\n[NOT FOUND] Order {order_id} not found")
+
+    # Check if any records still have bad user_id
+    print("\n--- Checking for remaining bad records ---")
+
+    for table in ['orders', 'drivers', 'assignments']:
+        cursor.execute(f"SELECT COUNT(*) as count FROM {table} WHERE user_id = %s", ('user_id',))
+        result = cursor.fetchone()
+        count = result['count'] if result else 0
+
+        if count > 0:
+            print(f"{table}: {count} records still have user_id='user_id'")
+        else:
+            print(f"{table}: All clean!")
+
+    cursor.close()
+    conn.close()
+
+if __name__ == "__main__":
+    verify_order_fix()