fixup! working just like it was before :)

Cargo.lock

@@ -2616,6 +2616,7 @@ dependencies = [
  "serde",
  "serde_json",
  "sqlx",
+ "tracing",
  "uuid",
 ]
 

Cargo.toml

@@ -19,7 +19,7 @@ reqwest = { version = "0.12.7" , default-features = false, features = ["rustls-t
 sentry = { version = "0.36.0", default-features = false, features =  ["backtrace", "contexts", "panic", "debug-images", "reqwest", "rustls"] } # replace native-tls with rustls
 serde = { version = "1.0.196", features = ["derive"] }
 serde_json = "1.0.117"
-sqlx = { version = "0.8.2", features = ["runtime-tokio", "postgres", "time", "macros", "uuid"] }
+sqlx = { version = "0.8.2", features = ["runtime-tokio", "postgres", "time", "chrono", "macros", "uuid"] }
 tokio = { version = "1.36.0", features = ["full"] }
 tracing = "0.1"
 tracing-subscriber = { version = "0.3.16", features = ["env-filter", "json"] }

crates/api/src/main.rs

@@ -13,6 +13,7 @@ use hyper_util::{
     client::legacy::{connect::HttpConnector, Client},
     rt::TokioExecutor,
 };
+
 use jsonwebtoken::{DecodingKey, EncodingKey};
 use tracing::{error, info};
 use pk_macros::api_endpoint;
@@ -136,9 +137,9 @@ fn router(ctx: ApiContext) -> Router {
 
         .route("/internal/apikey/user", post(endpoints::internal::create_api_key_user))
 
-        .route("/v2/systems/:system_id/oembed.json", get(rproxy))
+        .route("/v2/systems/{system_id}/oembed.json", get(rproxy))
-        .route("/v2/members/:member_id/oembed.json", get(rproxy))
+        .route("/v2/members/{member_id}/oembed.json", get(rproxy))
-        .route("/v2/groups/:group_id/oembed.json", get(rproxy))
+        .route("/v2/groups/{group_id}/oembed.json", get(rproxy))
 
         .layer(middleware::ratelimit::ratelimiter(ctx.clone(), middleware::ratelimit::do_request_ratelimited))
 

crates/api/src/middleware/auth.rs

@@ -142,11 +142,9 @@ pub async fn auth(State(ctx): State<ApiContext>, mut req: Request, next: Next) -
                     .await
                     .expect("failed to query apitoken in postgres")
         {
+			authed_system_id = Some(token.system);
 			authed_api_key_id = Some(tid);
 			access_level = apikey_can_access(&token, req.method().to_string(), endpoint.clone());
-			if access_level != AccessLevel::None {
-				authed_system_id = Some(token.system);
-			}
 		}
 		else if let Some(system_id) =
             match libpk::db::repository::legacy_token_auth(&ctx.db, system_auth_header).await {

crates/libpk/src/_config.rs

@@ -60,13 +60,8 @@ pub struct ApiConfig {
 
     pub remote_url: String,
 
-    #[serde(default)]
-    pub temp_token2: Option<String>,
-
     pub token_privatekey: String,
     pub token_publickey: String,
-
-    pub internal_request_secret: String,
 }
 
 #[derive(Deserialize, Clone, Debug)]

crates/models/Cargo.toml

@@ -11,7 +11,6 @@ jsonwebtoken = { workspace = true }
 sea-query = "0.32.1"
 serde = { workspace = true }
 serde_json = { workspace = true, features = ["preserve_order"] }
-# in theory we want to default-features = false for sqlx
+sqlx = { workspace = true }
-# but cargo doesn't seem to support this
-sqlx = { workspace = true, features = ["chrono"] }
 uuid = { workspace = true }
+tracing = { workspace = true }