backend/routers/prompts.py

@@ -12,7 +12,7 @@ from fastapi import APIRouter, Depends, HTTPException, Query, Header
 from fastapi.responses import StreamingResponse
 
 from db import get_db, get_cursor, r2d
-from auth import require_auth, require_admin
+from auth import require_auth, require_admin, require_auth_flexible
 from models import (
     PromptCreate, PromptUpdate, PromptGenerateRequest,
     PipelineConfigCreate, PipelineConfigUpdate
@@ -1448,9 +1448,9 @@ from models import UnifiedPromptCreate, UnifiedPromptUpdate
 @router.get("/execute-stream")
 async def execute_unified_prompt_stream(
     prompt_slug: str = Query(..., description="Slug of prompt to execute"),
-    token: Optional[str] = Query(None, description="Auth token (temporary solution for SSE)"),
     debug: bool = Query(False, description="Include debug information (node_states, etc.)"),
-    save: bool = Query(False, description="Save result to ai_insights")
+    save: bool = Query(False, description="Save result to ai_insights"),
+    session: dict = Depends(require_auth_flexible)
 ):
     """
     Execute a unified prompt with Server-Sent Events (SSE) streaming.
@@ -1463,17 +1463,7 @@ async def execute_unified_prompt_stream(
 
     Use this endpoint for long-running workflows (>30s) to avoid gateway timeouts.
     """
-    # Manual auth: verify token and get profile_id
+    profile_id = session['profile_id']
-    if not token:
-        raise HTTPException(401, "Missing auth token")
-
-    with get_db() as conn:
-        cur = get_cursor(conn)
-        cur.execute("SELECT profile_id FROM sessions WHERE token = %s", (token,))
-        row = cur.fetchone()
-        if not row:
-            raise HTTPException(401, "Invalid or expired token")
-        profile_id = row['profile_id']
 
     # Use default modules/timeframes (SSE doesn't support complex params)
     modules = {