33 lines
954 B
Python
33 lines
954 B
Python
from fastapi import Depends, HTTPException, Request
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.core.auth import decode_token, get_token_from_request
|
|
from app.core.database import get_db
|
|
from app.modules.auth.models import User
|
|
from app.modules.auth.service import get_user
|
|
|
|
|
|
class RequiresLoginException(Exception):
|
|
pass
|
|
|
|
|
|
async def get_current_user(
|
|
request: Request, db: Session = Depends(get_db)
|
|
) -> User:
|
|
token = get_token_from_request(request)
|
|
if not token:
|
|
raise RequiresLoginException()
|
|
payload = decode_token(token)
|
|
if not payload:
|
|
raise RequiresLoginException()
|
|
user = get_user(db, payload.get("sub", ""))
|
|
if user is None or not user.is_active:
|
|
raise RequiresLoginException()
|
|
return user
|
|
|
|
|
|
async def require_admin(user: User = Depends(get_current_user)) -> User:
|
|
if not user.is_admin:
|
|
raise HTTPException(status_code=403, detail="Admin access required")
|
|
return user
|