backend/med_backend/users/services.py

43 lines
1.4 KiB
Python
Raw Normal View History

2022-12-09 02:33:22 +03:00
from fastapi import Depends, HTTPException
from fastapi.security import OAuth2PasswordBearer
from jose import JWTError, jwt
from sqlalchemy.ext.asyncio import AsyncSession
from starlette import status
from med_backend.auth import schemas, services
from med_backend.db.dependencies import get_db_session
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
async def get_current_active_manager(
token: str = Depends(oauth2_scheme),
session: AsyncSession = Depends(get_db_session),
) -> schemas.User:
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate credentials",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(
token,
services.SECRET_KEY,
algorithms=[services.JWT_ALGORITHM],
)
email: str = payload.get("sub")
if email is None:
raise credentials_exception
token_data = schemas.TokenData(email=email)
except JWTError:
raise credentials_exception
user = await services.get_user(session, token_data.email)
if user is None:
raise credentials_exception
if not user.is_manager:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="You are not allowed to access this info",
)
return user