mirror of
https://github.com/FutureOfMedTech-FITM-hack/backend.git
synced 2024-11-14 03:06:36 +03:00
43 lines
1.4 KiB
Python
43 lines
1.4 KiB
Python
|
from fastapi import Depends, HTTPException
|
||
|
from fastapi.security import OAuth2PasswordBearer
|
||
|
from jose import JWTError, jwt
|
||
|
from sqlalchemy.ext.asyncio import AsyncSession
|
||
|
from starlette import status
|
||
|
|
||
|
from med_backend.auth import schemas, services
|
||
|
from med_backend.db.dependencies import get_db_session
|
||
|
|
||
|
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
|
||
|
|
||
|
|
||
|
async def get_current_active_manager(
|
||
|
token: str = Depends(oauth2_scheme),
|
||
|
session: AsyncSession = Depends(get_db_session),
|
||
|
) -> schemas.User:
|
||
|
credentials_exception = HTTPException(
|
||
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
||
|
detail="Could not validate credentials",
|
||
|
headers={"WWW-Authenticate": "Bearer"},
|
||
|
)
|
||
|
try:
|
||
|
payload = jwt.decode(
|
||
|
token,
|
||
|
services.SECRET_KEY,
|
||
|
algorithms=[services.JWT_ALGORITHM],
|
||
|
)
|
||
|
email: str = payload.get("sub")
|
||
|
if email is None:
|
||
|
raise credentials_exception
|
||
|
token_data = schemas.TokenData(email=email)
|
||
|
except JWTError:
|
||
|
raise credentials_exception
|
||
|
user = await services.get_user(session, token_data.email)
|
||
|
if user is None:
|
||
|
raise credentials_exception
|
||
|
if not user.is_manager:
|
||
|
raise HTTPException(
|
||
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
||
|
detail="You are not allowed to access this info",
|
||
|
)
|
||
|
return user
|